Re: [exim] Should MX offer TLS ?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M-\Mike Cardwell at <-
M\MJohn Robinson at ->
Delete this message
Reply to this message
Author: Exim Mailing List
Date:  
To: exim-users
Subject: Re: [exim] Should MX offer TLS ?
On Wed, Nov 07, 2007 at 10:25:10AM +0000, Mike Cardwell wrote:
> Chris Edwards wrote:
>
> > However I'm noticing many such sites with the above setup who don't offer
> > TLS on port 25 of the MX servers. Is there a particular reason for this ?
> >
> > Any obvious pitfalls in supporting TLS on port 25 of the MX servers ?
> > Are folk just turning it off to save CPU ?
>
> I advertise TLS on my non submission ports here for a very different
> reason to those stated. I treat hosts that look like real mail servers
> differently. TLS is a very good indicator that the connecting host is a
> real mail server; not just another trojaned machine. I don't greylist
> real mail servers.

I guess it depends on your view. In my experience, an MTA that sends
to MX with TLS is one that is probably not managed by someone with
very much experience and would more likely be a potential source of
trouble.

--
Dean Brooks
dean@???

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] recipient callout not workingRe: [exim] recipient callout not working->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)