10.6 Mail users cannot authenticate SMTP using Kerberos

Similar Messages

• Samba Users Cannot Authenticate?

  I just want to start this thread by saying samba makes me want to kill myself. I love it so much, that it makes me want to rip my heart out and feed it to stray dogs every time I need to write a new configuration. Because I truly hate configuring it. Ok, with that steam having been blown off, let's jump into the problem I've been chasing for hours.
  My users cannot login to samba shares. Simple as dirt. Every single time I access the shares as a user, I am prompted for my password, I enter my password, and the prompt immediately asks me again, as if I've entered the wrong password.
  Heading off the obvious: Yes, I've added samba users with pdbedit -a -u [username]. The unix permissions on the folder I am trying to access as a samba user are 755, and I am trying to access the folder as its owner. My server smb.conf is included below.
  [global]
  workgroup = WORKGROUP
  passdb backend = tdbsam
  netbios name = ArchServ
  name resolve order = bcast host lmhosts wins
  server string = ""
  printing = cups
  printcap name = cups
  printcap cache time = 750
  cups options = raw
  use client driver = yes
  map to guest = Bad User
  local master = yes
  preferred master = yes
  os level = 65
  usershare allow guests = Yes
  usershare max shares = 100
  usershare owner only = False
  security = share
  #username map = /etc/samba/smbusers
  [printers]
  comment = All Printers
  path = /var/spool/samba
  create mask = 0700
  guest ok = Yes
  printable = Yes
  print ok = Yes
  browseable = No
  [print$]
  comment = Printer Drivers
  path = /var/lib/samba/printers
  [Home - user1]
  comment = Deyla's Home folder
  path = /home/user1
  create mask = 0755
  guest ok = yes
  browsable = yes
  write list = user1
  public = yes
  [Home - user2]
  comment = James' Home folder
  path = /home/user2
  create mask = 0755
  guest ok = yes
  browsable = yes
  write list = user2
  public = yes
  [Transmission Home]
  comment = Torrent downloads
  path = /home/transmission
  create mask = 0775
  guest ok = yes
  browsable = yes
  write list = user1 user2
  public = yes
  They work flawlessly as guest shares, and I have no problem gaining access... but when I try to log into a share as a user, the user will absolutely not authenticate, and it is the most frustrating, puzzling enigma to me. I formerly had this very samba configuration on an Ubuntu file server, and had no problems with the share behaving exactly as I wanted it to. I cannot for the life of me figure out why my users cannot authenticate.
  Please help! Any and all tips are appreciated! Thank you in advance!

  Thanks to Swerdina over at the OpenSUSE forums, I was able to solve my samba issue (thread). In a nutshell, my problem was the last active line in my [global] stanza, which was set to "security = share". By setting this global setting to "security = user" it fixed my problem and now allows me to invoke my shares with user privileges if I so choose to. Hopefully this helps someone who may have had a similar problem.

• Users cannot authenticate

  Hello
  I recently had a lot of errors on two ML servers actinbg as OD Master/Replica, so decided to reinstall from scratch. One is running OS X 10.8.2, the other 10.8. Both are vanilla installs (going so far as to recreate the RAID), and both have the latest version of server.app installed.
  Network users cannot authenticate.
  Running slapconfig -ver gives the following errors on both machines:
  bubbles:~ administrator$ sudo slapconfig -ver
  2012-11-27 20:17:31 +0000 command: /usr/libexec/slapd -T cat -c -f /etc/openldap/slapd.conf -s ou=macosxodconfig,cn=config,dc=test249,dc=home
  2012-11-27 20:17:31 +0000 Error execing slapcat: 50b51fdb /etc/openldap/slapd_macosxserver.conf: line 303: unknown directive <TLSCertificatePassphrase> inside backend database definition.
            slapcat: bad configuration file!
  LDAP Setup Tool (slapconfig), Apple, Inc.,  Version 1.2
  Obviously ou=macosxodconfig,cn=config,dc=test249,dc=home is wrong, but I don't know where this setting is held to correct it to ou=macosxodconfig,cn=config,dc=server,dc=domain,dc=tld
  Opeining slapd_macosxserver.conf shows the last four lines to be:
  TLSCertificateFile      /etc/certificates/server.mydomain.LONGHASH.cert.pem
  TLSCACertificateFile    /etc/certificates/server.mydomain.LONGHASH.chain.pem
  TLSCertificateKeyFile   /etc/certificates/server.mydomain.LONGHASH.key.pem
  TLSCertificatePassphrase        "Mac OS X Server certificate management.LONGHASH"
  I can 'fix' the second error by commenting out that last line. But that just results in a new and exciting error:
  bubbles:~ administrator$ sudo slapconfig -ver
  2012-11-27 20:43:00 +0000 command: /usr/libexec/slapd -T cat -c -f /etc/openldap/slapd.conf -s ou=macosxodconfig,cn=config,dc=test249,dc=home
  2012-11-27 20:43:00 +0000 Error execing slapcat: slapcat: slap_init no backend for "ou=macosxodconfig,cn=config,dc=test249,dc=home"
  LDAP Setup Tool (slapconfig), Apple, Inc.,  Version 1.2

