Thank you Stuart. That is very helpful. SRV records would get port, like
https://xmpp.org/extensions/xep-0368.html The logic would be like, say there is opensmtpd on the other server too. dig _mail._smtp.humaaraartha.in. SRV get_port_from_SRV() if found_different_port() try_port() else try_25() Caching can also be done for future requests. > You and I are small fish. I've been mucking around with mail servers pretty > much this whole century so far. OpenBSD and suckless are moving forward and providing solutions. Which mailserver do you use? If we can establish that any software be run on any port, then blocking ports won't make sense. Besides, they can block any domains and they already do if they find spam there. SPAM is just an excuse. Thanking you Sagar Acharya https://humaaraartha.in 8 Sept 2023, 03:55 by stua...@longlandclan.id.au: > On 7/9/23 20:44, Sagar Acharya wrote: > >> Let the mail providers have their setups. Is it possible to have a >> configuration where I have 2 servers, example.com example2.com where I can >> send and receive emails on ports say, 777 on plaintext, starttls optional >> and port 778 with smtps? >> >> Give me a configuration for such a thing. >> >> humaaraartha.in. TXT "v=spf1 ipv4:{myipv4address} -all" >> humaaraartha.in. TXT "resports:777,778" >> > humaaraartha.in. humaaraartha.in. MX 10 humaaraartha.in. > >> humaaraartha.in. A {myipv4address} >> That is all you have, nothing more for both servers. Can you help me send >> and recieve mails on ports 777,778 with just above DNS and smtpd? I can add >> SRV records for detection of ports 777, 778 if you want. >> > > Okay, not quite sure what the "resports" TXT record is achieving (a quick > search on the topic didn't reveal any documentation on how it was supposed to > work or correct syntax). I won't labour the point about outgoing port 25 > traffic since others have covered this already. > > You can of course use different ports between servers on an agreed-upon > manner. e.g. say we have a server, bnemx.vk4msl.com, running OpenSMTPD: > >> vk4msl-bne# cat /etc/mail/smtpd.conf >> # $OpenBSD: >> smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $ >> >> # This is the smtpd server system-wide configuration file. >> # See smtpd.conf(5) for more information. >> >> #table aliases file:/etc/mail/aliases >> table virtualdomains file:/etc/mail/virtualdomains >> table virtualusers file:/etc/mail/virtualusers >> >> pki bnemx cert "/etc/ssl/bnemx.vk4msl.com.fullchain.pem" >> pki bnemx key "/etc/ssl/private/bnemx.vk4msl.com.key" >> pki bnemx dhe auto >> >> listen on socket >> listen on all tls pki bnemx >> > … etc, I won't post the full config. > > Those `listen` lines are the key, from smtpd.conf manpage: > >> listen on interface [family] [options] >> Listen on the interface for incoming connections, using the same >> syntax as ifconfig(8). The interface parameter may also be an >> interface group, an IP address, or a domain name. Listening can >> optionally be restricted to a specific address family, which can >> be either inet4 or inet6. >> > > In amongst the options: > >> port [port] >> Listen on the given port instead of the default port 25. >> > > So if I chose to, I could add: > > listen on all port 777 > > and then re-start smtpd, I'd now be listening on port 777. > > You could then tell your SMTP server to send to port 777 when sending to my > domain. > > But doing so would be useless: > - no one else would bother using port 777/tcp: they would most likely use > port 25 > - you wouldn't be able to send to any other server, unless they too, chose to > use port 777/tcp. > > If you have a good proposal for how such alternative ports could be > advertised (maybe via DNS TXT record), perhaps you could propose that as a > Request For Comment to the Internet Engineering Task Force… and maybe if > enough people thought it was a good idea, it would be adopted with its own > official RFC number (like RFC-821, later replaced by RFC-2821 and RFC-5321). > > That though, won't mean instant ability to pick your own port number. The > "alternate port number" feature would then need to be added to the various > SMTP servers out there. Then sysadmins would need to install that version. > > This may take years, or even never happen in some cases. (Qmail is still > IPv4-only because the author believes IPv6 is unnecessary.) > > Regardless of what you think of spam or how to fight it, the truth is the > small fish don't make the rules in this game. You and I are small fish. > I've been mucking around with mail servers pretty much this whole century so > far. > > I started with trialling something over dial-up (ever seen a 56kbps modem > screaming under the strain of an outbound mail queue stuffed with spam? I > have!)… moved to using Sendmail on an old Slackware server hosted on ADSL > with 2GB SCSI disks and a self-signed HTTPS certificate for webmail in 2001. > Been running my own server ever since. > > It's not impossible to do it yourself, and dealing with spam is a constant > cat-and-mouse game. Things have become more complex out of necessity (I > didn't bother with DKIM until Google started mandating it for example), but > even then, not overly difficult. > > The minimum standard however has changed over the years as requirements > changed. That includes: > > - outbound SMTP unblocked -- pretty much since forever since that's how > TCP/IP works > - static IPv4 -- dynamic IPv4 has not been possible since ~2004 or so > - SPF DNS records -- since ~2010 or so > - DKIM signing and DMARC policies -- since ~2020 > > Some day, IPv6 may be a requirement as the IPv4 address space dries up. > > It's no good "wishing" it to be different. In the future it may become > impossible for me to run my own server on the home connection, and I may have > to look into alternate mail arrangements. > > At least you don't have to ask for your chosen host name to be added to the > "master" /etc/hosts file. We have this thing called "DNS". > > Unless you can convince some very high-profile SMTP server operators, many of > whom do not read this list (e.g. the admins of Gmail, Office365, etc), > nothing much will change. > -- > Stuart Longland (aka Redhatter, VK4MSL) > > I haven't lost my mind... > ...it's backed up on a tape somewhere. >
