|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Adding a TLS/SASL mailserver
From: Alan Becker (beckera
softrends.com)
Date: Fri Sep 05 2003 - 12:51:52 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I am planning to listen on port 25, plus some list of additional or
alternate ports, and
only address this ports issue with clients that have unsuccessfully
attempted to use
port 25. So this will already have escalated to the level of a support
call. I just
want to have a good list of alternatives available when this happens.
Thanks,
A. Becker
Rob Hutton wrote:
>We host email for several domains, and I can tell you from experience that
>trying to get someone to use a port other than the default is asking for
>support requests. We have yet to find a provider that will not allow port
>25 through for specific users if it is requested and a good reason provided.
>There are too many outsourced web/email sites out there for them not to be
>flexible.
>
>Thanks,
>Rob
>
>
>
>>-----Original Message-----
>>From: owner-postfix-userspostfix.org
>>[mailto:owner-postfix-userspostfix.org]On Behalf Of Alan Becker
>>Sent: Friday, September 05, 2003 12:31 AM
>>To: Postfix users
>>Subject: Re: Adding a TLS/SASL mailserver
>>
>>
>>Thanks so much for the information posted in the response below: it was
>>_most_ helpful.
>>
>>I have configured Postfix as described below to listen on alternate
>>ports. Currently,
>>it is listening to 24, 25, and 587. In the early stages of deploying
>>this service, we
>>have encountered 2 external connectivity providers (out of 3 tried)
>>which are
>>filtering or redirecting port 25. In both cases we were able to connect
>>using one
>>or the other of the alternate ports. Obviously, this interference with
>>port 25
>>is already a significant issue.
>>
>>I would like to configure as large a set of alternate ports as
>>practical, while sticking
>>to ports that have some relationship to mail services. I reviewed the
>>/etc/services
>>file in RH8 to see what might there. I came up with the following:
>>
>>Port (service_name) Description
>>24 (_none_) Private mail
>>50 (re-mail-ck) Remote mail checking protocol
>>174 (mailq) MAILQ
>>587 (submission) Mail message submission
>>465 (smtps) smtp over SSL (TLS)
>>
>>In doing Google searches on these various ports and their names, I found
>>some confusing results. For example, take port 465 (smtps): one document
>>from 1998 says that the IETF registration for this port was revoked.
>>Numerous
>>other documents seem to indicate that it is widely used for encrypted
>>SMTP, but
>>also seem to indicate that the protocol is different than the "STARTTLS"
>>method used by SASL Auth over TLS. I also saw a listing for port 24 as
>>a "Back Office 2000 Control port".
>>
>>Although our preferred (supported) mail client is Netscape/Mozilla 7.x,
>>we must
>>also support Outlook/Outlook Express for a few clients. Under that
>>scenario, I
>>would appreciate any commentary from those familiar with the use (actual
>>or intended)
>>of these ports, as ports to use or avoid, or any other recommendation or
>>method
>>for selecting a set of alternate ports for SMTP with SASL Auth over TLS.
>>TIA,
>>A. Becker
>>
>>
>>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]