Authentication credentials invalid — SMTP AUTH failure
Production Risk
High — authentication failures prevent all outbound mail delivery through the configured relay.
The SMTP AUTH credentials provided by the client were rejected by the server. The username, password, or authentication mechanism is invalid.
- 1The username or password is incorrect.
- 2The account requires an app-specific password (e.g., Gmail with 2FA enabled).
- 3The authentication mechanism used is not supported or the credentials format is wrong.
- 4The account has been locked due to too many failed authentication attempts.
Attempting SMTP AUTH with invalid credentials, typically when connecting to a submission port (587 or 465).
AUTH LOGIN 334 VXNlcm5hbWU6 # Base64: "Username:" dXNlckBleGFtcGxlLmNvbQ== # user@example.com 334 UGFzc3dvcmQ6 # Base64: "Password:" d3JvbmdwYXNzd29yZA== # wrongpassword # Server returns: 535 5.7.8 Authentication credentials invalid
expected output
535 5.7.8 ...
Fix
Verify credentials and use app-specific passwords where required
WHEN Receiving 535 5.7.8 on SMTP AUTH
# For Gmail with 2FA — generate an App Password: # Google Account > Security > App passwords # Use the 16-character app password instead of your account password # Test SMTP AUTH manually: openssl s_client -connect smtp.gmail.com:587 -starttls smtp # Then authenticate with correct base64-encoded credentials
Why this works
Modern email providers require app-specific passwords or OAuth2 tokens when 2FA is enabled; the account password alone is insufficient.
✕ Retry authentication in a tight loop after 5.7.8
Repeated failed authentication attempts will trigger account lockout and may result in your IP being blocked.
RFC 3463 — Enhanced Mail System Status Codes
Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev