http://tools.ietf.org/html/rfc2476#section-3.1
On 9/23/07, James Brown <[EMAIL PROTECTED]> wrote: > I agree, but I think port 465 is obsolete these days, and 587 is the > one to use. > > (Could be wrong, but that's what I picked up on the Postfix mailing > list recently). > > James. > > On 22/09/2007, at 6:13 PM, David wrote: > > > Hi, > > > > I have ASSP listening on port 26 as it's secondary port, for my > > clients > > who need to send mail from a residential ISP that blocks port 26. > > Recently, though, I have been seeing users blocked on port 26 also, so > > I'm looking into the possibility of getting ASSP to listen on more > > ports. Is it possible and feasible to use IPTables to get another > > port, > > like 2525, to forward internally to port 25/26 that ASSP listens on? I > > would just change port 26 to something else, but I also have many > > users > > configured with it, and there are also a number behind odd firewalls > > that would block an odd port like 2525 also,so having both options > > would > > be nice. > > > > Another possible "cure" is to use the an SSL secure connection and use > > the SSL port (465). Currently, one has to use stunnel to > > approximate an > > SSL connection for ASSP. It is pretty hacky and also invalidates > > any IP > > checks as ASSP thinks the mail is coming from localhost, and the > > IPs in > > the mail header are not trusted anyways. Someone said once that it's > > what is holding ASSP back from being a real contender in areas where > > secure connections are necessary. There were last week talks of > > getting > > ASSP to check the headers for IP tests. Would this solve the issue > > of IP > > tests being invalidated with stunnel? Are SSL libraries at a maturity > > level in Perl where it could be implemented in ASSP itself? > > > > I remember reading that SSL support is "outside of ASSP's scope", > > but I > > have to disagree. If ASSP is a proxy for the MTA, it ought to support > > every connection that the MTA does, seeing as we can't/won't connect > > directly to the MTA anymore. One _could_ connect directly to the > > MTA on > > the new port it listens on, but then one loses the whitelisting and > > bayesian training that happens when mail goes out through ASSP. If I > > understand correctly, if mail is sent out via an ISP's SMTP server, or > > otherwise bypasses ASSP, the mail isn't logged/whitelisted/trained > > against since it never touches ASSP, right? > > > > If SSL is implemented, then ASSP would definitely need more ports to > > listen on: port 25, 26/2525 for an additional unencrypted port, > > then 465 > > for the secure connection. I've been reading and studying for entirely > > too long today. I apologize if any of this is weird or just plain > > wrong. > > > > David > > > > ---------------------------------------------------------------------- > > --- > > This SF.net email is sponsored by: Microsoft > > Defy all challenges. Microsoft(R) Visual Studio 2005. > > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > > _______________________________________________ > > Assp-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/assp-user > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2005. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Assp-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/assp-user > -- ME2 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
