Email authentication keeps failing


Hello. We have been trying for quite a while to connect our email server to the rocketchat, but we keep getting an authorisation mistake (see log below). It might have to do with the fact that in the form one has to add user and password but it’s not very clear user and password of what. We have tried all possible combinations we could think of, but we are kind of out of ideas. Suggestions?

Thanks in advance.

Server Setup Information

  • Version of Rocket.Chat Server: CE 3.15.1
  • Operating System: ubuntu 20.04
  • Deployment Method: digitalocean IaaS
  • Number of Running Instances: 1
  • DB Replicaset Oplog:
  • NodeJS Version:
  • MongoDB Version:
  • Proxy:
  • Firewalls involved:


Exception in callback of async function: Error: Authentication failed. at Connection._resTagged (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Connection.js:1502:11) at Parser. (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Connection.js:194:10) at Parser.emit (events.js:314:20) at Parser.EventEmitter.emit (domain.js:483:12) at Parser._resTagged (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Parser.js:175:10) at Parser._parse (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Parser.js:139:16) at Parser._tryread (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Parser.js:82:15) at TLSSocket.Parser.cbReadable (/opt/Rocket.Chat/programs/server/npm/node_modules/imap/lib/Parser.js:53:12) at TLSSocket.emit (events.js:314:20) at TLSSocket.EventEmitter.emit (domain.js:483:12) at emitReadable (_stream_readable.js:557:12) at processTicksAndRejections (internal/process/task_queues.js:83:21) { type: ‘no’, textCode: ‘AUTHENTICATIONFAILED’, source: ‘authentication’ }

Well, that is the key error.

So, how have you got your email set up?

We’ll need some more details to have a chance of diagnosing this.

I inserted the email server name ( and ports (SMTP: 465
IMAP: 993) in the email configuration form. Then as credentials (user and password) I have tried several combinations, because it is not completely clear to me what user a password it is referred to. I assumed it was asked for the SSH credentials for the email server, so I tried those first, but it did not work. They I have tried all possibly relevant combinations, but still nothing. It seems that RocketChat actually sees the incoming emails, as it make new guest users when we get an email from somebody not in our contact book. This makes it more confusing to me, I am not sure where the error actually happens.

SSH has nothing to do with it.

It has to be an email user that is authenticated to send email.

Set up the admin user and password first and then send a test email.

Note the email section in docs is still not finished :frowning:

But depending on your provider you may find that each mail has to be authenticated by the individual user, not sent via the ‘admin’ email account.

Dou you mean the ‘admin’ user at my email server?

Use any email user at your email server, but probably prefer the admin user.

Nothing happens. No email gets sent.

What do your logs tell you?

I don’t see any error in the log actually, the last one is from 2 hours ago. Did something actually happened?

I don’t know… I can’t see your logs!

You need to run some tests and watch what happens in the logs while you try to send a mail. You need to force it to send one!

If it won’t send there will be an error.

Have you checked your mail server logs for connection errors?

I don’t think I have access to the the email server logs, or at least I don’t know how to get them. However, the control panel is accessible also with an API key. Is there a way to bypass the user/password authorization and validate the email with an API call instead?

I just got this in logs of rocketchat
Exception in defer callback: [Error: 140323060795264:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:…/deps/openssl/openssl/ssl/record/ssl3_record.c:332: ] { library: ‘SSL routines’, function: ‘ssl3_get_record’, reason: ‘wrong version number’, code: ‘ESOCKET’, command: ‘CONN’ }
The logs arrived delayed.

I am not sure if this is the issue, but I do see that the protocols used by my email server (STARTTLS) its not in the list in RocketChat.

Tricky then… you really need to be an admin to do this sort of thing. These links may help you.

No, but SMTPS - S for Secure - should work with any good email provider.

However, if we check for this error we see somethign like this:

So who is providing your email, and what settings do they require?

I think that is the same error indeed, because I get a different error message when I have the secure connection ON from when I have it OFF.

These are the email server settings:

host name:


SMTP port: 587

IMAP port: 143

POP3 port: 110

SSL/TLS (deprecated)

SMTP port: 465

IMAP port: 993

POP3 port: 995

Do you suggest I consider using a dedicated email server?

I had actually considered it a few months ago, when I decided to ditch gmail for self-hosted email (for a number of reasons). Then I have opted for my current solution, which gives me more freedom but still takes care of some administration aspects for me. I was a bit hesitant with the idea of a dedicated email server, because I was worried I would have issues managing it properly.

However, since I have discovered RocketChat (about 2 months ago) I have sort of fell in love with it. Even though the several front-end bugs and the fact that getting a full grasp on all the aspects will require some extra time, I do see a lot of potential in RocketChat and it is certainly a much better fit with my short and long term plans than any other solution I have been tried so far. Therefore, I would like to put some serious effort in mastering it and make all adjustments that may be necessary to guarantee a smoother setup and a better experience for me, my collaborators and my employees.


I need to check on the SMTPS protocols used.

Look like this refers to SSL v3 which I think is deprecated. I’m not sure if that is due to Rocket or your provider.

I’m also not convinced about your providers email settings.

IMAP 143 is insecure. POP3 is insecure.

SSL/TLS isn’t deprecated the last time I checked. So I am wondering about your email host.

Have you made sure you set the host and port 587 in the email server settings?

Yes running your own email server is not for the faint hearted for sure. However, I am wondering about the quality if your host - I can’t see any info on their site about email setup.

Glad you are enjoying Rocket!! We’ll see if we can get you running.

1 Like

Maurizio, can you get us a note of your email providers settings please so we can have a look?

I really don’t have any extra information that what I have already shared in the previous mails. I have also reported the problem to the hosting provider. What I have heard from him is that I need to make sure StartTLS is enforced, otherwise the request would be considered unsecure and automatically rejected, as I mentioned in the first mail.

@john.crisp In the meanwhile I have also set up a private email server. I still miss something because I have not managed to connect the email server to Rocket.Chat yet. However, on this server I have full control, so it should make it easier to find the issue (or change the setting of the email server appropriately if necessary). The email server is hosted at The ports are:
IMAP: 993
POP: 995
SMTP: 587
There is a single email user on the server at the moment, which is