Re: [Exim] TLS on a port other than 25

Top Page
Delete this message
Reply to this message
Author: Giuliano Gavazzi
Date:  
To: Mark Edwards, exim-users
Subject: Re: [Exim] TLS on a port other than 25
At 12:51 -0800 2003/02/15, Mark Edwards wrote:
[...]
>
>Well, what happens is I can connect either with STARTTLS or not to port 25,
>and everything is logged normally. I can connect normally to port 26 and it
>is logged, but if I try to use STARTTLS on any port other than 25, the
>connection times out and nothing ever gets logged.
>
>My conclusion is that a STARTTLS connection on a port other than 25 (I've
>also tried 587) isn't even making it to Exim. The real question is where is
>it failing? Is it failing at the client (doubtful, because I don't think
>the client would time-out, and I've tried on two different clients on two
>different OS's) or is the connection being intercepted somewhere before it
>gets to Exim?
>
>Has anyone seen a STARTTLS connection on a port other than 25 actually work?
>


It is making it to exim (how would it not?), only that you will not
see it in a normal log. It seem that "most" clients (I am basing this
on 1 (one) client... and all the failures reported) will consider
ports either than 25 for SSL, that is tls-on-connect. A tcpdump shows
garbage thrown at poor exim, and the connection lost as the SSL
session fails to establish. [test done on port 26 with Mail.app on
MacOSX]

Giuliano
--
H U M P H
    || |||
  software


Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/