Re: [Declude.JunkMail] Spammed on port 2525

[Matt]

SMTP AUTH on port 587 isn't required by the RFC...it just simply makes a whole ton of sense in most setups.  Considering that this is a standard port, and it will most likely find its way through broadband provider's blocks since it is reserved for this use and likely to be restricted to authenticated E-mail in most cases in the near future, it is advisable to use it all other things being equal.  Considering that Scott is already promoting port 2525 and having configured some of his clients for that, there is no harm in continuing the practice in lieu of support for SMTP AUTH-only connections on this port in his mail server.  I am guessing that in the future we will also see E-mail clients fail over from port 25 to 587 automatically, making support for this transparent and hands-free.  That is not likely at all to happen with port 2525, and it would seem that port 2525 is more likely to be blocked as a security measure. The choice is really about what you already have and how far into the future you wish to plan for/speculate about. Matt John Tolmachoff (Lists) wrote: See my thoughts on the Imail forum on 587.   John Tolmachoff Engineer/Consultant/Owner eServices For You   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Matt Sent: Friday, February 25, 2005 4:50 PM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Spammed on port 2525   Here's what I am using for a mail server located at 192.168.1.1 for this example.  IMail is configured to listen on port 587, but to the outside world it appears as both port 25 and 587.  Even though one would think that you didn't have to NAT 587 to 587, in this case you do because of the other rules for that IP (or so I was told).  I assume that you are configured differently and that does matter, so you might want to share that before making the edits yourself.  ip nat inside source static tcp 192.168.1.1 25 192.168.1.1 25 extendable no-alias ip nat inside source static tcp 192.168.1.1 587 192.168.1.1 25 extendable no-alias ip nat inside source static tcp 192.168.1.1 587 192.168.1.1 587 extendable no-alias I assume that you know how to config term your router.  If not, it won't be straight forward without a crib sheet or experienced help to guide you through it rather than risk messing it up. Matt Scott Fisher wrote: I use port 2525 to bypass port 25 blocking for my employees. I was just checking my logs and I've been receiving spam on port 2525   Can anyone share the necessary Cisco IOS commands to let the Cisco router do port translation? P.S. IOS isn't my primary language... -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ ===================================================== -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =====================================================