On 3/12/2012 1:46 PM, Richard Troy wrote: >> I'd be keen to know how I can, if I should, offload port 25; as I >> > indicated I'm using port 25 because I didn't stumble over any other course >> > of action. Please feel free to point me at what I _should_ be doing! >> > -smile- > > ...I'd still like to know if something like this is a good idea?!...
Absolutely! Many home cable/dsl providers and wifi hotspots block access to port 25 to prevent direct-to-MX spamming, but allow the other well-known ports reserved for user mail submission. There are commented-out entries for submission port 587 and (deprecated but widely used especially by smartphones) smtps port 465 in the postfix master.cf. Many mail clients refer to submission as TLS and smtps as SSL. Simply uncomment those entries and restart postfix. You also mentioned that you're using cram-md5 authentication. Be aware that many mail clients only support PLAIN and/or LOGIN, so you many need to enable those in your dovecot.conf. These protocols are not encrypted, but are safe when used inside a TLS/SSL connection. -- Noel Jones
