On Friday 12 January 2007 00:54, Joe Morris (NTM) wrote:
> Got a problem I hope someone can answer. This is my situation. My home
> office (i.e. mail relay) uses MS Exchange. It seems it will only listen
> on port 25.
The Port is configurable. And you can add additional Ports of course.
> They are wanting all mail to be transport encrypted. They
> have setup stunnel to listen on port 465 and 2525 for their exchange
> server. It works with most email clients to select ssl encryption for
> the smtp server on port 465 (they also use auth). I tried but could not
> get the smtp client of postfix to work with that setup to relay mail
> through them here at home.
This SSL-Mode is not supported by Postfix. Postfix supports the Standard way
(Client-Side) where the Connection is established unencrypted and the
Encryption is switched on after that (STARTTLS). Most Clients will support
the SSL-Mode, so you will have luck with Clients.
> My ISP blocks all port 25 traffic to force
> all smtp traffic to go through them. At the office (I was testing first
> at home) we use a different ISP that does not block port 25. On port 25
> (with telnet) their exchange server responds, but there is nothing if
> telneted to port 465 pr 2525.
You cannot telnet to an already encrypted Port. If you want to test that, use
openssl as client.
$ openssl s_client -connect ...
man openssl
man s_client
> I got postfix's smtp client to work at
> work (it uses TLS on port 25), including auth. Here at home, I need to
> get it working as well (and at least Eudora also has a problem with
> their setup if port 25 is blocked by the ISP). Is there a way to get it
> working as is, or could I install and setup stunnel to get the postfix
> smtp client to work through stunnel on either port 2525 or 465? Is so,
> any pointers? TIA for any help or alternate ideas.
Hmm, the best way would be to configure your Exchange Box to listen on a
second Port with TLS enabled maybe 465 or 26 or whatever.
Another way of course would be to setup stunnel on your Home-Postfix-Box to
reconvert the encrypted Session in an unencrypted.
--
Andreas
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
