Author: Exim Mailing List Date: To: exim-users Subject: Re: [exim] Should MX offer TLS ?
On Wed, Nov 07, 2007 at 10:25:10AM +0000, Mike Cardwell wrote: > Chris Edwards wrote:
>
> > However I'm noticing many such sites with the above setup who don't offer
> > TLS on port 25 of the MX servers. Is there a particular reason for this ?
> >
> > Any obvious pitfalls in supporting TLS on port 25 of the MX servers ?
> > Are folk just turning it off to save CPU ?
>
> I advertise TLS on my non submission ports here for a very different
> reason to those stated. I treat hosts that look like real mail servers
> differently. TLS is a very good indicator that the connecting host is a
> real mail server; not just another trojaned machine. I don't greylist
> real mail servers.
I guess it depends on your view. In my experience, an MTA that sends
to MX with TLS is one that is probably not managed by someone with
very much experience and would more likely be a potential source of
trouble.