I checked other questions but couldn't find a match to my problem. I am trying to send an email to myself using PHPMailer to my email provider (Pixel Internet), but getting Authentication Failure. I use the same hostname, username and password as I do with Thunderbird and that works just fine, so there must be an error in my code somewhere.
This is my code:
$mail->isSMTP();
$mail->Host = $mail_smtp_host;
$mail->Port = 587;
$mail->SMTPAuth = true;
$mail->AuthType = "PLAIN";
$mail->SMTPSecure = 'tls';
$mail->Username = $mail_auth_username;
$mail->Password = $mail_auth_password; // (Password in plain text)
$mail->SMTPDebug = 4;
$mail->setFrom('(my email address)', 'Jeff Goodenough');
$mail->addAddress(...);
$mail->Subject = 'Test';
$mail->Body = 'Testing.';
$mail->send();
This is the debug trace I get:
2021-03-04 10:29:43 Connection: opening to mail50.extendcp.co.uk:587, timeout=300, options=array()
2021-03-04 10:29:43 Connection: opened
2021-03-04 10:29:43 SMTP INBOUND: "220 mta1.hi.local ESMTP Exim 4.94 Thu, 04 Mar 2021 10:29:43 +0000"
2021-03-04 10:29:43 SERVER -> CLIENT: 220 mta1.hi.local ESMTP Exim 4.94 Thu, 04 Mar 2021 10:29:43 +0000
2021-03-04 10:29:43 CLIENT -> SERVER: EHLO localhost
2021-03-04 10:29:43 SMTP INBOUND: "250-mta1.hi.local Hello host86-151-185-147.range86-151.btcentralplus.com [86.151.185.147]"
2021-03-04 10:29:43 SMTP INBOUND: "250-SIZE 52428800"
2021-03-04 10:29:43 SMTP INBOUND: "250-8BITMIME"
2021-03-04 10:29:43 SMTP INBOUND: "250-PIPELINING"
2021-03-04 10:29:43 SMTP INBOUND: "250-X_PIPE_CONNECT"
2021-03-04 10:29:43 SMTP INBOUND: "250-AUTH PLAIN LOGIN CRAM-MD5"
2021-03-04 10:29:43 SMTP INBOUND: "250-CHUNKING"
2021-03-04 10:29:43 SMTP INBOUND: "250-STARTTLS"
2021-03-04 10:29:43 SMTP INBOUND: "250 HELP"
2021-03-04 10:29:43 SERVER -> CLIENT: 250-mta1.hi.local Hello host86-151-185-147.range86-151.btcentralplus.com [86.151.185.147]250-SIZE 52428800250-8BITMIME250-PIPELINING250-X_PIPE_CONNECT250-AUTH PLAIN LOGIN CRAM-MD5250-CHUNKING250-STARTTLS250 HELP
2021-03-04 10:29:43 CLIENT -> SERVER: STARTTLS
2021-03-04 10:29:43 SMTP INBOUND: "220 TLS go ahead"
2021-03-04 10:29:43 SERVER -> CLIENT: 220 TLS go ahead
2021-03-04 10:29:43 CLIENT -> SERVER: EHLO localhost
2021-03-04 10:29:44 SMTP INBOUND: "250-mta1.hi.local Hello host86-151-185-147.range86-151.btcentralplus.com [86.151.185.147]"
2021-03-04 10:29:44 SMTP INBOUND: "250-SIZE 52428800"
2021-03-04 10:29:44 SMTP INBOUND: "250-8BITMIME"
2021-03-04 10:29:44 SMTP INBOUND: "250-PIPELINING"
2021-03-04 10:29:44 SMTP INBOUND: "250-X_PIPE_CONNECT"
2021-03-04 10:29:44 SMTP INBOUND: "250-AUTH PLAIN LOGIN CRAM-MD5"
2021-03-04 10:29:44 SMTP INBOUND: "250-CHUNKING"
2021-03-04 10:29:44 SMTP INBOUND: "250 HELP"
2021-03-04 10:29:44 SERVER -> CLIENT: 250-mta1.hi.local Hello host86-151-185-147.range86-151.btcentralplus.com [86.151.185.147]250-SIZE 52428800250-8BITMIME250-PIPELINING250-X_PIPE_CONNECT250-AUTH PLAIN LOGIN CRAM-MD5250-CHUNKING250 HELP
2021-03-04 10:29:44 Auth method requested: PLAIN
2021-03-04 10:29:44 Auth methods available on the server: PLAIN,LOGIN,CRAM-MD5
2021-03-04 10:29:44 CLIENT -> SERVER: AUTH PLAIN
2021-03-04 10:29:44 SMTP INBOUND: "535 Incorrect authentication data"
2021-03-04 10:29:44 SERVER -> CLIENT: 535 Incorrect authentication data
2021-03-04 10:29:44 SMTP ERROR: AUTH command failed: 535 Incorrect authentication data
SMTP Error: Could not authenticate.
2021-03-04 10:29:44 CLIENT -> SERVER: QUIT
2021-03-04 10:29:44 SMTP INBOUND: "221 mta1.hi.local closing connection"
2021-03-04 10:29:44 SERVER -> CLIENT: 221 mta1.hi.local closing connection
2021-03-04 10:29:44 Connection: closed
SMTP Error: Could not authenticate.
This is an example my email provider gave (i.e. the sort of thing they are expecting):
Client: EHLO client.example.com
Server: 250-smtp.example.com Hello client.example.com
Server: 250 AUTH GSSAPI DIGEST-MD5 PLAIN
Client: AUTH PLAIN dGVzdAB0ZXN0ADEyMzQ=
Server: 235 2.7.0 Authentication successful
The difference appears to be in the client to server AUTH PLAIN message: my debug trace shows just "AUTH PLAIN" whereas Pixel's example shows an encoded string following that. What am I missing?
RFC4954 provides two examples fo the AUTH PLAIN SMTP authentication mechanism. The first is like you're seeing:
S: 250 AUTH GSSAPI DIGEST-MD5 PLAIN
C: AUTH PLAIN dGVzdAB0ZXN0ADEyMzQ=
S: 235 2.7.0 Authentication successful
The second is an alternative form of the same mechanism:
S: 250 AUTH GSSAPI DIGEST-MD5 PLAIN
C: AUTH PLAIN
S: 334
C: dGVzdAB0ZXN0ADEyMzQ=
S: 235 2.7.0 Authentication successful
You can see that the two methods submit the same authentication string, but the second has an additional 334 response from the server before the auth string is sent. While this is slightly less efficient, it has the advantage that the approach is the same as is used for the similar LOGIN auth mechanism, which also uses a 334 intermediate response.
PHPMailer implements the second mechanism for PLAIN. Your server apparently doesn't like that, which I would describe as a bug; it should allow both patterns.
A simple solution is to switch to using the LOGIN mechanism which your server also supports, and there is only one version of:
$mail->AuthType = 'LOGIN';
You could also use CRAM-MD5 which is supported by both your server and PHPMailer and is marginally more secure, though over TLS it doesn't make much difference.