Sorry but why do you suggest yo use port 587 for TLS optional for auth + data , and not port 25 for the same proposal, if the goal is using TLS if possible?
Thanking un advance. El 13 mar. 2017 5:18 PM, "Viktor Dukhovni" <postfix-us...@dukhovni.org> escribió: > On Mon, Mar 13, 2017 at 04:49:23PM -0300, Jeronimo L. Cabral wrote: > > > At the moment, the mail relay is reached just from inside our company and > > several applications use it to send mail through Internet. > > If the submission port is only reachable from internal trusted > networks, then authentication is optional. You'll need to make > sure that Postfix will not be listening for port 587 on any public > IP addresses. > > > Using mailx is in this manner: > > My first encounter with "heirloom-mailx", with SMTP and TLS bolted > in mailx, my is the world getting fancy... > > > $ mailx -v -r "f...@mycompany.com" -s "TLS test" -S smtp="10.10.12.5:587" > -S > > smtp-use-starttls -S ssl-verify=ignore u...@gmail.com > > This is fine, provided that 10.10.12.5 is not reachable from outside via > NAT, and no other IP address reaches the same port 587 service. > > -- > Viktor. >
