Author: Marc Sherman Date: To: exim-users Subject: Re: [exim] Using TLS to encrypt SMTP traffic...
Steffen Heil wrote: >
> I hope I missunderstand, but otherwise that comment is garbage.
>
> In spite of the fact that it may be agains standards now I also suggest:
>
> daemon_smtp_ports = 25 : 465 : 587
> tls_on_connect_ports = 465
>
> 25 is for inter-MTA smtp traffic. (explicit tls optionally, usually no auth)
> 587 is for "good" MUA to MTA traffic. (explicit tls prefered, only auth)
> 465 is for "bad" MUA to MTA traffic. (implicit ssl forced, only auth)
>
> There are still clients wich don't do STARTTLS but only implicitSSL.
> Some versions of Outlook for example.
Sorry, trimmed my quotes too aggressively, and as a result wasn't clear.
Yes, what you and Heiko do is correct. What Bill does (the person Heiko
was responding to), and what he blindly advises everyone else to do
without warning them of the consequences, is wildly out of synch with
the rest of the world.