On 14 Apr 2004, at 10:31, Todd Vierling wrote:
On Wed, 14 Apr 2004, Joe Abley wrote:
: > That was solved 6 years ago. You let them use port 587 instead of 25. : > http://www.faqs.org/rfcs/rfc2476.html
: Several graphical, consumer-grade mail clients let you select a port : for "outgoing mail (SMTP)" and also have a checkbox for "use a secure : connection (SSL)".
: If (port != 25 && use_ssl) the client will assume an SSL-wrapped SMTP : server on the other end, and will not use STARTTLS.
: I thought I'd mention it.
You forgot to name the clients in question, since you're trying to help out helpdesks here. I'm sure several folks would like to know the real details.
I didn't give a list because I don't have a good one. I fell over half a thousand half-crazed, pulling-out-hair e-mails on list archives using google when I first went hunting for details on this, which is mainly what makes me think this implementation decision (to wrap or not to wrap) is widespread. This is how it works using Apple's Mail.app which ships with Mac OS X; it's how it works with the various versions of Outbreak Express that I've had occasion to (distainfully!) mess with on relatives' computers. It's how it works with the mail client on the Sony Ericsson P800 phone (which incidentally only supports SMTP AUTH if you leave SSL turned off, which is why the P800 is going back on ebay some time soon). I'm SMTP/SSL works this way with Outlook 2002 (although that one is a bit fuzzy; it also maybe sounds like STARTTLS on a non-wrapped connection isn't implemented at all). I've also heard that certain vintages of Netscape/Mozilla mail and also Eudora provide STARTTLS as an option as well as "use SSL", so maybe the semantics are different there. Joe