Thanks Noel and Peter i learned alot from both of your posts.
by Noel
------------
For new installations, it is strongly recommended to require your
customers to use port 587 (or 465) and to disable AUTH on port 25.
can you please refer any document on this or any link. actually this is
what i also need but the document i am following is not specifically
designed for mail server however i really want to learn Postfix server i
know the main and big deal is Mailing server.
By Peter
-------------
> What you should be, at the very least, encouraging is STARTTLS over port
> 587. Whether you want to support some very old Outlook clients and
> offer TLS wrappermode over 465 is up to you but it is unlikely you will
> find anyone who still needs this old and deprecated form of submission.
>
>
what do you mean by "very least". is there any preferable way then
STARTTLS.
- is this possible i enforce users/clients to only submit mails on port 587
and i leave 25 for server to server communication only.
and is this segregation is a good thought of mine or practical?
- by the time i have enabled/uncommitted this line "submission inet n
- - - - smtpd"
since then my mail server is listening on 3 ports 25,465,587.
root@mailsrv:~# netstat -ntlp | grep master
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN
6799/master
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN
6799/master
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN
6799/master
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
6799/master
tcp6 0 0 :::587 :::* LISTEN
6799/master
tcp6 0 0 :::465 :::* LISTEN
6799/master
tcp6 0 0 :::25 :::* LISTEN
6799/master
isn't 465 is useless and can i close this if yes then how?
I really appreciate your help.
Thanks,
MYK
>
> Peter
>
