SM Incoming Gateway to SM Gets a "550 Authentication Required For Relay"
Problem reported by Scarab - 4/12/2019 at 1:28 PM
Submitted
We have an off-site legacy app that sends emails without SMTP Authentication (I can't believe they still exist but sadly they do). We added that app's host IP to the Whitelist for SMTP Auth Bypass on both the SM Gateway and our primary SM server. The SM Gateway accepts the message for delivery and then attempts to deliver to the primary SM server and gets a "550 Authentication Required For Relay" (see detailed SMTP & Delivery log excerpt at end of message)

Realized this is also happening with *ANY* emails that are addressed from a domain that is hosted by us that is sent by a 3rd-Party (i.e. using their domain with MailChimp or Constant Contact). The SM Gateway accepts them for delivery so long as they are aligned with SPF, DKIM, and DMARC, but then the primary SM server tells the SM Gateway ""550 Authentication Required For Relay"

I seem to recall this problem long ago (@ v14 or 15). Apparently it is back in v17.

[2019.04.11] 14:26:20.454 [66.241.70.88][18315920] rsp: 220 mta01.scarabmedia.com Thu, 11 Apr 2019 21:26:20 +0000 UTC
[2019.04.11] 14:26:20.454 [66.241.70.88][18315920] connected at 4/11/2019 2:26:20 PM
[2019.04.11] 14:26:20.454 [66.241.70.88][18315920] Country code: US
[2019.04.11] 14:26:20.454 [66.241.70.88][18315920] IP in whitelist
[2019.04.11] 14:26:20.454 [66.241.70.88][18315920] cmd: EHLO smtp4.projecta.com
[2019.04.11] 14:26:20.594 [66.241.70.88][18315920] rsp: 250-mta01.scarabmedia.com Hello [66.241.70.88]250-SIZE 52428800250-AUTH CRAM-MD5250-STARTTLS250-8BITMIME250-DSN250 OK
[2019.04.11] 14:26:20.594 [66.241.70.88][18315920] cmd: STARTTLS
[2019.04.11] 14:26:20.594 [66.241.70.88][18315920] rsp: 220 Start TLS negotiation
[2019.04.11] 14:26:20.782 [66.241.70.88][18315920] cmd: EHLO smtp4.projecta.com
[2019.04.11] 14:26:20.907 [66.241.70.88][18315920] rsp: 250-mta01.scarabmedia.com Hello [66.241.70.88]250-SIZE 52428800250-AUTH LOGIN CRAM-MD5250-8BITMIME250-DSN250 OK
[2019.04.11] 14:26:21.032 [66.241.70.88][18315920] cmd: MAIL FROM:<info@lithiaspringsrotary.org> SIZE=749
[2019.04.11] 14:26:21.157 [66.241.70.88][18315920] senderEmail(1): info@lithiaspringsrotary.org parsed using: <info@lithiaspringsrotary.org>
[2019.04.11] 14:26:21.157 [66.241.70.88][18315920] rsp: 250 OK <info@lithiaspringsrotary.org> Sender ok
[2019.04.11] 14:26:21.157 [66.241.70.88][18315920] Sender accepted. Weight: 0. Block threshold: 30.
[2019.04.11] 14:26:21.157 [66.241.70.88][18315920] cmd: RCPT TO:<member@ashlandhome.net> ORCPT=rfc822;member@ashlandhome.net
[2019.04.11] 14:26:21.157 [66.241.70.88][18315920] rsp: 250 OK <member@ashlandhome.net> Recipient ok
[2019.04.11] 14:26:21.157 [66.241.70.88][18315920] cmd: DATA
[2019.04.11] 14:26:21.157 [66.241.70.88][18315920] Performing PTR host name lookup for 66.241.70.88
[2019.04.11] 14:26:21.157 [66.241.70.88][18315920] PTR host name for 66.241.70.88 resolved as smtp4.projecta.com
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] rsp: 354 Start mail input; end with <CRLF>.<CRLF>
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] senderEmail(2): info@lithiaspringsrotary.org parsed using: "Rotary Club of Ashland Members" <info@lithiaspringsrotary.org>
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] rsp: 250 OK
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] Received message size: 751 bytes
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] Successfully wrote to the HDR file. (D:\SmarterMail\Spool\proc\88551959.hdr)
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] Data transfer succeeded, writing mail to 88551959.eml
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] cmd: QUIT
