On Tue, Nov 11, 2008 at 4:53 PM, Charles Marcus <[EMAIL PROTECTED]>wrote:
> On 11/11/2008 4:49 PM, Charles Marcus wrote: > >> Common administrative practices include submission on 587 for > >> trusted clients only and should not be permitted on the internet. > >> This port should be firewalled outside of your network. > > > Excuse me?!?!? Thats ridiculous... in fact, just the OPPOSITE is > > true. > > Well... correction... > > Port 587 is designed to provide smtp_auth services to trusted clients > VIA an UNtrusted network (like the internet)... > > So, no WAY should it be firewalled - just limit it to sasl_auth based > sessions - and hopefully you enforce strong password policies too... > > -- > > Best regards, > > Charles > My reason for configuring domain keys is yahoo not filtering my mails as spam. I dont want to go back and change more than 1000 clients port from 25 to 587. So is there anyway we can achieve domainkeys authentication on port 25? Thanks, LA
