The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

535 Incorrect authentication but mail sends

Discussion in 'E-mail Discussions' started by djdavedawson, Oct 13, 2010.

  1. djdavedawson

    djdavedawson Member

    Joined:
    Jul 18, 2007
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    I am having an issue when and incorrect mail password is used sending via smtp auth, the exim_mainlog is reporting "535 Incorrect authentication data" but still delivering the mail via esmtp.

    This used to work correctly, where a wrong password would just fail, but all of a sudden it just sends mail regardless of the password set.

    I think it has to do with a change in cpanel/WHM update 11.26.12, 11.26.13, 11.26.14, or 11.26.16.

    Any ideas ??

    Thanks
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Is the user logging in with POP3 before SMTP? As POP3 via antirelayd will bypass SMTP authentication. It doesn't appear a likely scenario due to the authentication failure message, but that's the main situation where I could see SMTP authentication failing and an email still being sent due to POP3 login having previously been performed with the correct password for POP3

    If that is not the case in this instance, it might be easiest to open a ticket to troubleshoot this matter using the link to submit in my signature.
     
  3. djdavedawson

    djdavedawson Member

    Joined:
    Jul 18, 2007
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    That may be a possibility, i'll do some testing.

    However, antirelayd is unchecked and disabled in cpanel.

    Would this still be the case with it unchecked?

    Thanks in Advance

    ~D
     
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    If antirelayd is unchecked, then POP3 before SMTP authentication cannot occur, so you are right that it can't be impacting the email account for authenticating to send SMTP mails.

    If you have the time, please open a ticket for us to investigate. I'm interested in what could be causing the issue.
     
  5. djdavedawson

    djdavedawson Member

    Joined:
    Jul 18, 2007
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Ok, I think we got to the bottom of this. When I was testing this email script, i was sending email to another domain on the same server. From what I understand, since the same mechanism is used to send mail as well as receive it for
    domains, sending mail to domains hosted at the same server will bypass the
    authentication requirements.

    Once I tested with a domain outside the server, the emails would fail .. as they are supposed to.

    Is this how it's supposed to work ?

    Should I still open a ticket ?

    Thanks in Advance
     
  6. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Are the only emails that are bypassing authentication being sent using a script then for domains locally on the machine? Or, were you bypassing it using an email client? A script to send email would work differently when run from a user's account over using an email client.
     
  7. djdavedawson

    djdavedawson Member

    Joined:
    Jul 18, 2007
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Yes, sending mail via the script to another domain on the same server skips the authentication. It is the zen-cart newsletter mailer.
     
Loading...

Share This Page