ingress SMTP

Truman Boyes truman at suspicious.org
Sun Sep 7 16:43:38 CDT 2008


On 7/09/2008, at 5:31 PM, Michael Thomas wrote:

> Eugeniu Patrascu wrote:
>>
>> On Sep 3, 2008, at 8:08 PM, Winders, Timothy A wrote:
>>
>>>
>>> Yes, setting up a 587 submit server internally would be best, but  
>>> man power
>>> is at a premium and it hasn't happened.
>>>
>>
>> I don't know what SMTP server you're using, but on Postfix you just  
>> need to uncomment one line in master.cf, do a reload and that's it.  
>> it takes less than a minute to do it on server. YMMV.
> Would that it were so easy :) You also have the more daunting task
> of hooking up your auth/aaa infrastructure with your MTA's, and all
> of the care and feeding that entails.
>
>         Mike

Exactly. The binding to port 587 is the easy part. The  
authentication / TLS setup is slightly more complex in most networks.  
This usually requires the running of another daemon on your MTA or  
another reachable host in your network, which takes some time to get  
up and running. Secondly you likely want to use a signed certificate  
for your port 587 TLS connections, which means going through the cert  
signing process with a CA.

Truman






More information about the NANOG mailing list