STARTTLS and OS X Mail
A change recently in OS X’s Mail application has caused an unusual problem of not sending mail on the regular SMTP or IMAP ports. I’m not sure if its El Capitan that initiated this change because I do not send mail often from my desktop mail client.
After a message stuck in my outbox, I fired up my firewall live log display and could see my computer hitting TCP port 587 a few times. This port is blocked on my firewall because I’ve never needed it open.
Normal humans don’t run a firewall at home that is this locked down – normally any outbound traffic is open – but this works for me.
I did some research and apparently TCP 587 is a known email port – for SMTP using STARTTLS, which I didn’t think Mail used (or it didn’t until recently) to send mail. Everything in Mail’s preferences mentions TCP 993 (IMAPS or IMAP using SSL encryption).
FastMail has a very good article on what this port is used for and why its being used. Essentially it’s a TLS encrypted SMTP connection that offers a better way of validating the destination – which could possibly coincide with Apple’s use of a “token” to authenticate iCloud users. So after opening up TCP 587, Mail was able to send my email message on its merry way.