[78249] in North American Network Operators' Group
Re: Why do so few mail providers support Port 587?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Fri Feb 25 13:04:07 2005
To: Jim Popovitch <jimpop@yahoo.com>
Cc: andrew2@one.net, nanog@merit.edu
In-Reply-To: Your message of "Fri, 25 Feb 2005 02:30:01 EST."
<1109316601.11947.7.camel@blue>
From: Valdis.Kletnieks@vt.edu
Date: Fri, 25 Feb 2005 02:53:21 -0500
Errors-To: owner-nanog@merit.edu
--==_Exmh_1109318000_3960P
Content-Type: text/plain; charset=us-ascii
On Fri, 25 Feb 2005 02:30:01 EST, Jim Popovitch said:
> Why not a VPN solution. If you have mail servers that your users need,
> chances are that you also have file servers, internal web servers.
> calender servers, etc.
We're talking ISPs and other "mostly open" providers, not corporate nets.
Remember that a *big* part is the support nightmare of getting your 50,000
Joe Sixpack subscribers to pull down a menu and change a 25 to a 587.
And you intend to make them purchase, install, and configure a VPN?
> Should file/web/calender servers all open one
> port or internal access and a second port for authenticated external
> access?
Last I heard, if you have "public" and "internal" web content, Best Practices
says to put then not on different ports, but *different hosts* - the public
one out in your DMZ, and your internal one on your internal network.
--==_Exmh_1109318000_3960P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFCHtlwcC3lWbTT17ARAnBOAJ0UTuZRduQniU8sLGqccq08tD3wYgCaA+Fc
HZ/zKVpSdiWJHfmY76HBZDI=
=CXGe
-----END PGP SIGNATURE-----
--==_Exmh_1109318000_3960P--
