> ## Documentation Index
> Fetch the complete documentation index at: https://jetemail.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# 535 Authentication failed

> The username or password sent to the SMTP relay is incorrect.

### Introduction

This error means the credentials your mail server or app sent to `relay.jetsmtp.net` were rejected. The username, the password, or both didn't match a valid SMTP user on your account.

This is a credential problem, not an IP problem. If you're being rejected because the source IP isn't on your SMTP user's allow list, see [535 IP not authorized](/outbound/smtp-error-codes/535-IP-not-authorized) instead.

### Example error message

```
host relay.jetsmtp.net [103.173.0.0]
SMTP error from remote mail server after RCPT TO:
535 Authentication failed
```

### How to fix this error

1. **Confirm the SMTP user still exists.** In the dashboard, go to **Outbound** → **SMTP** and check that the username you're authenticating with is still listed and not disabled.
2. **Reset the password.** If you can't be 100% sure the password your server is sending is the one currently on the user, set a fresh password in the dashboard and update the server with the new value. Most authentication failures are stale or mistyped passwords, not anything more exotic.
3. **Check the username format.**
   * The SMTP **username is the literal string you set when creating the user**, not an email address.
   * It must not contain `@`. If your client requires an email-style login, that's a sign you copied the wrong field.
4. **Verify the auth mechanism.** JetEmail accepts `PLAIN` and `LOGIN`. If your client is forcing `CRAM-MD5` or another mechanism, switch it to `PLAIN` (or `LOGIN`) over a TLS connection.
5. **Check for whitespace and encoding.** Trailing spaces, newlines, or invisible characters in stored credentials are a frequent cause. Re-enter the password by hand rather than pasting it.
6. **Retry from the same server.** Once you've updated the credential on your server, send a test message and watch the response.

### Common causes

* **Stale password** after a rotation that wasn't propagated to every app.
* **Typos** in the username or password (including a leading or trailing space).
* **Wrong field used.** Some setup forms ask for an email address by mistake; the SMTP username is whatever you set in the dashboard.
* **Deleted SMTP user.** Deleting an SMTP user immediately invalidates the credential.
* **Account suspended.** If billing is past due or the account is suspended, every authentication attempt will fail. Check the dashboard for any account-level alerts.

### Prevention

* Keep one SMTP user per app so a rotation only touches the app that needs it. See [SMTP users → credential hygiene](/outbound/smtp-users#credential-hygiene).
* Use a secrets manager so production servers always have the current password, never an outdated copy.
* Name each SMTP user after the app that uses it (`wordpress-blog`, `crm-mailer`) so the dashboard list is self-explanatory.

### Still failing?

If credentials are correct, the user is enabled, and the account is in good standing, contact support with the SMTP username (never the password) and the timestamp of a failed attempt. Logs on our side will show whether the request reached us and which check failed.