Not sending email through external smtp server

Digiplay · August 10, 2020, 9:44pm

Just installed a clean version 3.5.5 and configured as I had another site. Everything seems to work except mail is not making it out. My email servers uses text username and password (no encryption). Checking the long, I see this:
SMTP Server: AUTH failed, username bounces#xxxxxxx.us, password 1fd42f91e1a33aecbf19866306f953a2

What setting do I have incorrect that’s causing it to attempt to send encrypted password? The older site has: define (“ENCRYPTION_ALGO”, ‘sha256’
while the new one has: define (‘HASH_ALGO’, ‘sha256’)

Thanks.

duncanc · August 11, 2020, 5:58am

@Digiplay Those settings are for phplist passwords, not the SMTP connection. You need to look at the settings for SMTP that are explained in config_extended.php to see which might be causing the problem.

Digiplay · August 11, 2020, 3:45pm

I had copied the extended and replaced config.php. Should I not have done that?

In the copied extended version, I have the following statements in “Message sending options”:
define(‘PHPMAILERHOST’, ‘smtp.digilinx.net’);
$phpmailer_smtpuser = ‘bounces#domain.us’;
$phpmailer_smtppassword = ‘password’;
define(‘PHPMAILERPORT’,non-standard port we use);

These two are not in the other site’s config.php so left them false
define(‘POP_BEFORE_SMTP’, false);
define(‘POPBEFORESMTP_DEBUG’, false);

duncanc · August 11, 2020, 6:14pm

@Digiplay You can enable smtp debug as explained in the config file then send a test message. There will be some output at the top of the page showing the dialog between phplist and the mail server, which might help to understand what is happening.

Digiplay · August 11, 2020, 7:11pm

I will try that, but the snip I showed was what was received at my smtp server, which indicates the password is being sent encrypted, rather than plain text. That appears to be the problem. I just don’t know how to turn off the encryption. I tried adding the (PHPMAILER_SECURE, false) but that hasn’t changed the result. Still showing an encrypted password. What follows password is the password that was transmitted to the SMTP server.

SMTP Server: AUTH failed, username bounces#xxxxxxx.us, password 1fd42f91e1a33aecbf19866306f953a2

Digiplay · August 14, 2020, 3:50pm

Unable to get debug working after changing setting. Still indicates that it’s not sending correct (I suspect encrypted) password according to SMTP server’s log. Is there some setting that controls password encryption? I do have (PHPMAILER_SECURE, false) in the config.php file.

duncanc · August 14, 2020, 8:07pm

It is straightforward. Add this to config.php then edit the campaign and send a test email to yourself. There will be debug output at the top of the page

define('PHPMAILER_SMTP_DEBUG', 3);

Digiplay · August 14, 2020, 9:34pm

Did what you suggested. Nothing informative was provided other than the email failed. the log in phpList provided the following: Error sending email to info@spycpowerboat.us SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting

The log file from my SMTP server provided the following: [I-075] Aug 14 16:26:42 [172.16.40.40:38800]SMTP Server: AUTH failed, username bounces#spycpowerboat.us, password 791b285d8462e1241601271b172098d0

The password should be the real password, but it appears to be hex. My server only uses plaintext authentication. I have to get phpList to use that. I cannot find where that setting would be.

duncanc · August 15, 2020, 3:05am

@Digiplay With debug level 3 I get the SMTP dialog output starting with

2020-08-15 03:01:50 Connection: opening to localhost:2525, timeout=5, options=array()
2020-08-15 03:01:50 Connection: opened
2020-08-15 03:01:50 SERVER -> CLIENT: 220 duncan-OptiPlex-990 ESMTP SubEthaSMTP null
2020-08-15 03:01:50 CLIENT -> SERVER: EHLO strontian
2020-08-15 03:01:50 SERVER -> CLIENT: 250-duncan-OptiPlex-990250-8BITMIME250-AUTH LOGIN250 Ok

If you are not getting something similar then you’re not making the correct config change. In your case the dialog might explain why the password is not being sent in plain text.

