On Fri, 2011-04-22 at 18:26 +0530, Mihira Fernando wrote:
On 04/22/2011 06:06 PM, Sandy Drobic wrote:
On 22.04.2011 06:37, Mihira Fernando wrote:
On 04/22/2011 04:09 AM, Jim Flanagan wrote: Port 25 is for non SSL SMTP traffic. You cant expect it give you a SSL connection. Port 465 is the SSL port for SMTP. This should be opened from postfix master.cf. Your information is outdated, port 465 is the deprecated SSL-Port. If the client sends the EHLO command instead of the HELO, then the server can offer STARTTLS in its capabilities to the client. That initiates a TLS encrypted connection. True but so far the defacto standard is that port 25 is used not non encrypted SMTP traffic. Running SSL or TLS only on port 25 is likely to cause your server to loose mail as MTA - MTA mail delivery is still largely non encrypted.
This is incorrect: tcp/25 can be TLS encrypted. TLS OPTIONAL of course, if your server needs to receive mail from other servers (so if your SMTP is a receiving Server). There is hardly ANY Server out there still using SSL directly. The usual thing for TLS OPTIONAL is to issue an ehlo, check for a starttls command and issue it, changing to TLS. Dominique -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org