Date: Mon, 13 Aug 2007 10:14:52 -0400 From: "David Robillard" <david.robillard@gmail.com> To: "FreeBSD Questions" <questions@freebsd.org> Subject: Re: Best practice for SMTP relay with user authentication. Message-ID: <226ae0c60708130714m4476a004j26ad5b4d899998a6@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
> I have my postfix authenticate users before accepting mail for non-local > delivery. Till now, users can connect to port 25 and 465 (smtps) use > STARTTLS and authenticate. > > But, I stumbled upon submission port 587 which is not reserved - it > appeas - for a protocol but for a use? > > I'd like to align my configuration with best practice. Should I just > move postfix to bind to port 587 or did I misunderstand that submission > is indeed a different protocol? Is there any best practice for which > protocol should be used for submission? Port 587 is used by the Mail Submission as defined in section 3.1 of RFC 2476 - Message Submission: 3.1. Submission Identification Port 587 is reserved for email message submission as specified in this document. Messages received on this port are defined to be submissions. The protocol used is ESMTP [SMTP-MTA, ESMTP], with additional restrictions as specified here. While most email clients and servers can be configured to use port 587 instead of 25, there are cases where this is not possible or convenient. A site MAY choose to use port 25 for message submission, by designating some hosts to be MSAs and others to be MTAs. Basically, port 25 is used by Mail Transfer Agents (MTA) while 587 is used by the Mail Submission Programs (MSP). If you need more info, check the "Bat Book" (i.e. Sendmail by O'Reilly) which is pretty clear on that topic. You can also check "Sendmail Cookbook" also from O'Reilly for tips, tricks and recipies on what you can do with MSP. Of course, it's sendmail related. But I'm quite sure you can adapt it to Postfix or whatever your organisation uses to handle emails. Finally, IMHO the best description of the what, where and why of Submission is described in the "UNIX System Administration Handbook" by Nemeth, Snyder, Seebass & Hein. Check it out at http://www.admin.com. It's a must read for all UNIX systems administrators. HTH, David -- David Robillard UNIX systems administrator & Oracle DBA CISSP, RHCE & Sun Certified Security Administrator Montreal: +1 514 966 0122
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?226ae0c60708130714m4476a004j26ad5b4d899998a6>