SENT: 535 Authentication failed. Restarting authentication process.

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
miha123
New user
New user
Posts: 2
Joined: 2019-10-03 11:05

SENT: 535 Authentication failed. Restarting authentication process.

Post by miha123 » 2019-10-03 11:12

Hi guys.

I am struggling to set hmailserver settings and DNS for about a week now. Problem is that my mails are getting into the spam folder in Gmail. I did and read everything on the forum but can't find a solution to my problem.

I have also set all DNS records OK according to https://mxtoolbox.com/domain

Can you help me with this?

Bellow is a configuration for my system:

Code: Select all

[code]2019-10-03   Hmailserver: 5.6.7-B2425

DOMAINS

   "Domain1.com" - ebxx.si                        Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: True    
                   Max message size:        0   Header:   Relaxed  Plus addressing: False
                   Max size of accounts:    0   Body:     Relaxed
                                                Algorithm: SHA256  Greylisting:     False
                                                Private key: c:\dkim\dkim.Domain1.com.pem
                                                Selector:    dkim

   "Domain2.com" - mixxxxxxxx.si                  Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: True    
                   Max message size:        0   Header:   Relaxed  Plus addressing: False
                   Max size of accounts:    0   Body:     Relaxed
                                                Algorithm: SHA256  Greylisting:     False
                                                Private key: c:\dkim\dkim.Domain2.com.pem
                                                Selector:    dkim
-----------------------------------------------------------------------------------------------

IP RANGES

IP: 127.0.0.1 - 127.0.0.1     Priority: 15     Name: My computer

  Allow connections                         Other
     SMTP:   True                              Antispam :   True !! 'Spam tests' not enabled !!
     POP3:   True                              Antivirus:   True !! ANTIVIRUS NOT CONFIGURED !!
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       - False
     Local To External    -  True              Local To External    - False
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


IP: 0.0.0.0 - 255.255.255.255     Priority: 10     Name: Internet

  Allow connections                         Other
     SMTP:   True                              Antispam :   True !! 'Spam tests' not enabled !!
     POP3:   True                              Antivirus:   True !! ANTIVIRUS NOT CONFIGURED !!
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       -  True
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


------------------------------------------------------
AUTOBANNED Local Addresses:
    No entries

-----------------------------------------------------------------------------------------------

AUTOBAN
  Autoban Enabled: False

No problems were found in the IP range configuration.
-----------------------------------------------------------------------------------------------

INCOMING RELAYS
   No entries
-----------------------------------------------------------------------------------------------

MIRRORING         Disabled
-----------------------------------------------------------------------------------------------

PROTOCOLS

SMTP
GENERAL             DELIVERY                  RFC COMPLIANCE            ADVANCED
No. Connections:  0  No Retries:  4 Mins: 60   Plain Text:        False  Bind: 
                     Host: EXTERNAL.TLD        Empty sender:       True  Batch recipients:   100
Max Msg Size: 20480  Relay:-                   Incorrect endings:  True  Use STARTTLS:      True
                     (none entered)            Disc. on invalid:  False  Delivered-To hdr: False
                                                                         Loop limit:           5
                                                                         Recipient hosts:     15
  Routes:
     No routes defined.

POP3
  No. Connections: 0

IMAP
 GENERAL                   PUBLIC FOLDERS                    ADVANCED
  No. Connections:   0      Public folder name: #Public       IMAP sort:  True
                                                              IMAP Quota: True
                                                              IMAP Idle:  True
                                                              IMAP ACL:   True
                                                              Delim: "."
-----------------------------------------------------------------------------------------------

ANTISPAM

GENERAL                              SPAM TESTS              Score   SPAMASSASSIN
  Spam Mark:                  5       Use SPF:           False        Use Spamassassin:   False
  Add X-HmailServer-Spam:     True    Check HELO host:   False    
  Add X-HmailServer-Reason:   True    Check MX records:  False    
  Add X-HmailServer-Subject: False    Verify DKIM:       False    

  Spam delete threshold: 20         Maximum message size: 1024

DNSBL ENTRIES:
   No 'enabled' entries

SURBL ENTRIES:
   No 'enabled' entries

GREYLISTING:
  Greylisting:  False

WHITELISTING
   No entries
-----------------------------------------------------------------------------------------------

ANTIVIRUS:  No application configured.

