STARTTLS and IMAP in Mail.app2 July 2005 · Filed in Information
Since Microsoft Exchange does not support STARTTLS, I had to use Perdition as an IMAP proxy in front of Exchange. Earlier attempts to get Mail.app to do STARTTLS had failed (not sure why), but today I decided to try changing the IMAP port from 993 (the default when you check the “Use SSL” box) to 143 (the standard IMAP4 port). Oddly enough, it seemed to work!
Curious to find out for sure, I trotted out
tcpdump on the mail gateway running Perdition to capture traffic to/from Mail.app and to/from the back end mail server. The traffic to/from the back end mail server was transmitted in the clear (I used plain text messages so that I could see the content), but the traffic to/from Mail.app was not readable. I also saw Mail.app issue a CAPABILITY command, then issue a STARTTLS command. Bingo!
So, it appears that Mail.app does indeed support STARTTLS for IMAP, but only if you set the port number back to 143 after checking the “Use SSL” checkbox.Tags: Encryption · IMAP · Macintosh · Messaging · Microsoft · SSL Previous Post: Transparent RDP Tunneling, Part 2 Next Post: Open Source Office Alternative