  Hi
  i get the same error but authentication still works.
  Are you sure that the recovery of your password worked ?
  In case I have this issue i can only authenticate as a local user, not as an opeddir user.
  This user must have admin rights to make sudo, afaik.
  But it is interesting that my error comes on line 302 and yours on line 303.
  Below i have attache the auth part from my /etc/openldap/slapd_macosxserver.conf
  Check for any difference.
  macmini:~] user% sudo slaptest -f /private/etc/openldap/slapd.conf -v
  Password:
  52054639 /etc/openldap/slapd_macosxserver.conf: line 302: unknown directive <TLSCertificatePassphrase> inside backend database definition.
  slaptest: bad configuration file!
  # authdata database definitions
  database        bdb
  suffix          "cn=authdata"
  rootdn          "uid=root,cn=users,dc=macmini,dc=domain,dc=TL"
  directory       "/var/db/openldap/authdata"
  checkpoint      128 1
  index           default eq
  index           objectClass eq
  index           authGUID eq
  index           entryUUID eq
  index           entryCSN eq
  index           draft-krbPrincipalAliases eq
  index           draft-krbPrincipalName eq
  timelimit 60
  idletimeout 300
  cachesize       20000
  idlcachesize    10000
  sizelimit size.pr=11000 size.prtotal=unlimited
  #limits          set="computer/cn & [cn=com.apple.opendirectory.group,cn=computer_groups,dc=macmini,dc=domain,dc=TL ]/memberUid" time.soft=unlimited time.hard=unlimited size.soft=unlimited size.hard=unlimited
  access to *
                  by dn.exact="uid=_ldap_replicator,cn=users,dc=macmini,dc=domain,dc=TL" write
                  by sockurl="ldapi://%2Fvar%2Frun%2Fldapi" write
  TLSCertificateFile      /etc/certificates/macmini.D5473ED3099C09ACE59C2944EA9FDDFC024DC07.cert.pem
  TLSCertificateKeyFile   /etc/certificates/macmini.D5473ED3099C09ACE59C2944EA9FDDFC024DC07.key.pem
  TLSCertificatePassphrase        "Mac OS X Server certificate management.D5473ED3099C09ACE59C2944EA9FDDFC024DC07"
  TLSCACertificateFile    /etc/certificates/macmini.D5473ED3099C09ACE59C2944EA9FDDFC024DC07.chain.pem

• User cannot log in using Opendirectory password but can log in using Crypt

  Hi,
  We have an Xsan environment with Opendirectory authentication. Most of the users are created in Workgroup manager and home folders are stored on an Xsan volume.
  We have noticed (this has happened to two users recently) that sometimes user cannot log in using his password stored in Opendirectory Password server. This is permanent to some specific User/Workstation combination. Other users can log in to the same workstation and this user can log in to other workstations.
  Also, if I change password type to Crypt in Workgroup manager, user can log in to this workstation. In past this happened to another user/workstation combination.
  I tried to create a new Opendirectory password (password ID has changed in WM), with no success.
  Any ideas?
  Thanks,
  Darius

  You say you can log in the web browser right? You can find your username in the following url: https://play.spotify.com/user

• Mail unable to connect SMTP using IPv6

  Hello,
  apparently Tiger's Mail is unable to post to SMTP server using IPv6. This is a big issue here as all the University WiFi access uses IPv6.
  Comments and experiences appreciated.

