How to fix ‘SMTP AUTH is required for message submission on port 587’ error in cPanel/WHM servers
by Reeshma Mathews | 03 April , 2018
Mail servers have an SMTP authentication feature enabled in them, to validate users who try to send mails through that server.
The ‘SMTP AUTH’ error usually happens when users try to send mails without properly authenticating their mail account in email clients such as Outlook or Thunderbird.
What causes the error ‘SMTP AUTH is required for message submission on port 587’ in cPanel/WHM servers
With the latest cPanel/WHM update, email accounts that were working fine till now, may find their mails getting undelivered, showing this error message in the Exim log:
2016-09-22 04:28:29 H=(:1741 F=<firstname.lastname@example.org> rejected RCPT <email@example.com>: SMTP AUTH is required for message submission on port 587
This has happened due to a latest security feature implemented in cPanel/WHM – ‘SMTP AUTH’ requires SSL by default.
To combat spamming in servers and to provide secure email transmission, email clients that try to send mails without using secure transmission will be denied mail delivery through the server.
The option that determines this is ‘Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server’, which is set to ‘On’ by default, in WHM -> Exim Configuration Editor.
While this SSL setting is enabled by default for SMTP, IMAP/POP3 stills works without SSL. So servers with ‘POP before SMTP’ feature enabled, will not face this error.
However, as ‘POP before SMTP’ feature authorizes users to relay through the mail server, this setting is disabled in WHM for many servers due to security issues:
Thus, users in mail servers with the following combined setting, will get error when they try to sends mails with plain authentication:
1. POP before SMTP – disabled
2. Require clients to connect with SSL – enabled
With these settings in place, SMTP authentication will not work unless STARTTLS OR SSL/TLS is enabled in mail client.
The error can happen even in the case of mailer scripts or 3rd party software that send mails from the server without SSL authentication.
[ You don’t have to lose your sleep over lost emails. Get our professional help to fix your mail errors for just $59.99. ]
The error message, however, varies with the port configured in the email client or code of the users. For users connecting to port 587 without SSL, the message in the logs would be:
rejected RCPT <firstname.lastname@example.org>: SMTP AUTH is required for message submission on port 587
For users connecting to port 25 of mail server, here is a variant of the error message from the Exim logs:
rejected RCPT <email@example.com>: Please turn on SMTP Authentication in your mail client. () [IPaddress]:1604 is not permitted to relay through this server without authentication.
- What causes “Sender verify failed” SMTP mail error, and how to resolve it in ISPConfig Postfix servers
- Top 5 causes for email error “451 Temporary local problem – please try later” and How to fix it in Outlook, Exim, Postfix and MailEnable
- How to fix error ‘421 Too many concurrent SMTP connections’ in cPanel and DirectAdmin servers
- ‘550 5.1.1 User unknown’ – How to fix this email error in Exchange, Postfix and Qmail servers
- How to fix email error ‘501 5.1.7 invalid address’ in Exchange servers