Update @17.35:
Having now sent a few Test messages from my other (Outlook.com, BY & gmail) addresses to my XYZ@VM mailbox, the incoming ones do arrive but the outgoing "Reply" ones fail with the same new PW set - the smtp.virginmedia.com server keeps prompting me for my PW!

IIRC, I had a pretty similar problem a month or two ago when the username & PW database(s?) used by the mail servers did not get "synchronised" very quickly (if at all) with the datebase(s?) into which altered PW's are "collected" when one changes them - and it didn't seem to matter whether I changed them via the Forgotten PW route OR by logging into  my VM Primary a/c (which is held under an entirely different name - having been "bitten" by hackers at the beginning of 2020!).

I thought that this particular issue had been permanently solved, but it now appears that it has not been!!! 😖

I really hate it when people make assumptions as to what an issue is.

There are currently 13 error conditions on VM's servers which will cause an email send to fail during authentication, only one of those is down to an actual password fail.  However all 13 will cause email programs to throw uo a password prompt, simply by virtue of the fact that the fail happens at this particular time.

The most common one at the moment is people's IP addresses appearing on Spamhaus' CSS (composite snowshoe) blacklist.  However I have also seen fails in the past when someone's security system was repeatedly authenticating multiple times within a short timescale.  This then had the knock on effect of blocking sends from Outlook (it took us ages to pin that down, fortunately the security system itself developed a fault knocking it off the network for a few days, when it came back online the users issues began again).

In the former case we see

525 Authentication Denied (VM305)

In the latter we see:

525 Authentication Denied (VM320)

On the other hand if it is as you say down to the password databases being corrupt, what you'll get is

535 Authentication Credentials Invalid (VM300)

I wrote a post sometime ago about turning on Outlook logging?

https://community.virginmedia.com/t5/Email/Outgoing-Authentication-Issues-Check-Email-Logs/td-p/3237...

Alternatively windows now includes curl on the command line, this can be used to test as well.  In fact I've worked out a command line that will ONLY throw up error messages in order to avoid people inadvertently posting their passwords on here.

curl -vs smtps://smtp.virginmedia.com -u "myaddress@blueyonder.co.uk:password" 2>&1 | findstr "VM"
< 535 5.7.8 Authentication Credentials Invalid (VM300)

Note that you will ONLY see an output if authentication fails as was deliberately done above.  Needless to say change the email address and password to your own.

Tim

Ravenstar68

Thanks for getting involved again!

W.r.t. the smtp.virginmedia.com connection failures, I can't (at least yet) see any  numeric Authentication Failure code messages when I try to re-establish the @VM mail boxes on the W10 + Outlook 2016/2019 clients, BUT I am consistently seeing one on my Android 6 phone!

The message is
"Can't connect to server
(525.5.7.13) Authentication Denied
(VM305)".

Can you work out what that means/implies?

Thanks in advance

NB: Have to go out now, but will try to take a look at the command line approach when I get back in an hour or so.

PS: w.r.t. to your initial "I really hate when...." comment: you have to take into account that - from a "basic user's" perspective - when the symptoms of a malady appear to be the same as before, then it seems likely that the cause is also likely to be the same!

.

VM305 has one and only one cause, your IP address has been flagged as being a source of spam and so VM will actively block you from sending out email until the address is delisted.

Almost certainly, you have a device which has picked up a piece of malware and is busy sending out spam behind your back, so to speak. Until you track it down and remove it, you won't be (permanently) delisted and won't be able to send email.

Incidentally, the BY mailboxes which are working, is the smtp server set to be smtp.blueyonder.co.uk or smtp.virmginmedia.co.uk? I'm guessing the former.

jem & DJ

Thank you for your replies..

As you and others have pointed out the spambot issue, I will now attempt to track it down, but it puzzles me that I am still getting that error message via my phone - even though I have now tried to re-establish the mailbox with the local WiFi switched OFF and using only the 4G! Could that imply that the spambot is actually on the phone?

BTW: If that means doing a factory-reset on the phone, then that would be only a minor inconvenience as I don't use it for much other than making the odd phone call - all other/serious stuff is done from one of the PC's.

As for the BY mailboxes, they are using smtp.virginmedia.com.and not smtp.blueyonder.co.uk

Hi again.

Before I get "down & dirty" with the command line, I am trying to find the source of the spambot by the more direct means of fairly systematically removing various pieces of kit from the network and so on.

Thus far I have concluded:

- that unless,  they are all separately infected(??), each of the 5x W10 PCs get the same failure to connect to smtp.virginmedia.com when all the others are  powered OFF (i.e. not  in Standby/Sleep mode).

Apart from those PC's, the other devices connected to the network are:

- Superhub 2 in modem mode, wireless is thus not active

- ASUS RT-66BU router with both ethernet & wireless connectivity

- Dumb Netgear GB ethernet switch to main house ethernet network

- Hikvision CCTV camera (ethernet cabled)

- Synology NAS, with attached USB 4-bay disk unit.

- TP-Link Ethernet-to-PLC switch which connected to another TP-Link PLC-to-ethernet switch which is cable-connected to the  Hikvision NVR (with 5 cameras connected directly to that via PoE cables, not wireless)

- Dumb Netgear GB switch which connects the house network to a DENON AV amp and an LG TV - both of which have both ethernet & wireless connection to the ASUS router.

- the 2x Motorola 4G Android phones are powered OFF

- the 2x Huawei 4G Mediapads are supposed to be powered OFF, but I have a suspicion that one of them is actually not, even though the battery is almost "flat"

-There are no Amazon Firesticks, Chromecasts, etc. (the streamer is a wired ROKU 2 to which the power is physically removed ATM, and similarly a network-connected Sony DVD player)

I am not sure if it would have found anything, but I have done several system scans with BitDefender Home Scanner Free, which has previously picked up security weakness in several devices (notably a WD LiveHub and a TP-Link router in access point mode - both now removed from the system!), but nothing similar has shown up so far.

So would anyone have any immediate suspicions about any particular device, or group thereof, in which the spambot(s) could have been installed?

Thanks in advance for any advice or suggestions.