535 Incorrect authentication but mail sends

[djdavedawson]

I am having an issue when and incorrect mail password is used sending via smtp auth, the exim_mainlog is reporting "535 Incorrect authentication data" but still delivering the mail via esmtp.

This used to work correctly, where a wrong password would just fail, but all of a sudden it just sends mail regardless of the password set.

I think it has to do with a change in cpanel/WHM update 11.26.12, 11.26.13, 11.26.14, or 11.26.16.

Any ideas ??

Thanks

 

[cPanelTristan]

Is the user logging in with POP3 before SMTP? As POP3 via antirelayd will bypass SMTP authentication. It doesn't appear a likely scenario due to the authentication failure message, but that's the main situation where I could see SMTP authentication failing and an email still being sent due to POP3 login having previously been performed with the correct password for POP3

If that is not the case in this instance, it might be easiest to open a ticket to troubleshoot this matter using the link to submit in my signature.

 

[djdavedawson]

That may be a possibility, i'll do some testing.

However, antirelayd is unchecked and disabled in cpanel.

Would this still be the case with it unchecked?

Thanks in Advance

~D

 

[cPanelTristan]

If antirelayd is unchecked, then POP3 before SMTP authentication cannot occur, so you are right that it can't be impacting the email account for authenticating to send SMTP mails.

If you have the time, please open a ticket for us to investigate. I'm interested in what could be causing the issue.

 

[djdavedawson]

Ok, I think we got to the bottom of this. When I was testing this email script, i was sending email to another domain on the same server. From what I understand, since the same mechanism is used to send mail as well as receive it for
domains, sending mail to domains hosted at the same server will bypass the
authentication requirements.

Once I tested with a domain outside the server, the emails would fail .. as they are supposed to.

Is this how it's supposed to work ?

Should I still open a ticket ?

Thanks in Advance

 

[cPanelTristan]

Are the only emails that are bypassing authentication being sent using a script then for domains locally on the machine? Or, were you bypassing it using an email client? A script to send email would work differently when run from a user's account over using an email client.

 

[djdavedawson]

Yes, sending mail via the script to another domain on the same server skips the authentication. It is the zen-cart newsletter mailer.