Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: simonpie
simonpie Author
User level: Level 1
43 points

SMTP does not start on port 587

I just activated IMAP and SMTP on an old G5 Server running the latest version of Leopard.


Everything, but for one thing, runs fine. IMAP works correctly from both the local network and any distant network I could try it. SMTP runs fine on the local network but only on port 25. Nothing is listening on port 587, or 465. Hence, SMTP does not work from a distant network.


The firewall is off, but even from the localhost, or any machine for that matter, telneting to port 587 does not get an answer :



telnet 127.0.0.1 587

Trying 127.0.0.1...

telnet: connect to address 127.0.0.1: Connection refused

telnet: Unable to connect to remote host



I did activate ssl for smtp in the Advance>Security tab. It uses the same selfsigned certificate as IMAP, which works fine. I can also tunnel in from a distant machine and SMTP will work.


I tried to uncomment the following four lines in master.cf



#smtps inet n - n - - smtpd

# -o smtpd_tls_wrappermode=yes

# -o smtpd_sasl_auth_enable=yes

# -o smtpd_client_restrictions=permit_sasl_authenticated,reject


but I only lost connection on port 25 and got nothing on port 587. This feels good, but I have no idea where to go from here.



Any one has any suggestion ?

macbook pro 17 inch, Mac OS X (10.7.1)

Posted on Sep 1, 2011 6:07 PM

Reply
4 replies
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Sep 5, 2011 4:00 PM in response to simonpie

Hence, SMTP does not work from a distant network


I don't understand that statement, but oh well, it's not related...


port 587 is the submission port, not smtps. If you want to use port 587 check master.cf for the submission entry and uncomment that (and make sure port 587 is open in your firewall, of course):


#submission inet n - n - - smtpd

# -o smtpd_enforce_tls=yes

# -o smtpd_sasl_auth_enable=yes

# -o smtpd_client_restrictions=permit_sasl_authenticated,reject


(or whatever set of options you require).

Reply
User profile for user: simonpie
simonpie Author
User level: Level 1
43 points

Sep 6, 2011 8:22 AM in response to Camelot

Hello, and thank you for answering. You understood much better than you tought. I did not know about the submission term before, but it seems, if I understand well that this is exactly SMTP, but just running on a different port, port 587, for submission, while port 25 is for relaying between server. At least, this is kind of what wikipedia implies. I just find it difficult to understand that Server-Admin does not configure the server to answer on that port.



In any case, thank you for your answer, I can now send mail from a distant network on port 587. On a related setup, should I uncomment the lines for smtps in order to use SSL ?



#smtps inet n - n - - smtpd

# -o smtpd_tls_wrappermode=yes

# -o smtpd_sasl_auth_enable=yes

# -o smtpd_client_restrictions=permit_sasl_authenticated,reject

Reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Sep 6, 2011 10:39 AM in response to simonpie

I understand well that this is exactly SMTP, but just running on a different port, port 587, for submission, while port 25 is for relaying between server


That's pretty much it, except that port 587 should be configured to accept mail from authenticated users only (as determined by the line:


-o smtpd_client_restrictions=permit_sasl_authenticated,reject


This enables authenticated users (e.g. users who have accounts on the server) to send mail through the server without restriction (e.g. they can be remote) while unauthenticated users (including remote mail servers sending mail to your domain) use the standard port 25


should I uncomment the lines for smtps in order to use SSL ?


smtps is still different from SMTP (25) and submission (587). Both SMTP and Submission can use SSL if you enable tls support - tls enables a connection to start off insecure/unencrypted and switch to encrypted if both the client and server acknowledge they support it. It's generally not recommended to require SSL/TLS unless you're sure every client that's going to use that service can support (and is configured to use) encryption.

smtps (which requires SSL) is now deprecated in favor of TLS (which allows the server to support both encrypted and unencrypted connections on the same port number).

Reply
User profile for user: illapulito
illapulito
User level: Level 1
0 points

Mar 3, 2012 8:47 PM in response to Camelot

I have a problem sending emails on my new macbook pro.


I have the same settings as on my old macbook and I can send and receive as normal. Currently on the new one I can only receive. My webhost confirmed port 587, which is selected on both machines (as opposed to the default option). SSL is unchecked. Connection Doctor shows a green light. Incoming mail is fine.


As all mail preference settings are the same on each machine maybe its something in Lion ?.


Anyone have any thoughts or suggestions ?

Reply

SMTP does not start on port 587

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up