Am 21. März 2016 00:59:36 MEZ, schrieb "@lbutlr" <[email protected]>: >On Sun Mar 20 2016 16:01:44 Christian Kivalo <[email protected]> >said: >> >>>> One minor comment: I would not even offer AUTH on port 25. >>> >>> I don’t. I offer opportunistic TLS on port 25 for SMTPd. All mail >>> submission have to be on port 587. >> >> You do. > >Oh, that is right, I forgot I had to enable that temporarily for >someone. I think temporarily has passed. > >Port 25 shouldn’t even allow STARTTLS, IIRC. I don't agree. Offering opportunistic TLS on port 25 gives the sending party the choice to use the encrypted channel. There is no harm in offering starttls on port 25.
-- Christian
