Authentication Error Codes
The following email authentication failure codes are shown in the UI for SPF, DKIM, and DMARC.
SPF
| Error Code | Key | Value |
|---|---|---|
| spf_1 | No SPF Record | SPF signature validation failed as domain owners have not published any SPF record. |
| spf_2 | IP Mismatch | SPF validation failed as sender IP (1.1.1.1) does not match with the IP list configured in DNS (SPF Record) |
| spf_3 | Malformed DNS Record | SPF validation failed as SPF record is malformed (RFC violation) |
| spf_4 | Unsupported Attributes | SPF validation failed as SPF record contains attributes not supported by Secure Email Threat Defense |
| spf_5 | DNS Failure | SPF validation failed as Secure Email Threat Defense could not retrieve SPF records from DNS |
| spf_6 | Sender Domain Retreival Failed | SPF validation failed as Secure Email Threat Defense could not retrieve the Sender domain |
| spf_7 | SPF Soft Fail | SPF validation resulted in a Soft Fail |
| spf_8 | SPF Neutral | SPF validation resulted in a Neutral verdict |
DKIM
| Error Code | Key | Value |
|---|---|---|
| dkim_1 | No Verification Keys | DKIM signature validation failed as email is signed whereas domain owners have not published any verification keys |
| dkim_2 | Body Hash Failed | Header Hash Failed | DKIM signature validation failed as email hash does not match with hash generated by domain owners published signing keys |
| dkim_3 | Malformed DKIM Signature | DKIM signature validation failed as signature is malformed (RFC violation) |
| dkim_4 | Signature Expired | DKIM signature validation failed as signature in the email expired (timed out) |
| dkim_5 | Key Malformed | DKIM signature validation failed as Public Key is malformed (RFC violation) |
| dkim_6 | Key Size Mismatch | DKIM signature validation failed as signature key size does not match with Secure Email Threat Defense supported key sizes |
| dkim_7 | DNS Failure | DKIM signature validation failed as Secure Email Threat Defense could not retrieved the DKIM keys from DNS |
| dkim_8 | None | DKIM validation not performed as Email is not signed |
| dkim_9 | Sender Domain Retrieval Failed | DKIM validation failed as Secure Email Threat Defense could not retrieve the Sender domain from the email headers |
DMARC
| Error Code | Key | Value |
|---|---|---|
| dmarc_1 | No DMARC Record | DMARC signature validation failed as domain owners have not published any DMARC record |
| dmarc_2 | Malformed DNS Record | DMARC validation failed as DMARC record is malformed (RFC violation) |
| dmarc_3 | Sender Domain Retrieval Failed | DMARC validation failed as Secure Email Threat Defense could not retrieve the Sender domain from the email headers |
| dmarc_4 | DNS Failure | DMARC validation failed as Secure Email Threat Defense could not retrieve DMARC records from DNS |
| dmarc_5 | DMARC Failed |
spf = “fail”; dkim = “fail” spf = “pass”; dmarc_spf_align =“fail” dkim = “pass”; dmarc_dkim_align = “fail” |
SMTP server will include the following custom header in the outer envelope:
| Header | Value (JSON) - Sample |
|---|---|
| X-CSE-Auth-Failure-Data |
{ "spf": "spf_1", "dkim": "dkim_1", "dmarc": "dmarc_5", "dmarc_failed_reason: "spf=pass; dmarc_spf_align=fail; dkim=fail" “dmarc_action” : “quarantine”, "spf_ts": 1755751374, "dkim_ts": 1755751378, "dmarc_ts": 1755751380 } |