On Sun, Nov 03, 2024 at 10:17:53PM -0800, bf...@0x.co wrote: > > Ze, > > > On Sat, 2 Nov 2024, Zé Loff wrote: > > > > There are no advanced settings on the iphone....there is no place to > > > enable or > > > disable pipelining or anything of that sort. > > > > > > Should I conclude that it is impossible to send email from an apple > > > iphone to an > > > opensmtpd server ? > > > > > > > In my experience, this kind of error is TLS related. Double check if > > the port and protocol settings -- namely STARTTLS vs. SSL/TLS and port > > 25 vs. port 465/587 -- on the iPhone match those on the server. > > > > My opensmtpd server does not use TLS nor does it have certs - it does NOT > have any lines like these examples: > > > # PKI for TLS > pki example.com cert "/etc/ssl/example.com.crt" > pki example.com key "/etc/ssl/private/example.com.key" > > > .. and I did not create any cart/key for this server. > > > On my iphone I did NOT select "Use SSL" and my auth is simple "password". > > Again, these are very normal and simple config settings that I would expect > to see with any mail client ... which is why I am surprised it is not > working.
I personally wouldn't expect authentication without encryption to work, nowadays, especially not from a device that is built to roam across networks. > Perhaps nobody uses a plaintext port 25 mailserver so it doesn't get the QA > and testing that it should by Apple ? Can't remember if it was iOS or Android, but I've had issues in the past because some phone's OS simply refused to authenticate in the clear, and would automatically switch to STARTTLS if you disabled SSL/TLS. There was no option to do auth without some from of TLS. Which, in all honesty, make perfect sense with a phone: you might get away with unencrypted auth in a network you fully control, but as soon as the phone decides (or is told) to drop WiFi (or a VPN) and switches to cellular network, you'll be sending clear text credentials across the internet and probably not even notice it. I have TLS on both port 25 and 587, so I can't test your no TLS scenario. I'd use tcpdump on the server's port 25 to see what kind of connection the iPhone is trying to establish, but I'm betting on STARTTLS, which your smtpd then refuses. --
