Randy in Nevis
Robert E. Seastrom
rs at seastrom.com
Tue Sep 28 07:40:12 CDT 2010
Owen DeLong <owen at delong.com> writes:
> On Sep 27, 2010, at 9:30 AM, Lyndon Nerenberg wrote:
>> On 10-09-27 7:20 AM, Robert E. Seastrom wrote:
>>> "Cannot establish SSL with SMTP server 18.104.22.168:465" does not
>>> sound like a 587 problem to me.
>>> netalyzr folks? comment?
>> Sorry, I hit send too soon ...
>> I've heard from a couple of people that the PIX will remap 587 (and 25)
>> to oddball ports if you fiddle the config just right. Given all the
>> other bogosity that box does with SMTP I wonder if there's truth to the
>> rumour. (I haven't found anyone who can reproduce this on demand, so
>> it's still apocryphal for now.)
> 465 is not an odd-ball port, it's the standard well-known port for STMPS.
> Fortunately, few people actually use SMTPS, preferring instead to do their
> security via TLS using the STARTTLS model after connecting to 25/587.
That doesn't explain why the test of port 587/starttls is trying to
connect to the well-known port for smtps.
More information about the NANOG