Benny, Pete, Bill, ( in order of reaction :-) )
Thank you all for sharing
I think we can go with this . . . till the next update of history, ;-)
Have a nice weekend,
Marc
On 24 Jan 2020, at 10:35, Benny Kjær Nielsen wrote:
On 23 Jan 2020, at 17:21, Bill Cole wrote:
On 23 Jan 2020, at 5:18, Benny Kjær Nielsen wrote:
Port 993 mainly exists for historical reasons.
I understand that point of view, and might have totally agreed a
decade ago, but I think it has been overtaken by events, experience,
and RFC8314.
History has been updated since the last time I looked into it ;-)
I guess given what we know now then STARTTLS should never have been
created. It would have been better if ports 143 and 587 had remained
to be clear-text-only ports essentially making them obsolote today.
Today, servers would then only support ports 993 and 465 and
mis-configured servers would be less likely. (I'm ignoring port 25
since I'm an email client developer.)
In my (little) world, it all makes little difference since experience
tells me that I have to support every variant in existence since the
email client always takes the blame when something doesn't work :-)
Port 587 is the standard for email submission (email client sending
an email) and is equivalent to 143 for IMAP (it uses STARTTLS). Port
465 is a mess (Microsoft), but some email clients might still expect
it to work (Microsoft).
The best practices for initial mail submission have changed. Port 465
has been a mess but the way in which it remained a mess for 2 decades
made RFC8314 a reasonable solution for making submission more
Ok, this also means that MailMate should, ideally, default to ports
993 and 465 and discourage 143/587 (and 25). Port 993 would very
likely be fine, but I would be worried about doing that for port
465...
You'll probably get other opinions, but the important part is to
ensure that it's not possible to communicate on any port without
encryption enabled (with or without STARTTLS).
As stated, that is infeasible. See above my discussion of SMTP on
port 25.
Agreed, I'm just unintentionally ignoring anything which does not
involve an email client :)
So, to conclude, the OP should go for 993/465/25 and only enable
587/143 if needed by their users (enforcing STARTTLS).
MailMate must support everything, but it could be much better at
default values and make it harder/warn when anything but wrapped
993/465 is used/configured. I'll make a note of that :)
--
Benny
_______________________________________________
mailmate mailing list
[email protected]
https://lists.freron.com/listinfo/mailmate
_______________________________________________
mailmate mailing list
[email protected]
https://lists.freron.com/listinfo/mailmate