Digiplay · August 16, 2020, 6:28pm

I have added "define (‘PHPMAILER_SMTP_DEBUG’. 3); " to the CONFIG.PHP file. I do not see anything new when the queue is processed. Nothing like what you’ve shown above. I still see the same thing in the SMTP server’s log.

[I-075] Aug 16 13:19:40 [172.16.40.40:36724]SMTP Server: AUTH failed, username bounces#spycpowerboat.us, password ded4840cc69efba19a3553efba021e92
[I-075] Aug 16 13:19:41 [172.16.40.40:36726]SMTP Server: AUTH failed, username bounces#spycpowerboat.us, password 6f8c637733084e7129c49d7e06ed50d6
[I-075] Aug 16 13:19:41 [172.16.40.40:36728]SMTP Server: AUTH failed, username bounces#spycpowerboat.us, password d27f777e8678ce9e025828333a726189
[I-075] Aug 16 13:19:42 [172.16.40.40:36730]SMTP Server: AUTH failed, username bounces#spycpowerboat.us, password 13cc273989fb7850feb1dd192fea1593
[I-075] Aug 16 13:19:42 [172.16.40.40:36732]SMTP Server: AUTH failed, username bounces#spycpowerboat.us, password 61e33ce8ad2612389045d827315246be

Interesting thing, it tries 4 times with what appears to be different passwords each time and they still appear encrypted.

I thought this might be the encryption a couple tries ago, added: ‘define(“PHPMAILER_SECURE”, false)’ This did not make any change in what appears in the SMTP server’s log.

duncanc · August 16, 2020, 7:59pm

The output is when you send a test message while composing the campaign.

Digiplay · August 16, 2020, 9:03pm

OK. Didn’t think to try that. Here’s the result:

Connection: opening to smtp.digilinx.net:52, timeout=5, options=array ()
Connection: opened
SERVER -> CLIENT: 220 digilinx.net ESMTP (IOA-IPAD 9.11at1) ready at Sun, 16 Aug 2020 16:01:00 -0500
CLIENT -> SERVER: EHLO spycpowerboat.us
SERVER -> CLIENT: 250-digilinx.net. Hello [172.16.40.40], pleased to meet you250-EXPN250-SIZE250-HELP250-ETRN250 AUTH CRAM-MD5 PLAIN LOGIN
CLIENT -> SERVER: AUTH CRAM-MD5
SERVER -> CLIENT: 334 PDIwMjAwODE2MTYwMS5mNjdiNzNAZGlnaWxpbngubmV0Pg==
CLIENT -> SERVER: Ym91bmNlcyNzcHljcG93ZXJib2F0LnVzIDBmZGIyNWEwMDk0ZGQxN2I4Mjg2ZWJlMjM1YjkyNTkx
SERVER -> CLIENT: 535 Authentication failed.
SMTP ERROR: Username command failed: 535 Authentication failed.
SMTP Error: Could not authenticate.
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 digilinx.net. closing connection
Connection: closed
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting

From my SMTP server:
[I-075] Aug 16 16:01:00 [172.16.40.40:38080]SMTP Server: AUTH failed, username bounces#spycpowerboat.us, password 0fdb25a0094dd17b8286ebe235b92591

duncanc · August 16, 2020, 9:44pm

@Digiplay the mail server is offering CRAM-MD5 authentication and that is being chosen by phpmailer, the package used by phplist, for authentication.

Can you configure the mail server to offer only PLAIN?
phplist doesn’t provide a configuration for the authentication method, so otherwise you will need to modify either phplist code or phpmailer code.

Possibly the simplest is the phpmailer file admin/PHPMailer6/src/SMTP.php around line 485

            foreach (['CRAM-MD5', 'LOGIN', 'PLAIN', 'XOAUTH2'] as $method) {

Try removing CRAM-MD5 from that list.

or lin 451 of file admin/PHPMailer/class.smtp.php if you are not using PHPMailer 6.

            foreach (array('CRAM-MD5', 'LOGIN', 'PLAIN', 'NTLM', 'XOAUTH2') as $method) {