Eric B. wrote: >> Changing the SMTP submit port to 587 (as per rfc2476 Section 3.1) for >> your clients and using SSL/TLS on that would allow all Internet mail to >> be scanned by ASSP and by routing outgoing email through ASSP would >> allow it to work as it should. Only internal email is not seen by ASSP. > > How would one configure ASSP to work for this? I've been stuggling with > this notion for the last couple of days and can't figure out the right > setup. The way I see it, I need to route all incoming mail on port 25 > through ASSP before going to my mail server (ie: set Listen Port to 25 and > SMTP Destination to 225). My mail server would be configured to listen on > port 225. > > Now, you are suggesting to add port 587 on my mail server as an incoming > SSL/TLS port. That's fine. So email clients (ex: Outlook Express, etc) > would connect to port 587 and submit their mail.
Yes. Anonymous email uses port 25. Authenticated email uses 587. > This is where i get stuck however. How do I configure the mail server & > ASSP to process mail from this point? I can configure the mail server to > use a relay server and route outgoing mail through another server/port, but > how would I configure ASSP to receive that connection and then transmit the > email to the world? Sorry I was not clear in how I have that implemented. My authenticated clients do not submit email through ASSP. They use a non MX record server using SSL/TLS. The server only accepts authenticated email no anonymous SMTP is allowed. All Internet/externally bound email is routed through ASSP thus allowing the whitelist and email interface to function. ------------------------------------- External Anonymous Email: Server1A -> ASSP -> Server2A External Auth Email: Client -> Server2A Outgoing Email: Server2A -> ASSP -> Server2B -> Server1A Server2A is the main MTA server. Server2B is a smtp relay server between ASSP and any server on the Internet. Server2B is not necessarily a separate physical box from the ASSP server. Server1A is any server that sends my domain email. ------------------------------------- > Furthermore, how does this protect any spammers from sending mail to port > 587 on my mail server destined for the local users of the mail server, > thereby bypassing ASSP completely? Won't all the local users on the mail > server still get spammed? Just deny anonymous email on 587. I've never seen a spammer touch 587 though. Kevin ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