  Block Attachments: False
-----------------------------------------------------------------------------------------------

SSL CERTIFICATES
   No entries
-----------------------------------------------------------------------------------------------

SSL/TLS
             SSL 3.0 :  False
             TLS 1.0 :   True
             TLS 1.1 :   True
             TLS 1.2 :   True                Verify Remote SSL/TLS Certs:   True
SslCipherList  :

ECDHE-RSA-AES128-GCM-SHA256     - ECDHE-ECDSA-AES128-GCM-SHA256   - ECDHE-RSA-AES256-GCM-SHA384     
ECDHE-ECDSA-AES256-GCM-SHA384   - DHE-RSA-AES128-GCM-SHA256       - DHE-DSS-AES128-GCM-SHA256       
kEDH+AESGCM                     - ECDHE-RSA-AES128-SHA256         - ECDHE-ECDSA-AES128-SHA256       
ECDHE-RSA-AES128-SHA            - ECDHE-ECDSA-AES128-SHA          - ECDHE-RSA-AES256-SHA384         
ECDHE-ECDSA-AES256-SHA384       - ECDHE-RSA-AES256-SHA            - ECDHE-ECDSA-AES256-SHA          
DHE-RSA-AES128-SHA256           - DHE-RSA-AES128-SHA              - DHE-DSS-AES128-SHA256           
DHE-RSA-AES256-SHA256           - DHE-DSS-AES256-SHA              - DHE-RSA-AES256-SHA              
AES128-GCM-SHA256               - AES256-GCM-SHA384               - ECDHE-RSA-RC4-SHA               
ECDHE-ECDSA-RC4-SHA             - AES128                          - AES256                          
RC4-SHA                         - HIGH                            - !aNULL                          
!eNULL                          - !EXPORT                         - !DES                            
!3DES                           - !MD5                            - !PSK;                           
-----------------------------------------------------------------------------------------------

TCPIP PORTS                                         Connection Sec
               0.0.0.0         / 25    / SMTP   -   None                
               0.0.0.0         / 110   / POP3   -   None                
               0.0.0.0         / 143   / IMAP   -   None                
               0.0.0.0         / 587   / SMTP   -   None                
-----------------------------------------------------------------------------------------------

LOGGING      Logging Enabled: True

  Paths:-
    Current:  C:\Program Files (x86)\hMailServer\Logs\hmailserver_2019-10-03.log
    Error:    C:\Program Files (x86)\hMailServer\Logs\ERROR_hmailserver_2019-10-03.log
    Event:    C:\Program Files (x86)\hMailServer\Logs\hmailserver_events.log - Not present
    Awstats:  C:\Program Files (x86)\hMailServer\Logs\hmailserver_awstats.log
                        APPLICATION -    True
                        SMTP        -    True
                        POP3        -    True
                        IMAP        -      .
                        TCPIP       -    True
                        DEBUG       -    True
                        AWSTATS     -    True
-----------------------------------------------------------------------------------------------

SYSTEM TESTS

Database type: MSSQL

IPv6 support is available in operating system.

ERROR: Backup directory has not been specified.

Relative message paths are stored in the database for all messages.

-----------------------------------------------------------------------------------------------

HMAILSERVER.INI

[Directories]
Program folder:  C:\Program Files (x86)\hMailServer\
Database folder: 
Data folder:     C:\Program Files (x86)\hMailServer\Data
Log folder:      C:\Program Files (x86)\hMailServer\Logs
Temp folder:     C:\Program Files (x86)\hMailServer\Temp
Event folder:    C:\Program Files (x86)\hMailServer\Events

[Database]
Type=              MSSQL
Username=          sa
PasswordEncryption=1
Port=              0
Server=            web.minioffice.si
Internal=          0
-----------------------------------------------------------------------------------------------

Generated by HMSSettingsDiagnostics v1.98, Hmailserver Forum.
[/code]

palinka
Senior user
Senior user
Posts: 1302
Joined: 2017-09-12 17:57

Re: SENT: 535 Authentication failed. Restarting authentication process.

Post by palinka » 2019-10-03 12:26

I don't understand the title of the post. Are you getting errors? You didn't mention any. Are you receiving mail? Any problems sending mail besides having it land in spam folders?

Config looks pretty vanilla. Nothing wrong with it, although you probably want to get some spam processing up and running.

You left a domain name in the bottom of the diagnostic, so i used it on some tests at mx toolbox. Everything looks good except your spf policy is set to soft fail. You should make that a hard fail. "-" instead of "~".

