On 24 Mar 07, at 19:57, Michael Olson wrote: > Adam Megacz <[EMAIL PROTECTED]> writes: > >> Michael Olson <[EMAIL PROTECTED]> writes: >>> Adam Megacz <[EMAIL PROTECTED]> writes: >> >>>> Do we offer outbound SMTP (with SMTP-AUTH, of course) to users? >> >>> Yes, because there are legitimate uses for it. >> >> Fer sure. >> >> It would also be nice to run SMTP+AUTH on some weird-numbered port as >> well (2525?) -- some of the more annoying ISPs/NSPs would rather >> filter outbound port 25 rather than deal with compromised machines. > > Good idea. I'm occasionally at an internet connection whose ISP > blocks port 25. 2525 seems like a reasonable number to use.
Howdy, Rather than using the non-standard port 2525, I'd use the standard ports 465 (SMTP via SSL, usually used with Outlook) and 587 (SMTP via TLS, nearly all non-MS mail clients) instead. That means that they'll work from open wifi hotspots run by well-intentioned folks like me who have configured the firewall to allow outbound TCP ports 465 and 587 while disallowing outbound TCP port 25 in an effort to stem the flow of spam from machines that we have no control over. If the SMTP server(s) in question are on different machines than web servers, you might also want to consider listening to SMTP-AUTH on TCP port 80 so that folks can get around really restrictive firewall rules. That's an edge case, though, and might not be worthwhile. Graham Freeman General Manager, Cernio Technology Cooperative [EMAIL PROTECTED] www.cernio.com +1 415 462 2991 home office _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
