Changes to SMTP Authentication

[bvanderw]

Over the last two weeks, I have had several customers who suddenly could no longer send e-mail. The first wave came all in one day - October 23. At first I thought it was a Comcast problem because all the complaints, except one, came from Comcast customers. Since then, I have had others who have had issues who were not Comcast customers.

In all cases, instructing the user to use authentication with a username and password fixed the problem. It still bugs me though. I hate not knowing is going on, and I hate not being able to give my customers a definitive answer.

I know that the stock answer is that authentication is required, but i think a lot of people who POP before sending mail don't explicitly turn it on.

So what changed? Does anyone know?

--Bruce

[Patiek]

First question to ask here would be:
Do you have "Include a list of Pop before SMTP senders in the X-PopBeforeSMTP header when relaying mail" checked on the "Tweak Settings" page in WHM?

[chirpy]

That setting should not affect the ability to authenticate - you shouldn't really enable that option unless you're debugging something.

Just as a recap, there are two types of SMTP relay authentication on cPanel servers:

1. SMTP AUTH where the client uses their cPanel account username and password in their email client to authenticate as they relay email through the server

2. POP Before SMTP where a client must POP their email account within 30 minutes of trying to relay email through the SMTP server

The POP Before SMTP process is controlled by the antirelayd process that runs when you (re)start exim. So, the first check is to make sure it's running OK:

service exim restart

If antirelayd doesn't or wasn't running, ensure that both tick boxes for it are enabled in WHM > Service Manager

Secondly, the antirelayd process detects the POP logins by tracking the information shown in /var/log/maillog, so you need to ensure that that file is actively being updated with the POP logins. If it isn't, then you're probably suffering from the /tmp noexec bug in logrotate:
http://www.configserver.com/techfaq/index.php?faqid=38

If that's the problem, restart syslog:

service syslog restart

That ought to cover all aspects of SMTP relay authentication for email clients.

[Patiek]

My mistake then, I thought that it both enabled and included the header as indicated.

That of course leads to the question: How does one disable SMTP authentication based on POP authentication?

[chirpy]

If you want to disable POP before SMTP, unselect the boxes for antirelayd in WHM > Service Manager and then restart exim.