Apple Mail & SSL

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
mrdini
Posts: 32
Joined: Fri Sep 12, 2014 10:29 pm

Apple Mail & SSL

Post by mrdini »

Hi all,
Beating my head on the wall over this... Currently I have Zimbra set to use SSL for SMTP on port 9921.
From postfix/conf/master.cf...



465 inet n - n - - smtpd

-o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes

9921 inet n - n - - smtpd

-o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes


Thunderbird can send emails okay, but for some reason Mail.app simply times out.... mailbox.log shows pretty much frankly nothing...



2007-07-10 12:17:17,544 INFO [IndexWritersSweeper] [] MailboxIndex - open index writers sweep: before=2, closed=0, after=2 (0ms)

2007-07-10 12:17:28,585 INFO [TcpWatchdog-1] [] ProtocolHandler - Closing idle connection

2007-07-10 12:17:28,585 INFO [ImapSSLServer-271] [] ProtocolHandler - Handler exiting normally

2007-07-10 12:18:17,554 INFO [IndexWritersSweeper] [] MailboxIndex - open index writers sweep: before=2, closed=0, after=2 (0ms)

2007-07-10 12:18:42,126 INFO [LmtpServer-1076] [] LmtpHandler - [xxx.xxx.xxx.xxx] quit from client

2007-07-10 12:18:42,127 INFO [LmtpServer-1076] [] ProtocolHandler - Handler exiting normally

2007-07-10 12:19:17,502 INFO [IndexWritersSweeper] [] MailboxIndex - open index writers sweep: before=2, closed=1, after=1 (6ms)

2007-07-10 12:20:17,532 INFO [IndexWritersSweeper] [] MailboxIndex - open index writers sweep: before=1, closed=0, after=1 (0ms)

2007-07-10 12:21:17,536 INFO [IndexWritersSweeper] [] MailboxIndex - open index writers sweep: before=1, closed=0, after=1 (0ms)

2007-07-10 12:22:17,546 INFO [IndexWritersSweeper] [] MailboxIndex - open index writers sweep: before=1, closed=0, after=1 (0ms)



Apple Mail is set up to check using "Password" authentication over SSL. Hmmm.... can't think of anything else to add.
Thoughts?
mrdini
Posts: 32
Joined: Fri Sep 12, 2014 10:29 pm

Apple Mail & SSL

Post by mrdini »

In desperation, I've ran Wireshark (ethereal), and am still stumped... To be honest, I'm not fully savvy of the protocols, but it seems that Apple Mail simply never completes the connection to the Zimbra server.
pcap logs are attached..
Thoughts please?
wireshark_pcap_dumps.zip
bobby
Outstanding Member
Outstanding Member
Posts: 515
Joined: Fri Sep 12, 2014 10:01 pm

Apple Mail & SSL

Post by bobby »

The network captures don't help much since most of it is encrypted. Can you post a screenshot of the "SMTP Server Options"? Does Mail say anything when it times out?
mrdini
Posts: 32
Joined: Fri Sep 12, 2014 10:29 pm

Apple Mail & SSL

Post by mrdini »

[quote user="17224bobby"]The network captures don't help much since most of it is encrypted. Can you post a screenshot of the "SMTP Server Options"? Does Mail say anything when it times out?[/QUOTE]
I forgot to add this in my initial post. On port 465, it works. On port 9921, it doesn't.
It seems to time out after five minutes (exactly?)... Mail says "Connecting to dartagnan.xxxxxxxxxxx.com" then the 'standard' error message - "Cannot send message using server dartagnan.xxxxxxxxxxx.com. Use the below pop-up to choose a different server".
I've tried commenting out the port 465 lines & restarting postfix to no joy...
TIA!
apple_mail_465.png
apple_mail_9921.png
phoenix
Ambassador
Ambassador
Posts: 27272
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Apple Mail & SSL

Post by phoenix »

Have you resolved this problem? FWIW, I've just sent an email through this server on port 9921 without problems using Thunderbird. I'm afraid I don't know anything about Apple Mail but it would appear the problem lies there.
[edit] I meant port 9921. Have you also tried sending without the domain name part of your user name details?
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
mrdini
Posts: 32
Joined: Fri Sep 12, 2014 10:29 pm

Apple Mail & SSL

Post by mrdini »

[quote user="10330phoenix"]Have you resolved this problem? FWIW, I've just sent an email through this server on port 9921 without problems using Thunderbird. I'm afraid I don't know anything about Apple Mail but it would appear the problem lies there.
[edit] I meant port 9921. Have you also tried sending without the domain name part of your user name details?[/QUOTE]
Still not resolved the issue, no. Trying without the domain name doesn't work either - still hangs on "Connecting to server dartagnan.xxxxxxxxx.com". As far as I can ascertain, the issue is ONLY with Apple Mail on port 9921. (I'll hazard this issue MAY apply to SSL SMTP on any nonstandard port, but not tried this theory yet...)
FWIW, I raised a private bug - 18411... actually, I guess you'd know about that bug given that you mentioned connecting via Thunderbird!
Many thanks for your time!
phoenix
Ambassador
Ambassador
Posts: 27272
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Apple Mail & SSL

Post by phoenix »

Hmm, that's odd that I can use Thunderbird and you can't use Apple Mail. Are you trying to connect via your LAN or externally? Have you tried any other client from a different machine on your LAN? Is there likely to be any firewall or SElinux interfering with your attempted connection?
If I get time today I'll try setting this up on my own server for you to see if it works on my system.
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
mrdini
Posts: 32
Joined: Fri Sep 12, 2014 10:29 pm

Apple Mail & SSL

Post by mrdini »

[quote user="10330phoenix"]Hmm, that's odd that I can use Thunderbird and you can't use Apple Mail.

[/quote]

Not really - Apple Mail is a bit... fincky. There are lot of quirks in it, as documented by sites like this (notice the bit where it mentions being locked to IMAP over SSL on port 993 only). However, I can't find any comments applying to SMTP over SSL, so I guess what I'm basically hoping, at the end of the day, is for Zimbra to confirm if it IS an issue with Apple Mail or not, & then raise a bug report with Apple.
[quote]Are you trying to connect via your LAN or externally? Have you tried any other client from a different machine on your LAN? Is there likely to be any firewall or SElinux interfering with your attempted connection?
If I get time today I'll try setting this up on my own server for you to see if it works on my system.[/QUOTE]
Externally - the mail server is hosted on a dedicated server. It is entirely possible that there might be a firewall or similar interfering with my connection, but given that a colleague of mine can replicate the issue on his Apple Mail on a totally separate network, & that it works in Thunderbird here, well...
Post Reply