Some of the most common phishing bounce codes along with their reason for occurring and resolutions are shown below.
|
Bounce Code |
Reason |
Resolution |
|
553 #5.1.8 Domain of sender address <address@exmaple.com> does not exist |
A reverse lookup on the sender address does not resolve to a valid MX record domain. |
We recommend utilizing SPF sender addresses because the spam filter is doing a reverse lookup on the domain and there is no valid MX record. Alternatively, you can bypass the spam filter by smart hosting, using Google Direct Message Injection (DMI), or using advanced delivery policies. |
|
550 Verification failed for email@example.com The mail server could not deliver mail to email@example.com. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries. Sender verify failed" |
Same as above. |
Same as above. |
|
550 5.4.1 Recipient address rejected: Access denied |
The recipient address does not exist or can’t receive mail. |
Fix the recipient’s mailbox so it can receive SMTP emails. |
|
The SMTP address has no mailbox associated with it |
Same as above. |
Same as above. |
|
550 5.7.1 Failed to send User email address marked as invalid |
Same as above. |
Same as above. |
|
550 5.1.1 User Unknown |
Same as above. |
Same as above. |
|
550 5.1.1 Recipient address rejected: User unknown in virtual alias table |
Same as above. |
Same as above. |
|
550 permanent failure for one or more recipients |
Same as above. |
Same as above. |
|
554 5.7.1 Phrase Filter |
A spam filter determined that the content contains common phrases associated with phishing or spam. |
Review your whitelisting settings for the spam filter. If the error is still occurring after you review your settings, consult with the spam filter vendor, move to a smart host, or use Google DMI, or use advanced delivery policies. |
|
5.7.1 |
Deferment. |
Set a receive connector or remove throttling on the spam filter if present. |
|
554 Rejected due to Virus |
AV may have determined that the content is a virus. |
This error typically happens with macro files. Disable this attack vector in your Phishing Template settings. |
|
554 Email rejected due to security policies |
Mimecast Only: AV detection in Mimecast can trigger due to certain template types and verbiage. See Mimecast's SMTP Error Codes article for more information. |
Use a smart host, use Google DMI, or advanced delivery policies. There is no method to bypass AV scanning in Mimecast whitelisting. |
|
550 5.7.1 Email rejected per DMARC policy |
The From address or Reply-to address on your template is from a domain that uses DMARC. You can’t spoof the address due to DMARC failures. |
Change the From address or Reply-to address of the template you are using. |
|
550 5.7.1 Client does not have permissions to send as this sender |
Our email servers can’t use the domain as a Sender address or Reply-to address. |
If you are spoofing your own domain, add KnowBe4 to your SPF record or add DKIM signatures. If you are not spoofing your own domain, you will need to change the Sender address of the given template. |
|
550 5.7.26 Unauthenticated email from example.com is not accepted due to domain's DMARC policy |
The From address or Reply-to address on your template is from a domain that uses DMARC. You can’t spoof the address due to DMARC failures. |
Change the From address or Reply-to address of the template you are using. |
|
Failed to connect to host: no such host |
The sender uses a smart host, and their hostname or provided IP address has changed. |
Update the hostname or IP address for your smart host connection in your KSAT Account Settings. |
|
X509 |
Failed to start TLS conversation. |
Check your email server certifications for more information. |
|
553 This Route Requires Encryption |
We attempt to send via TLS first but use a fallback system if unsuccessful. |
Check your email server certifications for more information. You can also use a smart host to have us enforce TLS when sending messages to your email server. |
|
552 5.7.0 |
Google Only: Blocked because the content presents a security issue. |
The email attachment type needs to be disabled. Specific attachment file types can be disabled in your Phishing Template settings. |
| 421 Too many concurrent SMTP connections |
Deferment. |
Check your rate limiting for more information. |
| 550 5.7.51 TenantInboundAttribution; There is a partner connector configured that matched the message's recipient domain. |
Smart Hosting |
Ensure that you have properly configured the connector in your mail server to receive emails from our IP addresses. For more information, see the Smart Host Setup section of our Smart Hosting article. |
For further assistance with this feature, please contact our support team and they would be happy to help.