Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Why do so few mail providers support Port 587?

  • From: Chris Horry
  • Date: Tue Mar 01 15:24:50 2005

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nils Ketelsen wrote:
> On Mon, Feb 28, 2005 at 05:13:35PM -0500, Valdis.Kletnieks@vt.edu wrote:
> 
> 
>>On Mon, 28 Feb 2005 16:54:23 EST, Nils Ketelsen said:
>>
>>>An interesting theory. What is the substantial difference? For
>>>me the security implications of "allowing the user to bypass our
>>>mailsystem on port 25" and ""allowing the user to bypass our mailsystem on
>>>port 587" are not as obvious as they maybe are to you.
>>
>>The big difference is that if they connect on outbound 25, they're basically
>>unauthenticated at the other end.  Port 587 "should be" authenticated, which
>>means that the machine making the connection out is presumably a legitimate
>>user of the destination mail server.
> 
> 
> Okay, the main difference seems to be:
> 
> 1. People here trust, that mailservers on port 587 will have
> better configurations than mailservers on port 25 have today. I
> do not share this positive attitude.

I truly hope this isn't the case, I don't trust any mail server that I
didn't personally configure.

> 2. Port 587 Mailservers only make sense, when other Providers block
> port 25. My point is: If my ISP blocks any outgoing port, he is no longer
> an ISP I will buy service from. Therefore I do not need a 587-Mailserver,
> as I do not use any ISP with Port 25-Blocking for connecting my sites or
> users.

Yes, right up until a) ISPs wise up and start blocking port 587, and
then 465 for good measure.  or b) malware authors wise up.  B will
happen sooner.

Chris

- --
Chris Horry KG4TSM   "You're original, with your own path
zerbey@wibble.co.uk   You're original, got your own way"
PGP: DSA/2B4C654E        -- Leftfield
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCJM9FnAAeGCtMZU4RAvsFAKC5SvTVLS2VffMq2rcp7ZZZt4IGVwCgqbHO
2mSmy8GWV+l3xEzFsBBXp1o=
=0wKT
-----END PGP SIGNATURE-----




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.