> > In addition, it bypasses all the security folks have built around the > idea of blocking port 25 traffic from sources which should not be > operating as mail servers. Let's not make the network less secure in > the name of making it more so.
I already addressed this issue in the "security considerations" section. "Port 26 will be a secure alternative for Port 25. So Internet Service Providers are adviced to take precautions to prevent email spam abuse. They are advised to block port 26, if necessary." I'm not a fan over overloading semantic information in part of a > protocol where it doesn't belong, That's dug us in to a lot of deep > holes over the years. If you want to do this, seek a new DNS record > type or do like everybody else and create a TXT record to inform > internet peers of the availability of your new semantics for port 25. Yes, This suggestion came up on our discussions. On Sat, Jan 12, 2019 at 7:11 AM William Herrin <b...@herrin.us> wrote: > On Fri, Jan 11, 2019 at 4:22 PM Viruthagiri Thirumavalavan > <g...@dombox.org> wrote: > > What IETF Mailing list thinks? - "Implicit TLS doesn't offer any > additional security than a downgrade protected STARTTLS. Let's not waste a > port." > > In addition, it bypasses all the security folks have built around the > idea of blocking port 25 traffic from sources which should not be > operating as mail servers. Let's not make the network less secure in > the name of making it more so. > > > e.g. mx1.example.com should be prefixed like smtps-mx1.example.com. > > I'm not a fan over overloading semantic information in part of a > protocol where it doesn't belong, That's dug us in to a lot of deep > holes over the years. If you want to do this, seek a new DNS record > type or do like everybody else and create a TXT record to inform > internet peers of the availability of your new semantics for port 25. > > Regards, > Bill Herrin > > -- > William Herrin ................ her...@dirtside.com b...@herrin.us > Dirtside Systems ......... Web: <http://www.dirtside.com/> > -- Best Regards, Viruthagiri Thirumavalavan Dombox, Inc.