Solar Winds Spam Experts Rejection Classification

Messages that are rejected without being quarantined


Some messages are rejected immediately without being quarantined. This happens at SMTP level and the rejection is permanent. For example this will happen for
Incoming messages in the following scenarios:

  • Have an invalid recipient or domain
  • Do not use TLS (if enforced on the incoming domain)
  • Do not follow RFC specifications about sending, publishing records (invalid helo)
  • Unsigned Bounce messages (if BATV is enforced)
  • Messages containing malware/viruses,
  • Restricted characters in the address local-part,
  • Dmarc compliance fail with reject policy
  • Blacklisted sender IP (Blacklisted by super-admin)
  • Blacklisted sender IP on internal lists, while pre_data_dnsbl feature active (feature not exposed in Spam panel)
  • Blacklisted envelope sender
  • Maximum local parts reached (feature not exposed in Spam panel)
  • Invalid HELO/EHLO greeting
  • Maximum hourly bounces exceeded
  • SPF indicates that the domain never sends email (spf1 -all)
  • Headers contain illegal BOM
  • Bounce message sent to more than one recipient
  • Too many failed recipients
  • Oversized messages
  • Too many unrecognized commands


Outgoing messages are rejected in this way in the following scenarios:

  • Messages do not provide authentication
  • Too many failed authentication attempts (brute force protection)
  • Do not use TLS (if enforced on the outgoing domain)
  • Have the sender’s IP blacklisted
  • Have the sender blacklisted (matching the envelope from)
  • Have invalid senders
  • Recipient could not be verified (check only ran for bounce messages)
  • Ratelimit (when excessive messages per connection behaviour is set to drop)
  • Bounce message sent to more than one recipient
  • Headers contain illegal BOM
  • Messages containing malware/viruses
  • Restricted characters in the address local-part
  • Oversized messages
  • Too many unrecognized commands