As far as gmail goes, they have their own reasons for sending you to spam. You'll only find out why by asking them. Good luck with that. :roll: However, there are some things you can do, and most of them you've already done (spf, dkim, dmarc). Have you registered with Google postmaster? https://gmail.com/postmaster/

miha123
New user
New user
Posts: 2
Joined: 2019-10-03 11:05

Re: SENT: 535 Authentication failed. Restarting authentication process.

Post by miha123 » 2019-10-03 12:44

Yes sorry for not describing things properly.

The title is error I am getting from log when sending to Gmail address (code bellow). On some other email providers (MS exchange) works OK.

After everything works, I am going to turn anti-spam ON.

About SPF policy I will change that to hardfail~.

I have also registered and successfully verify my domain and also subdomain (smtp) to postmaster (google). Strange is that sometimes it works for just some minutes (30min) and then again to spam.

Code: Select all

"DEBUG"	6044	"2019-10-01 09:15:19.421"	"TCP connection started for session 12"
"SMTPD"	6044	12	"2019-10-01 09:15:19.421"	"45.142.195.150"	"SENT: 220 mail.****.si ESMTP"
"SMTPD"	6044	12	"2019-10-01 09:15:20.405"	"45.142.195.150"	"RECEIVED: EHLO User"
"SMTPD"	6044	12	"2019-10-01 09:15:20.405"	"45.142.195.150"	"SENT: 250-mail.***.si[nl]250-SIZE 20480000[nl]250-AUTH LOGIN[nl]250 HELP"
"SMTPD"	372	12	"2019-10-01 09:15:21.405"	"45.142.195.150"	"RECEIVED: RSET"
"SMTPD"	372	12	"2019-10-01 09:15:21.405"	"45.142.195.150"	"SENT: 250 OK"
"SMTPD"	6044	12	"2019-10-01 09:15:22.421"	"45.142.195.150"	"RECEIVED: AUTH LOGIN"
"SMTPD"	6044	12	"2019-10-01 09:15:22.421"	"45.142.195.150"	"SENT: 334 VXNlcm5hbWU6"
"SMTPD"	372	12	"2019-10-01 09:15:23.311"	"45.142.195.150"	"RECEIVED: dmFsZXJpZUBtaW5pb2ZmaWNlLnNp"
"SMTPD"	372	12	"2019-10-01 09:15:23.311"	"45.142.195.150"	"SENT: 334 UGFzc3dvcmQ6"
"SMTPD"	924	12	"2019-10-01 09:15:24.139"	"45.142.195.150"	"RECEIVED: ***"
"SMTPD"	924	12	"2019-10-01 09:15:24.155"	"45.142.195.150"	"SENT: 535 Authentication failed. Restarting authentication process."
"SMTPD"	372	12	"2019-10-01 09:15:25.374"	"45.142.195.150"	"RECEIVED: QUIT"
"SMTPD"	372	12	"2019-10-01 09:15:25.374"	"45.142.195.150"	"SENT: 221 goodbye"

palinka
Senior user
Senior user
Posts: 1302
Joined: 2017-09-12 17:57

Re: SENT: 535 Authentication failed. Restarting authentication process.

Post by palinka » 2019-10-03 13:32

The log is not gmail. It's your hmailserver. It is a spammer trying to guess the password to account valerie at minioffice dot si. the password was incorrect and hmailserver is doing its job by booting the connection with an authentication error. valerie at minioffice dot si could not be authenticated due to incorrect password.

RECEIVED: EHLO User

This is a spambot. If you turned on check helo and check mx records, this guy wouldn't have even got to the stage where he could attempt to authenticate. (I think - to be honest I'm not sure if those tests reject the connection or add a spam score). Either way, it's just another day of being a mail admin. You're going to see a LOT of these unless you get hardened.

User avatar
jim.bus
Senior user
Senior user
Posts: 304
Joined: 2011-05-28 11:49
Location: US

Re: SENT: 535 Authentication failed. Restarting authentication process.

Post by jim.bus » 2019-10-04 14:11

First '~' is not an SPF Hard Fail It is the Soft Fail. You need to use '-' for a Hard Fail without the quotes. It's also possible GMail might be marking SPAM on Emails with an SPF Soft Fail. I believe I heard some Email Servers are fussy that way too because a Soft Fail is like not testing the server with SPF. It really didn't check anything for the Receiving Email Server because '~' (Soft Fail) means 'Accept all other Domains'.

Also GMail may be balk at your email if you don't have a PTR (Reverse DNS) entry for your Server. GMail is one of the fussiest of the Email Servers when it comes to receiving Email from other Email Servers so I would be surprised if they don't have a PTR check as well as an SPF Check.

Post Reply