Sendmail SMTP send doesn't work with OS X 10.6 mail.app clients
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Sendmail SMTP send doesn't work with OS X 10.6 mail.app clients
Hey there,
I've been having this problem since 10.6 released, but have until now been successful with the "just use Thunderbird" response. My sendmail server hasn't been changed, but as clients upgrade from OSX 10.5 to 10.6 suddenly mail.app will no longer connects to send SMTP messages through the server. (IMAP connections to the same server using the same user/pass combinations work perfectly) When I look at the logs, things basically stop right after the STARTTLS command.
Google indicates alot of people are having similar problems, but I'm not seeing any solutions. Do any of you administrate sendmail servers where some of your clients are using Apple's Mail.app on Snow Leopard, and if so what settings are you using?
At this point, I'm happy to make changes to the server to accommodate Apple's issue, I have too many Mac users connecting to my server. I just can't figure out what to change. I've enabled virtually every possible login authentication combination, and none of them work.
I've just discovered that this problem also plagues iphones and ipod touch devices. They can connect to dovecot IMAP just fine, but can't send via sendmail.
I ran into the same problem the other day and still could not find any authoritative answer to this question, so I thought I would post my findings.
The issue seems to be the response that Mac Mail has when it looks at the certificate provided by sendmail. By looking at the log window in the Mac's Connection Doctor I noticed that the linux sendmail server was waiting for the Mac to respond to its "Ready to start TLS" handshake.
You can test whether TLS is working between the sendmail server and the Mac by using openssl on the Mac. In a terminal on the Mac I did:
# openssl s_client -connect your_sendmail_server_ip:your_smtp_port -starttls smtp
This told me that my certificate was expired. I updated the sendmail certificate on the server by running:
% /etc/pki/tls/certs/make sendmail
After running the same openssl command again, it confirmed I had a self-signed certificate as expected.
Using the ehlo ... command and then AUTH PLAIN ... command in openssl, I confirmed that I could login using credentials from the mac. To do this, you have to get the "user password" key to pass to the AUTH PLAIN command, I did this by (substitute username and password for your mail user and its password):
# echo -ne '\000username\000password' | openssl base64
and copying the output at the end of the AUTH PLAIN line.
The response I got was "OK Authenticated" so now I knew that I could login using TLS from the Mac. So why wasn't mail logging in?
Well my guess was that Mac mail checks the certificate and if it is not current or if it is self-signed it refuses to use it. Hence not responding to the server's "Ready to start TLS" response.
The fix was to setup the Mac mail account again, I followed the steps outlined in https://www2.suresupport.com/faq.php/80/483. This time when it came to answering the question about using the certificate (Step 4). I clicked 'View Certificate' and checked the box which said 'Always trust certificates from ...'. That was all it took and Mac mail was happy to send again.
Thanks. I bet that was exactly my problem. I switched to Zimbra a year ago, since I couldn't solve this. But I've been thinking about coming back to sendmail/dovecot as the maintenance is substantially easier.
Maybe your authentication mechanism does not work. STRTTLS is successful but after this it is not able to authenticate.
Doevcot uses its own authentication mechanism so if it works with Doevcot it doesn't mean it should work with sendmail too.
To test it try to configure the sendmail temporarily to accept plain or login authentication without encryption. This should do it:
Quote:
define(`confAUTH_OPTIONS', `A')dnl
After you find out that its ok, you can return to encrypted communication. You should see the plain and login in the SMTP response like this:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.