* Curtis Vaughan <curtis@npc-usa.com> [20030314 14:13 PST]: > Trying to configure postfix for SASL connectivity. > > Now most mail clients have you check SSL connectivity enabled, but the > port remains 25. However, in /etc/services the smtps is by default set > for port 465. > > So, my question is: what is advisable a) change the smtp port for all > clients to 465; or b) change smtps in services to 25? Neither. ESMTP uses secure socket layer connections via the STARTTLS command as part of a regular ESMTP session on port 25. Some broken clients (outlook, OE, variants and other braindead ones in particular) have a single boolean user preference like "use a secure connection for SMTP" and determine whether to use STARTTLS or smtp/SSL via the port number. Stupid! Anyway, the Right Way to set up your mail server is to use (and advertise) STARTTLS on port 25. Leave smtps as it is, and leave it behind, unless you are required to support dumb MUAs posing as MTAs that don't understand STARTSSL (or CRAM-MD5) but do need secure auth. good times, Vineet -- http://www.doorstop.net/ -- "Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one." --President Thomas Jefferson
Attachment:
signature.asc
Description: Digital signature