Randy in Nevis

Robert E. Seastrom rs at seastrom.com
Tue Sep 28 07:40:12 CDT 2010


Owen DeLong <owen at delong.com> writes:

> On Sep 27, 2010, at 9:30 AM, Lyndon Nerenberg wrote:
>
>> On 10-09-27 7:20 AM, Robert E. Seastrom wrote:
>>> "Cannot establish SSL with SMTP server 67.202.37.63:465" does not
>>> sound like a 587 problem to me.
>>> 
>>> netalyzr folks?  comment?
>> 
>> Sorry, I hit send too soon ...
>> 
>> I've heard from a couple of people that the PIX will remap 587 (and 25)
>> to oddball ports if you fiddle the config just right.  Given all the
>> other bogosity that box does with SMTP I wonder if there's truth to the
>> rumour. (I haven't found anyone who can reproduce this on demand, so
>> it's still apocryphal for now.)
>
> 465 is not an odd-ball port, it's the standard well-known port for STMPS.
> Fortunately, few people actually use SMTPS, preferring instead to do their
> security via TLS using the STARTTLS model after connecting to 25/587.

That doesn't explain why the test of port 587/starttls is trying to
connect to the well-known port for smtps.

-r






More information about the NANOG mailing list