On 8/10/06, Will H. Backman <[EMAIL PROTECTED]> wrote:
Am I correct in assuming that spamd and TLS on port 25 don't get along?
Given a mail server (or MUA) that is configured to require TLS on a port it connects to, it will likely have a problem with any other end not offering TLS capability. This is hardly spamd-specific. However, the above is unlikely to be the case. Some sites may attempt to setup TLS, but IIRC, they only do so if their counterpart advertises that capability. Note that spamd doesn't advertise that capability, so there should be no problem. Capability advertisement takes place after the EHLO stage. I have never seen any capabilities offered by spamd. It just does what it's supposed to do (and no more): let valid mail servers through to your real MTA. Once the connection passes through to your real MTA, the rules of engagement for your real MTA apply. By then, spamd is out of the picture. Upon issuing EHLO to that server, it should return the supported service extensions. As a side note: if you intend to let users submit mail, you'd best use a different port. Ports such as 587 (negotiate STARTTLS) or port 465 (TLS by default). You wouldn't even be dealing with spamd then. Cheers, Rogier -- If you don't know where you're going, any road will get you there.
