Postfix on VPS is lightly-loaded, currently running happily with SPF,
DKIM, DMARC, etc; and delivering inbound messages to Dovecot. MUAs
submit outbound messages using STARTTLS and port 25.
To suit certain ISPs, plan to expand to (also) enable port 465
(described as "implicit TLS") and/or port 587 (described as "explicit
TLS"). Have such descriptions been superseded by STARTTLS?
Nevertheless, and with Postel's law in-mind, should both ports be
implemented (and be done with any distinctions)?
I've noticed some using port 2525. Any point?
Are there any 'gotchas' to be aware of when opening-up multiple ports
(in Postfix, cf Firewall)?
Any parts of the docs I should re-read very carefully?
(oeuf sur visage avoidance tactics)
(In case it is relevant, next 'expansion' will be to implement a
web-mail alternative/choice to Mozilla Thunderbird, etc, clients)
Any and all advice/warnings, will be appreciated...
--
Regards,
=dn
