On 12/8/2011 1:28 PM, Michael Orlitzky wrote: > On 12/08/2011 02:21 PM, Gary Smith wrote: >> >> Wouldn't it be smarter to just tell SquirrelMail to use port 587 and >> pass through authentication? This way if the server is compromised >> or has another exploit there isn't a simple internal email server to >> send all that spam from. >> >> This is exactly what we do for both horde and roundcube. >> > > That was my first suggestion, but the stable version of SquirrelMail > (and the one supplied by Gentoo) doesn't support STARTTLS.
I suggest staying on smtps/465 until SM stable supports STARTTLS. There's nothing that says you need to stop using 465, and no security implications to continuing to use it. -- Noel Jones
