Actually, port 587 is what QT refers to as the "submission port". I'm not entirely sure why it was created (or who created it), but QT doesn't check DNS RBLs for connections received on that port. In all other ways, it is the same as port 25.
SMTPS (SMTP over SSL) uses port 465 by default. All connections to the SMTPS port must negotiate an SSL connection before any SMTP data is exchanged (just like an HTTPS connection to a web server). TLS is another name for "SSL started half-way through the SMTP protocol" (in other words, a partial plaintext SMTP conversation takes place before the SSL encryption begins). TLS can take place on any port. Technically speaking, TLS could take place over SMTPS but I don't know of any MUA with that capability. SMTP AUTH is separate from any encryption. It can take place on any port, no matter whether SMTPS or TLS (or neither or both) are in use. So Chris, to answer your question, spamdyke will support/honor SMTP AUTH on any port, with or without TLS. When you install spamdyke on QT, be sure to remove rblsmtpd or your roaming users will still be blocked. spamdyke will check DNS RBLs for you, so rblsmtpd is not necessary anyway. To the best of my knowledge, QT will accept SMTP AUTH on port 25. You can test this by using telnet to connect to port 25 on your mail server and looking for the AUTH banner. For example, here's a test of my server: $ telnet iconoclast.silence.org 25 Trying 208.110.65.146... Connected to iconoclast.silence.org. Escape character is '^]'. 220 iconoclast.silence.org ESMTP ehlo test 250-iconoclast.silence.org 250-STARTTLS 250-PIPELINING 250-8BITMIME 250-SIZE 0 250 AUTH LOGIN PLAIN CRAM-MD5 quit 221 iconoclast.silence.org Connection closed by foreign host. $ The "250 AUTH" line indicates that my server will allow SMTP AUTH. The "250-STARTTLS" line indicates TLS is supported. -- Sam Clippinger David Stiller wrote: > Hi Chris, > > Port 587 ist the Port using TLS. Spamdyke will should on both ports. > >>From the offical FAQ: > As of version 2.6.0, spamdyke supports TLS (which is just another name > for SSL). spamdyke will detect TLS and pass it through seamlessly. > Obviously, none of its post-connect filters will work (e.g. graylisting) > because the traffic will all be encrypted. > > Port 25, ist the the usual Port for SMTP, but without TLS. > > Dave > > Chris Bird schrieb: >> Hi, >> >> May sound like a daft question but thought I’d ask anyway, im thinking >> of installing spamdyke into my qmailtoaster installation for many >> reasons but one pressing issue in particular. We have a problem with >> our firewall and I cant add any rules to it until our security guys >> fix it which could take weeks, I need to allow roaming users to send >> through my mail server and therefore want to use SMTP_AUTH, however >> qmailtoaster’s SMTP_AUTH port is 587, is this a standard port for >> SMTP_AUTH or does SpamDyke set it for something different? Or does it >> use port 25? >> >> I know this might sound a daft question but I’ve had a long day trying >> to fix a broken Plesk server and my brain is fried! >> >> Thanks >> >> Chris >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > > _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users