[107427] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ingress SMTP

daemon@ATHENA.MIT.EDU (Tony Finch)
Wed Sep 3 14:06:48 2008

Date: Wed, 3 Sep 2008 19:06:28 +0100
From: Tony Finch <dot@dotat.at>
To: Alec Berry <alec.berry@restontech.com>
In-Reply-To: <48BECDF6.40005@restontech.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org

On Wed, 3 Sep 2008, Alec Berry wrote:
>
> At the very least, you can run stunnel to allow incoming
> mail submission on port 465 (SMTP + SSL).

I would be very very careful with that kind of setup. Connections to port
25 from localhost (even if they are from stunnel running on localhost)
often bypass most or all of the MTA's security checks.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
FAIR ISLE: CYCLONIC 4 OR 5, BUT 6 OR 7 IN NORTHWEST. MODERATE OR ROUGH.
SHOWERS. MODERATE OR GOOD.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[107427] in North American Network Operators' Group

Re: ingress SMTP

daemon@ATHENA.MIT.EDU (Tony Finch)Wed Sep 3 14:06:48 2008

daemon@ATHENA.MIT.EDU (Tony Finch)
Wed Sep 3 14:06:48 2008