Paul Heinlein wrote: > On Fri, 12 Jan 2007, Aleksandar Milivojevic wrote: >> Maybe the version of Entourage you have doesn't support STARTTLS. >> Try enabling implicit SSL This is what I suspect. I was hoping someone could actually confirm. >> port in Sendmail's configuration by adding this line: >> >> DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s') >> >> After adding that line, Sendmail will listen on port 465 (smtps) in >> addition to port 25. You'll have SSL on port 465, and on port 25 you >> can have plaintext or TLS (after client issues STARTTLS). I tried to do this and discovered that sendmail stopped listening on port 25. I am not sure what is up with this since the sendmail.mc config does say: dnl # The following causes sendmail to additionally listen to port 465, I'll experiment some more but if somebody has an idea as to why this might be occurring I am all ears. > This is good advice, but the question is forcing us to guess. It'd be > a lot easier to answer you with some more information: > * what port is Entourage trying to contact? Sorry, but by a standard setup I meant port 25 > * is it using STARTTLS or straight SMTP/SSL? This was one of my questions. From googling I suspect not and asked if someone could confirm. > * could there be any firewalls hijacking traffic? No I mentioned that Mac Mail and Thunderbird both work from this same machine. They both use the standard port 25 and both use STARTTLS. > Assuming you know the IP address of the Mac client machine, try > launching a tcpdump session on the mail server > > sudo tcpdump -A -s0 host $CLIENT_ADDR > > Entourage will try to contact one of three ports: > > 25 (smtp) > 465 (smtps) > 587 (submission) > > tcpdump will show you what port the client is addressing and whether > the client is using STARTTLS (port 25 or 587) or straight SSL (port > 465). In the former case, the tcpdump output will include the string > 'Ready to start TLS' before any certificate info is sent over the > wire. If the connection is straight SSL, it won't be there. Thanks this is a very useful idea. It will certainly help me confirm what Entourage X is actually trying to do. -- Paul (ganci at nurdog.com)