  Jean-Luc,
  Please give me some general feel and description of how the SMTP is setup, and authenticated in the other mail clients with which it works? What mail clients in particular work with it -- I can perhaps get an idea about what would be needed, if anything, to be different in the setup, when I look at the preference options available in the other mail clients.
  Is the Username for setting up the SMTP authentication derived from the longer addresses used in iPV6? My initial research is that normally any issues would manifest in other functions, as well, but the following linked Topic has some discussion specific to Mail:
  http://discussions.apple.com/thread.jspa?messageID=1660084&#1660084
  I am sorry to not be more helpful.
  Ernie

• Single User Cannot Authenticate

  I have a user who is constantly denied authentication to iPrint and I'm having difficulties figuring out why.
  My system configuration is as follows: The local system is a Windows 7 SP1 Pro desktop, it has a local hosts file entry pointing it to my "new" iPrint server. There was a new printer purchased for this user's office and rather than setting it up on both the old and new server I just wanted to set her up on the new and be done with things. Anyway, when we first migrated the user to the new iPrint server everything worked correctly and the user could print without any trouble. Several weeks later the user gets the iPrint authentication dialog box every time she tries to print and entering her own credentials fails to authenticate, but a generic account seems to work. She recently had to reset her password but this issue was occurring both before and after the recent password reset, and I have verified that neither password is currently working, and that the user does have rights to the printer.
  Now here is where things get more curious... In looking at the user's object, the uniqueID attribute had 2 entries, one with the user's correct name and one with the user's name but misspelled. When I first looked at the system and found this double entry I discovered that I could successfully authenticate to iPrint when using the misspelled version of her uniqueID. I later deleted this incorrect entry thinking that it would then allow the correct spelling to authenticate, but it did not. When looking at other Attributes, I'm also finding that there is a 2nd entry under SAS:Login Configuration which none of my other users have but since it is not human friendly to read I'm hesitant to delete either entry. Does anyone have advice for how to proceed? Thank you!

  marklar23,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://www.novell.com/support and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Forums Team
  http://forums.novell.com

• Touch Mail won't use SSL or authenticate SMTP

  I am using a Touch with WiFi for everything successfully except the Mail. Despite verifying that all Mail settings have been correctly entered as per my provider (Roadrunner in Milwaukee WI), I keep getting setup messages that the Touch cannot use SSL and cannot authenticate SMTP server. As I understand it, there is no Edge involved with a Touch to get in the way. My servers are pop-server.wi.rr.com and smtp-server.wi.rr.com. My provider confirmed that I had entered my settings correctly.
  Any suggestions on how to resolve this? If my PC successfully accesses the mail via the same WiFi, why can the Touch not connect?

  I have a different provider (WOW), but had the same problem. Here is what worked for me. Set up a new account, just as you have tried in the past. When you get the message that it failed on SSL and asks if you want to try without, answer NO and then save the account. It will warn you that it won't work, but that's OK.
  Now from Settings/Mail,Contacts,Calendars, select the account you just created. Scroll down and select SMTP. Now select the server for your provider (which may be the only one shown). If the server port is not already 25, change it to that. Go back twice, to get to the main settings screen for that account, and this time select Advanced. On this screen, set the Server Port to 110.
  Save your changes and try it now. Good luck; hope this works!

