Hi Marc,
Marc Haber wrote:
I prefer to stick with standard packages as supplied by apt package
management.... I am not interested in doing any re-compiles and
moving too far away from the standards that are currently in place.
Then you're out of luck.
Okay.... well I'll persevere if I can with some more information.
I want to be able to support the use of Incredimail against my mail
server without departing from my strict policy of using SMTP Auth
over port 465 with SSL security.
Port 465 is an RFC violation anyway, it was never assigned for SMTP
over SSL in the first place. Microsoft is the only instance who
insists on using this non-standard.
I have just re-configured my server to accept 25 / 265 and 587 for SSL/TLS
connections.
03_exim4-config_tlsoptions:
tls_on_connect_ports=465:587
AND in /etc/default/exim4
SMTPLISTENEROPTIONS='-oX 587:465:25 -oP /var/run/exim4/exim.pid'
Now.... I can send using port 25 or 465 both with SSL with OE, but 587 with
OE times out and eventually gives the same error on the server as does
IncrediMail -- although IM does it almost immediately.
Leaving the port at 25 is not acceptable because any old wireless hotspot
will interfere with my direct SMTP Auth connections by hijacking the port 25
traffic and using their own sending mail servers.
I don't know why port 587 with SSL isn't working with OE though.
By default if you select SSL for outgoing mail server with OE, then it uses
port 25 -- this has to be changed to 465 in my case to work as I prefer.
GMAIL also breaks the RFC then as they only use port 465....
The widely accepted standardized way to do secure SMTP is STARTTLS,
which is kind of SMTP-over-SSL-over-SMTP and can be run on the
standardized ports 25 (SMTP) and 587 (mail submission).
But you are likely to fall into the same trap with your incredimail
that way.
IM will not work on port 25, 465 or 587.
On my server, I can see the following:
# netstat -an|grep -e 25 -e 465 -e 587|grep tcp
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 192.168.2.2:25 80.161.186.2:63657
TIME_WAIT
And when OE is 'waiting' on port 587 tests:
# netstat -an|grep -e 25 -e 465 -e 587|grep tcp
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 192.168.2.2:587 192.168.0.158:2854
ESTABLISHED
When I give up on the waiting, the following is sent to
/var/log/exim4/mainlog:
2007-10-29 02:06:07 TLS error on connection from [192.168.0.158]
(gnutls_handshake): A TLS packet with unexpected length was received
Kind Regards
AndrewM
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
