I'm setting up a vendor to send messages through our Xeams server.  The vendor sent an AUTH which apparently has blocked them from my Xeams server.  (I like that feature - we don't allow logins to Xeams.)  I'll get them to stop doing that but is there any way to unblock them?  Xeams no longer logs the connection but immediately sends back a 500 message when they connect.  I see this in the Xeams.log...

2024-06-07 15:19:34,610 INFO  stagingserver.A - Adding x.x.x.x to blocked IPs for misusing AUTH

From SMTPConversation.log...

2024-06-07 15:19:34,266 - [ 51432] ************ New connection from: x.x.x.x:25
2024-06-07 15:19:34,309 - [ 51432] C --> EHLO xxxxxxxxxxx
2024-06-07 15:19:34,471 - [ 51432] S <-- 250-x.x.x.x. Pleased to meet you
2024-06-07 15:19:34,471 - [ 51432] S <-- 250-SIZE 52428800
2024-06-07 15:19:34,471 - [ 51432] S <-- 250-STARTTLS
2024-06-07 15:19:34,471 - [ 51432] S <-- 250 OK
2024-06-07 15:19:34,610 - [ 51432] C --> AUTH LOGIN
2024-06-07 15:19:34,610 - [ 51432] S <-- 500 Syntax error, command unrecognized.
2024-06-07 15:19:40,441 - [ 51432] ~~~~~~~~~~~~ Connection Terminated (6175:999999) Connection reset

There are two types of blocks in Xeams:

• Invalid passwords - you can release these IP addresses from Server Configuration/Manager Alerts.
• Misusing or hacking attempts - currently, these can only be cleared after reboot, or you put the IP in the Friendly IP list (https://www.xeams.com/friendlyip.htm)

The log you posted is considered a hacking attempt because the server does not advertise the AUTH capability, but the client still sends the AUTH request, resulting in a Syntax Error.

Ok, thanks.  That helps.  It restarted over the weekend following a certificate update and started working afterwards.  That makes sense.  Also I don't think I knew about the Friendly IP list.  Thanks again!