Forum Discussion
GraphBuilder
Nov 28, 2024Copper Contributor
Exchange SMTP Auth Fails with: 451 4.7.0 Temporary server error. Please try again later. PRX5
Office 365 refuses SMTP authentication with error: 451 4.7.0 Temporary server error. Please try again later. PRX5
This is when accessing External Send SMTP AUTH through OAUTH2 authentication. Initial authentication is successful (and is logged as so in Entra ID) but when trying to send send messages through authenticated SMTP, you get the above error.
Working with multiple support reps, we looked through login logs and could not find any trace of the error in Entra ID. Support reps all blame the third party application.
The issue is connected to a special use case, where a user has both the GLOBAL ADMIN role, as well as certain other admin roles. When you have a certain combination of those roles, for a selected user, OAUTH2 will fail, even though OAUTH2 for (apparently) ALL OTHER SERVICES - work without error! - ONLY SMTP Auth is affected.
RESOLUTION:
Keeping Global Admin while simply removing excess roles will almost immediately resolve the issue.
This bug has been publicly noted as far back as August 2022, perhaps earlier. This needs to be fixed.
- EntropieCopper Contributor
Hello Everyone, i experience the same issue and a customer aswell. Any progress on this TAE_YOUN_ANN ?
- RafaelVarelaBrass Contributor
I can confirm that the issue is related to the user belonging to some roles. After removing all the roles my user was able to send messages through SMTP.
I still have to add the roles back one by one to catch the culprit. For now I can only say that it's not related to the Exchange Admin Role.
Hello, I apologize for any confusion my response may have caused. After reviewing your feedback, I have determined that the Windows patch is unlikely to be directly related to this issue. Once again, I apologize for any confusion my response may have caused.
- RafaelVarelaBrass Contributor
Thank you very much for your post, I have (almost) the same problem.
I say "almost" because in my case it's not a global admin account, but after some trial & error definitely it seems that it is related to what you are describing.
You said that this bug has been publicly noted. Do you have any additional reference? Some users may be unable to access their Exchange Online mailboxes through most connection methods
Issue ID: EX920584
Services affected: Exchange Online
Status: Extended Recovery
Issue Type: Advisory
Start time: October 29, 2024 5:39 PM GMT+9user impact
Users may be unable to access their Exchange Online mailboxes through most connection methods.More info
Impacted connection methods include:- Representational State Transfer (REST)
- Messaging API (MAPI)
- Exchange ActiveSync (EAS)
- Outlook on the webUsers who access the service through Internet Message Access Protocol (IMAP) aren't impacted by this event.
Scope of impact
Impact is specific to some users who are served through the affected infrastructure.Root cause
Imbalanced resource utilization on an affected service dependency is causing impact.
current status
November 27, 2024 5:03 AM GMT+9
As we continue with our optimizations and to reduce the frequency of requests through the affected subset of service infrastructure, our testing of the Windows patch has validated that it will address the mailbox access problems and remediate the impact. We’re preparing the release of the Windows patch and we’re expecting that the deployment will have completed and remediated the impact by our next scheduled update.
Estimated time to resolve:
Our fix deployment timeline expectations that the Windows patch deployment will have completed by Tuesday, December 3, 2024.
Next update by:
Wednesday, December 4, 2024 6:00 AM GMT+9- GraphBuilderCopper Contributor
This does not appear to have anything to do with the original post. Different issue.
- RoaringLambsCopper Contributor
LOL , This reply has nothing to do with the problem stated. This is not a windows problem and it's not a windows patch that will solve this. This is due to a bug in Exchange in reading permissions. Good try though.
Freaking MVP Accounts that get MVP Status by posting garbage replies... These need to be stopped.
- PaulWoodCopper Contributor
How can i check for updates on this? I have this same issue connecting Zoho > smtp with the above error.
Thanks
- GraphBuilderCopper Contributor
The issue is related to having Admin.microsoft.com permissions on the user of "Global Admin" Plus anything else. Check the users permissions and remove anything other than global admin, and the problem should go away.