I can’t send outgoing mail if I’m using Open Directory or Active Directory

Issue encountered

Some mail clients are unable to send or receive mail if the user is authenticated through Active Directory or Open Directory. Users using the "internal user database" work correctly.


Your clients are most likely using one of the two forms of MD5 authentication - CRAM-MD5 or DIGEST-MD5. However, you can not use these authentication types when users are defined in a directory service. The directory service contains the encrypted password and the format is not compatible with these types. Communication between Kerio Connect and the directory services server is encrypted; no further encryption is necessary.


Find the option for "secure authentication" or "MD5 authentication" in your mail client and turn it off. You may also disable MD5 authentication in Kerio Connect, under Configuration > Security > Security Policy.

If you are concerned about the security of user credentials in transmission, we recommend you use the SSLSecure Sockets Layer - A protocol that ensures integral and secure communication between networks.-secured services (SMTPS, IMAPS, LDAPS, etc). Most modern mail clients support these services.