Auth Error - Can anyone shed light on this pls?

pj77777777 · November 23, 2019, 10:21pm

Hi Guys,

I’m stumped!

I had my setup running thru cloudflare and was getting almost constant smtp failures (that is crazy in itself) and then it became impossible to authenticate my ar smtp to lisa.mxrouting.net via wordpress.

My host initially whitelisted mxrouting in their firewall and everything was fine for a couple of hours and then the issues started again.

Spoke to them again and they setup Post SMTP on the site…again it worked for a couple of hours…and then stopped authenticating again.

Here is the error…
CLIENT -> SERVER: EHLO italianrestaurantnear.me
CLIENT -> SERVER: STARTTLS
CLIENT -> SERVER: EHLO italianrestaurantnear.me
CLIENT -> SERVER: AUTH LOGIN
CLIENT -> SERVER: cGpAaXRhbGlhbnJlc3RhdXJhbnRuZWFyLm1l
CLIENT -> SERVER: YmFtc2NtYmE3NzE5NjMq
SMTP ERROR: Password command failed: 535 Incorrect authentication data
SMTP Error: Could not authenticate.CLIENT -> SERVER: QUIT
SMTP Error: Could not authenticate.

I’ve tried different smtp ports, auth protocols and nothing is working.

Spoke with my hosting company who whitelisted mx in their firewall and that was fine for a day, then the same thing started happening. No other changes had been made.

So I thought I’d take cloudflare totally out of the equation and installed a new domain on a new host. The site is running wordpress.

I did this last night and I am still getting auth errors with my smtp.

Ports 25, 465 and 587 are open.

My test site dns settings are…

|italianrestaurantnear.me.|14400|IN|A|198.251.81.225
|italianrestaurantnear.me.|14400|IN|MX|Priority: 10 Destination: lisa.mxrouting.net
|www.italianrestaurantnear.me.|14400|IN|CNAME|italianrestaurantnear.me
|ftp.italianrestaurantnear.me.|14400|IN|CNAME|italianrestaurantnear.me
|whm.italianrestaurantnear.me.|14400|IN|A|198.251.81.225
|cpanel.italianrestaurantnear.me.|14400|IN|A|198.251.81.225
|cpcalendars.italianrestaurantnear.me.|14400|IN|A|198.251.81.225
|cpcontacts.italianrestaurantnear.me.|14400|IN|A|198.251.81.225
|webmail.italianrestaurantnear.me.|14400|IN|MX|Priority: 20 Destination: lisa-relay.mxrouting.net
|webdisk.italianrestaurantnear.me.|14400|IN|A|198.251.81.225
|x._domainkey.italianrestaurantnear.me.|14400|IN|TXT|v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UCb5EeSqOwPU5nP4Ftm3Wfgl1uhiCEg1nT3alsGU9qDzGtvdkK0bCQzZr/63wgTsYS8USmudVHVV7JsTFFllMb0eMpXXwfm6bAeu/OV/HF/pERYiOd9J2IlwCdaMMDcNJO7809yv8jq7ooo6FNxoVxfIuWBZu7pGIZ4KJvO8I9tDSPkrwATCm9i0jjr2vbMAkh2wgyCPi/ostURc66RMrGf0WHUU++oIcf3X98lH2nNdr9XvstHijt57polaL+oS48ogXhFIRhj8vn2+Ghx3Eqgbr81pNTCGKItDcDfm+OtEzuKPgRCoJm2o30otYUbI7nM9uWoDIdEb0ZCbLuyOwIDAQAB
|italianrestaurantnear.me.|14400|IN|TXT|v=spf1 include:mxlogin.com -all
|_cpanel-dcv-test-record.italianrestaurantnear.me.|14400|IN|TXT|cpanel-dcv-test-record=sp1WUjM7KbbjCIdtL3v4VRwddzXlLBh4b8YfLydCCYzjb09NMU7D38uNgaViJYV|EDIT DELETE|
|_acme-challenge.webdisk.italianrestaurantnear.me.|14400|IN|TXT|p68XwtbE7TMW1P6quw_Ob94F0JD0t4rw91x3ZwjyQtQ|EDIT DELETE|
|_acme-challenge.cpanel.italianrestaurantnear.me.|14400|IN|TXT|mpuTlKT3Ltre_MyhGZia3KZTBCpfYlWB_vk9UoTkdyo|EDIT DELETE|
|mail.italianrestaurantnear.me.|3600|IN|CNAME|lisa.mxrouting.net|

