On 29 Aug 2013, at 13:34 , Glenn English <g...@slsware.com> wrote: > > On Aug 29, 2013, at 12:49 PM, Quanah Gibson-Mount wrote: > >> --On Thursday, August 29, 2013 3:59 PM +0900 peter evans <pe...@ixp.jp> >> wrote: >> >> >>> Combine these two into one. put permit_sasl_ at the top >>> as it is a first match wins thing. And of course, re-educate >>> your client that auth belongs on port 587. (for example, Japan >>> has a lot of places outright blocking port 25.[1]) >> >> Yes, so does the US. I have already requested the customer be educated >> about proper ports to use, but they are quite insistent on using 25 for >> whatever reasons. > > I'm under the impression that 587 is to be used by my local users
It is to be used by any users who are authorized to send and received mail on your server. 25 *should* only be used for MTAs to send mail to a user on your mailserver. > (email clients to local MTA), and 25 is used by MTA<->MTA. Is this wrong? > > And /etc/services says: > >> auth 113/tcp authentication tap ident ident has nothing to do with mail. ident has nothing to do with anything anymore, really. I think the only people that still use ident are some IRC servers, and most users have to fake an ident server in their IRC client. $ grep 587 /etc/services submission 587/tcp submission 587/udp -- 'Where do shadows come from? That's where the wind is blowing!' --Colour of Magic