[130091] in North American Network Operators' Group
Re: Randy in Nevis
daemon@ATHENA.MIT.EDU (Owen DeLong)
Mon Sep 27 23:33:57 2010
From: Owen DeLong <owen@delong.com>
In-Reply-To: <4CA0C68E.2070501@orthanc.ca>
Date: Mon, 27 Sep 2010 20:29:49 -0700
To: Lyndon Nerenberg <lyndon@orthanc.ca>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sep 27, 2010, at 9:30 AM, Lyndon Nerenberg wrote:
> On 10-09-27 7:20 AM, Robert E. Seastrom wrote:
>> "Cannot establish SSL with SMTP server 67.202.37.63:465" does not
>> sound like a 587 problem to me.
>>
>> netalyzr folks? comment?
>
> Sorry, I hit send too soon ...
>
> I've heard from a couple of people that the PIX will remap 587 (and 25)
> to oddball ports if you fiddle the config just right. Given all the
> other bogosity that box does with SMTP I wonder if there's truth to the
> rumour. (I haven't found anyone who can reproduce this on demand, so
> it's still apocryphal for now.)
465 is not an odd-ball port, it's the standard well-known port for STMPS.
Fortunately, few people actually use SMTPS, preferring instead to do their
security via TLS using the STARTTLS model after connecting to 25/587.
Owen
