Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SMTP Authentication Issues sending own domain email

ashrid
On our wavelength

‎09-07-2021 13:39 - edited ‎09-07-2021 14:02

Hi,

I have my own domain and email server (not commercial use) and have been sending via smtp.ntlworld.com:465 (I'm a legacy customer) via STunnel without an issues for some time (I have DMARC and SPF records for the domain).

However a few days ago I noticed VM's SMTP is refusing the connection in the STunnel logs, has something changed at VM's end?

So I added smtp.virginmedia.com to STunnel which did appear to resolve the issue for a day or two but I've just had this NDR when trying to send an email (I'm currently remote so can't check the corresponding STunnel logs). Resending the email appears to have worked (in that I didn't instantly get an NDR) but it may be stuck in the retry queue or it may have gone via the other VM SMTP server if STunnel round-robins the listed servers.

Previously the refused connection produced a delayed message after several hours but not an immediate NDR.

<{host.domain.com} #5.1.0 smtp;530 5.1.0 Authentication Required (VM401)>

I'm still able to log into webmail with my @ntlworld.com account so this doesn't appear to be a credential issue?

Have VM banned/broken/blocked sending own domain emails again?

 

On a semi-related note since I'm posting, is VM blocking DynSite (dynamic IP DNS update client) traffic? It worked fine until I moved to the Super Hub 3 during lock down last year (and working again while I briefly had to move back to the SH2)

Thanks

Ash

0 Kudos
5 REPLIES 5

ravenstar68
Very Insightful Person
Very Insightful Person

on ‎09-07-2021 17:06

Your relaying server isn't using authentication.

You need to enable it.  What's your outbound server?  Postfix or Exim?

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos

ashrid
On our wavelength
In response to ravenstar68

‎09-07-2021 17:08 - edited ‎09-07-2021 17:14

Outbound authentication is enabled and has been working fine for months (edit: although thinking about it, it's possible its not being used for the new entry I put into STunnel for smtp.virginmedia.com to address the original issue), something appears to have changed in the last week and not at my end

The server is Microsoft Exchange with STunnel sat in front as the version I'm running doesnt support SSL for SMTP

When I get home I'll post the STunnel log entries

Thanks

0 Kudos

ravenstar68
Very Insightful Person
Very Insightful Person
In response to ashrid

on ‎09-07-2021 17:50

Stunnel doesn't handle the Authentication, all it does is set up an encrypted tunnel, so the logs won't show anything amiss.

The error message is coming from Virgin Media's server, and it is literally what it says on the tin.

Your exchange server is trying to send a mail to: command without having authenticated using either auth login or auth plain.

Double check your relay connector settings.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos

ashrid
On our wavelength
In response to ravenstar68

‎09-07-2021 18:24 - edited ‎09-07-2021 18:33

Thats odd because I have authentication in my STunnel conf file (details removed), and as I said it's worked for months/years until now.

[ssmtp]
accept = 192.168.10.2:2525
connect = smtp.ntlworld.com:465
connect = smtp.virginmedia.com:465
protocolUsername = xxxxxxxxxx@ntlworld.com
protocolPassword = xxxxxxxxxx

Looking at the STunnel logs the issue appears to be with one of the IPs resolved to smtp.ntlworld.com

2021.07.07 11:20:52 LOG7[625]: s_connect: s_poll_wait 62.254.26.221:465: waiting 10 seconds
2021.07.07 11:20:53 LOG3[625]: s_connect: connect 62.254.26.221:465: Connection refused (WSAECONNREFUSED) (10061)

But later this one worked

2021.07.07 17:43:28 LOG6[652]: s_connect: connecting 212.54.56.52:465
2021.07.07 17:43:28 LOG7[652]: s_connect: s_poll_wait 212.54.56.52:465: waiting 10 seconds
2021.07.07 17:43:28 LOG5[652]: s_connect: connected 212.54.56.52:465

So the original issue (not the NDR, I think that occurred because of the changes I made to fix the original issue) appears to be with the server 62.254.26.221

Thanks

0 Kudos

ravenstar68
Very Insightful Person
Very Insightful Person
In response to ashrid

‎09-07-2021 18:53 - edited ‎09-07-2021 19:08

Stop using smtp.ntlworld.com

It's not been a recommended server since 2016.

While the legacy servers have been left up and running, there is always the possibility that Virgin Media would want to sunset them at some point in the future.

Tim

Edit - VM have recently changed their SMTP setup, so that rather than using the Knowsley gateways, the servers are now all based in the Netherlands.  However normally if you use the hostname rather than the IP address your exchange server would normally weather these changes with little to no input from you.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Top