Re: external mail submission
Logan Shaw wrote in <QlW3g.37570$0Z4.9512@tornado.texas.rr.com> on Wed April
26 2006 22:52:
[color=blue]
> I'm trying to set up our corporate e-mail server so that people who
> are on the road (i.e. outside the corporate network) can send mail
> through our SMTP server, which is running sendmail. I've got sendmail
> running with TLS and user/password ("LOGIN" and "PLAIN") authentication
> over the encrypted connection, so that works pretty OK.
>
> The problem is this: some ISPs and other networks block all outbound
> access to port 25. So, my question is this: is there a standard
> alternate port to use for roving users submitting mail? I thought
> about opening the firewall so that the mail submission port (port
> 587) is open to the outside world, and so that outside connections
> require authentication to submit messages to port 587.
>
> I can think of a few different solutions that would work here (such
> as firewall magic to make port an alternate port pass through to
> the same place as port 25 does), but what I'm really looking for
> is whether there is any kind of standard practice on this. Anyone
> have comments?
>
> - Logan[/color]
You can run the SSL enabled SMTP service on port 465. The IANA doesn't seem
to have it listed on their list of well-known ports, though it is the most
common use for the port that I've seen.
Linux says that it's SMTPS:
fd0man@cinnamon:~$ cat /etc/services |grep 465
ssmtp 465/tcp smtps # SMTP over SSL
fd0man@cinnamon:~$
IANA says that it's for something else:
urd 465/tcp URL Rendesvous Directory for SSM
However, the mail providers that I use all use 465 for secure SMTP mail
transport. I would recommend staying with that, unless you have a reason
not to. You can always use some arbitrary port > 1024, as well; find one
that isn't blocked for any common reason and you should be good to go.
- Mike
Re: external mail submission
Logan Shaw <lshaw-usenet@austin.rr.com> wrote:[color=blue]
> I'm trying to set up our corporate e-mail server so that people who
> are on the road (i.e. outside the corporate network) can send mail
> through our SMTP server, which is running sendmail. I've got sendmail
> running with TLS and user/password ("LOGIN" and "PLAIN") authentication
> over the encrypted connection, so that works pretty OK.[/color]
[color=blue]
> The problem is this: some ISPs and other networks block all outbound
> access to port 25. So, my question is this: is there a standard
> alternate port to use for roving users submitting mail? I thought
> about opening the firewall so that the mail submission port (port
> 587) is open to the outside world, and so that outside connections
> require authentication to submit messages to port 587.[/color]
[color=blue]
> I can think of a few different solutions that would work here (such
> as firewall magic to make port an alternate port pass through to
> the same place as port 25 does), but what I'm really looking for
> is whether there is any kind of standard practice on this. Anyone
> have comments?[/color]
Connecting to 587/tcp with TLS is the standard solution.
Damian Menscher
--
-=#| <menscher@uiuc.edu> [url]www.uiuc.edu/~menscher/[/url] Ofc:(650)253-2757 |#=-
-=#| The above opinions are not necessarily those of my employers. |#=-
