STARTTLS and OS X Mail

Screen Shot 2015-10-21 at 11.29.50 AMA change recently in OS X’s Mail application has caused an unusual problem of not sending mail on the regular SMTP or IMAP ports. I’m not sure if its El Capitan that initiated this change because I do not send mail often from my desktop mail client.

After a message stuck in my outbox, I fired up my firewall live log display and could see my computer hitting TCP port 587 a few times. This port is blocked on my firewall because I’ve never needed it open.

Normal humans don’t run a firewall at home that is this locked down – normally any outbound traffic is open – but this works for me.

I did some research and apparently TCP 587 is a known email port – for SMTP using STARTTLS, which I didn’t think Mail used (or it didn’t until recently) to send mail. Everything in Mail’s preferences mentions TCP 993 (IMAPS or IMAP using SSL encryption).

FastMail has a very good article on what this port is used for and why its being used. Essentially it’s a TLS encrypted SMTP connection that offers a better way of validating the destination – which could possibly coincide with Apple’s use of a “token” to authenticate iCloud users. So after opening up TCP 587, Mail was able to send my email message on its merry way.

 

 

You might be interested in …

April Fools on the Internet… so last year.

Uncategorized

Sorry to disappoint, but there’s not enough fodder on the web to post much. Thinkgeek.com has their annual April fools wares, but other than the typical fake news stories most of the offenders last year have been straight. Google… I was expecting so much more this year.

Read More

Project Honey Pot Files $1B+ Lawsuit Against Spammers

Uncategorized

News Flash: Project Honey Pot Files $1B+ Lawsuit Against Spammers Alexandria, VA April 26, 2007 — Project Honey Pot filed suit in the Eastern District of Virginia seeking damages for spam and email address harvesting targeting the Project’s members. The suit was filed against the entire universe of John Doe defendants using any of the […]

Read More

Sophos UTM and Xbox Live NAT issues

Uncategorized

In a previous post about the Sophos UTM, I’ve received some comments about Xbox Live. I’ve recently rebuilt my Sophos UTM and found that my backup configuration files were encrypted with a password I couldn’t locate… my bad. So I’m rebuilding all of my firewall rules again. For the Xbox 360 Live and Kinect, there […]

Read More
%d bloggers like this: