On 2/25/2005 3:16 AM, Adrian Chadd wrote:
[reposting this to nanog, as my answer might be reasonably ontopic]
On Fri, Feb 25, 2005, Brad Knowles wrote:
At 8:05 AM +0000 2005-02-25, Adrian Chadd wrote:
Because your MUA doesn't support SSL on what it considers to be non-standard ports? Because your ISP won't let you set up an ssh tunnel instead? Because there would be no other way to keep your mail connection secure, if SSL and ssh are denied to you?
Which MUA, that you/your users are using, won't let you run SSL on port 587?
Apparently, many Microsoft MUAs don't support that kind of thing.
Thats strange. I'm sure I've had outlook 200x speak SSL on 587.
The problem with OE (and probably O) is that it only supports SMTP-SSL carrier sessions rather than StartTLS sessions, especially when alternate ports are involved. Note that StartTLS is the standard, not SMTPS which was registered as informational and has been deprecated to boot. If you are using lots of MS clients, you have to give up on the idea of running 100% encrypted communications over port 587. Not that anybody is stopping you from setting up TLS-only on 587 and SMTPS on some other port... -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/