On Nov 24, 2009, at 3:48 PM, Michael Saldivar <mike.saldi...@advocatecreditrepair.com
> wrote:
On Tue, Nov 24, 2009 at 1:25 PM, Sahil Tandon <sa...@tandon.net>
wrote:
On Nov 24, 2009, at 3:07 PM, LuKreme <krem...@kreme.com> wrote:
On 24-Nov-2009, at 10:39, Jordi Espasa Clofent wrote:
That is easy.
Have your users connect to the submission port
Yes Wietse, I've considered this simple and clean option, but we're
a hosting company and the costumers are to lazy to understand and
accept an approach like this.
Force them by making 587 the ONLY way to send mail. Tell them it's
for security reasons and make sure you enforce it.
That's all fine and well for small sites, but hardly a solution for
larger environments where such draconian measures are impractical.
A more reasonable solution is for the OP to push users toward
submission via 587, and in the (very long) meantime, find other ways
to bifurcate SASL vs. non-SASL traffic on port 25.
Small sites like Google, where they force their customers to use
specific ports for e-mail submission?
Small sites like Google? Sarcasm is adorable but rarely helps make
your point.
http://mail.google.com/support/bin/answer.py?answer=77689
What's good for the Google is good for the Gander, eh?
If only it were so. Think company that decides caters to thousands
(insert a larger number of your liking here to avoid another sarcastic
response that misses the point) of users on port 25 and can't one day
just STOP accepting all mail on that port, no matter how useful and
nicely worded the REJECT is that directs them to 587.
The OP has already stated he understands the merits of using the
submission port but needs another solution given his REAL WORLD
constraints.
Let me be clear: I'm totally on board with using a separate submission
port for trusted users, but that is not always immediately feasible
and the OP asked for alternatives on a technical mailing list.
Hopefully he can convince users to eventually migrate, but the point
is that he needs an interim solution to avoid filtering authenticated
clients on port 25.