Used Zammad installation source: (source, package, …): installed via APT
Operating system: Ubuntu 18.04.4
Browser + version: Chrome (latest)
Expected behavior:
Send E-Mails from Zammad via Exchange
Actual behavior:
Zammad wont connect to Exchange Account: “Authentication failed”
I added the same Exchange Account to my Outlook as IMAP Account an IMAP and SMTP is working fine, i can send and recieve E-Mails. On Zammad, i did the same: IMAP working fine, but SMTP always tells me that “Authentication failed”.
What am i doing wrong? In Outlook i added the same Account and checked “SMTP needs Auth” and “Same auth as Incomming Mailserver” (or how ever this is called in Englisch Outlook) and the account is working fine there.
Nope, Port 587 is not available on my Exchange and on Port 465 Zammand complains about “SSL_connect returned=1 errno=0 state=error: wrong version number”
I am working with Exchange too. I configured fetching Mails via IMAP and using “sendmail” (Local MTA) for sending. I have postfix installed on the system - configured as “satellite” it works fine …
Ok, I have now installed and set up a postfix. E-mail is now working again. Zammad now sends its e-mails to the postfix without authentication and the postfix sends its e-mails to the exchange without authentication… why can’t Zammad send directly to the exchange if I have deactivated the authentication on the exchange for internal stuff?
You need to create new SMTP connector on Exchange server to allow Zammad host send mail with correct authentication. In my case it is SMTP TLS on TCP 25.
Do not edit existing connectors, this can cause much trouble, if you not Exchange guru.
P.S. I do not remember, but may be some permissions for receive connector also needed to be set. See below my settings.
Get-ReceiveConnector -Identity “EXCH1\Devices with AUTH SMTPTLS[25]” | fl *
Get-ADPermission -Identity “Devices with AUTH SMTPTLS[25]” | where {($.Deny -eq $false) -and (
$.IsInherited -eq $false)} | Format-Table User,ExtendedRights
User ExtendedRights
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Accept-Any-Sender}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Accept-Authoritative-Domain-Sender}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Accept-Any-Recipient}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Submit}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-Accept-Headers-Routing}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-Bypass-Anti-Spam}
NT AUTHORITY\Authenticated Users {ms-Exch-Accept-Headers-Routing}
NT AUTHORITY\Authenticated Users {ms-Exch-Bypass-Anti-Spam}
NT AUTHORITY\Authenticated Users {ms-Exch-SMTP-Accept-Any-Recipient}
NT AUTHORITY\Authenticated Users {ms-Exch-SMTP-Submit}
NT AUTHORITY\Authenticated Users {ms-Exch-SMTP-Accept-Any-Sender}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Accept-Any-Sender}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Accept-Authoritative-Domain-Sender}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Accept-Any-Recipient}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-SMTP-Submit}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-Accept-Headers-Routing}
NT AUTHORITY\ANONYMOUS LOGON {ms-Exch-Bypass-Anti-Spam}
NT AUTHORITY\Authenticated Users {ms-Exch-Accept-Headers-Routing}
NT AUTHORITY\Authenticated Users {ms-Exch-Bypass-Anti-Spam}
NT AUTHORITY\Authenticated Users {ms-Exch-SMTP-Accept-Any-Recipient}
NT AUTHORITY\Authenticated Users {ms-Exch-SMTP-Submit}
NT AUTHORITY\Authenticated Users {ms-Exch-SMTP-Accept-Any-Sender}
The SSL error is either due a too old SSL cipher Zammad tries to use or a very new one.
Answering “why” is in this case impossible, because we know too little about your MTA configuration to provide a good answer on that.
A good start would to check your enabled MTA ciphers.
That is if this is still a relevant topic for you.
Setup a receive connector for SMTP that either requires (or does not require) authentication. In the same dialogue you can also decide to use TLS or not. Ensure to tighten the network ranges correctly.