Problem with sending iCloud email

DeRaad · October 2020

When sending a mail with Apple Mail and an iCloud account, the firewall blocks is from sending. I get this error:

2020-10-07 14:03:02 KAT-FRW-250-01 pxy 0x1896680-6483715 connect failed Connection refused 108: 10.101.10.189:49879 -> 17.42.251.41:25 [A t] {N} | 126: 171.33.129.205:49879 -> 17.42.251.41:25 [!B c] {N}[P]

Receiving mail isn't a problem, only sending.

Can somebody help me with this problem?

Bruce_Briggs · October 2020

It looks like you are using a SMTP proxy for outgoing SMTP.
17.42.251.41 belongs to Apple.
My best guess is that you need to add a SMTP packet filter To: the DNS name(s) associated with 17.42.251.
Make sure that the SMTP packet filter is above your current SMTP proxy.

These look to be the correct DNS names to use for this.
mx01.mail.icloud.com
mx02.mail.icloud.com

james.carson · October 2020

Hi @DeRaad
The log message here is for B channel, so the one from the firewall going to the destination. The firewall is getting a connection refused response from the server (it likely can't complete the TCP connection.)

Since port 25 is often used to send spam on consumer accounts, check that your ISP allows outbound access over it. iCloud may have also provided a different port number to connect to, which could account for that.

The KB from apple suggests that they're using port 587 for outgoing SMTP, not 25.
https://support.apple.com/en-us/HT202304

DeRaad · October 2020

@Bruce_Briggs said:
It looks like you are using a SMTP proxy for outgoing SMTP.
17.42.251.41 belongs to Apple.
My best guess is that you need to add a SMTP packet filter To: the DNS name(s) associated with 17.42.251.
Make sure that the SMTP packet filter is above your current SMTP proxy.

These look to be the correct DNS names to use for this.
mx01.mail.icloud.com
mx02.mail.icloud.com

Thanks, this solved the problem!

Problem with sending iCloud email

Comments