The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Urgent: 535 Incorrect authentication data

Discussion in 'E-mail Discussions' started by its_joy, Aug 2, 2008.

  1. its_joy

    its_joy Well-Known Member

    Joined:
    Dec 29, 2007
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    We are facing below error while trying to send mail. Also not receiving mails.

    ---------------------------------------------------------
    2008-08-02 11:18:23 fixed_login authenticator failed for (localhost) [127.0.0.1]:54412 I=[127.0.0.1]:25: 535 Incorrect authentication data
    ----------------------------------------------------------------------

    The domain and user are not present at /etc/demodomains & /etc/demousers
    Also permissions for /etc/passwd & /etc/shadow are correct.
    We have also done /scripts/eximup --force
    But still facing the same error.

    Please update us with exact solution.

    Thank you in advance.

    Regards,
    its_joy.
     
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    If you're looking for a solution, open a ticket. It's been stated numerous times that these forums aren't support forums.

    Somebody will help you if they can, but you can't expect to have Cpanel fix anything for you based upon a message you put in these forums.

    Mike
     
  3. Manoj_Krishnan

    Manoj_Krishnan Registered

    Joined:
    Aug 14, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hello

    Please check whether the folder etc in the location

    /home/"username"/etc/ is in the ownership username:mail

    If not please change it by

    chown username:mail /home/username/etc/ -R


    Thanks

    Manoj Krishnan
    Systems Engineer
    http://SupportPRO.com :: Transparent Web Hosting Support Services to Web Hosting Businesses ..
     
  4. jonathanalia

    jonathanalia Member
    PartnerNOC

    Joined:
    Apr 20, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
  5. MaestriaNick

    MaestriaNick Well-Known Member

    Joined:
    Aug 6, 2008
    Messages:
    159
    Likes Received:
    3
    Trophy Points:
    18
    is the entry for domain name present in /etc/localdomains file ?
     
  6. mak_the_admin

    mak_the_admin Member

    Joined:
    Aug 10, 2007
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Hey Manoj,
    Thanks, It worked for me.
     
  7. gruvin

    gruvin Member

    Joined:
    Feb 20, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    same problem -- different cause in case it helps

    Hi


    Perhaps this post will help some lonely Googler some day :)

    I had the same problem and found this thread as a result. But in my case none of the above, or the /etc/demo files were the cause.

    In this case it was a file permissions problem, but it was that the user's main home found /home/user had been set wrx------ (700) instead of rwx--x--x (711) as it should have been. So the mail group process couldn't get down into /home/user/etc/domain to read the passwd file.

    Fix: chmod 711 /home/user
     
  8. InstaCarma_Tech

    InstaCarma_Tech Well-Known Member

    Joined:
    Apr 22, 2009
    Messages:
    228
    Likes Received:
    1
    Trophy Points:
    18
    Another reason!

    additional info for that lonely googler ;)

    This might also happen when the option “Allow mail account authentication using the password of the domain owner’s account” in WHM -> Server Configuration -> Tweak Settings is enabled.
    Webmail logs you in but attempts to use the cPanel account password via SMTP. Hence. the problem.

    Disable the option and check.
    If this does not fix the issue then try running /scripts/upcp
     
  9. claudio

    claudio Well-Known Member

    Joined:
    Jul 31, 2004
    Messages:
    201
    Likes Received:
    0
    Trophy Points:
    16
    in fact there is another place to find some issues resulting 535 errors

    i found this at

    /etc/userdomains

    there you usually look for some blank space or broken line near to the domain that is having the incorrect authentication data issue error 535

    kind regards
    claudio
     
  10. ponkjo

    ponkjo Registered

    Joined:
    Jul 29, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Same problem but itn's solved

    Hi,

    I prove all the solutions in this forum but the problem persist :confused:

    Any another ideas?
     
  11. minosjl

    minosjl Well-Known Member

    Joined:
    Jun 4, 2011
    Messages:
    168
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Dear bro,

    Did you checked your domain is suspended or not ?
     
  12. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Hello,

    What is the exact error message and what exactly have you tried?

    Next, which of the following is this impacting:

    - One email account on one domain on a cPanel account
    - All email accounts on one cPanel account
    - All email accounts on all cPanel accounts

    Knowing which is impacted helps to narrow down substantially where the issue is occurring. Here is a breakdown of how providing specific details would be necessary:

    [Impacted - one email account on one domain on a cPanel account]
    Could be caused by incorrect permissions (ownership or file) on /home/username/mail/domain.com/passwd, shadow or quota file permissions
    Could be caused by missing user /home/username/mail/domain.com/passwd, shadow or quota file(s)
    Could be caused by incorrect permissions (ownership or file) on /home/username/mail/domain.com/emailuser folder or subfolder (cur, new)
    Could be caused by missing /home/username/mail/domain.com/emailuser folder or subfolder (cur, new)
    And so on

    [Impacted - all email accounts on one cPanel account]
    Could be caused by incorrect permissions (ownership or file) on any level leading up to /home/username/mail/domain.com/passwd, shadow or quota file(s)
    Could be caused by missing users in /home/username/mail/domain.com/passwd, shadow or quota file(s)
    Could be caused by setting immutable attributes on /home/username/mail/domain.com/passwd, shadow or quota file(s)
    Could be caused by incorrect permissions (ownership or file) on any folders leading up to /home/username/mail/domain.com
    Could be caused by missing /home/username/mail or /home/username/mail/domain.com folders
    Could be caused by domain not being properly owned (/scripts/whoowns domain.com)
    Could be caused by account not having been properly unsuspended (grep -i suspend /var/cpanel/users/username)
    Could be caused by domain not digging to the machine for the DNS zone
    Could be caused by the domain not being in /etc/localdomains and/or in /etc/remotedomains
    And so on

