powershell The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 Client not authenticated to send mail

Peter Smith 1 Reputation point
2022-09-21T14:15:19.29+00:00

I have a powershell script which is set to run then send me an email using O365.
if I run the script using ISE it is successful and i get the email, however if i run the script using Powershell (as admin) I get the error
"The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 Client not authenticated to send mail.
[LO4P123CA0074.GBRP123.PROD.OUTLOOK.COM]"

I am using an App password for the O365 account,
below is one method i tried where the password is part of the script and further down using an encrypted password file.
both methods work when running it using Powershell ISE but not as powershell or as a task

Preparing the Email properties 

                    $smtpserver = "smtp.office365.com"  
                    $SmtpClient = New-Object -TypeName system.net.mail.smtpClient($smtpserver)  
		$Smtpclient.EnableSsl = $true  
                    $Smtpclient.Port = 587  
                    $smtpclient.Credentials = $emailCredential  

                    $userid = "user@contoso.com"  
                    $emailpassword = "app-password"  
                    [SecureString]$securepassword = $emailpassword | ConvertTo-SecureString -AsPlainText -Force  

                    $emailCredential = New-Object System.Net.NetworkCredential("user@contoso.com", $emailPassword)  

		$MailMessage = New-Object -TypeName system.net.mail.mailmessage

Preparing the Email properties 

                    $smtpserver = "smtp.office365.com"  
                    $SmtpClient = New-Object -TypeName system.net.mail.smtpClient($smtpserver)  
		$Smtpclient.EnableSsl = $true  
                    $Smtpclient.Port = 587  
                    $SmtpClient.Credentials = $Cred  

                    $userid = "user@contoso.com"  
                    $securePass = Get-Content "c:\windows\scripts\cred.txt" | ConvertTo-SecureString  
                    $Cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $Userid, $securePass  

                    $MailMessage = New-Object -TypeName system.net.mail.mailmessage
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,377 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rich Matheisen 44,856 Reputation points
    2022-09-21T14:25:22.17+00:00

    I don't understand the "app password" part of your problem. The password should be the one used by the O365 user account with the e-mail address "user@Company portal .com".

  2. Peter Smith 1 Reputation point
    2022-09-21T16:12:50.327+00:00

    Thanks for quick response.
    I am a bit new at the complex powershell scripting.

    I have modified the script by LazywinAdmin
    https://github.com/lazywinadmin/Monitor-ADGroupMembership
    this original script relies on arguments but does not offer O365 as a relay. I have used what was already in the script and added a few lines to get it to work with O365.
    I have also replaced sections of the script so that the script can be run as is without input.
    I have found other mailing scripts online using the Send-EmailMessage cmdlet but this also seems to fail. I did a simple test using this line

    $mycredentials = Get-Credential
    Send-MailMessage -SmtpServer smtp.office365.com -Port 587 -UseSsl -From peter@Company portal .com -To peter@Company portal .com -Subject 'Test subject' -Body 'Test message' -Credential $mycredentials. (same results as above)

    0 comments
  3. Rich Matheisen 44,856 Reputation points
    2022-09-21T19:06:34.703+00:00

    Are you an Exchange admin for your organization? Can you verify that you've either allowed SMTP AUTH for the organization, or for the mailbox "user@Company portal .com"?

    See here: authenticated-client-smtp-submission

    You'd probably get a much better answer (or at least understanding) of the problem by using a SMTP protocol log. For an on-prem server that's pretty easy to get. For Microsoft 365, I don't know where to tell you to look.

    I'd suggest adding an Exchange tag to this problem

    0 comments
  4. Peter Smith 1 Reputation point
    2022-09-22T13:38:03.38+00:00

    Thanks for assisting
    I am the exchange admin, this script is to run on all my clients DC servers, all who have O365 exchange online, and I need to know when a new user is created or role changed by other admins.
    However
    I think I may have found the solution to my own problem, after much tinkering and testing I found the problem to be related to the order of things.

    "$SmtpClient.Credentials = $Cred"
    was run before the credentials were called. I moved this line to after the credentials section and it worked. I guess the reason it worked in ISE is that the credentials were still in the sessions memory.
    it now reads as

    Preparing the Email properties 

                     $smtpserver = "smtp.office365.com"  
                 $SmtpClient = New-Object -TypeName system.net.mail.smtpClient($smtpserver)  
                 $Smtpclient.EnableSsl = $true  
                 $Smtpclient.Port = 587  
                   
                 $userid = "user@contoso.com"  
                 $securePass = Get-Content "c:\windows\scripts\cred.txt" | ConvertTo-SecureString  
                 $Cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $Userid, $securePass  

                 $SmtpClient.Credentials = $Cred  

                 $MailMessage = New-Object -TypeName system.net.mail.mailmessage