Re: [exim] Setup for authenticated submission

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Kjetil Torgrim Homme
Date:  
À: Bill Hacker
CC: exim
Sujet: Re: [exim] Setup for authenticated submission
On Wed, 2006-01-18 at 18:00 +0800, Bill Hacker wrote:
> tls_on_connect_ports = 465 : 587 <IF and ONLY IF using old-style SSL
> instead of STARTTLS. MUA-dependent>


there is NO good reason to use tls_on_connect on port 587. this will
only cause interoperability woes.

> Note that this does not *prevent* an MUA from connecting on port 25, nor
> force it to use SSL/TLS if it does so.


or vice versa for MTA's connecting to 587. we actually experienced that
yesterday, an MTA set up to use port 587, ostensibly for security
purposes! luckily we had put in a check for this and deny
unauthenticated sending on ports other than 25 (we support 465 and 587
as MSA).

--
Kjetil T.