This appendix includes the error codes for each sender authentication protocols.
Sender Policy Framework (SPF) Error Codes
|
Error Type |
Error Codes |
|---|---|
|
Invalid SPF record |
3~25, 27~32 |
|
No SPF record |
2 |
|
Internal error |
-99, 1, 26 |
|
Error Code |
Message |
|---|---|
|
-99 |
Internal error |
|
1 |
Insufficient memory |
|
2 |
No SPF record |
|
3 |
Syntax error |
|
4 |
Modifiers contain prefixes |
|
5 |
Invalid characters found |
|
6 |
Unknown mechanisms found |
|
7 |
Invalid option found |
|
8 |
Invalid CIDR length |
|
9 |
Required option is missing |
|
10 |
Internal error |
|
11 |
Invalid %-escape character |
|
12 |
Invalid macro variable |
|
13 |
Subdomain truncation depth too large |
|
14 |
Invalid delimiter character |
|
15 |
Option string too long |
|
16 |
Excessive mechanisms |
|
17 |
Excessive modifiers |
|
18 |
Excessive DNS lookups used in mechanisms |
|
19 |
Invalid IPv4 address |
|
20 |
Invalid IPv6 address |
|
21 |
Invalid mechanism prefix |
|
22 |
SPF result is unknown |
|
23 |
Uninitialized variable |
|
24 |
Modifier not found |
|
25 |
Required setting not configured |
|
26 |
DNS lookup unsuccessful |
|
27 |
Invalid hostname or format |
|
28 |
Invalid or missing TLD in hostname |
|
29 |
Ignore mechanisms after "all:" |
|
30 |
SPF result is permerror when an include recursive query returns none |
|
31 |
Recursive include |
|
32 |
Multiple SPF or TXT records found |
|
51 |
IP address is 0.0.0.0 |
|
52 |
from and ehlo parameters are null |
|
53 |
none rule matched |
|
54 |
neutral rule matched |
|
55 |
softfail rule matched |
|
56 |
fail rule matched |
|
57 |
temperror rule matched |
|
58 |
permerror rule matched |
DomainKeys Identified Mail (DKIM) Error Codes
|
Error Type |
Error Codes |
|---|---|
|
Invalid DKIM record |
1, 23~24, 116, 34, 36, 38, 40, 41, 42, 43, 46, 108, 111 |
|
No DKIM record |
22, 103, 104 |
|
Invalid DKIM signature |
2~5, 7~21, 25~27, 31~33, 44~45, 102, 105 |
|
DKIM signature mismatch |
28, 37, 101 |
|
Internal error |
-1, 6, 39, 107, 112~115 and all others |
|
Error Code |
Message |
Result |
|---|---|---|
|
-1 |
Internal error |
PermError |
|
0 |
Successful |
Pass |
|
1 |
Unsupported version |
Fail |
|
2 |
Invalid domain (d=/i=) |
PermError |
|
3 |
Signature expired |
Fail |
|
4 |
Signature in the future |
Fail |
|
5 |
x= < t= |
Fail |
|
6 |
Obsolete |
Fail |
|
7 |
Invalid c= value in header |
Neutral |
|
8 |
Invalid c= value in body |
Neutral |
|
9 |
Missing a= value |
PermError |
|
10 |
Invalid a= value |
Neutral |
|
11 |
Missing h= value |
PermError |
|
12 |
Invalid l= value |
Neutral |
|
13 |
Invalid q= value |
Neutral |
|
14 |
Invalid q= option |
Neutral |
|
15 |
Missing d=value |
PermError |
|
16 |
d= value is empty |
Neutral |
|
17 |
Missing s= value |
PermError |
|
18 |
s= value is empty |
Neutral |
|
19 |
Missing b= value |
PermError |
|
20 |
b= value is empty |
Neutral |
|
21 |
b= value is corrupt |
PermError |
|
22 |
No key found in DNS |
None |
|
23 |
Bad DNS reply |
Neutral |
|
24 |
Unsuccessful DNS reply |
TempError |
|
25 |
Missing bh= value |
PermError |
|
26 |
bh= value is empty |
Neutral |
|
27 |
Bad bh= value |
PermError |
|
28 |
Signature mismatch |
Fail |
|
29 |
Unauthorized subdomain |
TempError |
|
30 |
Multiple records returned |
TempError |
|
31 |
h= value is empty |
Neutral |
|
32 |
Missing required entries in h= value |
Neutral |
|
33 |
l= value exceeds body size |
Neutral |
|
34 |
Signing required not met |
Neutral |
|
35 |
Unknown key version |
Neutral |
|
36 |
Unknown key hash |
Neutral |
|
37 |
Signature-key hash mismatch |
PermError |
|
38 |
Not an email key |
Neutral |
|
39 |
Obsolete |
Fail |
|
40 |
Missing key type |
Neutral |
|
41 |
Unknown key type |
Neutral |
|
42 |
Key revoked |
PermError |
|
43 |
Undecodable key |
PermError |
|
44 |
Missing v= tag |
PermError |
|
45 |
v= tag is empty |
Fail |
|
46 |
Insufficient key bits |
PermError |
|
101 |
Bad signature |
Fail |
|
102 |
No signature available |
Fail |
|
103 |
Public key not found |
None |
|
104 |
No domain key to verify |
None |
|
105 |
Syntax error |
Fail |
|
106 |
Resource unavailable |
Fail |
|
107 |
Internal error |
Fail |
|
108 |
Key revoked |
Fail |
|
109 |
Invalid function parameter |
Fail |
|
110 |
Function not implemented |
Fail |
|
111 |
Unable to retrieve key |
Fail |
|
112 |
Callback request rejected |
Fail |
|
113 |
Invalid callback result |
Fail |
|
114 |
Callback timeout |
Fail |
|
115 |
Callback timeout |
Fail |
|
116 |
Multiple DNS replies |
Fail |
Domain-based Message Authentication, Reporting & Conformance (DMARC) Error Codes
|
Error Type |
Error Codes |
|---|---|
|
Invalid DMARC record |
2~5, 11 |
|
No DMARC record |
1, 6, 9, 10, 12 |
|
Authentication unsuccessful |
13 |
|
Alignment check unsuccessful |
21 |
|
Internal error |
7, 8 |
|
Error Code |
Message |
|---|---|
|
0 |
Successful |
|
1 |
No data |
|
2 |
NULL context received |
|
3 |
Invalid v= value |
|
4 |
Invalid p= value |
|
5 |
Missing p= value |
|
6 |
No domain found |
|
7 |
Unable to allocate memory |
|
8 |
Not a macro |
|
9 |
No DMARC record |
|
10 |
Domain does not exist |
|
11 |
Recoverable DNS error |
|
12 |
Undefined TLD type |
|
13 |
From: domain not available |
|
14 |
No DMARC record found for custom policy |
|
15 |
Accept message based on policy settings |
|
16 |
Reject message based on policy settings |
|
17 |
Quarantine message based on policy settings |
|
18 |
Monitor message and generate report based on policy settings |
|
19 |
Apply domain policy ('p') |
|
20 |
Apply sub-domain policy ('sp') |
|
21 |
Alignment check unsuccessful |