Mailing List CGatePro@mail.stalker.com Message #92244
From: Jeremy Webber <jeremyw@al.com.au>
Subject: Re: port 587 and authentication
Date: Thu, 16 Aug 2007 08:50:52 +1000
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: Apple Mail (2.624)

On 16/08/2007, at 5:05 AM, Jon R. Doyle wrote:
Port 25 is/was generally meant for MTA to MTA traffic, and we are seeing all major ISP/broadband operators moving to restrict usage of port 25 by clients inside their network, or more over trying to connect to remote port 25 "systems"

Clients (not our MAPI) should use port 587 with Authentication, most ISPs permit this too that I am aware of.


I may be missing something, but I'm wondering how I can set up CGPro to listen on port 587 and require authentication (for submission), but still listen on port 25 and not require authentication (for MTA transmission).  I can't see anything in the listener (which is the only place ports are mentioned) which would do this.

I work in a mixed platform environment where I need to permit unauthenticated hosts within our LAN to send email so the UNIX and embedded systems which use SMTP directly can work, but I would like to prohibit road-warrior clients from sending to port 25 unauthenticated (remote access to our mail server is a requirement).

Of course, I also need to receive mail on port 25 from outside MTAs.

CGPro version 5.1.5.

Thanks,
  Jeremy

ps. we also listen on port 465 with SSL so road warriors can send email through a secure channel.  That also circumvents ISP port blocks.  I'd like to require authentication there also.

--
Jeremy Webber                                   Senior Systems Engineer
                                                   Animal Logic Pty Ltd
Phone: +61 2 9383 4837   Fax: +61 2 9383 4801   Switch: +61 2 9383 4800

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster