Re: [Exim] Ignoring bounce messages to alias - How?

Top Page
Delete this message
Reply to this message
Author: James P. Roberts
Date:  
To: Nigel Metheringham, Alan J. Flavell
CC: Exim users list
Subject: Re: [Exim] Ignoring bounce messages to alias - How?
----- Original Message -----
From: "Nigel Metheringham" <Nigel.Metheringham@???>
> On Fri, 2004-02-06 at 14:26, Alan J. Flavell wrote:
> > However, this isn't entirely without its problems, since some ISPs are
> > known to transparently divert their attempts to contact our MTA's port
> > 25, to the ISPs own MTA.
>
> I can't imagine who would be that evil... oh, hold on, yes I can! I
> implemented that for freeserve et all hosted by Energis. It was an
> hideously effective anti-spam (as in spam launched from our dial-ups)
> tool.
>
> The appropriate answer to that is to use SMA. I'd love comments on my
> message to the list yesterday on the subject.
>
> Nigel.



AOL does it, for one.

You are correct, Nigel, the way around it is to use the mail submission port
(587). I have Exim listening on that port, as well as 25, for exactly that
purpose, and it works fine.

The gotcha is that (at least some) M$ MUA's do not speak TLS on any port other
than 25, instead they revert to SMTPS, so you also need to support
"tls-on-connect" on another port. For this I use the defined smtps service
port (465).

You can use a second instance of exim for this; or, you can use something like
Stunnel to handle the decryption of incoming connections on 465 and forward to
Exim on another port (beware of the loss of connecting host IP info in this
case). The preferred method is to use Exim with "tls-on-connect".

In this configuration, all you need is to get your users to set the SMTP port
in their MUA, to either 587 or 465, depending on which MUA they are using, and
also set the "my server requires encryption" and "my server requires
authentication" options. If one port doesn't work, have them try the other!

Jim Roberts
Punster Productions, Inc.