[125716] in North American Network Operators' Group
Re: Mail Submission Protocol
daemon@ATHENA.MIT.EDU (Jakob Schlyter)
Wed Apr 21 17:56:47 2010
From: Jakob Schlyter <jakob@kirei.se>
In-Reply-To: <20100421141359.GA20980@apia.perrit.net>
Date: Wed, 21 Apr 2010 23:56:07 +0200
To: leen@consolejunkie.net
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 21 apr 2010, at 16.14, Leen Besselink wrote:
> We added SSL to our SMTP-service and tell our customers to use SSL =
(not TLS)
> with authentication and have the mailserver listen on the TCP-ports =
which
> the mailclients pick for that (of which their are a few if I'm not =
mistaken).
Assuming that you by SSL refer to a "raw" SSL-wrapped SMTP connection =
and with TLS refer to STARTTLS as described in RFC 3207, I would =
recommend against using "raw" SSL-wrapped SMTP.
Although there are some email clients that do this (and they usually use =
the unregistered port 465 for this), setting this up with Message =
Submission for Mail (as described in RFC 4409) and STARTTLS will likely =
give your customers a more joyful experience thanks to reasonable =
defaults in most modern email clients.
jakob