Lisa.mxrouting.net domain settings…

Type	Name	TTL	Value
A	ftp	14400	185.165.242.234
A	italianrestaurantnear.me.	14400	185.165.242.234
A	mail	14400	185.165.242.234
A	pop	14400	185.165.242.234
A	smtp	14400	185.165.242.234
A	webmail	14400	185.165.242.234
A	www	14400	185.165.242.234
NS	italianrestaurantnear.me.		ns1.worldstream.nl.
NS	italianrestaurantnear.me.		ns2.worldstream.nl.
MX	italianrestaurantnear.me.	14400	10 mail
TXT	italianrestaurantnear.me.	14400	“v=spf1 a mx ip4:185.165.242.234 ~all”
TXT	x._domainkey	14400	“v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyw49yWO393VPVBbuY4zFmKxj6d8h4KQWp8PhJ1fdYTIaxTv3KlDcKRe0SCl23jzJqDixdIMbzDXCjfbckf6EhVC2hk6+I3Xw652JLDdKc2W7+9aq2/duXm96QFtPOdcdNJFNdsFfnuVbpOwthujeGkaJ4r3ZfGw45hqOZA6ONX2Xm6rh90q/9Jjn6o4FstwQP4LmgdKQ0DKg8hjMUR4KDVOYg+K8edWq0PkzSYni1xvhPvBjURk6rpKH2MjTjxRcdYcks+YxSeIh7QZyQtedDaSUPT9Uh7CCwA0TqPMtXTo0tVKLMtNAwJIuWc8OFDCYMHq8MZhSOn2axI6MOouJQIDAQAB”

Any help would be totally appreciated guys

Jarland · November 23, 2019, 10:21pm

I don’t think the server is reaching out to ours. I just ran through all SMTP logs on the Lisa server looking for any of these strings:

italianrestaurantnear.me
198.251.81.225
198.251.81

I came up totally empty on all counts. When it was working, I don’t think it was sending through us but probably still through their server. There’s an old cPanel settings called “SMTP tweak” that would redirect all outbound SMTP connections to the local server, and had the local server been able to authenticate a user with the same settings at any point (or perhaps use PHP mail() instead) then perhaps that’s why it worked for a time.

I assume you’re on Fran’s shared hosting? I’d perhaps ask them to try running telnet to lisa.mxrouting.net to 25, 465, or 587 as your user (not as root) or give you SSH access to try it yourself, and see what SMTP banner is returned. If it’s reaching our server, this is what the SMTP banner should look like:

220 lisa.mxrouting.net ESMTP Exim 4.92.3 Fri, 22 Nov 2019 23:00:48 +0100

If it shows their server hostname instead, SMTP tweak is enabled in cPanel. If they see ours and you’re still not reaching ours, perhaps the problem is simply the Wordpress plugin.

pj77777777 · November 23, 2019, 10:21pm

Hi Jarland,

Thanks for getting back to me.

I have spoken with my main host (this is the one I will be using for mxrouting) as I have been getting the same issues as with other hosts.

They confirm…

I have tested the SMTP connections from our server and it is working fine for the port 25 and 587. You can verify it from the below telnet results.

++++++++++++++++++++++++++++++++++++++++++++++

telnet lisa.mxrouting.net 587

Trying 185.165.242.234…
Connected to lisa.mxrouting.net.
Escape character is ‘^]’.
220 lisa.mxrouting.net ESMTP Exim 4.92.3 Sat, 23 Nov 2019 16:38:36 +0100

telnet lisa.mxrouting.net 25

Trying 185.165.242.234…
Connected to lisa.mxrouting.net.
Escape character is ‘^]’.
220 lisa.mxrouting.net ESMTP Exim 4.92.3 Sat, 23 Nov 2019 16:39:27 +0100"

What is puzzling is that no matter what plugin I use I still get auth errors.

One thing that I have noticed tho when taking cloudflare out of the loop is that I cannot add both a cname and a mx record for mail.mydomain.com as I get error message.

pj77777777 · November 23, 2019, 10:21pm

Thanks Jarland,

I do over think things sometimes

Will keep tinkering away and let you know the solution…when I find it

Cheers

Phil

Jarland · December 19, 2021, 6:30am

Keep toying with the settings. Remember this:

25 - non-SSL
465 - SSL
587 - STARTTLS

It’s important not to overthink auth errors. As long as your password works in webmail you can be sure that the connecting application is not submitting the correct login info, or not submitting it in the correct way. There’s nothing special about our SMTP servers, they’re just universal standard open source with a very basic auth system, nothing fancy that requires anything unusual.

I’m not sure what that means, but technically an MX record can’t be a CNAME. At least not by accepted RFC. In my opinion it doesn’t actually fail, but some DNS services may try to stop you.