[125719] in North American Network Operators' Group
Re: Mail Submission Protocol
daemon@ATHENA.MIT.EDU (Dave CROCKER)
Wed Apr 21 18:18:05 2010
Date: Wed, 21 Apr 2010 15:17:28 -0700
From: Dave CROCKER <dhc2@dcrocker.net>
To: nanog@nanog.org
In-Reply-To: <z2lc3a174021004210649u75bc2552m2a1e6841fafe6104@mail.gmail.com>
Reply-To: dcrocker@bbiw.net
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 4/21/2010 6:49 AM, Claudio Lapidus wrote:
> So we are considering ways to further filter this traffic. We are evaluating
> implementation of MSA through port 587.
RFC 5068, Email Submission Operations: Access and Accountability Requirements,
is a BCP. It specifies authenticated port 587 for email submission across the
net.
As others have noted, it works well through a wide variety of access
environments. I don't remember the last time I found it blocked. I use it over
TLS, of course.
Blocking of outbound port 25 for all hosts not explicitly authorized has become
common. The fact that 587 default to authenticated is the win.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