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] rsp: 221 Service closing transmission channel
[2019.04.11] 14:26:21.282 [66.241.70.88][18315920] disconnected at 4/11/2019 2:26:21 PM
[2019.04.11] 14:26:24.735 [51957] Delivery started for info@lithiaspringsrotary.org at 2:26:24 PM
[2019.04.11] 14:26:27.750 [51957] Added to SpamCheckQueue (1 queued; 5/50 processing)
[2019.04.11] 14:26:27.750 [51957] [SpamCheckQueue] Begin Processing.
[2019.04.11] 14:26:27.813 [51957] Starting Spam Checks.
[2019.04.11] 14:26:27.813 [51957] Skipping spam checks: Whitelisted IP
[2019.04.11] 14:26:27.813 [51957] Spam Checks completed.
[2019.04.11] 14:26:27.813 [51957] Removed from SpamCheckQueue (6 queued or processing)
[2019.04.11] 14:26:30.750 [51957] Added to RemoteDeliveryQueue (1 queued; 0/200 processing)
[2019.04.11] 14:26:30.750 [51957] [RemoteDeliveryQueue] Begin Processing.
[2019.04.11] 14:26:30.750 [51957] Sending remote mail for info@lithiaspringsrotary.org
[2019.04.11] 14:26:30.750 [51957] Spam check results: [_CUSTOMRULES: ]
[2019.04.11] 14:26:30.750 [51957] Sending remote mail to: member@ashlandhome.net
[2019.04.11] 14:26:30.750 [51957] Initiating connection to 207.55.232.8
[2019.04.11] 14:26:30.750 [51957] Connecting to 207.55.232.8:25 (Id: 1)
[2019.04.11] 14:26:30.750 [51957] Binding to local IP 192.168.1.7:0 (Id: 1)
[2019.04.11] 14:26:30.750 [51957] Connection to 207.55.232.8:25 from 192.168.1.7:61187 succeeded (Id: 1)
[2019.04.11] 14:26:30.891 [51957] RSP: 220 smartermail.scarabmedia.com Thu, 11 Apr 2019 21:26:30 +0000 UTC
[2019.04.11] 14:26:31.016 [51957] CMD: EHLO mta01.scarabmedia.com
[2019.04.11] 14:26:31.157 [51957] RSP: 250-smartermail.scarabmedia.com Hello [207.55.232.7]
[2019.04.11] 14:26:31.157 [51957] RSP: 250-SIZE 36700160
[2019.04.11] 14:26:31.157 [51957] RSP: 250-AUTH LOGIN CRAM-MD5
[2019.04.11] 14:26:31.157 [51957] RSP: 250-STARTTLS
[2019.04.11] 14:26:31.157 [51957] RSP: 250-8BITMIME
[2019.04.11] 14:26:31.157 [51957] RSP: 250-DSN
[2019.04.11] 14:26:31.157 [51957] RSP: 250 OK
[2019.04.11] 14:26:31.157 [51957] CMD: STARTTLS
[2019.04.11] 14:26:31.188 [51957] RSP: 220 Start TLS negotiation
[2019.04.11] 14:26:31.297 [51957] Certificate name mismatch.
[2019.04.11] 14:26:31.422 [51957] CMD: EHLO mta01.scarabmedia.com
[2019.04.11] 14:26:31.563 [51957] RSP: 250-smartermail.scarabmedia.com Hello [207.55.232.7]
[2019.04.11] 14:26:31.563 [51957] RSP: 250-SIZE 36700160
[2019.04.11] 14:26:31.563 [51957] RSP: 250-AUTH LOGIN CRAM-MD5
[2019.04.11] 14:26:31.563 [51957] RSP: 250-8BITMIME
[2019.04.11] 14:26:31.563 [51957] RSP: 250-DSN
[2019.04.11] 14:26:31.563 [51957] RSP: 250 OK
[2019.04.11] 14:26:31.563 [51957] CMD: MAIL FROM:<info@lithiaspringsrotary.org> RET=HDRS ENVID=32e47709-22a4-42df-997c-1b9558dff0b0 SIZE=1287
[2019.04.11] 14:26:31.688 [51957] RSP: 550 Authentication is required for relay
[2019.04.11] 14:26:31.688 [51957] CMD: QUIT
[2019.04.11] 14:26:36.719 [51957] Delivery for info@lithiaspringsrotary.org to member@ashlandhome.net has completed (Deleted)
[2019.04.11] 14:26:36.719 [51957] Removed from RemoteDeliveryQueue (0 queued or processing)
[2019.04.11] 14:26:36.766 [51957] Removing Spool message: Killed: False, Failed: False, Finished: True
[2019.04.11] 14:26:36.766 [51957] Delivery finished for info@lithiaspringsrotary.org at 2:26:36 PM    [id:x88551957]
BTW, does anyone know why SM is showing a "Certificate name mismatch" when connecting via SM Gateway. Every TLS test is showing that the Starfield Cert is showing the correct name that matches the EHLO name?

1 Reply

Reply to Thread
0
Scarab Replied
Installed Build 7040 and problem persists (both the "550 Authentication is required for relay" and the "Certificate name mismatch").

Reply to Thread