Table of Contents
SMTP Client not authenticated to send mail
In some cases, you are getting the below error while sending email from your apps, PowerShell or printers through Exchange Online Microsoft 365.
- Error 5.7.57 Client not authenticated to send mail.
- Error: 535 5.7.139 Authentication unsuccessful, the request did not meet the criteria to be authenticated successfully.
You should receive an email log like this:
Send-MailMessage : The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 Client not authenticated to send mail. Error: 535 5.7.139 Authentication unsuccessful, the request did not meet the criteria to be authenticated successfully. Contact your administrator.
[KU1PR03CA0044.apcprd03.prod.outlook.com]
At line:1 char:1
+ Send-MailMessage `
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.Mail.SmtpClient:SmtpClient) [Send-MailMessage], SmtpExcept
ion
+ FullyQualifiedErrorId : SmtpException,Microsoft.PowerShell.Commands.SendMailMessage
The cause
- The Security Defaults is enabled in your tenant.
- The Security Defaults is disabled but the account using to sending email though SMTP submission was configured with MFA (Multi-Authen Factor).
- The Security Defaults is disabled, and the user is not configured to use MFA, but the SMTP Authentication is disable at tenant level.
If your tenant was created on or after October 22, 2019, security defaults may be enabled in your tenant. To protect all of our users, Security Defaults are being rolled out to all new tenants at creation.
The solution
Before you begin, we assume you have:
If user has not configured with MFA, after you meet the two above prerequisites. The error should be gone automatically.
If the user that using to sending email has configured with MFA. You need to create an app password to authenticate using the SMTP client instead of using your account password.
Why we need to disable the Security Defaults? Because by default, the Security Defaults does not support app password.
To create an app password for a Microsoft 365 account, please follow this post.
Once the app password is created. Let’s using it on your apps, printers, scripts…to authenticate to sending email instead of using the normal password (the one you’re using to login into your account on the web).
For example, we create a PowerShell script to sending an email through Microsoft 365 using the app password.
$password = ConvertTo-SecureString "dyzmpfnwxjhmhwyd" -AsPlainText -Force
$Cred = New-Object System.Management.Automation.PSCredential ("[email protected]", $password)
Send-MailMessage `
-To "[email protected]" `
-From "[email protected]" `
-Subject "This is a test message from PowerShell" `
-Body "Hello World!" `
-Credential $Cred `
-SmtpServer "smtp.office365.com" -Port 587 -UseSslAs you can see on the below screenshot, when we use the app password to send the email. The email was sent, and the error was gone.
Not a reader? Watch this related video tutorial:
