Apple Event: May 7th at 7 am PT

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Enabling Outbound SMTP Mail Relaying (SASL)

You can now configure outbound SMTP relay through the Server app in 10.8 ML: Mail/Relay outgoing mail through ISP/Edit/Enter your relay server address, username and password. This takes care of a lot of previous configuring of main.cf, especially the creation of the SASL password file, which is nice. Unfortunately, it did not work fully for me. Using Sendgrid as the relay, I was getting SASL errors in the SMTP log:

postfix/smtp[17917]: 37989327A172: to <xxxxx>, relay=smtp.sendgrid.net[50.97.69.147]:25, delay=539, delays=536/0.41/2.7/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.sendgrid.net[50.97.69.147]: no mechanism available)

The solution that worked for me consisted of editing the main.cf. Using your preferred editor, edit /Library/Server/Mail/Config/postfix/main.cf (not /etc/postfix/main.cf) and add the following lines at the top of the file:

smtp_sasl_auth_enable=yes

smtp_sasl_security_options=noanonymous

smtp_use_tls=yes

smtp_tls_security_level=encrypt

I thought I'd share this, as searching the web did not find a solution for me, earlier today.

Mac mini, OS X Mountain Lion (10.8.2), OS X Server

Posted on Jan 9, 2013 8:21 AM

22 replies

Apr 16, 2014 8:15 AM in response to MrHoffman

This is a business class static IP. From what I can gather postfix has no protocol for sending using SSL on port 465 which is was verizon chose. I would go with new thread, but purchased google apps for their smtp-relay which has solved my problem. More money, but saves me time. Apparently would have to install a porting application to get postfix to work. Not worth it.

Apr 16, 2014 8:32 AM in response to frederickfromwesley

frederickfromwesley wrote:

This is a business class static IP. From what I can gather postfix has no protocol for sending using SSL on port 465 which is was verizon chose.

FWIW, I have a server (on a business-class ISP service) where (for reasons not germane) a relay with Mavericks Server / OS X Server 10.9.2 via Postfix via TCP port 465 is configured, and that works. There were problems specifying the relay via the Server.app 3 GUI prior to Server.app 3.1.1, so the use of the command line was required. With Server.app 3.1.1, the command-line Postfix settings are also now correctly reflected in the GUI.

Key here is specifying the port via Server.app in 3.1.1, or configuring the Postfix RELAY_HOST and the relay mail servers' access credentials via the command line.

This general topic is discussed fairly often around the forums, as various other folks have tried what OP tried here, with running a mail server on a non-business-class service. Best practices for ISPs will generally have TCP port 25 firewalled (usually inbound and outbound), and increasingly has the IP addresses associated with the ISP dynamic address pools are also added into various policy block lists. These settings greatly reduce the traffic from any bots that are operating within ISP IP address space. Unfortunately, more than a little of the malware around includes spam-generating SMTP engines. These settings also block folks that are trying to run mail servers.

Aug 15, 2014 11:09 PM in response to Rafal Lukawiecki

I know it's an old post, but I had this same problem and the steps the original poster outlined worked for me on Mavericks server. I really appreciate them taking the time to post.

Oct 9, 2014 3:22 PM in response to rob Copeland

I don't have OSX server but wondering if this is the same problem I'm having at the office -- my partners email accounts with Verizon require ports 465 and 995 and the accounts won't work in Apple Mail while he's here (AT&T Uverse).

Not trying to hijack thread -- just wondering if this is the same issue experienced by OP and if I need to do these workarounds (though without OSX server)

JVK

Oct 10, 2014 2:24 AM in response to John Knowles

By default, Apple Mail uses ports 25, 465, and 587 to send outgoing email via SMTP. If your partner's incoming email is working but outgoing is not, it is likely that those ports have been blocked. You may want to play around with setting a specific outbound port in Preferences/Account Information/Outgoing Mail Server (SMTP)/Edit list/Advanced/Use Custom Port. However, for that to work, the email provider needs to support a port that is not blocked by your firewalls.

Nov 10, 2014 7:07 PM in response to Rafal Lukawiecki

Thank you..This fixed my issue!!!!!

dlreyes

Level 1

0 points

Dec 20, 2014 12:40 PM in response to macuser256

Alternate-Port SMTP worked for me as well after speaking ad nauseam with Verizon tech support. They say it must be this or that and not giving a straight answer on if their ports are blocked on their outgoing SMTP relay. Glad I made the choice.

Enabling Outbound SMTP Mail Relaying (SASL)