On 8/10/06, Will H. Backman <[EMAIL PROTECTED]> wrote:
Darrin Chandler wrote: > However, if the connecting party *requires* TLS then it would have a > problem with spamd. Is that the trouble you're having? > > Yes. I'm protecting a Microsoft Exchange server with spamd on an openbsd bridge. Because Microsoft Outlook uses Microsoft's way of having MUAs talk to MTAs, there is no problem there. I also enabled IMAPS (port 993) and SMTP-TLS (port 25) on the Exchange Server so that normal mail clients like Thunderbird can play along. Because I require TLS and SMTP-AUTH for relaying purposes, I'm in a bind. My real problem is getting Exchange to do SMTP-TLS on a different port, so this is really a non-openbsd issue. I guess I was just asking to make sure, and also to see if people had dealt with situation like this. I can imagine that openbsd and spamd are used to protect all kinds of pesky MTAs.
if you just wan't to have MUAs talk to your exchange, and don't want to use STARTTLS, rdr the Exchange server to port 587 or 465 with pf. If you *want* to have a server on port 25, the correct way would be to use STARTTLS, which is supported by exchange, should work with spamd and all sane MUAs or MTAs. --knitti