nanog mailing list archives
Re: Lazy network operators
From: Joe Maimon <jmaimon () ttec com>
Date: Wed, 14 Apr 2004 10:58:55 -0400
Joe Abley wrote:
On 14 Apr 2004, at 04:09, Miquel van Smoorenburg wrote:That was solved 6 years ago. You let them use port 587 instead of 25. http://www.faqs.org/rfcs/rfc2476.htmlThere's a slight wrinkle with that for people who want to submit mail over SSL.Several graphical, consumer-grade mail clients let you select a port for "outgoing mail (SMTP)" and also have a checkbox for "use a secure connection (SSL)".If (port == 25 && use_ssl) the client will EHLO to 25/tcp, and will attempt to use STARTTLS in order to encrypt the session.If (port != 25 && use_ssl) the client will assume an SSL-wrapped SMTP server on the other end, and will not use STARTTLS.If (port != 25 && !use_ssl) the client will assume a non-SSL-wrapped SMTP server, and will not use STARTTLS.This provides an operational/support issue for people running mail servers who want to support both SSL and also non-encrypted mail submission for their clients. It's an implementation problem in mail clients, not a protocol issue, but since it sounds like it might make the helpdesk phone ring, I thought I'd mention it.
Talking about implementations: Sendmail 8.12.11 -- See _FFR_SMTP_SSL build time define/m4 directive value Sendmail 8.13.0Alpha: -- From http://www.sendmail.org/8.13.0.Alpha0.html Support for SMTP over SSL (smtps), activated by Modifier=s for DaemonPortOptions. Clients: Outlook versions I am familiar with follow above rules Mozilla/Thunderbird IIRC have fixes for this issue
Joe
Current thread:
- RE: Lazy network operators, (continued)
- RE: Lazy network operators Michel Py (Apr 13)
- RE: Lazy network operators Stephen J. Wilcox (Apr 14)
- Re: Lazy network operators Miquel van Smoorenburg (Apr 14)
- Re: Lazy network operators Petri Helenius (Apr 14)
- Re: Lazy network operators Alex Bligh (Apr 14)
- Re: Lazy network operators John Curran (Apr 14)
- Re: Lazy network operators Petri Helenius (Apr 14)
- Re: Lazy network operators Joe Abley (Apr 14)
- Re: Lazy network operators Todd Vierling (Apr 14)
- Re: Lazy network operators Joe Abley (Apr 14)
- Re: Lazy network operators Joe Abley (Apr 14)
- RE: Lazy network operators Michel Py (Apr 13)
- Re: Lazy network operators Joe Maimon (Apr 14)
- Re: Lazy network operators E.B. Dreger (Apr 15)
- RE: Lazy network operators Stephen J. Wilcox (Apr 14)
- Re: Lazy network operators Petri Helenius (Apr 14)
- Re: Lazy network operators Stephen J. Wilcox (Apr 14)
- RE: Lazy network operators Vivien M. (Apr 14)
- RE: Lazy network operators Michael . Dillon (Apr 14)