EveryCloud Technologies   
SMTP response codes fall within three main brackets:

SMTP 200 -> Positive acceptance code. e.g. SMTP 250
SMTP 400 -> Temporary delivery fault (delivery will be retried) e.g. 450
SMTP 500 -> Permanent delivery failure (Non-delivery report (NDR) will be provided to the original sender e.g. 550

450 4.1.1rejection when relay check is enabledBlocked
450 4.1.8sender address rejected : domain not foundBlocked
450 4.5.5early spam detection (temporarily blocked)Blocked
450 4.5.6temporary failure in MTA - please retryBlocked
450 4.5.7temporary failure in MTA - please retryBlocked
504 5.5.2recipient address rejected : fully - qualified address is neededBlocked
504 5.5.2sender address rejected: fully - qualified address is neededBlocked
550 5.1.1unknown recipient (SMTP check)Blocked
550 5.2.2explicit blocking of sender or recipient addressBlocked
550 5.5.3recipient address rejected: multi-recipient bounceBlocked
552 5.5.2message size (content filter)Blocked
554 5.5.3email rejected due to Content Filter Size LimitBlocked
554 5.5.4IP sender address with a negative reputationBlocked
554 5.5.5email rejection due to SpamBlocked
554 5.5.6loop detectionBlocked
554 5.5.7email rejected due to content of attachmentBlocked
554 5.6.1signature of spam in mail header resp. subjectBlocked
554 5.6.2spam link signature detectedBlocked
554 5.6.3spam text signature detectedBlocked
554 5.6.4virus email blockedBlocked
554 5.6.5TLS encryption required by customer ruleBlocked
554 5.6.9
Rejected by custom Compliance Filter Rule
554 5.7.1unknown domain or unknown recipient (LDAP check)Blocked
admin-blblacklist controlled by adminQuarantined
ase-blindividual blacklist controlled by support dept.Quarantined
ase-recap1diffuse spam fingerprintQuarantined
ase-rep1IP reputation list 1Quarantined
ase-rep2IP reputation list 2Quarantined
ase-recap4diffuse spam fingerprintQuarantined
asespf7-1SPF filter variant 1Quarantined
asespf7-2SPF filter variant 2Quarantined
bodytagspam signature in mail textQuarantined
bouncetagbounce mail managementQuarantined
dirtyipreputation filter on IP basisQuarantined
fingerprintre - captured spam mail by hashQuarantined
headerspam signature in mail headerQuarantined
linkad linkQuarantined
rbl50pre-stage to 554 5.5.4 but not blocking yetQuarantined
sameipsignature recognition through spam enginesQuarantined
scoredynamic content evaluationQuarantined
Score Tagdynamic content evaluationQuarantined
spamreputation filter based on sender serverQuarantined
spamip-netIP range of servers with poor reputationQuarantined
spam-sumspam fingerprintQuarantined
subjecttagspam signature in subject lineQuarantined
user-blblacklist controlled by the userQuarantined
wcspam pattern recognitionQuarantined
xargbounce attack or individual customer ruleQuarantined
zombiebotnet computerQuarantined
Virus-scan01Found identical attributes of classified virus emails in metadataVirus
Virus-scan01-XARG-VFound known virus structure in multiple attributes of the emailVirus
Virus-scan02-Header-VFound virus signature in email headerVirus
Virus-scan03-Link-VaLinking of a compromised URLVirus
Virus-scan04-Body-VFound virus signature in email bodyVirus
Virus-scan05-<VirusName>Virus found – known, classified virusVirus
virus-scan07-doubleextensionFound a file with veiled or faked file type in an archiveVirus
Virus-scan07-archive-in.archiveFound nested archives in an archiveVirus
virus-scan07-heur-exploitFound minimum one unknown and potentially dangerous file in an archiveVirus
Virus-scan07-fakeoffice2003Found macro code of office 2007 in an office 2003 fileVirus
virus-scan07-potential-fake-archiveFound an archive with wrong declaration of content type (MIME-Content-Type)Virus
Virus-scan06-<VirusName>Virus scanner 2 found a virusVirus
