Question getting Mail.app working with PostFix SMTP

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Question getting Mail.app working with PostFix SMTP

John Dale
Greetings;

I have Thunderbird working with PostFix/Dovecot for sending and receiving.

STARTTLS

Normal Password

I don't see these options in Mail.app for OSX.

I've tried updating ports and different combinations of available
authentication in Mail.app, but no luck.  It either times-out or has
connection denied.

Any recommendations?

Sincerely,

John


Reply | Threaded
Open this post in threaded view
|

Re: Question getting Mail.app working with PostFix SMTP

Larry Stone
>
> On Aug 6, 2019, at 8:32 AM, John Dale <[hidden email]> wrote:
>
> Greetings;
>
> I have Thunderbird working with PostFix/Dovecot for sending and receiving.
>
> STARTTLS
>
> Normal Password
>
> I don't see these options in Mail.app for OSX.
>
> I've tried updating ports and different combinations of available authentication in Mail.app, but no luck.  It either times-out or has connection denied.
>
> Any recommendations?

I use MacOS Mail and for receiving, I just have “Automatically manage connection settings” checked and it just works (but that’s really a Dovecot question, not Postfix).

For sending, I do not have “Automatically manage connection settings” checked. Port is 587, Use TLS/SSL is checked, and Authentication is Password. But the correct settings for your server may be different.

It may seem silly to ask but make sure you didn’t make a typo in the server name.


--
Larry Stone
[hidden email]





Reply | Threaded
Open this post in threaded view
|

Re: Question getting Mail.app working with PostFix SMTP

John Dale
Greetings;

Thanks for the info.

I have Dovecot talking well (popping in).

SMTP via postfix is giving me some issues.  I'll double check my ports
and typing. :)

I'm wondering if I need to change authentication settings on postfix to
make things more straightforward.

I also didn't see a spot in Mail.app to accept the postfix tls cert.

John


On 8/6/19 8:02 AM, Larry Stone wrote:

>> On Aug 6, 2019, at 8:32 AM, John Dale <[hidden email]> wrote:
>>
>> Greetings;
>>
>> I have Thunderbird working with PostFix/Dovecot for sending and receiving.
>>
>> STARTTLS
>>
>> Normal Password
>>
>> I don't see these options in Mail.app for OSX.
>>
>> I've tried updating ports and different combinations of available authentication in Mail.app, but no luck.  It either times-out or has connection denied.
>>
>> Any recommendations?
> I use MacOS Mail and for receiving, I just have “Automatically manage connection settings” checked and it just works (but that’s really a Dovecot question, not Postfix).
>
> For sending, I do not have “Automatically manage connection settings” checked. Port is 587, Use TLS/SSL is checked, and Authentication is Password. But the correct settings for your server may be different.
>
> It may seem silly to ask but make sure you didn’t make a typo in the server name.
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Question getting Mail.app working with PostFix SMTP

Ben Greenfield
The password type has to match md5, plain, kerberos,….
I find that the automatic settings assume virtual domains and always uses the full email address [hidden email] vs. just name.
The correct password never works because the username is wrong.



> On Aug 6, 2019, at 10:14 AM, John Dale <[hidden email]> wrote:
>
> Greetings;
>
> Thanks for the info.
>
> I have Dovecot talking well (popping in).
>
> SMTP via postfix is giving me some issues.  I'll double check my ports and typing. :)
>
> I'm wondering if I need to change authentication settings on postfix to make things more straightforward.
>
> I also didn't see a spot in Mail.app to accept the postfix tls cert.
>
> John
>
>
> On 8/6/19 8:02 AM, Larry Stone wrote:
>>> On Aug 6, 2019, at 8:32 AM, John Dale <[hidden email]> wrote:
>>>
>>> Greetings;
>>>
>>> I have Thunderbird working with PostFix/Dovecot for sending and receiving.
>>>
>>> STARTTLS
>>>
>>> Normal Password
>>>
>>> I don't see these options in Mail.app for OSX.
>>>
>>> I've tried updating ports and different combinations of available authentication in Mail.app, but no luck.  It either times-out or has connection denied.
>>>
>>> Any recommendations?
>> I use MacOS Mail and for receiving, I just have “Automatically manage connection settings” checked and it just works (but that’s really a Dovecot question, not Postfix).
>>
>> For sending, I do not have “Automatically manage connection settings” checked. Port is 587, Use TLS/SSL is checked, and Authentication is Password. But the correct settings for your server may be different.
>>
>> It may seem silly to ask but make sure you didn’t make a typo in the server name.
>>
>>

Reply | Threaded
Open this post in threaded view
|

Re: Question getting Mail.app working with PostFix SMTP

John Dale
Tried updating smtp user to fully qualified .. no luck.

This is what shows in the logs:

connect from unknown[my.ip.address]
Aug  6 14:35:04 mx postfix/smtpd[2098]: disconnect from
unknown[my.ip.address] ehlo=2 starttls=1 quit=1 commands=4

Works fine in Thunderbird.  Strange ..

