Why do so few mail providers support Port 587?
Christopher X. Candreva
chris at westnet.com
Fri Feb 25 20:33:29 UTC 2005
On Fri, 25 Feb 2005 andrew2 at one.net wrote:
> being used on port 25 already. You can do SMTP AUTH just as easily on
> port 25 without having to re-educate your users and still net the same
> simplified tracking procedures that you mention. It sounds to me like
> what we should really be talking about is getting MTA operators to begin
> using SMTP authentication of some kind (any kind!), rather than harping
> on whether or not MTA's should accept mail on port 587...
Port 587 becomes useful because it allows you to firewall outbound port 25
from non-mail servers (IE -users), while allowing them to submit mail to
other places.
It's hard to say how it benefits YOU as a single person. But the separation
benefits the Internet as a whole.
It's a two part thing though. Blocking port 25 won't work without and
alternative for users, and having mail submitted to relays on 587 isn't
helpful if local admins don't block port 25 outbound for their users.
However, with both of these in place, you stop the ability of every
virus-infected host to send mail out directly to other people's mail
servers. Forcing them through your mail relay gives you control: Your virus
scanner can now detect the traffic, issue an alert, shut down the account,
etc.
So to answer Nil's original question, along the lines of giving him a
reason to listen on port 587, the only selfish reason would be so your
users behind port 25 firewalls can relay through your server. If you don't
need that, that don't bother.
Simply making this available has caused us really no
additional support requests, it's maybe two lines in the sendmail.mc file.
On the other hand, Optimum Online deciding to block outbound port 25
one (Saturday) morning caused quite a bit of support work. Had we not
already been supporting 587 at that point, the work would have been far
greater, if not for the techs, then for the salespeople trying to get new
customers to replace all the ones we would have lost.
==========================================================
Chris Candreva -- chris at westnet.com -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/
More information about the NANOG
mailing list