Message Tracking - Message Statuses

This article lists Message Statuses and what they mean, and is intended for Administrators
It is intended to assist you when you are monitoring or investigating messages in the Mimecast Administration Console.

Message Statuses are essential for tracking emails through the Mimecast system, allowing you to verify whether messages were successfully passed to your email service (like Microsoft Office 365) and received acknowledgement of acceptance.

Message Details

You can view Message Details, by using the following steps:

  1. Log in to the Mimecast Administration Console.
  2. Navigate to Message Center | Message Tracking.
  3. Select on an item, or click on the ellipsis "..." | View Details to view Message Details.
  4. To view the Message Status for a message, click on the Transmission Data tab, and scroll down to Envelope Details | Transmission Event.
     

    Message Status

The table below lists Message Statuses, and explains what they mean.

rowid Status name Description
10010 Email Received via WebMail Message generated from the Mimecast Personal Portal (MPP).
10015 File Archive Email Received The message has been processed for File Archiving.
10016 Email Received via SysEmail Loopback Mimecast Notification from system loopback.
10020 Email Received via Journal Connector The message arrived from the journaling connector.
10022 Email Received via LFS Large File Send (LFS) message.
10023 Email Received via LFR Large File Receive (LFR) message.
10025 Journal Email Received via Journal Connector The message arrived from the journaling connector.
10028 Email Received via forward to support Customers have a way of reporting spam and virus e-mails that got past checks; we need a way for them to forward those messages to our support addresses without triggering spam, virus, or any other checks that can hold the message (like attachments, content, or TTP).
10030 Email Received via System Postmaster When a notification is received from the DB to the MTA, if we want to archive it, we need to loop back. What this means is that rather than delivering it to the end recipient, we deliver it to another MTA; the MTA that received it can then archive it and deliver it.
10040 Email Received via Authorised IP address Message from an authorized outbound IP.
10050 Email Received via Authorised SMTP Message from SMTP Submission.
10060 Email Received through known IP address with spam checks Message arrived from an allowlisted IP, but spam checks were run.
10074 Email Received via Permitted Sender Perform Spam Scanning Permit, but spam scanning runs.
10075 Email Received via Permitted Sender Perform RBL Permitted, but block list checks run.
Use an online tool, such as MX Toolbox, to check RBL in real-time.
10076 Email Received via Permitted Sender Perform Greylisting Permitted but still subjected to greylisting process.
10077 Email Received via Permitted Sender Perform Spam Scanning And Greylisting Permitted, but spam scanning and greylisting process completed.
10078 Email Received via Permitted Sender Perform Spam Scanning and RBL Permitted, but spam scanning and RBL checks are still completed.
10079 Email Received via Permitted Sender Perform Greylisting and RBL Permitted, but greylisting and blocklisting checked.
10080 Email Received via Permitted Sender Greylisting, block listing, and spam scanning are not run.
10081 Email Received via header based Permitted Sender Same as above, but permit is based on header address.
10082 Email Received via header based Permitted Sender Perform Spam Scanning Header-based permitted sender, but spam scanning still run.
10085 Email Received via Permitted IP Permitted by permitted sender policy based on IP address.
10090 Email Received via Auto Allow List Allowed inbound via existing auto-allow entry.
10091 Email Received via Auto Allow List - Sampled for Spam/Virus Allowed inbound via auto-allow but spam and virus sampling run.
10092 Email Received via header based Auto Allow List Auto allowed based on header address.
10095 Email Received via Manual Permitted Sender Permitted sender policy.
10096 Email Received via header based manually Permitted Sender Permitted sender policy for header address.
10100 Email Received via Open Greylist Second message attempt from a greylisted sender and accepted.
10110 Email Received via RWL Greylist Bypass The message was not subjected to greylisting because the server sending the message is listed in Mimecast's global bypass list.
10120 Email Received - Perimeter Checks Not Set An email is received when no greylisting is enabled and no other policy is triggered, such as Auto-Allow or Permitted Sender.
10130 Email Received - RBL check bypassed due to known IP address Bypassed RBL checks for a known address. Seen in Mimecast to Mimecast traffic.
10140 Email Received - DKIM check failed Mail failed DKIM check.
10141 Email Received - SPF check failed Mail Failed SPF checks.
10142 Email Received - DMARC check failed DMARC check failed for message.
10290 Email Received - SPF Failure (Hold) Held for DNS inbound checks for SPF records.
10300 Email Received - Possible Porn Image Embedded Pornographic image check triggered.
10400 Email Received - Possible Spam Message and Porn Image Embedded Spam and pornographic image.
12000 Email Generated via Group Carbon Copy Message was created from the GCC policy.
13000 Email Generated by File Archiving The message has been processed for File Archiving.
20010 Email Delivery Aborted - Soft Bounce Mimecast has attempted to deliver the message according to the retry schedule, but delivery hasn't been successful, and the message has timed out.
20020 Email Delivery Aborted - Hard Bounce The remote mail server has rejected the message with an SMTP 500 error code. See Mimecast SMTP Error Codes.
20040 Email Delivery Aborted - Damaged Email The message was marked as damaged and couldn't be exported or delivered. This may happen due to missing files, addresses, domains, etc.
30010 Email Delivered to Mailbox The message was delivered to the user's mailbox on the Mimecast server. Applies to POP3 domains only.
30012 Delivered to CCM isolation area A policy was applied to an outbound message, and the message was successfully delivered using Secure Messaging. This means the message was delivered to the Secure Messaging Portal, rather than directly to the recipient's inbox. See Secure Messaging - Definitions & Policies.
30015 Email Delivered to Mailbox Forwarding Address The message was forwarded to another mailbox in the Mimecast account. Applies to POP3 domains only.
30020 Email Delivered via MX resolution The message was delivered using the MXrecord of the recipient's domain.
30025 Email Delivered to Forwarding Address via MX resolution The message was forwarded to another email address and was delivered using the MX record of the recipient's domain.
30030 Email Delivered via Routing Rule The message was delivered using a Delivery Routing definition and policy in the Mimecast account.
30035 Email Delivered to Forwarding Address via Routing Rule Forwarding Address definition and policy in the Mimecast account.
30060 Delivered to Journal The message was journaled and has been processed. The message isn't delivered to a remote server.
30070 Delivery dropped Message delivery couldn't be completed (e.g., the recipient's server wasn't available), and we won't try delivering the message again. This usually happens after 30 retries.
30080 LFS Delivery Accepted Large File Send was used to transmit a notification with the original email body and a separate set of notifications to access the attachments.

See Also...

Was this article helpful?
0 out of 4 found this helpful

Comments

2 comments
Date Votes
  • none of these values are what we see in the Message Tracking search results grid…

    0
  • hi saskin _adm,
    Many thanks for your feedback.

    I've updated the article, with steps and an image, to better explain where you can see this information.
    You'll need to click on a message, and in Message Details select the Transmission Data tab, to find the value you're looking for.
    Thanks.

    0

Please sign in to leave a comment.