On Wednesday 24 February 2010 11:06:46 pm Andrew McNabb wrote: > On Wed, Feb 24, 2010 at 09:24:01PM -0700, Michael Torrie wrote: > > GMail's smtp server is port 587, TLS. Alberto recently pointed out on > > a another list that all mail servers should allow their users to use > > port 587 and TLS to submit mail, and port 25 should be restricted to > > server-to-server traffic only. > > Server-to-server traffic is really the biggest problem. As far as I can > tell, almost all server-to-server traffic is unencrypted.
Current SMTP RFC's state the traffic should be UNencrypted. However, they also allow traffic on port 25 to be encrypted if both sides support it and are willing to do it. There is no authentication, just encryption. That allows traffic between domains to be encrypted. I really don't know how many systems on the Internet actually implement that and use it when available. However, you cannot force TLS over SMTP on port 25. That is forbidden. -- Alberto Treviño BYU Testing Center Brigham Young University -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
