[Top] [All Lists]

RE: port number for smtp over ssl

2003-01-16 16:33:55

OK, so we established back at the beginning of this that we're only really concerned with people using 465 for SSL submission. Let's see how this play's out with Jeff's and Ned's most recent comments:

On 1/16/03 at 11:30 AM -0800, ned+ietf-smtp(_at_)mrochek(_dot_)com wrote:

Registering SMTPS again would only provide short-term relief (providers would soon block it as well) at the cost of creating standards confusion.

Exactly right. SMTPS really is a solution to a very different problem, one that cannot be leveraged as a solution to the problem you describe except in, as you say, the short term.

Actually, I think this might argue *in favor* of registering 465. Right now, 465 is used for unauthenticated encrypted submission. We don't want people using unauthenticated encrypted submission; we want them using authenticated submission, either on port 25 or on port 587. As a matter of fact, open 465 ports mean that, for example, spammers will have a new way to get through firewalls and spam. (And I would not be at all shocked if there were installed SMTP implementations with SSL-SMTP listening on port 465 without their ops knowing about it.) Maybe 465 should be registered to, in effect, encourage people to make sure it is turned off.

I think it's rather ostrich like to say, "No, no, no, there's nothing at all on port 465 that looks like SMTP; we're not registering anything there and we're not going to talk about it." I think documenting the current state of affairs (people are submitting mail encrypted but unauthenticated on port 465) and labelling it "Worst Current Practice" has some hope of cutting down on it getting more widespread and acceptable.

How we fix this is a really good question...

IMO the only way to fix it is to get the message out. We have the solutions; they just need to be used. RIght now the problem is less one of providers blocking SMTP submit than it is of providers not offering submission services at all.

I don't see how that is mutually exclusive of registration.

Pete Resnick <mailto:presnick(_at_)qualcomm(_dot_)com>
QUALCOMM Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102

<Prev in Thread] Current Thread [Next in Thread>