• External email users cannot use IMAPS/SMTPS

  We have an email server running but since Mountain Lion (ML) server we do not have the webmail for external users and they are now forced to use email clients on PCs etc., which would be acceptable, if it worked.
  This has created a weird problem... they cannot read and send email anymore.
  Our server is using SSL and our preferred settings are:
  IMAP
  Port 993
  Authentication: CRAM-MD5
  SMTP
  Port 587
  Authentication: CRAM-MD5
  The mail server is set to use automatic authentification (which I do not like because of the clear text option)
  All this worked honkey-dorey before on Lion Server, but not now on a fresh installation of OS X ML Server. Only when using an iPhone or and iPad (3G mobile/cell connections) or being on our LAN can people read and send mail. We have users externally in Belgium, Denmark, Serbia, Turkey and Spain, and none of these users can now access their email. All the external users no matter if they use MAC/WINDOWS/LINUX clients have the same problems.
  Looking the log at the same time when the users attempt to log in to check email just verify that the server is rejecting their connection in spite of them using correct credentials. The users get messages ranging from incorrect username or password to incorrect password but I can login into their accounts locally or from the LAN.
  Could this problem be related to the usertype Local or Local Network User?
  Any ideas or help is greately appreciated?
  Peter
  (Now, if anyone from Apple should happen to read this then note that it would be greatly appreciated if Apple could mature and stabilize so these severe changes to vital services could be avoided. If you support webmail (good or bad) in one release then continue to do so and if you have an advanced interface to the server functionallity like in Snow Leopard, please let us, the users, be able to keep using those tools rather than using the current 'Nintendo' interface.)

  Hi Peter
  Because this is working internally, it should be easy enough to solve.
  First thing, most likely obvious, you do have port 993 open to your server?
  Second, please post logs. Since we are dealing only with imap, just the imap (mailaccess) log will do.
  Third, webmail functionality can be restored. Roundcube or Squirrelmail can be installed on your ML server. Roundcube takes a number of steps, but has a great/fast interface, its waht 10.7 used. Earlier versions of server used SQuirrelmail.
  If you are under heavy pressure to get this up now and don't want to wait for forum responses, you can find contact info in my profile.
  Jeff

• HT1277 I recently used icloud on my phone to back up my phone.  After I did that my gmail stopped working, so I deleted it and when I go to add my gmail account I get an error message.  It says cannot get mail, user name or passwork incorrect? What do I d

  I recently used icloud on my phone to back up my phone.  After I did that my gmail stopped working, so I deleted it and when I go to add my gmail account I get an error message.  It says cannot get mail, user name or passwork incorrect? What do I do?

  Hi,
  Just wanted to say I found out the answer. I should have looked first to see if anyone else was having the same problem but I didn't. 

• OSX Mail - Cannot send message using the server ....

  Hi there,
  Mac Pro with OSX 10.6.
  *Can receive mail, but can no longer send email* using the program Mail.
  Been getting the popup "Cannot send message using the server [shawmail.vc.shawcable.net] for the past 3 days. I hadn't changed anything about my computer, and have had the Mac for 2+ years. So this just started doing it on it's own.
  I had a technical support guy from my service provider even interface with my computer, where he could see my desktop right over the internet, and he couldn't get it fixed either.
  I googled this problem, and found solutions like:
  1. Uncheck "Use SSL" (Done that, and it was never checked "on" to begin with)
  2. Make sure Authentication is set to none, with no password (done that, and it wasn't set with a password to begin with)
  3. Delete [user]/Library/Preferences/com.apple.mail.plist (done that, didn't do anything)
  4. We even totally deleted my account, and started a new fresh one. Didn't work
  The tech support guy did show me a way to email online, using the same email account. That worked, but it's a hassle to go onto a web-based email program -- it's not my preference. So, with great certainty, it's not my service provider, because I was able to send emails on this web-based email program using my email account.
  So there, I'm stumped.
  Hopefully someone can help. What's bizarre is that googling this problem, I have found many other people that say it happens arbitrarily, out of nowhere.

  I can't believe how ridiculous this issue is. i have been searching for days for a solution to this. i have tried EVERY recommendation on these forums and nothing works. It appears that this issue dates back to TIGER. I had this problem back in January and just bagged figuring it had something to do with iweb. I bought a new html program and was able to send out my newsletter last month no problem. Suddenly, one month later- here i am again, unable to send out my newsletter with no help from Apple or verizon, or these forims, or anyone else. To think that a company that I have stood behind and loved so much can't be be bothered fixing such a simple issue that has been going on now through  5 OS's (I am using Lion but I had the issue using leopard as well)  is a disgrace.

