Re: [Exim] Port 465

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Nigel Metheringham
日付:  
To: exim-users
題目: Re: [Exim] Port 465
On Mon, 2004-04-26 at 16:53, Marc Perkel wrote:
> OK - this gets more complicated as we go. What is port 465 all about and
> sould I support port 587 and 465 or if not - which one should I use.


 % grep 465 /etc/services
 smtps           465/tcp                         # SMTP over SSL (TLS)


analogous to https - ie you connect and immediately have an SSL dialog,
as opposed to ports 25 & 587 where you connect and talk SMTP and may use
STARTTLS to transition to a (SMTP over) TLS encrypted session.

Since 465 is not used as a standard SMTP destination port it is
effectively like the MSA port except for needing to start SSL on connect
rather than later in the session.

I'd go for using MSA (587) every time. If you really have a client
which won't do TLS on 587 then allow authentication using CRAM-MD5 or
another non-sniffable method only.

    Nigel.


--
[ Nigel Metheringham           Nigel.Metheringham@??? ]
[ - Comments in this message are my own and not ITO opinion/policy - ]