Actually, port 587 is what QT refers to as the submission port. I'm
not entirely sure why it was created (or who created it), but QT doesn't
check DNS RBLs for connections received on that port. In all other
ways, it is the same as port 25.
SMTPS (SMTP over SSL) uses port 465 by default. All connections to the
SMTPS port must negotiate an SSL connection before any SMTP data is
exchanged (just like an HTTPS connection to a web server).
TLS is another name for SSL started half-way through the SMTP protocol
(in other words, a partial plaintext SMTP conversation takes place
before the SSL encryption begins). TLS can take place on any port.
Technically speaking, TLS could take place over SMTPS but I don't know
of any MUA with that capability.
SMTP AUTH is separate from any encryption. It can take place on any
port, no matter whether SMTPS or TLS (or neither or both) are in use.
So Chris, to answer your question, spamdyke will support/honor SMTP AUTH
on any port, with or without TLS. When you install spamdyke on QT, be
sure to remove rblsmtpd or your roaming users will still be blocked.
spamdyke will check DNS RBLs for you, so rblsmtpd is not necessary anyway.
To the best of my knowledge, QT will accept SMTP AUTH on port 25. You
can test this by using telnet to connect to port 25 on your mail server
and looking for the AUTH banner. For example, here's a test of my server:
$ telnet iconoclast.silence.org 25
Trying 208.110.65.146...
Connected to iconoclast.silence.org.
Escape character is '^]'.
220 iconoclast.silence.org ESMTP
ehlo test
250-iconoclast.silence.org
250-STARTTLS
250-PIPELINING
250-8BITMIME
250-SIZE 0
250 AUTH LOGIN PLAIN CRAM-MD5
quit
221 iconoclast.silence.org
Connection closed by foreign host.
$
The 250 AUTH line indicates that my server will allow SMTP AUTH. The
250-STARTTLS line indicates TLS is supported.
-- Sam Clippinger
David Stiller wrote:
Hi Chris,
Port 587 ist the Port using TLS. Spamdyke will should on both ports.
From the offical FAQ:
As of version 2.6.0, spamdyke supports TLS (which is just another name
for SSL). spamdyke will detect TLS and pass it through seamlessly.
Obviously, none of its post-connect filters will work (e.g. graylisting)
because the traffic will all be encrypted.
Port 25, ist the the usual Port for SMTP, but without TLS.
Dave
Chris Bird schrieb:
Hi,
May sound like a daft question but thought I’d ask anyway, im thinking
of installing spamdyke into my qmailtoaster installation for many
reasons but one pressing issue in particular. We have a problem with
our firewall and I cant add any rules to it until our security guys
fix it which could take weeks, I need to allow roaming users to send
through my mail server and therefore want to use SMTP_AUTH, however
qmailtoaster’s SMTP_AUTH port is 587, is this a standard port for
SMTP_AUTH or does SpamDyke set it for something different? Or does it
use port 25?
I know this might sound a daft question but I’ve had a long day trying
to fix a broken Plesk server and my brain is fried!
Thanks
Chris
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
