On Sun, 22 Mar 2009 11:06:04 -0400, Paul Houlbrooke <[email protected]>
wrote:
>
> ASSP 1.5.1.0(1.0)
>
> Instead of using SSL on port 465 for SMTP connections, is there any
> reason I shouldn't have clients just use TLS on 25 which then gets
> converted to SSL? This seems like it would be simpler for them to setup
> because they wouldn't have to change any ports.
>
>
You Subject is confusing. TLS and SSL are two names for the
same thing.
The standards define port 25 to be plaintext. The server can
offer "STARTTLS" and if the client uses that verb, the connection
is converted to TLS/SSL. This port is intended for MTA-to-MTA and
for older local clients.
Port 465 used to be defined as TLS/SSL from the start, but this is
now deprecated. You should avoid using 465 if you don't need it; it
is there if you have older clients that only know about this port and
can't be reconfigured.
Port 587 is defined also as plaintext with a STARTTLS possibility.
Port 587 is often configured to require client AUTH. You probably
want this port for your local clients, but 25 is ok too.
Ports 25 and 587 are more-or-less equivalent. At some sites they
are exactly equivalent. If the server offers them, both can support
AUTH and both can support STARTTLS. The difference is only in that
port 587 is intended to require use of AUTH, wheras on 25 AUTH is
optional.
-jr
------------------------------------------------------------------------------
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