• How to use multiple mail sending address in SMTP relay for exchange online

  We have one SMTP relay configured with [email protected] credentials. one oracle application automatically shoots mail to users using this [email protected] to users. So if recipient reply on auto-generated mail it goes to mailbox of [email protected] (so that application
  team see and reply to any query raised by recipient). 
  Now my requirement is, I want to notify users about their password expiry before 10  days (something like that) I have made the script and tested it in lab. But the main requirement is I want to use [email protected] mail ID for sending mail. And if any recipient
  reply on the auto-generated mail it goes to [email protected] mailbox (which is managed by different team).  
  So the query How can I use two different mailbox enabled IDs for sending mails on a single SMTP Relay server
  Thanks
  Pankaj Sharma

  Thanks Ed and Mavis for the reply and suggestion, but here scenario is different. 
  We have one SMTP relay configured with [email protected] credentials. one oracle application automatically shoots mail to users using this [email protected] to users. So if recipient reply on auto-generated mail it goes to mailbox of [email protected] (so that
  application team see and reply to any query raised by recipient). 
  Now my requirement is, I want to notify users about their password expiry before 10  days (something like that) I have made the script and tested it in lab. But the main requirement is I want to use [email protected] mail ID for sending mail. And if any recipient
  reply on the auto-generated mail it goes to [email protected] mailbox (which is managed by different team).  
  So the query is can I use two different mailbox enabled IDs on a single SMTP Relay, If yes then how..
  Thanks
  Pankaj

• SEEBURGER AS2: AS2 Adapter failure - Cannot authenticate the user

  Hello,
  All was working fine but now I got these errors in an AS2 scenario. Sending a message via AS2. Also we don't receive any messages via AS2 anymore. This is the error when sending a message:
  Unable to forward message to JCA adapter. Reason: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user., SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user.
  MP: Exception caught with cause javax.resource.ResourceException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user., SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user.
  Exception caught by adapter framework: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user., SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user
  Delivery of the message to the application using connection AS2_http://seeburger.com/xi failed, due to: com.sap.aii.af.ra.ms.api.RecoverableException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user., SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user.: javax.resource.ResourceException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure.
  Please advice, many thanks!
  Erik

  Are you using the "Use Authentication" option in the communication channel? If yes, then ensure that the user provided is correct and is not locked. Also recheck the authentication certificate settings.
  Regards,
  Prateek

• Mail users have spam sent to their secondary SMTP addresses forwarded to their personal e-mail addresses- Exchange 2010

  We currently have a spam issue relating to the secondary SMTP e-mail addresses of all our Mail Users.
  Example: Peter Smith has an AD account on our company.com domain and an associated external e-mail address ([email protected]) i.e. he has an AD account ([email protected]) with Mail User Exchange attributes so that he can logon
  to our SharePoint server. However, this AD account also becomes a fully functional secondary SMTP address and all spam sent to [email protected] also gets forwarded to [email protected]
  To mitigate this issue, I have added this secondary e-mail address to the "Recipient filtering properties > Block messages sent to the following recipients" in Hub Transport/Anti Spam.
  Two questions:
  1. Is there an easy way to delete the secondary SMTP addresses of mail users? I was unable to (it just reappeared shortly after deletion)
  2. What is the PS command to export a list of all secondary SMTP e-mail addresses OF MAIL USERS and then adding this list to "Recipient filtering properties > Block messages sent to the following recipients". I could manually add them
  in EMC but there are quite a few of them...
  Many thanks for your help!

