Re: Does anyone know how Verizon's outbound, external mail (port 587) is going to work?

[Derek Diget <derek.diget+educause-security () WMICH EDU>]

On Sep 24, 2009 at 08:17 -0400, Peter Charbonneau wrote:
=>  I am wondering exactly how this is going to work.  Do we punch holes in our
=>firewalls to allow tcp port 587 inbound to our mail networks, or is Verizon
=>going to port translate destination port 587 IN their network to port 25 as it
=>leaves?  I have tried to talk to Verizon tech support, but I either get
=>"What?!?" or "It's all explained in the document".  When I ask to talk to a
=>supervisor, they are unavailable.
=>
=>  Does anyone here know?


Looks like they are looking at RFC 5068 - Email Submission Operations:
Access and Accountability Requirements, and
<http://www.ietf.org/rfc/rfc5068.txt>, and RFC 4409 - Message Submission
for Mail, <http://www.ietf.org/rfc/rfc4409.txt>.

I hope their next step will be to require this change (message
submission via port 587) to their @verizon.net address customers, too.
i.e. Eventually, all message submission should be via port 587...be it
to a verizon MSA or a non-verizon MSA.


We have been blocking in-bound port 25 for many, many years, out-bound
port 25 for about 7 years, message submission via 587 (and 25 and 465)
for about the same length, as well as block direct to our MX e-mail from
our intra-net address space.



There is an Email Administration in Higher Education mailing list
that you might want to post you question to.  See
<https://listserv.nd.edu/cgi-bin/wa?A0=HIED-EMAILADMIN>.


--
***********************************************************************
Derek Diget                            Office of Information Technology
Western Michigan University - Kalamazoo  Michigan  USA - www.wmich.edu/
***********************************************************************