Just installed a clean version 3.5.5 and configured as I had another site. Everything seems to work except mail is not making it out. My email servers uses text username and password (no encryption). Checking the long, I see this:
SMTP Server: AUTH failed, username bounces#xxxxxxx.us, password 1fd42f91e1a33aecbf19866306f953a2
What setting do I have incorrect that’s causing it to attempt to send encrypted password? The older site has: define (“ENCRYPTION_ALGO”, ‘sha256’
while the new one has: define (‘HASH_ALGO’, ‘sha256’)
@Digiplay Those settings are for phplist passwords, not the SMTP connection. You need to look at the settings for SMTP that are explained in config_extended.php to see which might be causing the problem.
I had copied the extended and replaced config.php. Should I not have done that?
In the copied extended version, I have the following statements in “Message sending options”:
define(‘PHPMAILERHOST’, ‘smtp.digilinx.net’);
$phpmailer_smtpuser = ‘bounces#domain.us’;
$phpmailer_smtppassword = ‘password’;
define(‘PHPMAILERPORT’,non-standard port we use);
These two are not in the other site’s config.php so left them false
define(‘POP_BEFORE_SMTP’, false);
define(‘POPBEFORESMTP_DEBUG’, false);
@Digiplay You can enable smtp debug as explained in the config file then send a test message. There will be some output at the top of the page showing the dialog between phplist and the mail server, which might help to understand what is happening.
I will try that, but the snip I showed was what was received at my smtp server, which indicates the password is being sent encrypted, rather than plain text. That appears to be the problem. I just don’t know how to turn off the encryption. I tried adding the (PHPMAILER_SECURE, false) but that hasn’t changed the result. Still showing an encrypted password. What follows password is the password that was transmitted to the SMTP server.
Unable to get debug working after changing setting. Still indicates that it’s not sending correct (I suspect encrypted) password according to SMTP server’s log. Is there some setting that controls password encryption? I do have (PHPMAILER_SECURE, false) in the config.php file.
It is straightforward. Add this to config.php then edit the campaign and send a test email to yourself. There will be debug output at the top of the page
The log file from my SMTP server provided the following: [I-075] Aug 14 16:26:42 [172.16.40.40:38800]SMTP Server: AUTH failed, username bounces#spycpowerboat.us, password 791b285d8462e1241601271b172098d0
The password should be the real password, but it appears to be hex. My server only uses plaintext authentication. I have to get phpList to use that. I cannot find where that setting would be.
@Digiplay With debug level 3 I get the SMTP dialog output starting with
2020-08-15 03:01:50 Connection: opening to localhost:2525, timeout=5, options=array()
2020-08-15 03:01:50 Connection: opened
2020-08-15 03:01:50 SERVER -> CLIENT: 220 duncan-OptiPlex-990 ESMTP SubEthaSMTP null
2020-08-15 03:01:50 CLIENT -> SERVER: EHLO strontian
2020-08-15 03:01:50 SERVER -> CLIENT: 250-duncan-OptiPlex-990250-8BITMIME250-AUTH LOGIN250 Ok
If you are not getting something similar then you’re not making the correct config change. In your case the dialog might explain why the password is not being sent in plain text.
I have added "define (‘PHPMAILER_SMTP_DEBUG’. 3); " to the CONFIG.PHP file. I do not see anything new when the queue is processed. Nothing like what you’ve shown above. I still see the same thing in the SMTP server’s log.
Interesting thing, it tries 4 times with what appears to be different passwords each time and they still appear encrypted.
I thought this might be the encryption a couple tries ago, added: ‘define(“PHPMAILER_SECURE”, false)’ This did not make any change in what appears in the SMTP server’s log.
@Digiplay the mail server is offering CRAM-MD5 authentication and that is being chosen by phpmailer, the package used by phplist, for authentication.
Can you configure the mail server to offer only PLAIN?
phplist doesn’t provide a configuration for the authentication method, so otherwise you will need to modify either phplist code or phpmailer code.
Possibly the simplest is the phpmailer file admin/PHPMailer6/src/SMTP.php around line 485
foreach (['CRAM-MD5', 'LOGIN', 'PLAIN', 'XOAUTH2'] as $method) {
Try removing CRAM-MD5 from that list.
or lin 451 of file admin/PHPMailer/class.smtp.php if you are not using PHPMailer 6.
foreach (array('CRAM-MD5', 'LOGIN', 'PLAIN', 'NTLM', 'XOAUTH2') as $method) {
It has been awhile since I have looked into this. I believe you have to specify the method of authentication you want to use, not let it default to what it wants to try.
I’m not on the current version at the moment. I wasn’t able to find that particular stuff in the config file, so it may have changed since I had written my response. I ended up using the config_extended version to be able to tweak a few items. You will need to look through that and see if there are options to solved the problem. Also, read the documentation carefully to see what each setting will do for you.
Thank you so much for writing back. Its an old topic but errors are same.
You said try removing, you mean i have to take out CRAM-MD5 from line 527 because that is what I did but its still giving the same error. I posted debugged lines earlier in my post above its almost similar to the one 3 years ago. At the moment i am reinstalling my VPS but your guidance can help me.
Please neto: I am using the same server where my domain is installed. But i dont want to use php mailer and instead want to sent through SMTP, so I have to give SMTP setting of the domain or no.