As of this morning, all emails from the server result in the 5.7.1 Client was not authenticated error.
I've seen this before, specifically when an Able store tries to use an Office365 account to send emails. However I have never found a solution.
Has anyone ever researched the issue? Is there a solution possible that doesn't involve changing where the email is hosted?
I believe I might have found the root cause. There are two ways to authenticate an SMTP server. One is to authenticate on Port 25 (unencrypted) and then send the actual email content as encrypted. The other is to do the authentication encrypted starting from the very first SMTP command sent. System.Net.Mail only supports unencrypted authentication. So if the Exchange Server is configured to require SSL for authentication, any .Net application using System.Net.Mail for SMTP will not be able to authenticate.
System.Net.Mail only supports “Explicit SSL”.
Explicit SSL
System.Net.Mail only supports “Explicit SSL”. Explicit SSL starts as unencrypted on port 25, then issues a STARTTLS and switches to an Encrypted connection. See RFC 2228.
Explicit SLL would go something like:
Connect on 25 -> StartTLS (starts to encrypt) -> authenticate -> send data
If the SMTP server expects SSL/TLS connection right from the start then this will not work. If you see "530 Must issue a STARTTLS command first" being returned while trying to send a message, then Explicit SSL is what is being expected.
Implicit SSL
There is no way to use Implicit SSL (SMTPS) with System.Net.Mail. Implicit SSL would have the entire connection is wrapped in an SSL layer. A specific port would be used (port 465 is common). There is no formal RFC covering Implicit SSL.
Implicit SLL would go something like: Start SSL (start encryption) -> Connect -> Authenticate -> send data
This is not considered a bug, it’s by design. There are two types of SSL authentication for SMTP, and we only support one with System.Net.Mail (by design) – Explicit SSL.