On 21/09/2018 10.25, Anton Aylward wrote:
On 2018-09-21 2:40 a.m., Per Jessen wrote:
The whole point of things like Postfix's transport table is that it is not just port 25 for email EXCHANGE. While restricting an ISP's clients so that rouges cannot get past the firewall's restriction on using port 25 either at the ISP or past it, ISPs also need to do proper certified identification and authentication *between themselves*. Hence TLS and certificates and X.509 etc etc. BY CONVENTION, poet 25 is not encrypted and so it not used for this.
No; port 25 must also be used with encryption. Google (gmail) I suspect does not allow talking on :25 without encryption, or the email can be easily read on transit. -- Cheers / Saludos, Carlos E. R. (from openSUSE 15.0 (Legolas))