smtp.mac.com STARTTLS broken

Question

Level 1

5 points

smtp.mac.com STARTTLS broken

Seen with a variety of mail apps, all of which can't send messages from @mac.com accounts using SMTP anymore: K9 Mail (Android), Gmail (Android), presumably Thundebird, Outlook, etc.

If the outgoing mail server for @mac.com addresses is not smtp.mac.com anymore, I'd really like to know what it is. Can't find any help pages for @mac.com accounts, only for @me.com / @icloud.com (and the servers for those continue to work fine).

Can be reproduced without any mail app at all, using openssl:

$ openssl s_client -crlf -starttls smtp -connect smtp.mac.com:587
CONNECTED(00000003)
140291569379192:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 434 bytes and written 240 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

Sanity check, smtp.mail.me.com:

$ openssl s_client -crlf -starttls smtp -connect smtp.mail.me.com:587
CONNECTED(00000003)
...
---
Certificate chain
...
---
SSL handshake has read 4407 bytes and written 558 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-GCM-SHA256
---
250 SIZE 28311552

Posted on Aug 2, 2015 1:11 PM

Reply

Answer 1

Best reply

Roger Wilmut1

Level 10

131,146 points

Aug 3, 2015 5:32 AM in response to Feuersnot

Accounts which sign in with @mac.com or use an @mac.com email should use smtp.mail.me.com. This will work for all versions, which are in effect the same address. smtp.mac.com was the old MobileMe server which was officially discontinued three years ago. Those who have @mac.com accounts converted from the old DotMac/MobileMe service can also sign in with the @me.com and @icloud.com address and can use smtp.mail.me.com.

Reply