If you’re using the Apple Mail app on a Mac, and mail is coming in, but you can’t send anything out, the problem could be malware. Especially if your email address ends with “me.com” or “Mac.com” or “iCloud.com.”
Three times I’ve seen this, and three times the cause has been malware. Three times the fix has been simple.
The simple fix
The simple fix: scan for malware using the free Malwarebytes app, and then quarantine what is found. If you don’t have Malwarebytes, go get it. No need to pay for the Premium version, or even the Premium trial. Just get it, and click the big blue Scan button. If your Mac has malware, Malwarebytes will find it, and report it like so:
If Malwarebytes shows you such a list, click the blue “Quarantine” button at bottom right, and you’re done. (Malwarebytes may tell you that a restart is required, and if it does, restart right away. And then run Malwarebytes again as soon as the Mac is back up.)
Malware will occasionally put a “Profile” into your System Preferences. IT departments sometimes use Profiles to control various aspects of the Macs that they manage: they can specify the home page, the search engine, and many other options. Importantly, a profile prevents the user from making changes to those settings. It’s easy to see the value profiles provide to a big company, especially when it comes to restricting the changes a user can make. For an individual, a Profile is bad news, almost certainly a sign of malware, and should be removed.
If you go to System Preferences (under the Apple menu) and you see a button called “Profiles,” click it and see what you get. Here’s an example:
(You might notice that the name of this profile– StandardBoost– is listed in the Malwarebytes report. Nicely, it shows the date installed at the top, which should correspond to when you started having problems sending mail. You can see from the Custom Settings in the profile that it is modifying Google Chrome–and probably other stuff too, had we scrolled down a bit.)
Removing a Profile is easy: just click the minus sign and away it goes. It would be a GREAT idea to run Malwarebytes after doing this, and to restart your Mac, and then to run Malwarebytes AGAIN to make sure the profile isn’t being re-loaded at startup.
After scanning with Malwarebytes and quarantining what it finds, and after removing any stray profile(s), and after a restart, your Mac Mail should magically work again. (If you had a bunch of emails in the Outbox they are going to go out right way; if you don’t want that to happen you should delete those messages before fixing the malware problem.)
Muy malo Malware
You may wonder why anyone would want to prevent you from sending mail. What a wacky malware concept, right? Turns out that real purpose of the malware is to hijack your browser settings so that money can be made by redirecting your search results, generating ad revenue for the bad guys. Messing up your outgoing mail is, I believe, an unintended side effect. More typically, malware tries to not mess up anything that you’re likely to notice, because the longer it’s not noticed, the longer it can run. With this particular malware, you’ll notice right away that you can’t send mail, and that starts you down the path of removing the malware. So, not only is it malware, it’s bad malware.
I personally have only seen this “can’t send mail using the Mac Mail app” malware situation with email addresses ending in “me.com,” “Mac.com,” and “iCloud.com.” The problem may be specific to those (and the outgoing mail server they all use) but then again, maybe not. It’s free to download Malwarebytes and easy to click “Scan” so do that anyway and see what happens.
For further study
For a very good, complete, and detailed article about the StandardBoost malware, read this.
For my longer write-up about Malwarebytes, read this.Copyright 2008-2021 Christian Boyce. All rights reserved.