Re: exim4 and TLS Once Again
- To: email@example.com
- Subject: Re: exim4 and TLS Once Again
- From: Brian <firstname.lastname@example.org>
- Date: Fri, 1 Jun 2018 12:54:30 +0100
- Message-id: <[🔎] email@example.com>
- In-reply-to: <firstname.lastname@example.org>
- References: <20180528203245.YKSO11485.dalofep01.suddenlink.net@localhost> <20180529010408.GA17384@alum> <20180529022659.ZOXZ15725.dalofep02.suddenlink.net@localhost> <20180529170020.GB8175@alum> <20180529172506.KETD5733.dalofep04.suddenlink.net@localhost> <20180530232249.GA17267@alum> <email@example.com>
On Wed 30 May 2018 at 20:58:12 -0400, Michael Stone wrote:
> On Wed, May 30, 2018 at 06:22:49PM -0500, David Wright wrote:
> > AIUI 587 is the standard email submission port and 465 is now
> > deprecated but often still in use. I think they differ in the
> > details of how they handle encrypting the session.
> > From a protocol standpoint 587/tcp is identical to 25/tcp, with the
> distinction that it is designated for a end-users to submit messages for
> delivery rather than accepting mail for delivery from external mail relays.
> The expectation is that there is authentication of the submission, either
> via allowed IPs, SMTP AUTH, or some other mechanism. Networks can block
> port 25 to reduce spam originating from the network, but allow 587 for
> visitors to submit email to their provider for delivery. Encryption is
> activated with STARTTLS.
TLS is not offered by suddenlink.net on port 587:
brian@stretch:~# nc smtp.suddenlink.net 587
220 omta01.suddenlink.net ESMTP server (InterMail vM.8.04.03.22 201-2389-100-167-20150619) ready Fri, 1 Jun 2018 06:45:17 -0500
250-AUTH LOGIN PLAIN
250 SIZE 52428800
Exim will have to use "AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS = true".