Email alerts for alarms triggered on the vCenter are not received by the SMTP server due to error "AUTH=client, available mechanisms=LOGIN do not fulfill requirements"
search cancel

Email alerts for alarms triggered on the vCenter are not received by the SMTP server due to error "AUTH=client, available mechanisms=LOGIN do not fulfill requirements"

book

Article ID: 428447

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • Email alerts for the triggered alarms on the vCenter are not received.

  • Sendmail does not successfully deliver the alert emails to the specified recipients.

  • The below command is used to send a test mail via vCenter is which is successful, however, the receiver does not receive the mail.
    echo "Subject: sendmail test" | sendmail -v email_id_here

  • The following errors are observed in /var/log/vmware/messages

    YYYY-MM-DDTHH:MM:SS <vCenter_name> ./######## <mail_server_name>: client EHLO[#####] : STARTTLS=client, relay=<mail_server_name>
    YYYY-MM-DDTHH:MM:SS <vCenter_name> ./######## <mail_server_name>:
    client EHLO[#####]: No worthy mechs found
    YYYY-MM-DDTHH:MM:SS <vCenter_name> ./######## <mail_server_name>: client EHLO[#####]: ########: AUTH=client, available mechanisms=LOGIN do not fulfill requirements
    YYYY-MM-DDTHH:MM:SS <vCenter_name> ./######## <mail_server_name>
    YYYY-MM-DDTHH:MM:SS <vCenter_name> ./######## <mail_server_name>: client EHLO[#####] : STARTTLS: read error=generic SSL error (-1), errno=9, get error=error: 0A000126:SSL routines :: unexpected eof while reading, ret
    ry=1, ssl_err=1
    YYYY-MM-DDTHH:MM:SS <vCenter_name> ./######## <mail_server_name>
    2, mailer=relay, pri=#####, relay=<mail_server_name>


  • The /etc/mail/sendmail.cf is configured to use the Basic Authentication mechanism:

    # list of authentication mechanisms
    O AuthMechanisms=LOGIN,PLAIN

Environment

VMware vCenter Server 8.x

VMware vCenter Server 9.x

Cause

  • The SMTP server configured does not support Basic Authentication (username/password SMTP auth) for email authentication.
  • It is configured to use Native OAuth2 (Modern Authentication) which is currently not supported by the vCenter Server.

Resolution

  • vCenter Server natively supports SMTP authentication strictly via Basic Authentication (username and password).
  • Integration with Microsoft Office 365 or Google Workspace requires administrators to explicitly re-enable legacy "Authenticated SMTP" for the specific service account mailbox. Refer the additional information section: Setting Up Email Notifications for Alarms generated in vCenter Server..

Additional Information

vCenter Server natively supports SMTP authentication strictly via Basic Authentication. Utilizing the advanced settings for basic authentication, enabling legacy authenticated SMTP on the provider side, or deploying an internal SMTP relay ensures compatibility between the vCenter Mail Sender daemon and the target messaging infrastructure.

Powered by Wolken Software