SMTP
"SMTP email server error" is a generic wrapper around a real 3-digit reply code. Learn to read the 4xx/5xx code, decode RFC 3463 status, and fix the cause.
Updated Jul 1, 2026
The short answer
"SMTP email server error" is a generic label, not a specific SMTP reply. The actual error is the 3-digit reply code that accompanies it (RFC 5321 §4.2.1): 4xx = temporary, retry later; 5xx = permanent, fix and resend. To fix it, find that code (and any X.Y.Z enhanced status from RFC 3463) in your logs, then resolve the underlying authentication, connection, or configuration cause it points to.
"SMTP email server error" is not itself a Simple Mail Transfer Protocol reply code. It is a generic, client-side wrapper that mail libraries and applications print around the actual error returned by the server. The information you need is the 3-digit reply code (and often an X.Y.Z enhanced status code) reported alongside it. Until you read that code, any fix is guesswork.
Per RFC 5321 §4.2.1, every SMTP server reply begins with a 3-digit code whose first digit sets the class:
250 OK). Not an error.421 service not available/shutting down per RFC 5321 (in practice, mail servers commonly reuse it for connection-rate limiting — too many concurrent connections), 450 mailbox busy or rate-limited, 451 local processing error, 452 insufficient system storage or too many recipients (RFC 5321 §4.5.3.1.10 explicitly assigns "too many recipients" to 452, correcting an earlier RFC 821 mislabeling of 552).500 syntax error, 530/535 authentication required or failed (defined by the SMTP AUTH extension, RFC 4954 §6 — not base RFC 5321), 550 mailbox unavailable or unauthenticated sender, 551/553 invalid address, 552 quota exceeded or message too large.Many servers also append an RFC 3463 enhanced status code in class.subject.detail form. The subject digit localizes the fault: X.1.x = addressing, X.2.x = mailbox, X.3.x = destination mail system, X.4.x = network/routing, X.5.x = mail-protocol, X.7.x = security/policy (e.g., 5.7.1 = delivery not authorized). So 550 5.7.1 is a policy/auth rejection, while 550 5.1.1 is an unknown recipient — very different fixes despite sharing 550.
The three practical root-cause buckets behind the generic label are: (1) authentication (wrong/missing credentials), (2) connectivity (blocked port, DNS, TLS handshake), and (3) configuration (bad address, unverified sender, message limits).
1. Find the real code. Look in your application logs, SMTP debug output, or your provider's activity/bounce dashboard for the digits and any enhanced status. With Nodemailer the code is on the thrown error's responseCode/response; with Python's smtplib it is in the SMTPResponseException.smtp_code and smtp_error. That code — not the wrapper text — tells you which path below applies.
2. If it is an authentication code (530, 535, 550 5.7.x):
apikey and the password is the full ~69-character API key, sent unencoded (SendGrid).535 in that case.MAIL FROM; sending early triggers 550 Unauthenticated senders not allowed.3. If it is a connectivity failure (timeout, "could not connect", 421): verify reachability of a supported submission port. Both are valid per RFC 8314: 587 (STARTTLS, recommended) and 465 (implicit TLS) — 465 is not deprecated. Port 25 is frequently blocked by ISPs/cloud hosts for outbound mail. Test with:
# Port reachabilitync -vz smtp.yourprovider.com 587# Banner + STARTTLS + TLS handshakeopenssl s_client -connect smtp.yourprovider.com:465openssl s_client -starttls smtp -connect smtp.yourprovider.com:587
A successful connect returns a 220 banner. handshake failure or wrong version number points to a firewall, VPN, or corporate TLS-inspection proxy stripping STARTTLS or rewriting DNS — compare your resolver against 8.8.8.8/1.1.1.1 to rule out interception (SendGrid connectivity guide).
4. If it is a configuration/content code (550 5.1.1, 551, 552): correct or remove the invalid recipient, verify your sender identity/domain with the provider, and check message-size and recipient-per-message limits. A 552 usually means an oversized message or full mailbox; a 5.1.1 means the address does not exist — scrub it from your list.
5. Match retry behavior to the class. Retry 4xx with exponential backoff; do not loop on 5xx — repeated retries waste resources and can damage sender reputation. If you cannot locate any underlying code, enable verbose SMTP logging and reproduce the send; a truly empty error usually means the connection dropped before the server replied (a connectivity problem, step 3).
References
FAQ
No. It is a generic label that client software wraps around the actual server response. The real, actionable information is the 3-digit reply code (RFC 5321) and any X.Y.Z enhanced status code (RFC 3463) reported with it — for example 535 (auth failed) or 550 5.1.1 (unknown recipient).
One API, every provider
Courier connects to your email, SMS, and push providers, handles retries and failover, and surfaces delivery errors in plain language.
Reply-code definitions per RFC 5321 §4.2.1. Last reviewed Jul 1, 2026. Courier is not affiliated with third-party providers; error behavior may vary by implementation.
© 2026 Courier. All rights reserved.