  Now that I understand what's happening, let me see if we can get a more accurate solution for you.  So your mail users (Exchange calls them mail-enabled users, as opposed to mailbox enabled users, who have mailboxes) have SharePoint access (with the
  @company.com address), but have actual mailboxes externally (the actual end-domain is inconsequential).  You want users of these systems to stop receiving emails on the company.com namespace, but to receive them from only your SharePoint system. 
  A "textual diagram" is below:
  SharePoint (to Exchange mailbox owner) ==> Exchange hub (using company.com) ==> Exchange mailbox
  SharePoint (to External mail user) ==> Exchange hub (using company.com) ==> Exchange mail contact ==> External system (using external SMTP address
  External Messaging system (to External mail user, using company.com address used by SharePoint) ==> Exchange hub =XX=> Block delivery
  You wish to stop the third of these from happening.  If your SharePoint system used non-routable addresses (such as company.local) and all of your mail users had only these addresses added to their accounts for internal mail precossing (as the
  internal name used by Exchange), this would solve your issue.  The question becomes how to deploy this sort of address. 
  If these are the ONLY mail contacts in your organization, the solution is simple - you almost had it above, but may have missed seeing it.  Policies are applied on a priority basis, with the default policy applying only if no others apply.  Since
  these accounts are considered "Contacts with external e-mail addresses", you can create a policy for your entire organization that handles only these accounts.  You don't need to apply it to a single OU, if your mail enabled accounts aren't
  in a single OU.  (If they are, of course, feel free to apply it only there.)  You can create the policy and apply it to the organization, but only to those objects that are "Contacts with external e-mail addresses".  That way, it won't
  affect any of your Exchange mailboxes (current or future).
  Does this help?
  (BTW, one minor correction - your third statement about mail contacts is incorrect - Exchange sees no major difference between mail contacts and mail enabled accounts - and in my experience they are both addressable by the internal address.)

• ACS cannot Authenticate Aironet Users against Exernal DB (LDAP)

  ACS cannot Authenticate Aironet Users against Exernal DB (LDAP)
  Can anyone point me to a technical explanation of why this is true?
  All I have found so far is one small note in a help file and something that might be related under EAP-FAST explanation.
  I have posed this question to our Cisco account team but no response yet.
  Just need to have a good explanation when explaining to mgmt why we need to have a special setup for WLAN users.

  Hmmm....you should be getting more than that from debug radius and debug aaa authen if your AP is truly attempting EAP authentication. The debugs I generally use for this are 'debug aaa authen', 'debug radius', and 'debug dot11 aaa dot1x all' coupled with gathering the detailed support logs from ACS. A warning about 'debug dot11 aaa dot1x all'....it is VERY verbose and cryptic if you don't have alot of experience looking at it so it may be best to open up a TAC case. With these debugs turned on, you should see an EAPOL logon show up from the client (usually says 'received EAPOL packet...') and then a request for identity from the switch and a response from the client with a username and password. Then a series of RADIUS challenge/response packets will be passed which consists of the server cert being passed to the client for validation and then the client sending the username and password to the server. Then you will finally get an access-reject or access-accept packet from the RADIUS server. The failed and passed attempts logs in ACS can also provide good info as to what the source of the failure may be. Do you get any passed or failed attempts for these authentications?

• I have used Firefox for many years. Now I can receive E-mail but cannot send it from Firefox. Just re-installed Mozilla and still cann't send E-mail.....

  I cannot send mail from Firefox. Can receive E-mail but cannot send it. This worked OK until today. I have had firefox for many years. Just reinstalled Mozilla and still cannot send E-mail from firefox.
  I use comcast.net for E-mail,using Mozilla to get there.

  If your Office email account's SMTP authenticated?
  Any error message provided and if so, what?
  Are you also accessing an email account and SMTP server provided by SBCGlobal.net with either email client and if so, are you able to send messages with this account and SMTP server when connected to the internet via SBCGlobal.net at home?
  And let me get this straight - both email clients work fine without any problems sending messages with your Office email account and SMTP server when connected to the internet at a friend's house that uses another ISP besides SBCGlobal.net but this is an Apple problem?
  If an Apple problem, then you'd have problems sending messages with this account and SMTP server regardless whose network and ISP you are connected to.
  Regardless what this more than likely under-trained or just unaware person at SBCGlobal.net told you, all ISPs have restrictions on using an SMTP server that is outside of their network or that isn't provided by the ISP used for connecting to the internet.
  Some ISPs allow the use of an authenticated server only that is outside of their network but some block its use regardless.
  Within the last year or so, SBCGlobal.net made a drastic change in regards to such restrictions and conveniently neglected to inform their customers beforehand. Those using an SMTP server that was outside of SBCGlobal.net's network regardless if the SMTP server was authenticated were required to "opt out" of Port 25 blocking with SBCGlobal.net in order to use an SMTP server that was outside of their network which was working fine before this change was made.
  Have you opted out of Port 25 blocking with SBCGlobal.net?