451 4.7.0 Temporary server error. Please try again later. PRX5

+2 votes

UPDATE

This issue is caused when you have certain other roles selected alongside "Global Admin". It causes OAUTH2 to fail for SMTP even when the same token works just fine with IMAP. The change takes around 15 minutes to take effect so that you can login to SMTP with OAUTH2, so don't expect it to fix the problem instantly, wait 15 minutes and then try again.

========================================================

Office 365 is refusing SMTP authentication with the error: 451 4.7.0 Temporary server error. Please try again later. PRX5

  1. The token is correct. I can call IMAP with it and it works just fine
  2. I have been into Office 365 admin and tried the Untick / Retick of Authenticated SMTP setting. It has no effect.

This problem has been ongoing for weeks - and Microsoft are not offering any solution at the moment. PRX5 seems to be a DNS related issue - but I can't make changes to their DNS. Flushing my DNS makes no difference (as expected).

Mail.dll: 53 09:54:42 S: 220 LO4P265CA0024.outlook.office365.com Microsoft ESMTP MAIL Service ready at Fri, 22 Jul 2022 08:54:42 +0000
Mail.dll: 53 09:54:42 C: EHLO [127.0.0.1]
Mail.dll: 53 09:54:42 S: 250-LO4P265CA0024.outlook.office365.com Hello [87.242.184.178]
Mail.dll: 53 09:54:42 S: 250-SIZE 157286400
Mail.dll: 53 09:54:42 S: 250-PIPELINING
Mail.dll: 53 09:54:42 S: 250-DSN
Mail.dll: 53 09:54:42 S: 250-ENHANCEDSTATUSCODES
Mail.dll: 53 09:54:42 S: 250-STARTTLS
Mail.dll: 53 09:54:42 S: 250-8BITMIME
Mail.dll: 53 09:54:42 S: 250 SMTPUTF8
Mail.dll: 53 09:54:42 C: STARTTLS
Mail.dll: 53 09:54:42 S: 220 2.0.0 SMTP server ready
Mail.dll: 53 09:54:42 C: EHLO [127.0.0.1]
Mail.dll: 53 09:54:42 S: 250-LO4P265CA0024.outlook.office365.com Hello [87.242.184.178]
Mail.dll: 53 09:54:42 S: 250-SIZE 157286400
Mail.dll: 53 09:54:42 S: 250-PIPELINING
Mail.dll: 53 09:54:42 S: 250-DSN
Mail.dll: 53 09:54:42 S: 250-ENHANCEDSTATUSCODES
Mail.dll: 53 09:54:42 S: 250-AUTH LOGIN XOAUTH2
Mail.dll: 53 09:54:42 S: 250-8BITMIME
Mail.dll: 53 09:54:42 S: 250 SMTPUTF8
Mail.dll: 53 09:54:42 C: AUTH XOAUTH2 dXNlcj1kYW5p ... REDACTED ... kpTVlEBAQ==
Mail.dll: 53 09:54:43 S: 451 4.7.0 Temporary server error. Please try again later. PRX5 [LO4P265CA0024.GBRP265.PROD.OUTLOOK.COM]
Exception thrown: 'Limilabs.Client.SMTP.SmtpResponseException' in Mail.dll
Mail.dll: 53 09:54:43 C: QUIT
Mail.dll: 53 09:54:43 S: 221 2.0.0 Service closing transmission channel

by (500 points)
edited by
What OAuth flow are you using?
by (301k points)

1 Answer

0 votes
 
Best answer

[Edited]

"Ensure you only have "Global Admin" role selected for the affected user, and not multiple roles." (see comments for details)

Does the same error happens when you use non-OAuth authentication?
Does it happens if you use a completely different network (some spam filter in action)?
Are you sure OAuth scopes are correct ("https://outlook.office.com/SMTP.Send")?
Are you sure your domain is set up correctly (e.g. MX addresses)?
Are you sure your domain is set up correctly Microsoft 365 admin center?

I'm afraid, I'll need to contact your server administrator or create ticket with Microsoft if none of the above helps.

by (301k points)
selected by
Thank you for your suggestions. For anyone else experiencing this issue - it is important that your ensure you only have "Global Admin" role selected for the affected user, and not multiple roles. There is a bug at Microsoft's end which means that if a certain combination of roles are selected for a user, OAUTH2 will fail for SMTP, even though it works fine for IMAP. I have asked Microsoft to fix this - but that may never happen.
by (500 points)

Apparently this is not fixed 2+ years later. I spent a week trying to hunt this down, thought it was ip blocking, any number of things. Several Microsoft support reps, entra ID reps, and absolutely no record of the failed login. Everyone said it was the web app I was using...

Your post saved the day. I removed all other roles other than Global Admin, and instantly SMTP Auth started working with Exchange online.

THANK YOU

by (110 points)

You are welcome. I hope I saved you some of the pain we went through. I wonder if this needs to end on stack overflow somehow.

by (500 points)
...