4 Replies Latest reply: Mar 3, 2012 8:47 PM by illapulito
simonpie Level 1 Level 1 (30 points)

I just activated IMAP and SMTP on an old G5 Server running the latest version of Leopard.

 

Everything, but for one thing, runs fine.  IMAP works correctly from both the local network and any distant network I could try it.  SMTP runs fine on the local network but only on port 25.  Nothing is listening on port 587, or 465.  Hence, SMTP does not work from a distant network. 

 

The firewall is off, but even from the localhost, or any machine for that matter, telneting to port 587 does not get an answer :

 

 

telnet 127.0.0.1 587

Trying 127.0.0.1...

telnet: connect to address 127.0.0.1: Connection refused

telnet: Unable to connect to remote host

 

 

I did activate ssl for smtp in the Advance>Security tab.  It uses the same selfsigned certificate as IMAP, which works fine.  I can also tunnel in from a distant machine and SMTP will work. 

 

I tried to uncomment the following four lines in master.cf

 

 

#smtps     inet  n       -       n       -       -       smtpd

#  -o smtpd_tls_wrappermode=yes

#  -o smtpd_sasl_auth_enable=yes

#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

 

but I only lost connection on port 25 and got nothing on port 587.  This feels good, but I have no idea where to go from here.

 

 

Any one has any suggestion ?


macbook pro 17 inch, Mac OS X (10.7.1)
  • Camelot Level 8 Level 8 (46,230 points)
    Hence, SMTP does not work from a distant network

     

    I don't understand that statement, but oh well, it's not related...

     

    port 587 is the submission port, not smtps. If you want to use port 587 check master.cf for the submission entry and uncomment that (and make sure port 587 is open in your firewall, of course):

     

    #submission inet n       -       n       -       -       smtpd

    #  -o smtpd_enforce_tls=yes

    #  -o smtpd_sasl_auth_enable=yes

    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

     

    (or whatever set of options you require).

  • simonpie Level 1 Level 1 (30 points)

    Hello, and thank you for answering.  You understood much better than you tought.  I did not know about the submission term before, but it seems, if I understand well that this is exactly SMTP, but just running on a different port, port 587, for submission, while port 25 is for relaying between server.  At least, this is kind of what wikipedia implies.  I just find it difficult to understand that Server-Admin does not configure the server to answer on that port.

     

     

    In any case, thank you for your answer, I can now send mail from a distant network on port 587.  On a related setup, should I uncomment the lines for smtps in order to use SSL ?

     

     

    #smtps     inet  n       -       n       -       -       smtpd

    #  -o smtpd_tls_wrappermode=yes

    #  -o smtpd_sasl_auth_enable=yes

    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

  • Camelot Level 8 Level 8 (46,230 points)

    I understand well that this is exactly SMTP, but just running on a different port, port 587, for submission, while port 25 is for relaying between server

     

    That's pretty much it, except that port 587 should be configured to accept mail from authenticated users only (as determined by the line:

     

      -o smtpd_client_restrictions=permit_sasl_authenticated,reject

     

    This enables authenticated users (e.g. users who have accounts on the server) to send mail through the server without restriction (e.g. they can be remote) while unauthenticated users (including remote mail servers sending mail to your domain) use the standard port 25

     

    should I uncomment the lines for smtps in order to use SSL ?

     

    smtps is still different from SMTP (25) and submission (587). Both SMTP and Submission can use SSL if you enable tls support - tls enables a connection to start off insecure/unencrypted and switch to encrypted if both the client and server acknowledge they support it. It's generally not recommended to require SSL/TLS unless you're sure every client that's going to use that service can support (and is configured to use) encryption.

    smtps (which requires SSL) is now deprecated in favor of TLS (which allows the server to support both encrypted and unencrypted connections on the same port number).

  • illapulito Level 1 Level 1 (0 points)

    I have a problem sending emails on my new macbook pro.

     

    I have the same settings as on my old macbook and I can send and receive as normal. Currently on the new one I can only receive. My webhost confirmed port 587, which is selected on both machines (as opposed to the default option). SSL is unchecked. Connection Doctor shows a green light. Incoming mail is fine.

     

    As all mail preference settings are the same on each machine maybe its something in Lion ?.

     

    Anyone have any thoughts or suggestions ?