Yes, that's correct placebo. TLS on port 587 is fine, and supported.
I wonder if the issue is that the iphone isn't setting the envelope FROM address to a fully qualified user@domain. We recently (as in, today) started blocking all emails without a fully qualified sender or recipient on the frontend servers the same as we already do on the MXes
(it was part of a "standardise our configs more" push that also sees our MXes accepting opportunistic TLS encryption from sites that want it, so more of the email we receive comes across the wire encrypted)
|