SMTP error from remote mail server after RCPT TO:: host domain.com [xx.xx.xx.xx]: 550-Please turn on SMTP Authentication in your mail client. 550-(mail.server.net) [xxx.xxx.xxx.xxx]:36825 is not permitted to relay through 550 this server without authentication.
All popular mail servers have SMTP authentication enabled for security protection. Mail accounts using those servers need to authenticate first, before trying to send mails.
At times, users can try to send mails from their mail clients without enabling authentication. ‘**550-Please turn on SMTP Authentication’** is a commonly reported error when users try to send mails without authenticating.
Often this issue is resolved by enabling SMTP authentication settings in the customer’s mail clients.
However, there are 2 other less obvious reasons for mails to bounce with this error. Here’s how our expert support technicians detect and resolve these issues.
How to enable SMTP authentication
We strongly recommend SMTP Authentication be used for all email accounts hosted with us. While we do not require SMTP Authentication, may common email issues can be avoided entirely by using SMTP Authentication. In the event that you’ve been directed to this knowledgebase article by our support staff, that would indicate that we believe the issue you are facing is a result of not using SMTP Authentication in your mail program.
Below you will find directions for enabling this setting in many of the common email clients in use today. This is not an all-inclusive list and we do our best to ensure that the information is accurate.
Outlook Express
From the Tools menu, choose “Accounts.”
Select the “Mail” tab.
Double-click the email account you need to update. (i.e. mail.yourdomain.com).
Select the “Servers” tab.
Check the box next to “My Server Requires Authentication.”
Click “Ok.”
Outlook ’98 and 2000
From the Tools menu, choose “Accounts.”
Select email account you need to update. (i.e. mail.yourdomain.com).
Click “Properties”.
Select the “Servers” tab.
Check the box next to “My Server Requires Authentication.”
Click “Ok.”
Outlook 2002 and 2003
From the Tools menu, select “Email Accounts.”
Select “View or change existing email accounts” and click “Next.”
Select your Email account and click the “Change” button on the right.
Click the “More Settings” button in the bottom-right corner of the E-Mail Accounts window.
In the Internet Email Settings window, click the “Outgoing Server” tab.
Check the box next to “My outgoing server (SMTP) requires authentication.”
Outlook 2007
From the Tools menu, select “Account Settings.”
Select your Email account and click the “Change” button.
Click the “More Settings” button in the bottom-right corner of the E-Mail Accounts window.
In the Internet Email Settings window, click the “Outgoing Server” tab.
Check that the box next to “My outgoing server (SMTP) requires authentication” is checked and “use same settings as my incoming mail server” is selected.
Outlook 2010
From the File menu, select “Info” and choose “Account Settings.”
Select your Email account and click the “Change” button.
Click the “More Settings…” button in the bottom-right corner of the E-Mail Accounts window.
In the Internet Email Settings window, click the “Outgoing Server” tab.
Check that the box next to “My outgoing server (SMTP) requires authentication” is checked and “use same settings as my incoming mail server” is selected.
Mac Mail for OS X
Open Mac Mail.
From the “Mail” menu, choose “Preferences.”
Click the “Accounts” icon at the top of the window.
Next to “Outgoing Mail Server (SMTP):” click on the drop-down menu and go to “Edit SMTP Server List”
Check to make sure you have the correct SMTP server selected at the top.
Verify that “Authentication” is set to “Password.”
If the “User Name” and “Password” fields are not set, enter your full email address as the username, and your password.
Click “Ok.”
Close the accounts window by clicking on the red circle in the far upper left hand corner of the “Accounts” window.
Mac Mail will ask you if you wish to save your changes, make sure to click the “Save” button.
Other possible causes of the 505 error
1. Improper DNS configuration
Domain migrations are common in the hosting industry. Server upgrades or changes in provider can necessitate transferring a domain from one server to another.
But if the migration is not properly done, it can happen that the customer’s MX setting does not get updated to the new server.
It is also possible that users do not update their mail client settings properly. These issues would cause the mails to be sent to the old server, and the connections will be rejected.
Another possibility for ‘**550-Please turn on SMTP Authentication’** is, when the customer uses a third party mail solution such as Google Apps as their mail exchange.
For mail servers that validate email sending domains using SPF records, this can pose an issue if the records are not updated to allow these external MX to deliver mails.
Mail server will reject the mails from those domains citing authentication issues. In the mail servers that we manage, we add the external MX IP into the SPF record of such domains to prevent this error.
2. Missing local domain configuration
For a domain’s mail to work, it should have entries in the corresponding mail server config files. For instance, in Exim servers, there are two files – localdomains and remotedomains – to determine the domain’s mail server.
An account that uses local mail server should have its domain name listed in localdomains file. For domains with remote MX, there has to be entry in remotedomains file.
Due to any configuration mistake, the required entries can get messed up in these config files, leading to mail errors such as ‘**550-Please turn on SMTP Authentication’.**
We do a quick check of the domain’s mail configuration settings to identify such problems. To resolve it, we do a custom configuration allowing the mail gateway to relay mails to the destined mail server.
In short..
‘550-Please turn on SMTP Authentication’ is usually reported from mail accounts in cPanel/WHM servers, and Microsoft Exchange servers.
As mentioned earlier, in the vast majority of cases, the issue is resolved by enabling authentication in the customer’s mail clients (like Microsoft Outlook, Outlook Express, Thunderbird, etc.).