Virus-scan08-executableFound potentially dangerous file in attachmentVirus
Virus-scan09-ASEzipHeuristicsEvidence of phishing and suspicious attachment foundVirus
Virus-scan09-asehtmlheuristicsEvidence of phishing and suspicious attachment foundVirus
Virus-scan09-ASEurl 0xHeuristicsEvidence of phishing and suspicious link foundVirus
Virus-scan10-<VirusName>Indistinct virus message through Heuristic intend analysisVirus
Virus-scan12-AttachmentVFound virus signature in attachmentVirus
Virus-scan13-ASE-PhishingHeuristicsEvidence of phishing and suspicious email header foundVirus
Virus-scan14-Short-URL-obfuscationLinks are veiled through nested URL shorteningVirus
Virus-scan15-ASE-PhishingDirect link to malware or phishing websiteVirus
Virus-scan16-ASE-Phishing-heurEvidence of phishing and inconsistent sender addressVirus
Virus-scan17-ASE-office-macro-exploitFound evidence of malware and office file with macros, OLE-object or VBS code as attachmentVirus
Virus-scan17-office-webarchive-exploit-heurEvidence of malware and attachment with suspicious content foundVirus
virus-scan17-office-rtf-exploit-heurEvidence of malware and attachment with suspicious content foundVirus
virus-scan17-MacroEvidence of malware and attachment with suspicious content foundVirus
Virus-scan17-office-macroEvidence of malware and attachment with suspicious content foundVirus
Virus-scan18Evidence of malware and the email was sent by different senders or email serversVirus
Virus-scan21-<Virusname>Virus message by optional virus scanner 3Virus
Virus-scan22-<Virusname>Virus message by optional virus scanner 4Virus
ContentfilterCustomer defined forbidden attachmentContent
atp-url-archiveATP URL Archive Attack Detection
Detection of links, that download archives in delay with malicious content, as they are often used in Blended Attacks.
atp-phish-domainATP Phishing Domains
Identification of domains, that were recently related to phishing, for example, through hacked websites.
atp-sandboxATP Sandbox Analyses
Attachments are executed in a variety of system environments and their behavior is analyzed. Protects against ransomware and blended attacks.
atp-ff-spy-outATP Fraud Forensics: Spy Out Detection
Counter-espionage against attacks trying to obtain sensitive information.
atp-ff-identityATP Fraud Forensics: Identity Spoofing
Detection and blocking of forged sender identities.
atp-ff-fraud-attemptATP Fraud Forensics: Fraud Attempt Analyses
Checks the authenticity and integrity of metadata and email contents.
ATP HTML Content Attack Detection
Dynamic analysis and detection of suspicious patterns in HTML

ATP URL Zero Day Detection
ase-aormRegular email correspondenceValid
asespf1familiar sender, type 1Valid
asespf2familiar sender, type 2Valid
asespf3familiar sender, type3Valid
ase-wlindividual whitelist controlled by the support dep.Valid
big2email size increased email reputation in multi-criteria scoring functionValid
bigmessageemail size increased email reputation in multi-criteria scoring functionValid
body-wlwhitelist signature in mail text, type 1Valid
body-wl2whitelist signature in mail text, type 2Valid
customer-wlcustomer whitelistValid
header-wlWhitelist signature in header, type 1Valid
headerwl2Whitelist signature in header, type 2Valid
knownsendersender address with positive reputation, type 1Valid
noreasonun-evaluated emailValid
qsender2sender address with positive reputation, type 2Valid
realbouncesent via bounce managementValid
scoredynamic contents evaluationValid
scorewl2dynamic contents evaluation, type 2Valid
sender-ipIP sender address with positive reputationValid
subject-wlwhitelist signature in subject line, type 1Valid
subject-wl2whitelist signature in subject line, type 2Valid
user-wlwhitelist controlled by userValid
xarg-wlbounce mail or individual customer ruleValid