Scott Bennett wrote:

The standardised port for SMTP submission is 587. See http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol specifically "Although some servers support port 465 for legacy secure SMTP in violation of the specifications"

     Huh.  Guess I'll have to look it up somewhere official then.  (wikipedia
is not authoritative, even if it may well have it right.)  I was going on
what it said in /etc/services on my FreeBSD 6.3 system, which is also not
authoritative by any means, but still ought to have been correct.  I checked
again, this time for 587, and it is listed as the service called "submission".
I had no idea that that referred to any service having anything to do with
email of any kind.  That prompted me to check the Solaris 5.8 system that I
use for email.  Its /etc/services doesn't list 465 at all, but also lists
587 as "submission".

http://www.iana.org/assignments/port-numbers

The port 465 issue became particularly important recently when IANA actually assigned it for a real use. Previously it was an unassigned port that was hijacked by Microsoft for Outlook.

However. gmail do actually support both 587 with TLS *and* 465 with SSL on connect, on smtp.gmail.com.
     Okay.  I'll check into it and may end up adding 587 to my allowed exits.
Thanks for the tip.

While port 587 is the official standard port for email submission, it doesn't *require* the usage of SSL. GMail does however have this requirement.

Also, I'd still personally prefer to use port 465 over port 587 for mail submission when both are available, purely because when using port 465 you negotitate SSL immediately, whilst with port 587 there is some plain text negotiation first which *could* accidently leak identifying information such as your hostname in the EHLO, to the Exit node.

Mike

Reply via email to