When setting up our hardware firewall to email logs, I encountered an issue with SMTP settings.

The software for our particular firewall did not support SSL or TLS encryption for SMTP connections. That’s a problem, as Google Apps email accounts use smtp.gmail.com on port 465 (for SSL) or 587 (for TLS). Unencrypted sending is not possible through this SMTP server.

Upon searching, I found this Google support page with the answer to my problem.

The answer is to replace the smtp.gmail.com settings with:

  • server: aspmx.l.google.com
  • port: 25

One important tidbit: what the Google support page doesn’t explicitly mention is that authentication is NOT SUPPORTED on aspmx.l.google.com. That means don’t try to use authentication┬ábecause it will bounce back instead of just ignoring the authentication attempt.

Also note, since authentication is not being performed, sent messages won’t appear in the “sender’s” Google Apps outbox. And SPF records can cause such mail to be bounced, so consult the Google support page linked here for help on updating your SPF record to deal with that.

In all fairness, the first place I found the answer was this little page, but it also sent me down the wrong path by listing authentication (username & password) as part of the required setup. Luckily, the SMTP error messages that came back explained themselves well enough to get me to correct this error.