Add Exchange Online / Microsoft 365 SMTP codes from 90-day production data#99
Open
juenology wants to merge 1 commit intoActiveCampaign:mainfrom
Open
Add Exchange Online / Microsoft 365 SMTP codes from 90-day production data#99juenology wants to merge 1 commit intoActiveCampaign:mainfrom
juenology wants to merge 1 commit intoActiveCampaign:mainfrom
Conversation
juenology
force-pushed
the
outlook-codes-2025-q1
branch
from
7825449 to
8cfada0
Compare
… data New entries in data/codes/550.json (exchangeonline spamFilter): - 5.7.133 - RESOLVER.RST.SenderNotAuthenticatedForGroup (sender not in allowed senders list for group) - 5.7.124 - RESOLVER.RST.RestrictedToGroupPermission (DL restricted to members only) - 5.7.129 - RESOLVER.RST.RestrictedToRecipientsPermission (restricted recipient list) - 5.7.134 - RESOLVER.RST.SenderNotAuthenticatedForMailbox (mailbox requires authenticated sender) - 5.7.1-3 - TRANSPORT.RULES.RejectMessage (mail flow / transport rule rejection variant) - 5.7.520 / 5.7.520-2 - AS(7555) / AS(7550) external email forwarding disabled by admin policy - 5.1.10 - RESOLVER.ADR.RecipientNotFound (address does not exist in organization) - 5.1.1 - RESOLVER.ADR.RecipNotFound (shorter variant) - 5.2.3 - RESOLVER.RST.RecipSizeLimit (message exceeds recipient size limit) - 5.7.509 - DMARC policy rejection (From domain has DMARC p=reject policy) - 5.7.7 - Email policy violation (EOP content filter) - 5.7.900 - TRANSPORT.RULES.RejectMessage (5.7.900 variant; 929/999 variants also exist) - 5.7.54 - Unable to relay to recipient in non-accepted domain - 5.7.57 - Client not authenticated to relay (nominally a 530, noted in description) - 5.7.1-4 - RESOLVER.RST.NotAuthorized (generic authorization rejection) New entries in data/codes/554.json (new exchangeonline spamFilter section): - 5.2.2 - STOREDRV QuotaExceededException (mailbox full / Unified Storage full) - 5.7.7 - Email policy violation detected (554 variant) - 5.3.3 - STOREDRV missing AD entry in Recipient Cache All SMTP response strings are from 90-day Shopify production data with sensitive information redacted: sending IPs → x.xx.xx.xx, email addresses → email@example.com, sender domains → example.com, and per-message dynamic strings removed.
juenology
force-pushed
the
outlook-codes-2025-q1
branch
from
8cfada0 to
f0c4fbe
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds 18 new SMTP response codes observed in Exchange Online / Microsoft 365 bounce traffic, sourced from 90 days of production sending data (Shopify Courier). All sensitive data has been redacted: sending IPs →
x.xx.xx.xx, email addresses →email@example.com, sender domains →example.com, and per-message dynamic tokens (message IDs, timestamps) removed.This PR covers Exchange Online / Microsoft 365 only (
exchangeonlinespamFilter). Consumer Outlook.com/Hotmail/Live codes are under theoutlookprovider and are not changed here.Changes
data/codes/550.json— 15 new entries toexchangeonlinespamFilter5.7.133RESOLVER.RST.SenderNotAuthenticatedForGroup5.7.124RESOLVER.RST.RestrictedToGroupPermission5.7.129RESOLVER.RST.RestrictedToRecipientsPermission5.7.134RESOLVER.RST.SenderNotAuthenticatedForMailbox5.7.1-3TRANSPORT.RULES.RejectMessage5.7.520AS(7555)5.7.520-2AS(7550)5.1.10RESOLVER.ADR.RecipientNotFound5.1.1RESOLVER.ADR.RecipNotFound5.2.3RESOLVER.RST.RecipSizeLimit5.7.509p=rejectpolicy; message failed DMARC5.7.75.7.900TRANSPORT.RULES.RejectMessage5.7.545.7.57530SMTP code in practice — included here since no530.jsonexists in the schema5.7.1-4RESOLVER.RST.NotAuthorizeddata/codes/554.json— newexchangeonlinespamFilter section (3 entries)Exchange Online was not previously represented in
554.json.5.2.2STOREDRV QuotaExceededException5.7.75.3.3STOREDRV missing AD entryNotes
RESOLVER.*codes are NDR-style rejections from Exchange's address resolution layer;TRANSPORT.RULES.*codes are rejections from mail flow rules configured by admins. Both are common in bulk sending.AS(7555)andAS(7550)both mean "external forwarding disabled" but appear to represent slightly different enforcement paths. Both are included as separate entries since the response strings differ.5.7.1 TRANSPORT.RULES.RejectMessage; all three were observed in production. Only 5.7.900 is explicitly listed; 929 and 999 are noted in the description.SMTP 530 5.7.57is functionally a 550-class permanent rejection. Since the repo has no530.json, it is catalogued here under 550 with the actual SMTP code noted in the description.exchangeonlinein 554.json: This spamFilter had no entries in554.jsonbefore this PR. The three new codes were observed at high enough volume in production to warrant inclusion.Data source
90-day window from Shopify Courier's email failure event stream. Volume observed:
5.7.133/5.7.134/5.7.520/5.1.10/5.7.509— all high-volume (thousands of occurrences)5.7.7/5.7.57/5.7.54— moderate volume5.3.3/5.7.1-4— lower volume but consistent, distinct from existing entries