    [Impacted - one email account on one domain on a cPanel account]
    Could be caused by exim not running
    Could be caused by CSF firewall or iptables blocking port incoming and/or outgoing 25
    Could be caused by immutable attribute set on /etc/exim.conf or any exim file(s) needing to be updated
    Could be caused by Perl module issues
    Could be caused by domains being in /etc/remotedomains
    Could be caused by resolver not working (/etc/resolv.conf)
    Could be caused by bind not properly working for named resolving local domains
    And so on

    There are many reasons that email might not function because email is extremely complex. At all points in time when reporting an error message, please ensure to provide whether it is just one email account on a domain, all email accounts on a cPanel account, or all email accounts on the machine. If you are unable to provide additional information for privacy concerns, then please submit a ticket using WHM > Support Center > Contact cPanel or using the link in my signature. If you post the ticket number upon opening one, we can track the progress of the ticket.

    Please note that if you do not have root SSH and root WHM access, you would want to contact your datacenter, NOC or provider to have them investigate the issue. If they are unable to resolve it, then they could submit a ticket to us using our support channels.

    Thanks!
     
  13. StoneyCreeker

    StoneyCreeker Well-Known Member

    Joined:
    Oct 17, 2006
    Messages:
    50
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Upper-East TN
    cPanel Access Level:
    Root Administrator
    Thank you for that detailed answer! I now have an attack plan to try to figure out what my problem is.

    I have 34 accounts on my WHM and I have one customer having trouble accessing multiple email accounts across 2 domains hosted on my WHM via IMAP. I sporiadically get this error via lfd:

    ================================
    Time: Tue Feb 28 11:07:35 2012 -0500
    IP: 76.7.110.xx (US/United States/tn-76-7-110-xx.dhcp.embarqhsd.net)
    Failures: 1 (smtpauth)
    Interval: 300 seconds
    Blocked: Temporary Block (IP match in csf.allow, block may not work)

    Log entries:

    2012-02-28 11:07:31 dovecot_login authenticator failed for tn-76-7-110-xx.dhcp.embarqhsd.net (JAMIE) [76.7.110.xx]: 535 Incorrect authentication data (set_id=xxxxxx@woodbysrebuildables.com)

    =========================
    Some days he has no issues and other days I get dozens of these only for his computer.
    I have whitelisted him in cPHulk and in CSF. He has a static IP. I even set up a rule in Host Access Control for dovecot to allow his static ip. I'm guessing on that one. :)

    He is using Outlook 2003. I have deleted the accounts from his Outlook and re-created them. I have changed the passwords. Checked his machine for viruses, malware, spyware, and thouroughly cleaned his system. I have compacted the databases in Outlook and am about to try changing his email settings to use SSL.

    Any other ideas?
    Thanks for your time!
     
  14. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Have you tried temporarily disabling LFD options in CSF for blocking IPs to see if that fixes the issue? It appears to me given the timestamp on the email by that third party product that it is the cause of the issue with the failure to authenticate. Since we do not provide CSF and LFD, the best course of action would be to post on their forum about the issue:

    CSF Forum
     
  15. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,448
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    If he typed in his password wrong, 1 time, you've got CSF set to block.

    From CSF:

    # [*]Enable login failure detection of SMTP AUTH connections

    Default is 5.


    I would remove all of these changes. They should not be needed.

    It may sound harsh, but if a user cannot type in the credentials properly and gets himself blocked (I do not use temp ban, I only use perm) and needs to contact you to get unblocked, he may take the time to login properly next time and avoid the wait for you to unblock his IP.

    I may be wrong here of course, but it sounds to me like user error. Whitelisting any user as you have is a bad idea. In my humble opinion...
     
  16. sardinha

    sardinha Registered

    Joined:
    Apr 19, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Check in WHM » Server Configuration » Tweak Settings » Mail if Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak) it's set off
     
  17. tulsagraphics

    tulsagraphics Registered

    Joined:
    Nov 5, 2006
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    I had the same "535 Incorrect Authentication Data" errors.
    (This was an issue for one of my clients)

    I initially checked CSF, and the IP was white listed. I also logged into their computers remotely, and verified they were able to access the server. I also set up a test email account (for myself) at their location, and still the same issue (Outlook pop-up login boxes non-stop) Pings were fine, WinMTR showed no packet loss, etc. etc.

    Anyway, I stumbled across cphulk (in the forums). This also acts as a firewall... but I've never messed with it at all. In 7 years (managing 200 websites across 4 servers) I've never had a client get blacklisted in cphulk. Who knew?

    Anyway, I added their IP to cphulk whitelist, and bam! Everybody was back in business.

    I hope that helps!
     
  18. laks

    laks Member

    Joined:
    Dec 14, 2011
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    I have found one kind of solution, If you are using exim4 add the line in /etc/exim4/exim4.conf.localmacros file MAIN_TLS_ENABLE = true
    or
    vi /etc/exim.conf.local

    MAIN_TLS_ENABLE = true

    Thank you,
     
Loading...

Share This Page