Re: [exim] SMTP vs Submission (port 25 vs 587)

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MIan Eiloart at <-
MWakko Warner at ->
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: Ian Eiloart
CC: exim-users
Subject: Re: [exim] SMTP vs Submission (port 25 vs 587)
Ian Eiloart wrote:
>
>
> --On 3 January 2007 15:34:24 -0500 Wakko Warner <wakko@???> wrote:
>
> >I probably should give a little more detail of what is going on.
> >
> >We recently installed a hardware spam firewall which cut out some of our
> >users. I simply stated to use 587 and authentication which met with
> >resistance. The only reason that it was done was because they want the
> >spam firewall.
> >
> >Most of our users are on the LAN which this cannot effect. However, for
> >security, I wanted to force everyone to 587 so that any virus infections
> >that use mail would pretty much be stopped before it spread at all (also
> >blocking outbound port25 from the company).
>
> Then this doesn't matter quite so much. You should block outbound port 25
> anyway, but leave port 25 open when the destination is your mail server. If
> your mail server is local, you don't need to worry about outbound port 25
> at all, unless you have web applications that send email bypassing your
> mail server.

I believe all web apps do use our mail server.

> If your staff EVER work at home, or go to conferences, or visit other
> institutions, and expect to use email then they'll need to use port 587. If
> your mail server is local, then you'll need to open inbound port 587. Or,
> you could provide a webmail service.

This is one reason I want to place everyone on 587. It's offered internally
as well as externally and the same rules apply. It's also uniform and we
don't have to remember who we had on 25 and 587.

> Anyone local who also uses external mail servers (say, your staff's
> personal email providers, or visitor's mail providers) will need to be able
> to use port 587. It's possible that you don't allow staff to access
> personal mail providers, and it's possible that you don't need to allow
> visitors to access their email.

Technically, it's against company policy (personal functions on company time
and company equiptment), but we don't forbid it. I would say from a legal
standpoint, it might not be a bad idea to forbid it.

--
Lab tests show that use of micro$oft causes cancer in lab animals
Got Gas???


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] SMTP vs Submission (port 25 vs 587)Re: [exim] SMTP vs Submission (port 25 vs 587)->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)