-1

I'm running MacOS Sierra, and this is the first time I've seen '/etc/ssl/certs' in my system. It doesn't exist in Yosemite or earlier. But that directory is EMPTY, so I have no clue what to supply for the certificate to use Gmail. Until I get that, I can't supply 'smtp_tls_CAfile' in main.cf so 'smtpd_use_tls=yes' works. All my sent mail is being rejected by this:

530 5.7.0 Must issue a STARTTLS command first
Dick Guertin
  • 747
  • 8
  • 9

1 Answers1

0

I've heard that and also based on threads, MacOS Sierra Postfix is broken. It seems a bug on this version because after upgrading to MacOS High Sierra without any configuration changes, it worked perfectly.

Additionally, I've run some tests with machines. The result is the security patched for Spectre and Meltdown is causing this issue on my Mac OS Sierra. Without this patch, Postfix is working well.

Gilroy
  • 198
  • 1
  • 2
  • 11
  • Well, it still 'fails' for me, in the sense that the 'mail' disappears. It doesn't get delivered. On Yoesmite I could look at the mail.log, and see things like the mailq entry getting automatically removed due to some unsupportable error. It could be happening on Sierra too. But I can't 'see' it because there is no 'mail.log'. My main.cf, master.cf, sasl_passwd and sasl_passwd.db all match with Yosemite, including "submission inet n - n - - smtpd" in master.cf – Dick Guertin May 24 '18 at 03:56
  • After trying some tests. The cause of this issue is the last security patched about Meltdown and Spectre of MacOS Sierra. – Gilroy May 24 '18 at 05:32
  • ...which means 'what' to me. Does this infer 'mail' doesn't work anymore? Is there a remedy? I've posted a bug report with Apple Bug Reporter, 40511429, in which I've attached main.cf, master.cf, and modified sasl_passwd (to redact my identity). These, and two others (binary) are EXACTLY the same as Yosemite, where 'mail' works. – Dick Guertin May 24 '18 at 15:16
  • Just to clarify things, are you running Mac OS Sierra with the latest security patch and having the configuration which is same with Yosemite? My workaround with this is, I'm using cURL method on my scripts to call Gmail's SMTP server and reuse my credentials from sasl_passwd for executing emails. – Gilroy May 25 '18 at 03:23
  • Re: clarification ... YES, maybe, YES. Meaning I'm not sure about the security patches. I obtained Sierra last November (2017). If there are patches, I'd like to know what they are. As for your 'curl' method, I doubt that would work for me because 'mail' is often sent by 'cron' jobs. An edited example of what you're doing would be helpful. – Dick Guertin May 26 '18 at 04:39
  • Something like this: `CREDENTIALS=$(cat /etc/postfix/sasl_passwd | awk '{ print $2}') curl --url 'smtps://smtp.gmail.com:465' --ssl-reqd \ --mail-from "$USER" --mail-rcpt ‘gdtoledano@gmail.com’ \ --upload-file mail.txt --user "$CREDENTIALS"` a text file named mail.txt which has content like this: *EMAIL TEMPLATE* `From: “Admin” *email here* To: "System Administrator" *inserts email here* Subject: test Hi System Administrator, Sent by curl Bye!` – Gilroy May 29 '18 at 05:36
  • I believe what you're telling me is that 'mail' doesn't work on Sierra. How would a 'cron' job send mail? It always uses the 'mail' command. I have MAILTO and REPLYTO env-variables defined in my crontab table so 'cron' knows where to send messages. Some of my automated jobs run under 'launchctl', which also uses 'mail'. – Dick Guertin May 30 '18 at 19:55