Mail Submission Protocol

Dave CROCKER dhc2 at
Wed Apr 21 17:17:28 CDT 2010

On 4/21/2010 6:49 AM, Claudio Lapidus wrote:
> So we are considering ways to further filter this traffic. We are evaluating
> implementation of MSA through port 587.

RFC 5068, Email Submission Operations: Access and Accountability Requirements, 
is a BCP.  It specifies authenticated port 587 for email submission across the 

As others have noted, it works well through a wide variety of access 
environments.  I don't remember the last time I found it blocked.  I use it over 
TLS, of course.

Blocking of outbound port 25 for all hosts not explicitly authorized has become 
common.  The fact that 587 default to authenticated is the win.


   Dave Crocker
   Brandenburg InternetWorking

More information about the NANOG mailing list