I'm running a mail server with users that have Android based devices, and it seems there is trouble with Android's ability to properly configure SMTP connections. Since these are mobile devices, use outside the company network is expected. But the use still involves the company email addresses in many cases, so it is necessary to connect back to the company mail server not only to read mail (IMAP) but to also send mail (SMTP). And, to not become a spam relay, no mail is accepted for redelivery to outside domains unless the user is logged in. That requires using TLS with SMTP, and this has not been a problem with home and laptop users (on both Linux and Windows).

Analyzing network traffic shows that even when Android is configured (in the default mail app) to use SMTP with TLS for sending mail, it functions as if the older SMTP over SSL protocol was configured. These same configuration settings do work correctly for the IMAP side of email. It's just the SMTP side that fails.

Unfortunately, I personally do not have an Android device to work with to check this out. So I went googling and it seems a lot of people are reporting this issue in various places. But no one is reporting any solutions.

I'm making a guess that because sending email is something more than just the email client app might want to do, the sending of email is actually handled separately by some module or daemon. So despite the email client app having configurations specified, the email sending module is doing things its way (and because it was present, the email app just uses it). Maybe that module has to be configured separately? Or maybe it really doesn't know how to do TLS correctly (e.g. send the "STARTTLS" command in the clear and get the response before making the data stream be encrypted)?

Anyone know anything more recent about this, or know when a solution might be available ... or if it is, how to tell vendors who have distributed copies of Android without it how to identify this fix?