Hi,
On 09/01/2019 01.43, Viruthagiri Thirumavalavan wrote:
> There are people out there who has personal websites like
firstnamelastname.com and email address like me(_at_)firstnamelastname(_dot_)com
Yeah and I'm one of them. I run my private mailserver for 3 users, one
domain name for each.
On 07/01/2019 12.34, Paul Smith wrote:
> Note that port 465 is defined as for SMTPS for *submission*, so it's
the SMTPS version of 587, not the SMTPS version of 25.
That is correct, but for most mailservers relaying is disabled anyway,
so in practice even port 25 has become a submission gate. Also, you
could configure port 465 to allow relaying... out of the box many mail
daemons allow this, e.g. I "submit" my outgoing mail to 465 using
Postfix. It is messy.
On 09/01/2019 20.11, Alessandro Vesely wrote:
> *Port 26 is simple*. Straightforward for servers that already
implement 465.
> No-brainer for clients. The only risk is connection timeout on a
> non-interactive job. Does it hurt?
Exactly. Also, it makes it easier to recognize a secured mail transport.
No possible plaintext as with STARTTLS (when the latter fails, mail
could proceed over an unencrypted transport).
On 09/01/2019 21.37, Carl S. Gutekunst wrote:
> Devil's advocate question: Do we (the community) care about improved
connection latency?
I do.
On 09/01/2019 22.26, valdis(_dot_)kletnieks(_at_)vt(_dot_)edu wrote:
> My intuition says that this proposal doesn't help improve latency,
because
> the hit you take waiting for a timeout on port 26 to a non-adopter server
> is going to overwhelm any savings from the STARTTLS RTT not being
> needed.
Good point. I would love a MXS record (Mail eXchanger Secure). Maybe
such a MXS SHOULD be an alias to an already existent MX record.
As for the port number: if port 24 is already reserved for private mail
systems (!! so no loss of port numbers !!), but not used anymore, it
would also make a good candidate. I like the lower number, "try 24
before 25", but port 26 makes sense too. It makes way more sense (to me
at least) to have both port numbers in one range, be it 25-25 or 25-26.
One of the benefits of a TLS-only port is the non-dependency on DNSSEC,
DANE, and whatnot. It is *simple*, easy to implement (by using e.g. an
SSL wrapper), fast, and pleasing to the eye.
Of course this matter doesn't prelude the end of the world ;-)
Regards, Evert
_______________
< Send me mail! >
---------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp