Paul Theodoropoulos wrote:
At 09:32 AM 7/2/2005, you wrote:
there is no 'internal' port 25 traffic. My service provides email
service for businesses. I'm not an ISP. all traffic to my servers is
inbound from the global internet.
I guess I was looking at your "customer" as having an SMTP relay server
at his site. That's just the way I read your original post. I was
talking about the customer's system needing the firewall, not yours -- I
see now you were talking about your own POP server, not theirs.
note also that there is *no* reason for anyone to use port 587. more below.
As my other clue, your customer and others should get used to using
port 587 as their SMTP relay port, rather than port 25. That way,
some of your customer's users could be on the global Internet, and
still send mail to their firewalled-port-25-is-illegal mail server all
day on the submission port 587. It would work internally, too.
We provide alternate access to our SMTP server for those customer's
whose ISP's block port 25. We use port 2525. what, you say? 2525 is
registered to "MS V Worlds". my response is, so freaking what? *there
are no restrictions on the use of registered ports for any service one
desires*. true, i haven't spent a lot of time checking the RFC's. but
i'm pretty sure that IANA's 'rules' are only 'recommendations'. 587 is
dandy, but it's also another random string of digits for customers to
try to remember. 2525 is easy for customers to remember. if it should
ever conflict with someone's use of "MS V Worlds", well by gosh we'll
just start another server on another port just for them. I'm not holding
my breath.
Well, I can't say I didn't do the the same thing until recently. I
chose my own secret port number to bypass a port 25 block. Blocking
port 25 is becoming a major reality now. I was merely saying that
there is a standard way to allow things to happen. You will see back
there at Matt Simerson's site that he is now getting qmail to
effectively listen on SMTP and submission ports to start abinding by the
RFC for roaming users.
Since it is a rather new phenonimon, not many know about it, but as more
ISP's block and more mail providers (like you and I) try to avoid these
issues, the port 587 number will become fairly well-known. And, by the
way, in the case of a clueless user anyway, one port number is just as
hard as another to use, as they will need a lot of handholding to setup
their client. And for those who get the idea, port 587 will eventually
be memorable.
We weren't around when the RFC got written, or we might have tried for a
smarter port number. In any case, I only feel that once I catch a clue,
I might as well start using the right port number. I just opened up
both the one I picked and 587, and determined to stick with the
published standard unless necessary. Rumors persist that some ISP's
might block port 587, but that is mostly hearsay.
Billy
