Re: [Exim] SMTP

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Tony Finch
日付:  
To: Alan J. Flavell
CC: Exim-Users (E-mail)
題目: Re: [Exim] SMTP
On Wed, 30 Jun 2004, Alan J. Flavell wrote:
>
> Several types of client can be configured in such a way that they
> adapt calmly to the situation of being sometimes inside and sometimes
> outside (viz. laptops) without user intervention.


Do I gather that you are only doing submission on port 25, and that you
are not offering TLS and AUTH for connections from your internal network,
and that you require MUAs to have their TLS switch at the "optional"
setting?

This is very unwise, because it means that your users will not realise if
their MUA is not connecting to your server in the case of a port 25
interceptor, because it will silently degrade to plain SMTP. This can lead
to email being silently lost. If you're going to use TLS and AUTH you
should configure the MUA to require them all the time.

> Some folks will tell you that mail submission protocol is a preferable
> solution to this requirement than authenticated SMTP. Maybe we should
> look at that too.


Definitely. It makes message submission much more reliable, and it allows
users to have a single configuration that works anywhere. You will need to
support both tls-on-connect on port 465 as well as standard submission on
port 587 in order to support all the clients out there.

Tony.
--
f.a.n.finch <dot@???> http://dotat.at/
WHITBY TO THE WASH: SOUTH OR SOUTHWEST 4 OR 5, VEERING WEST 4 OR 5, THEN
BACKING SOUTHWEST LATER. RAIN OR SHOWERS. MODERATE OR GOOD. SLIGHT.