Thanks for the tip. All updated to explicit settings: Port 993, Use TLS/SSL, Authentication: Password.
In looking at them (I have multiple email accounts), when I unchecked “automatically detect”, some said Port 993 and others said Port 143 even though all said Use TLS/SSL. While port 143 is the unencrypted IMAP port, I’m hoping it was still doing encrypted but yet another case of where Apple’s “it just works” can get in the way of making sure things are set the way you want them. Now to check my iOS devices. And now back to Postfix as IMAP is really off-topic for this list. -- Larry Stone lston...@stonejongleux.com > On Aug 6, 2019, at 2:17 PM, Peter <pe...@pajamian.dhs.org> wrote: > > On 7/08/19 2:02 AM, Larry Stone wrote: >> I use MacOS Mail and for receiving, I just have “Automatically manage >> connection settings” checked and it just works (but that’s really a Dovecot >> question, not Postfix). >> For sending, I do not have “Automatically manage connection settings” >> checked. Port is 587, Use TLS/SSL is checked, and Authentication is >> Password. But the correct settings for your server may be different. > > Just a bit of a possible "heads up" on this, but if your MUA has a setting to > automatically detect and use STARTTLS (and you use that setting) then you're > setting yourself up for a MITM attack vector where the MITM can downgrade > your connection to plain text and the MUA will not let you know. > > Years ago Thunderbird used to have a similar setting (Use Encryption if > available or something like that) but for years now they no longer offer it, > probably due to similar security concerns. > > > Peter