On 8/6/19 8:18 AM, Ben Greenfield wrote:

> The password type has to match md5, plain, kerberos,….
> I find that the automatic settings assume virtual domains and always uses the full email address [hidden email] vs. just name.
> The correct password never works because the username is wrong.
>
>
>
>> On Aug 6, 2019, at 10:14 AM, John Dale <[hidden email]> wrote:
>>
>> Greetings;
>>
>> Thanks for the info.
>>
>> I have Dovecot talking well (popping in).
>>
>> SMTP via postfix is giving me some issues.  I'll double check my ports and typing. :)
>>
>> I'm wondering if I need to change authentication settings on postfix to make things more straightforward.
>>
>> I also didn't see a spot in Mail.app to accept the postfix tls cert.
>>
>> John
>>
>>
>> On 8/6/19 8:02 AM, Larry Stone wrote:
>>>> On Aug 6, 2019, at 8:32 AM, John Dale <[hidden email]> wrote:
>>>>
>>>> Greetings;
>>>>
>>>> I have Thunderbird working with PostFix/Dovecot for sending and receiving.
>>>>
>>>> STARTTLS
>>>>
>>>> Normal Password
>>>>
>>>> I don't see these options in Mail.app for OSX.
>>>>
>>>> I've tried updating ports and different combinations of available authentication in Mail.app, but no luck.  It either times-out or has connection denied.
>>>>
>>>> Any recommendations?
>>> I use MacOS Mail and for receiving, I just have “Automatically manage connection settings” checked and it just works (but that’s really a Dovecot question, not Postfix).
>>>
>>> For sending, I do not have “Automatically manage connection settings” checked. Port is 587, Use TLS/SSL is checked, and Authentication is Password. But the correct settings for your server may be different.
>>>
>>> It may seem silly to ask but make sure you didn’t make a typo in the server name.
>>>
>>>
>
Reply | Threaded
Open this post in threaded view
|

Re: Question getting Mail.app working with PostFix SMTP

Wietse Venema
John Dale:
> Tried updating smtp user to fully qualified .. no luck.
>
> This is what shows in the logs:
>
> connect from unknown[my.ip.address]
> Aug? 6 14:35:04 mx postfix/smtpd[2098]: disconnect from
> unknown[my.ip.address] ehlo=2 starttls=1 quit=1 commands=4
>
> Works fine in Thunderbird.? Strange ..

After sending STARTTLS, the client sends EHLO. The server's response
contains the names of supported SASL authentication mechanisms,
among other things.

The client then sends QUIT instead of an AUTH command. That should
be a clue.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Question getting Mail.app working with PostFix SMTP

Peter Ajamian
In reply to this post by Larry Stone
On 7/08/19 2:02 AM, Larry Stone wrote:
> I use MacOS Mail and for receiving, I just have “Automatically manage connection settings” checked and it just works (but that’s really a Dovecot question, not Postfix).
>
> For sending, I do not have “Automatically manage connection settings” checked. Port is 587, Use TLS/SSL is checked, and Authentication is Password. But the correct settings for your server may be different.

Just a bit of a possible "heads up" on this, but if your MUA has a
setting to automatically detect and use STARTTLS (and you use that
setting) then you're setting yourself up for a MITM attack vector where
the MITM can downgrade your connection to plain text and the MUA will
not let you know.

Years ago Thunderbird used to have a similar setting (Use Encryption if
available or something like that) but for years now they no longer offer
it, probably due to similar security concerns.


Peter
Reply | Threaded
Open this post in threaded view
|

Re: Question getting Mail.app working with PostFix SMTP

Larry Stone
Thanks for the tip. All updated to explicit settings: Port 993, Use TLS/SSL, Authentication: Password.

In looking at them (I have multiple email accounts), when I unchecked “automatically detect”, some said Port 993 and others said Port 143 even though all said Use TLS/SSL. While port 143 is the unencrypted IMAP port, I’m hoping it was still doing encrypted but yet another case of where Apple’s “it just works” can get in the way of making sure things are set the way you want them. Now to check my iOS devices.

And now back to Postfix as IMAP is really off-topic for this list.

--
Larry Stone
[hidden email]





> On Aug 6, 2019, at 2:17 PM, Peter <[hidden email]> wrote:
>
> On 7/08/19 2:02 AM, Larry Stone wrote:
>> I use MacOS Mail and for receiving, I just have “Automatically manage connection settings” checked and it just works (but that’s really a Dovecot question, not Postfix).
>> For sending, I do not have “Automatically manage connection settings” checked. Port is 587, Use TLS/SSL is checked, and Authentication is Password. But the correct settings for your server may be different.
>
> Just a bit of a possible "heads up" on this, but if your MUA has a setting to automatically detect and use STARTTLS (and you use that setting) then you're setting yourself up for a MITM attack vector where the MITM can downgrade your connection to plain text and the MUA will not let you know.
>
> Years ago Thunderbird used to have a similar setting (Use Encryption if available or something like that) but for years now they no longer offer it, probably due to similar security concerns.
>
>
> Peter

Reply | Threaded
Open this post in threaded view
|

Re: Question getting Mail.app working with PostFix SMTP

Viktor Dukhovni
In reply to this post by John Dale
On Tue, Aug 06, 2019 at 07:32:27AM -0600, John Dale wrote:

> STARTTLS
> Normal Password
>
> I don't see these options in Mail.app for OSX.
>
> I've tried updating ports and different combinations of available
> authentication in Mail.app, but no luck. It either times-out or has
> connection denied.
>
> Any recommendations?

Try the "Connection Doctor" menu in MacOS to see the Mac's view of
the SMTP transaction (somewhere among all the noisy IMAP chatter).
You were likely prompted to accept the server certificate during
the first connection.

Mail.app supports PLAIN, GSSAPI and OAUTH.  When you double-click
on the SMTP "row" in the "Connection Doctor" view, you get a more
advanced configuration dialogue for the SMTP server settings, in
which under the "Advanced" tab, you can enable "allow insecure
authentication", which may be needed to get "PLAIN" to work.

--
        Viktor.