On Mar 29, 2005, at 11:45 PM, RL 'Bob' Morgan wrote:
OSAF for example has two ways to send SMTP mail via port 25 with a STARTTLS command and via port 465 with a direct SSL connection.
In fact the preferred method for MUAs to transfer mail to MTAs is using Submission (RFC 2476) on port 587. Many sites choose to encourage the use of this port for authenticated mail submission (so they don't have to mess with doing it on port 25 of their MTAs). It is true that port 25 is far more widely used for this purpose just because it always has been, but it is a good idea to support 587 also (and the procedures specified in 2476).
In the world of self-configuring clients, submit/587 (if available) should be preferred over smtp/25.
I've heard from certain email providers that if clients en masse switched their defaults to 587, ISPs would start to block outgoing port 587 as well as 25. (Even though the submit RFC specifically prohibits open relays).
Some mail servers including OSAF's IMAP server, don't support the STARTTLS but allow an SSL connection on an alternative port so flexibility is the key.
Let me humbly suggest that it is inexcusable to ship an IMAP server in 2005 that doesn't support STARTTLS. STARTTLS is the standard method for a reason. The separate-port approach will unfortunately have to be supported forever probably, but it is just bad form to encourage it.
A justification I've heard for direct connections is that there are hardware boxes (probably originally designed for https) that require it.
--Grant
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Open Source Applications Foundation "Dev" mailing list http://lists.osafoundation.org/mailman/listinfo/dev
