Re: [exim] Apple + Outlook - Exim on 587 does not work - Sol…

Top Page
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-users
CC: Mark Elkins
Subject: Re: [exim] Apple + Outlook - Exim on 587 does not work - Solutions


> On Jun 9, 2018, at 10:01 AM, Jeremy Harris via Exim-users <exim-users@???> wrote:
>
>> I cannot get this to work with my Macbook and MS
>> Outlook as there is no setting for TLS encryption in MS Outlook for Mac.
>> (believe you me, I have looked extensively).
>
> https://support.office.com/en-us/article/IMAP-account-basic-settings-0A3F843D-D858-4527-BA0C-B57AEB83BF4E


Likewise the MacOS-specific advice at:

https://support.office.com/en-us/article/set-up-email-in-outlook-for-mac-2011-d7b404a0-6e18-4d95-bed8-2de7661563ca

says:

If the Add Account button is unavailable [i.e. no built-in
provider profile for the email address domain]:

    • Enter the information about your account, including
          the following required fields: User name, Type,
          Incoming server, and Outgoing server. If your email
          service requires Secure Sockets Layer (SSL) for either
          the incoming or outgoing server, select the "Use SSL
          to connect" check box for that server.


> mentions "Use SSL to connect" twice; once following "Incoming server"
> and once following "Outgoing server".
>
> It doesn't say whether it means STARTTLS or SSL-on-connect. In case
> it's the latter, port 465 is the usual place for that; keep STARTTLS
> on 587.


I would expect the "simplified" interfaces offered by recent consumer
MUAs to infer STARTTLS vs. SSL from 587 vs. 465, or to try both and
see which works. What could help most to resolve this is some logs
of this customer connecting to your server.

-- 
    Viktor.


P.S. off-topic:

By the way, the OP mentions DANE, and in the DANE survey I
am only able to connect to the primary MX for posix.co.za
and related domains. The secondary appears to always be down.
Is that intentional?

  posix.co.za. IN MX 0 mail.vweb.co.za.
  posix.co.za. IN MX 10 secdns1.posix.co.za.
  _25._tcp.mail.vweb.co.za. IN TLSA ( 3 1 1
    71d52e8979130ef2 551779cca9444109
    3983c49920aaa2bb 1aa1802c501daca3 )
  ; mail.vweb.co.za[192.96.24.1]: pass:
  ;   TLSA match: depth = 0, name = mail.vweb.co.za
  _25._tcp.secdns1.posix.co.za. IN TLSA 3 1 1 
    a82d33d63d9c4ace a043007041c0c998
    39f1805e5755e54c 9d32ced02cc790ea )
  ; secdns1.posix.co.za[192.96.24.81]: connection refused
  ; secdns1.posix.co.za[2001:42a0::81]: connection refused


  wweb.co.za. IN MX 0 pop.co.za.
  wweb.co.za. IN MX 10 secdns1.posix.co.za.
  _25._tcp.pop.co.za. IN TLSA ( 3 1 1 
    d2f7f61108a02129 4c6343c0a24505a4
    e38b830033d2f739 35734055f7c8e9d8 )
  ; pop.co.za[192.96.24.70]: pass:
  ;   TLSA match: depth = 0, name = pop.co.za
  ; pop.co.za[2001:42a0::70]: pass:
  ;   TLSA match: depth = 0, name = pop.co.za
  _25._tcp.secdns1.posix.co.za. IN TLSA ( 3 1 1
    a82d33d63d9c4ace a043007041c0c998
    39f1805e5755e54c 9d32ced02cc790ea )
  ; secdns1.posix.co.za[192.96.24.81]: connection refused
  ; secdns1.posix.co.za[2001:42a0::81]: connection refused