On Jan 3, 2020, at 12:43 AM, Ned Freed
If you can be sure that your
network doesn't do that, at least for its internal traffic, port 25
submission works fine.
And others have stringent security policies against mail being sent to any
other than 25.
Well, we could recommend against such policies, and also recommend that devices
use a different default port for submission. But it’s probably the case that
some sites will still find it easier to override the default and use port 25
than to get silly security policies changed.
And I expect what that means is that a mail relayer can’t tell by the port used
whether to act as an MSA or an MTA. So sites might need to provision and
configure separate services on different IP addresses. That’s easier than it
used to be with virtual machines being common now, but could still run afoul
of IT in many organizations. Anyway I guess we just make the best
recommendations we can with the knowledge that there will be deviations that
equipment and software must be configurable to deal with. Perhaps things will
converge over time.
Getting hung up on which port does what isn't helpful. The goal should be
to figure out the actual characteristics of the services that are needed.
Yeah it doesn’t matter which port but I do think it would help to further
encourage a separation of function between submission and relaying.
ietf-smtp mailing list