[78201] in North American Network Operators' Group
Re: Why do so few mail providers support Port 587?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Feb 24 19:32:28 2005
To: andrew2@one.net
Cc: nanog@merit.edu
In-Reply-To: Your message of "Thu, 24 Feb 2005 16:51:50 EST."
<20050224215241.3EF9F185A@testbed9.merit.edu>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 24 Feb 2005 19:30:09 -0500
Errors-To: owner-nanog@merit.edu
--==_Exmh_1109291409_4118P
Content-Type: text/plain; charset=us-ascii
On Thu, 24 Feb 2005 16:51:50 EST, andrew2@one.net said:
> There seem to be many who feel there is no overwhelming reason to
> support 587. I can certainly see that point of view, but I guess my
> question is what reasons do those of you with that viewpoint have *not*
> to implement it? I just don't see the harm in either configuring your
> MTA to listen on an extra port, or just forward port 587 to 25 at the
> network level. Other than a few man-hours for implementation what are
> the added costs/risks that make you so reluctant? What am I missing?
You *don't* want to just forward 587 to 25. You want to to use SMTP AUTH
or similar on 587 to make sure only *your* users connect to it as a mail
injection service (unless, of course, you *want* to be a spam relay ;)
The *real* problem is usually that the site is too clueless to figure out how
to enable AUTH on 587, actually authenticate the user (which might involve
something really complicated, like LDAP or RADIUS), and tell the script monkeys
at first-level support what to tell the users.
--==_Exmh_1109291409_4118P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFCHnGRcC3lWbTT17ARAuaAAJ9v2MgpetpsFbTAVamaCEuUueRGEQCg+cRu
H/rLe4fRISxaj/m0riB9CJY=
=wdxo
-----END PGP SIGNATURE-----
--==_Exmh_1109291409_4118P--
