On 8/19/22 07:08, Matus UHLAR - fantomas wrote: > On 19.08.22 10:47, Sam R wrote: >> So I am a little divided, >> On the one hand I think that port 25 is enough to transmit mails locally, > > I guess by "locally" you mean "on the local network". > > port 25 is standard for server-server communication, 465/587 are standard > for client-server communication where authentication is required/enforced. > >> on the other hand I think that an encryption would be better, especially on >> the dmz. > > I'd say "especially for connections crossing not-secured network". > mails within LAN/DMZ should be safe unencrypted, unless you have reason not > to trust the network or someone on it.
Google made this assumption and it turned out to be wrong. Use mutually authenticated TLS. -- Sincerely, Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
