On 3/20/19 4:18 PM, Patrick Ben Koetter wrote:
[...] Use submission on TCP/587 for MUA to MTA traffic.
Why ?
[...]
Run authenticated MUA friendly policies on Submission. Run MTA policies on
smtp port.
What kind ?
Access providers may block outbound TCP/25 connections, because infected
enduser devices try to transport messages on that port to remote MTAs. They
won't block TCP/597 because submission requires SMTP AUTH, which requires the
sender to possess login/pass – something most spammers don't have.
Requiring authentication to relay on 25 will also get rid of spam.
Yassine.
