* Yassine Chaouche <a.chaou...@algerian-radio.dz>: > Dear postfix, > > I don't seem to get the idea of submission, I know I must be wrong, b/c so > many articles out there preach to use a different port for submission, but I
Use submission on TCP/587 for MUA to MTA traffic. Use smtp on TCP/25 for MTA to MTA traffic. Run authenticated MUA friendly policies on Submission. Run MTA policies on smtp port. Access providers may block outbound TCP/25 connections, because infected enduser devices try to transport messages on that port to remote MTAs. They won't block TCP/597 because submission requires SMTP AUTH, which requires the sender to possess login/pass – something most spammers don't have. p@rick > hope to find some argument in your replies that will make me change my mind. > If I understand correctly, submission is a means for mail server admins to > enforce some policies on port 587 w/o interfering with mail relay which > occurs on port 25. These policies are mainly : > > 1/ Force TLS on all incoming connexions > 2/ Force users to authenticate > > While 1/ can't be enforced on port 25, 2/ can be enforced for relay, e.g. > with : > > smtpd_sasl_auth_enable = yes > smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, > reject_unauth_destination > > So the only thing that I need submission port for seems to be to force TLS > connexions, right ? > > Anything else I am missing there ? > > Another claim for submission is that it reduces spam, but to my > understanding that's only for *sending* spam (relaying), and that's because > the admin enforces user authentication for relay, which can safely be done > on port 25 anyways (otherwise we'd be an open relay). As for *reciving* spam > (we're the final destination), it can still be delivered unauthed from port > 25, so that won't stop *receiving* spam, will it ? > > I'm all confused. > > Yassine. > -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
