From: Adam Jacob Muller (lists-postfixadam.gs)
Date: Sat Apr 21 2007 - 09:00:16 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Apr 20, 2007, at 7:08 AM, Wietse Venema wrote:

> Tony Earnshaw:
>> Rene van Hoek wrote, on 20-04-2007 10:33:
>>
>> [...]
>>
>>>>> To use a non-default port you need to override the built-in
>>>>> default
>>>>> (with relay_transport, relayhost, transport_maps, etc.). Postfix
>>>>> currently does not portscan remote servers to find open doors.
>>>>
>>>> No, but there are only a couple of official (/etc/services) other
>>>> ports than smtp: smtps and submission. It wouldn't hurt to try
>>>> either
>>>> or both of these in case of a time out.
>>
>>> The submission port is for intended for MUA's not for MTA's. So,
>>> I don't
>>> think it is good idea that Postfix will try port 587 if
>>> connection to
>>> port 25 fails.
>>
>> Where did you get that one from? A port is a port is a port.
>
> So why not randomly try other hosts? A host is a host is a host.
>
> Just like different hosts, different ports have different purposes.
> Mail sent to the submission port may be rejected if the client
> isn't authenticated. On my server, the submission port may be a
> honeypot trap that accepts all mail and never delivers it. In
> fact, on some of my servers the smtp port itself is a honey pot
> trap! No-one has a legitimate reason to send mail to those submission
> or smtp ports.
>
> Postfix must not randomly try alternate hosts/ports unless there
> is positive evidence e.g., via DNS or via local configuration.
>
> Wietse

Does any hinting mechanism exist to specify alternate ports? Isn't
this what DNS SRV (however unimplemented it may be) for?

_smtp._tcp.example.com IN SRV 0 1 <altsmtpport> <smtp box>

http://en.wikipedia.org/wiki/SRV_record

-Adam

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]