[125734] in North American Network Operators' Group
Re: Mail Submission Protocol
daemon@ATHENA.MIT.EDU (Tony Finch)
Thu Apr 22 07:08:37 2010
From: Tony Finch <dot@dotat.at>
To: Franck Martin <franck@genius.com>
Date: Thu, 22 Apr 2010 12:07:49 +0100
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 22 Apr 2010, at 00:07, Franck Martin <franck@genius.com> wrote:
> Consider also smtps port which should be treated like smtp port and
> not like submission port, or simply do not listen on smtps as TLS is
> available on smtp port via esmtp.
Er, no. TLS-on-connect aka smtps (as opposed to STARTTLS) is only used
to support Microsoft MUAs that are more than a couple of years old.
They only supported STARTTLS on port 25 and insisted on using the
deprecated TLS-on-connect mode on all other ports. This meant they
could not support standard Message Submission on port 587. Therefore
you should treat smtps (TLS-on-connect on port 465) as the special
Microsoft version of RFC 4409 message submission. That is, treat the
protocols exactly the same wrt authentication, authorization,
firewalls, address validation, etc.
Tony.
--
f.anthony.n.finch <dot@dotat.at> http://dotat.at/
