We've been seeing intermittent SMTP 421 errors over the past few weeks when trying to send e-mail from various clients. The errors seem to resolve after a while, but this is getting extremely annoying as sending has suddenly become unreliable. Here is the full SMTP error:
Response: 421 resomta-ch2-17v.sys.comcast.net resomta-ch2-17v.sys.comcast.net Excessive failed authentication, ESMTP server temporarily not available\r\n
Looking at traffic with Wireshark, I'm not seeing any authentication requests going to comcast e-mail servers beyond what I'm generating when I'm trying to send mail, so I'm not sure why we are suddenly seeing this message. We aren't aware of any changes on our end beyond ordinary software updates.
Our client settings are as follows:
Server requires authentication
STARTTLS after connecting
Anybody have any idea what is going on?
If @ComcastAntiSpam or another employee doesn't respond here in the Forums, Comcast Security Assurance should be able to help. You can reach them at 1-888-565-4329 (from https://internetsecurity.xfinity.com/help/report-abuse/). Note that this is NOT one of the general customer service numbers. The first-line reps there are sometimes not very helpful, so you may need to be persistent and keep at them until you get a satisfactory answer.
"Excessive failed authentication" can be due to a program, app, or device which is repeatedly trying to log in to your email account, but with the wrong password.
Meant to say thanks for the reply a while ago. Comcast folks were totally unhelpful. I was getting the same error using Telnet to connect to smtp.comcast.net on port 587 and even the Tier 2 person didn't understand what Telnet is or the implications of the server refusing connection to it. They kept trying to tell me the problem was with my e-mail client. I gave up after geting disconnected and then hung up on when I answered their callback.
After seeing that my Telnet connection was getting refused, I switched to a different network by tethering to my phone. As expected, sending worked just fine from the different network. I also found out that my mother-in-law was having the same issue. We both kept our Comcast e-mail addresses when we had to change ISPs (moved to an area where Comcast isn't available), so it raised the question as to whether Comcast was inadvertently blocking a range of addresses from our ISP from connecting to the smtp server.
I think the error I've been seeing is specific to Cisco routers. From what I can tell it appears to be part of a DOS defense feature in the firewall. Anyway, the issue finally seems to have resolved itself. I've been able to send e-mail again for the past two days. Since nothing has changed on my end (even my external ip address appears to be the same), I would guess that somebody at Comcast finally figured out that whatever config change they made to their router(s) was breaking people. It is highly annoying that there is no simple way to report these kinds of issues to Comcast. The support people are just an obstacle in these types of cases.
If you want to PM me your UID, I can try to take a look (IP(s) would be even better)