[BUGS] SMTP Auth and SSL
Edwin Groothuis
edwin at mavetju.org
Sun Jan 13 23:00:31 EST 2008
On Sun, Jan 13, 2008 at 05:00:18PM +1100, Jerahmy Pocott wrote:
> I'v noticed that sendmail is listening on port 587, services says this
> is 'submission', however connecting to it provides the exact same
> function as port 25 as far as I can tell.. What is this about? I'v
> seen some mail servers offer SSL on port 587...
Port 587 is supposed for client to server (message submission),
port 25 is supposed for server to server (message transfer).
Unfortunately RFC 2476 came about one decade too late and everybody
and their dogs email software already used port 25 for both sending
to (as end-user) as receiving on (as ISP).
> So firstly what is actually required to use SSL? It seems sendmail was
Required? If you use SMTP over SSL, you need an MTA which accepts
SSL encrypted TCP sessions. If you use SMTP with TLS, you need an
MTA which accepts normal unencrypted TCP sessions and then switches
over to SSL encrypted TCP sessions. The first one is via TCP port
465, the other one is via TCP port 25. Guess which one is more
common :-)
[/usr/ports/mail/postfix] edwin at k7>make showconfig
===> The following configuration options are available for postfix-2.4.6,1:
PCRE=on "Perl Compatible Regular Expressions"
[...]
TLS=on "Enable SSL and TLS support"
[...]
Yes, it is some hassle with certificates, but it works at the end.
Edwin
--
Edwin Groothuis | Personal website: http://www.mavetju.org
edwin at mavetju.org | Weblog: http://www.mavetju.org/weblog/
More information about the BUGS
mailing list