On 28/10/24 22:43, Wesley via Postfix-users wrote:
He had requested to the provider but got no luck. they rejected his
requests. :)
As a solution I may consider open another port for him rather than the
default 465/587 for submissions.
Unreasonable, imo that they won't open the ports, but allowing an
alternative port for him to use is a reasonable solution. I would
recommend setting wrappermode for the port because it means that an
implicit TLS session will be established right away and it should be
impossible for the host to detect that it's being used for email via
packet inspection, all they will see is an encrypted connection.
You can easily accomplish this by copying the submissions (or smtps)
section in your master.cf file and then changing the service name
(submissions or smtps) to the new port number for the copy. You're
customer would set their smtp client to connect to this port and use SSL
or TLS (but not STARTTLS) for the connection.
Don't forget to poke a hole in your server's firewall for the new port.
Another note that you're not alone here. I've seen other
relayhost/smarthost/submission services set up alternative ports on
their service for the very same reason.
Peter
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org