In addition, it bypasses all the security folks have built around the idea of blocking port 25 traffic from sources which should not be operating as mail servers. Let's not make the network less secure in the name of making it more so.
I already addressed this issue in the "security considerations" section. "Port 26 will be a secure alternative for Port 25. So Internet Service Providers are adviced to take precautions to prevent email spam abuse. They are advised to block port 26, if necessary." I'm not a fan over overloading semantic information in part of a
protocol where it doesn't belong, That's dug us in to a lot of deep holes over the years. If you want to do this, seek a new DNS record type or do like everybody else and create a TXT record to inform internet peers of the availability of your new semantics for port 25.
Yes, This suggestion came up on our discussions. On Sat, Jan 12, 2019 at 7:11 AM William Herrin <bill@herrin.us> wrote:
What IETF Mailing list thinks? - "Implicit TLS doesn't offer any additional security than a downgrade protected STARTTLS. Let's not waste a
On Fri, Jan 11, 2019 at 4:22 PM Viruthagiri Thirumavalavan <giri@dombox.org> wrote: port."
In addition, it bypasses all the security folks have built around the idea of blocking port 25 traffic from sources which should not be operating as mail servers. Let's not make the network less secure in the name of making it more so.
e.g. mx1.example.com should be prefixed like smtps-mx1.example.com.
I'm not a fan over overloading semantic information in part of a protocol where it doesn't belong, That's dug us in to a lot of deep holes over the years. If you want to do this, seek a new DNS record type or do like everybody else and create a TXT record to inform internet peers of the availability of your new semantics for port 25.
Regards, Bill Herrin
-- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>
-- Best Regards, Viruthagiri Thirumavalavan Dombox, Inc.