5

I have been using links found here

Mac OS X 10.10 Yosemite Postfix SASL authentication failed

as a workaround for a blocked port 25 on Comast, to route outgoing mail, generated by shell scripts, through Gmail's smtp servers.

As of a few days ago it stopped working, right after security update 2017-0001.

Notes on that say:

802.1X

Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6

Impact: An attacker may be able to exploit weaknesses in TLS 1.0

Description: A protocol security issue was addressed by enabling TLS 1.1 and TLS 1.2.

Mail stays qued and says "(TLS is required, but our TLS engine is unavailable)"

Logs say:

default 01:30:44.880027 -0500 smtp warning: Digest algorithm "md5" not found

default 01:30:44.880077 -0500 smtp warning: disabling TLS support

standalone md5 is alive and working, as is openssl md5

The only mention of anything that might be related to this that I can find is at

https://teratail.com/questions/98920

at this point I feel a bit out of my depth

UPDATE: An upgrade to 10.13.1 seems to fix this as noted here

https://apple.stackexchange.com/questions/304660/postfix-issue-on-mac-os-x-10-12-6?noredirect=1#comment385740_304660

BenL
  • 51
  • 3
  • Having fought this particular battle recently, I believe that the problem remains on 10.12.6. For those that *can't* upgrade but would like to send email securely, I can at least confirm that this link worked for me. TL;DR: Use MacPorts to install `stunnel` and `certsync` to allow an encrypted tunnel through to your mail server: https://raimue.blog/2018/03/22/postfix-with-relayhost-over-stunnel-on-macos-10-12-sierra/ – Scott Corscadden May 01 '18 at 15:16

0 Answers0