Saturday, January 25, 2014, 12:24:35 PM, Jasen wrote:
> On 2014-01-23, Heiko Schlittermann <hs@???> wrote:
>> 25/smtp is for MTA -> MTA communication
>> TLS depends on the options offered by the receiving
>> and the options choosen by the sending side, thus
>> is part of the SMTP protocol (command STARTTLS)
>>
>> 465/smtps is used by some excotic (?) MUAs for message submission
>> TLS is negotiated on prior to the start of the
>> SMTP protocol
> 465 is deprecated, yet becoming increasingly more common,
> most MUAs that do starttls also support it. it's the only way to
> submit mails to the gmail SMTP service.
Port 465 is not the only way email gets submitted to gmail.
>> 587/submission
>> is for MUA -> MTA communication
>> TLS depends on the options offered by the receiving
>> and the options choosen by the sending side, thus
>> is part of the SMTP protocol (command STARTTLS)
>> For SMTP TLS is a nice to have, I'd say.
>> For message submission I'd say you've no option, I'd always enforce the
>> use of STARTTLS befor authentication.
> CRAM-MD5 is reasonably secure, but does require the host to retain the
> password in cleartext. most clients capable of CRAM-MD5 are probably
> also TLS capable, so this may not be a big advantage.
>> For SMTP you want to use port 465 for that. (Better: you do not want
>> this tls-on-connect at all! It's not standard.)
> yeah, standards are, in general, good.
> --
> For a good time: install ntp
--
Best regards,
Duane mailto:duihi77@gmail.com
