Re: [OT] IANA ports (was: Filezilla a security risk)
On Sun, 08 Jul 2012 20:09:41 +0200, Slavko wrote:
> Dňa Sun, 8 Jul 2012 16:10:27 +0000 (UTC) Camaleón <firstname.lastname@example.org>
>> SMTPS (and SMTP over SSL/TLS) is standarized as always has been, what
>> happens is that it was updated to use starttls extension and the older
>> RFC was deprecated (but still used in some hosts).
> As i wrote early, i know difference and major for me is, that SMTP +
> STARTTLS starts as unencrypted, but SMTP over SSL is encrypted from
> start. Then STARTTLS s not exactly the same as SMTP over SSL. But
> credentials and message transfers are encrypted in both circumstances.
The thing is that there are no other replacements... yet.
So what we have now for sending e-mails is the plain, unencrypted port
(tcp/25) and smtps (or whatever you prefer to call it, "smtp over tls"?),
that is, tcp/587 that can take the role of the deprecated tcp/465
(encryption using a dedicated port).
> And if i proper understand (quick look into) RFC 6409, then mentioned
> port 587 is not exactly for SMTP over SSL. It is intended to sending
> mails from MUAs and only allows usage of the "IPSEC and other encrypted
> and authenticated tunneling techniques" (section 3.3) and in real, one
> can select which will be used. Then it is the site/server depended
> solution. I am right?
It's section 7 (Extensions) what makes the difference and, in any case,
you always depend on the server exposed capabilities for this.