Why do so few mail providers support Port 587?

Daniel Senie dts at senie.com
Wed Feb 16 04:21:39 UTC 2005


At 09:00 PM 2/15/2005, you wrote:

>Although RFC2476 was published in December 1998, its amazing
>how few mail providers support the Message Submission protocol
>for e-mail on Port 587.  Even odder, some mail providers
>use other ports such as 26 or 2525, but not the RFC recommended
>Port 587 for remote authenticated mail access for users.
>
>Large mail providers like AOL, GMAIL and Yahoo support authenticated
>mail on port 587; and some also support Port 465 for legacy SMTP/SSL.
>But a lot of universities and smaller mail providers don't.

Lots of small companies support these as well, including hosting companies 
and smaller ISPs, and have done so for 5 or 6 years.

>   They
>still use SMTP Port 25 for roaming users.  With AT&T, Earthlink, COX,
>Netzero and other ISPs filtering port 25 for years, I would have thought
>most mail providers would have started supporting Port 587 by now.
>
>What can be done to encourage universities and other mail providers
>with large roaming user populations to support RFC2476/Port 587?

Get the software developers to do some useful programming.

>What can be done to encourage the mail client software programers (i.e.
>Outlook, Eudora, etc) to make Port 587 the default (or at least the
>first try) and let the user change it back to port 25 (or automatically
>fallback) if they are still using a legacy mail server.

Don't forget enabling SMTP AUTH by default. Microsoft seems to only support 
SMTPS and POPS (alternate ports).

Eudora finally supports TLS reasonably well now that they switched to using 
OpenSSL. While Eudora can be configured for port 587, it takes some doing, 
since users have to install the esoteric settings menu plugin or edit a 
config file.

It'd be nice if the new account wizards actually got this stuff right. We 
give customers a document that walks them through the wizard, then walks 
them through fixing the things the wizard didn't do.


>Sendmail now includes Port 587, although some people disagree how
>its done.

The configs for sendmail that come with RedHat have it listening only to 
127.0.0.1 by default. The config file (.mc) has a good config line for port 
587 documented and commented out. They also have a port 465 example, which 
has encryption required, but not AUTH.

Is the proper configuration or proper examples the responsibility of 
sendmail developers, those packaging sendmail with systems, or those who 
deploy the software? 




More information about the NANOG mailing list