Unable to Login via SMTP - 535 Authentication Failed
Problem reported by Scarab - October 28, 2015 at 10:25 AM
Submitted
Customer is able to login via Webmail and POP3 just fine with their User Name & Password, but for SMTP login fails with the error "The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters." Verified that their password is input correctly.
 
Here is a transaction from the detailed SMTP Log. Any ideas as to what could cause this?
 
[2015.10.27] 16:53:35 [66.241.72.190][42514988] rsp: 220 mail.ashlandcreek.net Tue, 27 Oct 2015 23:53:35 +0000 UTC
[2015.10.27] 16:53:35 [66.241.72.190][42514988] connected at 10/27/2015 4:53:35 PM
[2015.10.27] 16:53:35 [66.241.72.190][42514988] cmd: EHLO [10.0.1.26]
[2015.10.27] 16:53:35 [66.241.72.190][42514988] rsp: 250-mail.ashlandcreek.net Hello [66.241.72.190]250-SIZE 31457280250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
[2015.10.27] 16:53:35 [66.241.72.190][42514988] cmd: AUTH LOGIN
[2015.10.27] 16:53:35 [66.241.72.190][42514988] rsp: 334 VXNlcm5hbWU6
[2015.10.27] 16:53:35 [66.241.72.190][42514988] Authenticating as customeremail@domain.tld
[2015.10.27] 16:53:35 [66.241.72.190][42514988] rsp: 334 UGFzc3dvcmQ6
[2015.10.27] 16:53:35 [66.241.72.190][42514988] Exception: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. 
[2015.10.27] 16:53:35 [66.241.72.190][42514988] rsp: 535 Authentication failed
[2015.10.27] 16:53:35 [66.241.72.190][42514988] cmd: QUIT
[2015.10.27] 16:53:35 [66.241.72.190][42514988] rsp: 221 Service closing transmission channel
[2015.10.27] 16:53:35 [66.241.72.190][42514988] disconnected at 10/27/2015 4:53:35 PM

6 Replies

Reply to Thread
1
Matt Petty Replied
Employee Post
Decoded their password and username is.
VXNlcm5hbWU6 = "Username:"
and
UGFzc3dvcmQ6 = "Password:"
That doesn't look correct.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Scarab Replied
LOL! I'm going to assume that you are being serious, as this is an Apple iOS Mail client after the most recent iOS update, and that somehow does not surprise me in the least.

I'll have them delete the Outgoing Server and recreate it anew.

Thanks Matt!
0
Scarab Replied
Okay, we've been getting several dozen accounts a day with this problem now. The commonality is that they are all iOS users with a symbol in their password. When using either PASSWORD or MD5 for authentication the following error is logged:
 
Exception: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. 
 
No matter how many times they delete the account and recreate it or how many times they re-enter their password the problem persists. The only solution thus far has been to have them reset their password to a Simple Password instead of a Complex one which instantly remedies the problem.
 
So, it would seem that there is something going on in SmarterMail that prevents it from reading the base64 response properly from the iOS client for SMTP when there are symbols contained in the password (IMAP and POP authentication are both fine).
0
Bruce Barnes Replied
You didn't say what version of SmarterMail you are running, but did you see this thread?
 
 
Pay attention to the last three posts in the thread.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Scarab Replied
Bruce,
 
We are running SmarterMail Enterprise v14.3.5752. The thread you linked to ironically is one of my own, and a different issue. I did check the last few items on that thread (TLS which we support) but they don't pertain to this particular issue. Both PASSWORD and CRAM-MD5 authentication (with or without TLS enabled) are working just fine for Simple Passwords, but Complex Passwords are failing (only on SMTP Authentication) with the SmarterMail error "Exception: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. ".

As we are talking about Apple here I wouldn't be surprised if it is ultimately an issue with them improperly encoding symbols in the SMTP Authentication string as of iOS 9.2.1 (released 01-18-2016). Older iOS clients aren't seemingly having the same issue.
0
Nicolas Fertig Replied
Hi,

Having the same problem today, with latest SmarterMail 16 and a OSX Mail client.
When the password has symbols the SMTP Auth is broken. IMAP works ok with the same password.
To be honest, I think it's a client-side problem as it works with thunderbird...


Reply to Thread