What needs to be done to overcome the pinning issue with Apple mail (MAC mail)

Hi Ian, 

Thanks for the feedback. Which MAC version you are using ?

Regards,

Saurabh

I have the same issue on the latest version of Mac OS, iOS and iPad OS.

I thought this was based on Apple changing their certificate requirements that was resolved in V17.

Edit: I should add I still have issues with SMTPS. I’ll get a certificate error but if I click continue in Mac OS/iOS/iPad OS, it message still sends (I believe it’s simply because I’m forcing the use of the certificate that’s failing). I have no idea though, Sophos XG and email with Apple products has always been very problematic for me.

I have the same issue on the latest version of Mac OS, iOS and iPad OS.

I thought this was based on Apple changing their certificate requirements that was resolved in V17.

Edit: I should add I still have issues with SMTPS. I’ll get a certificate error but if I click continue in Mac OS/iOS/iPad OS, it message still sends (I believe it’s simply because I’m forcing the use of the certificate that’s failing). I have no idea though, Sophos XG and email with Apple products has always been very problematic for me.

Hi,

I am using the latest version of Catalina, IOSpad and IOS. My wife is also using Outlook for MACs on her MBP and that also fails.

I have spent a lot of time resolving MAC mail and Outlook issues in the past. There are no errors logged in XG to assist with debugging.

The mail applications work correctly when not connected to the XG or IMAP scanning is disabled. 

Ian

Update - more testing finds that the main ISP does not use SSL/TLS for sending mail to their SMTP mail servers. The XG reports on the service as being SSL/TLS in the dally reports.

So in summary mail scanning on MACs is broken.

Turn off scanning and the CAs are valid.