[RCU] SMTP (Seding Mail) Not Working After 1.4.9 Update

rc at passwall.com rc at passwall.com
Mon Oct 19 20:38:22 CEST 2020

I don't recall from which older RoundCube to which version of roundcube 
came later, but I encountered a problem similar to this.
For me, it turned out that a variable which could be set in 
config.inc.php could be set and a default assignment had changed. I had 
to explicitly set it.

If you have a service for outbound SMTP only available internally for 
your RoundCube users, and it does not require smtp auth, check these 
settings in you config.inc.php:
$config['smtp_user'] =
$config['smtp_pass'] =

If each user does actually auth, and they use the same creds as when 
they login to the web interface, then the default is probably:
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';

If your internal smtp service does not support or allow smtp-auth, then 
$config['smtp_user'] = '';
$config['smtp_pass'] = '';

Enabling auth for smtp is a good idea though as it allows your to have 
an audit trail for user mail, and avoids issues where one user might try 
to pretend to be another. When smtp-auth is used, and logged, you can 
get hints in logs where users may be abusing service.

If your smtp service for outgoing mail is internal only, and you never 
configured it to support smtp-auth, then your smtp server logs will 
probably tell you so.

If the smtp-auth error is generated by the smtp service and not implied 
by the RC application, then also consider reviewing:
$config['smtp_port'] =

Some people setup an outbound smtp service to use a port other than 
TCP/25 which allows for smtp-auth and possibly encryption, while the 
service they configured for port TCP/25 does not. You would know which 
service uses which. If you use encryption, test use of encryption to 
your smtp service port to make sure your certs are not expired, and 
support modern hashing/checks.

Compare/diff all of the new variables in the latest 
config.inc.php.sample installed with your present config.inc.php and see 
if any new variables are expected.

If logs and FAQ do not help, you can always try to simulate an smtp 
session using telnet, or with crypto using "openssl" from the command 
line, and complete a user auth manually. Use your favorite search engine 
to see examples for how-to do either, if you don't know how.


On 2020-10-19 10:14, Denny Jones wrote:
> Hello,
> After updating to 1.4.9 version from 1.3 I get an error when trying to
> send mail.
> Here's the error I'm getting:
> SMTP Error (250): Authentication failed.
> Where do I start sleuthing on this?
> Thank,
> Denny

More information about the users mailing list