Skip to main content
kgeorge
Staff
kgeorge
Staff
December 31, 2024

Technical Tip: FortiToken Activation Email not received at the Office 365 Email

  • December 31, 2024
  • 0 replies
  • 3692 views
Description

 

This article describes how to troubleshoot when the FortiToken activation email is not received by the email via the Office 365 SMTP Server.

 

Scope

 

FortiGate, FortiToken.

 

Solution

 

Using the commands below, the root cause can be found:

 

diagnose debug application alertmail -1

diagnose debug enable 

 

 

Sample output of the debug below,

 

2024-11-14 12:50:40 create session
2024-11-14 12:50:40 resolve smtp.office365.com to 1 IP
2024-11-14 12:50:40 ==> send mail
2024-11-14 12:50:40 connecting to 40.99.34.162 port 25
2024-11-14 12:50:40 session: 0xabeebf0, rsp_state: greeting, code: 220
2024-11-14 12:50:40 session: 0xabeebf0, rsp_state: ehlo, code: 250
2024-11-14 12:50:40 session: 0xabeebf0, rsp_state: starttls, code: 220
2024-11-14 12:50:40 rsp_starttls: creating ssl structure for session 0xabeebf0
2024-11-14 12:50:40 create_ssl: 0x7fb21a5000
2024-11-14 12:50:40 sessionn 0xabeebf0, SSL connected
2024-11-14 12:50:40 session: 0xabeebf0, rsp_state: ehlo, code: 250
2024-11-14 12:50:40 session: 0xabeebf0, rsp_state: auth, code: 334
2024-11-14 12:50:46 session: 0xabeebf0, rsp_state: auth2, code: 535
2024-11-14 12:50:46 session: 0xabeebf0, rsp_state: auth, code: 334
2024-11-14 12:50:46 session: 0xabeebf0, rsp_state: auth2, code: 334
2024-11-14 12:50:51 session: 0xabeebf0, rsp_state: auth2, code: 535 <----- Client Authentication Failure to Server.
2024-11-14 12:50:56 session: 0xabeebf0, rsp_state: mail, code: 530 
2024-11-14 12:50:56 _session_on_destroy
2024-11-14 12:50:56 <== send mail failed, m = 0xabe2630 s = 0xabeebf0

 

Code 535 means 'Authentication credentials are invalid'. This needs to be checked with the Office 365 Team to isolate the issue further and fix it accordingly.

 

Some sample codes are below:

  • 220  SMTP Service ready: The receiving server is ready for the next command.
  • 250  Requested mail action okay, completed: Success! The email was delivered.
  • 334 Response to email authentication AUTH command when the authentication method is accepted: Authentication has been successful.
  • 535  Authentication credentials are invalid: There is an issue with client authentication with the email server. This may be because of incorrect credentials, invalid authentication methods, or invalid encryption settings, or 2FA is enabled on the O365 account.
  • 530  Authentication error: Email client authentication is required before the email is sent.

 

Related article:

Troubleshooting Tip: Email alert 

Terms & ConditionsAccessibility statement