Thor Lancelot Simon wrote:
On Tue, Feb 15, 2005 at 09:00:11PM -0500, Sean Donelan wrote:
Sendmail now includes Port 587, although some people disagree how its done. But Exchange and other mail servers are still difficult for system administrators to configure Port 587 (if it doesn't say click here for Port 587 during the Windows installer, its too complicated).
This is utterly silly. Running another full-access copy of the MTA on a different port than 25 achieves precisely nothing -- and this "support" has always been included in sendmail, with a 1-line change either to the source code (long ago) or the default configuration or simply by running sendmail from inetd.
What benefit, exactly, do you see to allowing unauthenticated mail submission on a different port than the default SMTP port?
Similarly, what harm, exactly, do you see to allowing authenticated mail submission on port 25?
What will actually give us some progress on spam and on usability issues is requiring authentication for mail submission. Which TCP port is used for the service matters basically not at all.
In general, I have agreed with your point of view in the past. I will say, however, that recently I have slightly retraced my position. The only real benefit I see from it is that running multiple ports allows the mail server to provide different policies for clients to use. Ideally, this shouldn't be needed, but given that some mail client software doesn't allow the configuration options that are needed in some situations (Apple's Mail.app absolutely infuriates me at times), there are times that slightly different policies are needed, and the only really good way to do that is to run them on different ports. I guess you could think of it as having port 25 available for legacy support as more and more stuff moves to 587. authentication for mail submission would be wonderful if it were ubiquitous...and I'm doing my part (this message, and all others from me these days submitted to my ISP's system with SMTP AUTH over TLS...incidentally, they had to configure 587 in order to get the policies workable for the variety of mail clients that customers used...sad but true, they had no choice while maintaining any semblance of varied client support), alas, that day is still fairly far off...though it is getting closer. -- Jeff