On 11/11/2008 4:49 PM, Charles Marcus wrote: >> Common administrative practices include submission on 587 for >> trusted clients only and should not be permitted on the internet. >> This port should be firewalled outside of your network.
> Excuse me?!?!? Thats ridiculous... in fact, just the OPPOSITE is > true. Well... correction... Port 587 is designed to provide smtp_auth services to trusted clients VIA an UNtrusted network (like the internet)... So, no WAY should it be firewalled - just limit it to sasl_auth based sessions - and hopefully you enforce strong password policies too... -- Best regards, Charles
