Update 22-Feb-2026: added alternative solution without port 587

Recent issue with UniFi Controller (version 5.12.35) where test emails were failing on a remote SMTP server (Postfix) configured for STARTTLS listening on port 25.

The workaround was to open port 587 on the firewall and redirect it to port 25 of the server. Then configure the UniFi controller to use port 587 and uncheck the SSL option.

Alternatively (tested with version 9.5.21), you can uncheck the SSL option whereby the controller will automatically change the port to 465.   Change it back to port 25 and it should use STARTTLS when you send a test email.

Be sure that your SSL certificate on the mail server is valid. Otherwise the controller will fail to send the email and Postfix logs may look similar to the following:

connect from xxx
lost connection after STARTTLS from xxx