Here’s the symptoms of a support call I worked through recently:

“Iris Earnie (payroll software) won’t send payslips via email for certain users. One user on a machine can send fine, another can’t.”

Earnie uses a single configured SMTP connector for all users and has simple config tool which was configured for access through a single Microsoft 365 mailbox using secure authentication.

I checked that indeed one user could send and another couldn’t on the same machine and this was the case. When they couldn’t send the SMTP config tool gave an error of:

“The server rejected one or more recipient addresses   451.5.7.3 STARTTLS is required to send mail ”

No problem, points to a user profile issue so we recreate the profile and sure enough after logging in under a new profile and installing Earnie the user could then send again – no issues.

No issues that is until we configured the users Outlook profile. The moment we did that, Earnie stopped being able to send and gave the same error “The server rejected one or more recipient addresses   451.5.7.3 STARTTLS is required to send mail ”

Tickle me confused!

After much headscratching and poking around I identified a file created at the same time as the Outlook profile called 1185ae1db0ef5e0ae7ccd6c3857fdf5fd3f6c896.PCPKEY in a subfolder of \\%UserProfile%\AppDate\Local\Microsoft\Crypto\PCPKSP which when deleted instantly allows Earnie to send email again. Deleting this seemed to have no detrimental effect on Outlook and a new file replaced it shortly afterwards but Earnie kept on sending.

I am assuming this file has some encryption/authentication impact on accessing the 365 mailbox but what and why is above my pay grade.

Hope this helps someone else.