Re: [Exim] SMTP

----- Original Message -----
From: "Dennis Davis" <D.H.Davis@???>
To: <exim-users@???>
Sent: Thursday, July 01, 2004 5:52 AM
Subject: Re: [Exim] SMTP


> >From: Tony Finch <dot@???>
> >To: "Alan J. Flavell" <a.flavell@???>
> >cc: "Exim-Users (E-mail)" <exim-users@???>
> >Subject: Re: [Exim] SMTP
> >Date: Wed, 30 Jun 2004 16:09:28 +0100
>
> ...
>
> >> Some folks will tell you that mail submission protocol is a
> >> preferable solution to this requirement than authenticated SMTP.
> >> Maybe we should look at that too.
> >
> >Definitely. It makes message submission much more reliable,
> >and it allows users to have a single configuration that works
> >anywhere. You will need to support both tls-on-connect on port 465
> >as well as standard submission on port 587 in order to support all
> >the clients out there.
>
> Rescorla[1], page 358, says:
>
> RFC 2487 was published roughly at the same time as the TLS
> specification, RFC2246. Although SMTP over SSL had been in
> use for some time, RFC 2487 codified the rules for its use. A
> separate ports strategy (SMTPS) was briefly in use but dod not see
> the wide deployment and has been obsoleted by STARTTS.
>
> So it really necessary to handle tls-on-connect on port 465 (SMTPS) ?
> Are there clients out there than have to use this rather than STARTTLS
> on port 25 or port 587 ?
>
> [1] "SSL and TLS", Eric Rescorla, Addison-Wesley, 2001, 0-201-61598-3
>
>

Yes. Outlook and Outlook Express of various flavors. If you ask them to
use encryption on other than port 25, they revert to SMTPS.

Jim Roberts
Punster Productions, Inc.