Groups | Search | Server Info | Login | Register

Groups > comp.mail.sendmail > #8292

Re: SMART_HOST to port 465 or 587?

From John Levine <johnl@taugh.com>
Newsgroups comp.mail.sendmail
Subject Re: SMART_HOST to port 465 or 587?
Date 2026-04-13 21:14 +0000
Organization Taughannock Networks
Message-ID <10rjmbc$lpm$1@gal.iecc.com> (permalink)
References <10rjcjs$23i1$1@gal.iecc.com> <10rjcuh$3h4e3$1@dont-email.me> <10rjg51$2kmm$1@gal.iecc.com> <10rjj1u$3j7e1$1@dont-email.me>

Show all headers | View raw

It appears that Kalevi Kolttonen <kalevi@kolttonen.fi> said:
>John Levine <johnl@taugh.com> wrote:
>> Thanks, that should do it.  Just out of curiosity is
>> there a way to tell it to do immediate TLS on port 465?
>
>I have no idea as I have never used port 465. I suppose
>it is deprecated anyway, but I am not 100% sure.

It's not deprecated at all.  Every MTA I know supports it.  Even sendmail.

>From a performance point of view, issuing STARTTLS
>ESMTP command on port 587 makes no practical difference
>compared to the immediate TLS on port 465.

Port 465 is considerably more resistant to man-in-the-middle and
downgrade attacks than 587 is. A naughty middlebox might edit the EHLO
response to remote STARTTLS, so the client goes ahead without it. On
465, if it can't do the handshake and get the certificate with the
expected name, the connection fails.

-- 
Regards,
John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

Back to comp.mail.sendmail | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

SMART_HOST to port 465 or 587? John Levine <johnl@taugh.com> - 2026-04-13 18:28 +0000
  Re: SMART_HOST to port 465 or 587? kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-04-13 18:33 +0000
    Re: SMART_HOST to port 465 or 587? John Levine <johnl@taugh.com> - 2026-04-13 19:28 +0000
      Re: SMART_HOST to port 465 or 587? kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-04-13 20:18 +0000
        Re: SMART_HOST to port 465 or 587? John Levine <johnl@taugh.com> - 2026-04-13 21:14 +0000
          Re: SMART_HOST to port 465 or 587? kalevi@kolttonen.fi (Kalevi Kolttonen) - 2026-04-13 21:39 +0000
          Re: SMART_HOST to port 465 or 587? Hugo Villeneuve-Lapointe <hugo_villap@email.invalid> - 2026-04-13 18:11 -0400
            Re: SMART_HOST to port 465 or 587? John Levine <johnl@taugh.com> - 2026-04-14 00:15 +0000
              Re: SMART_HOST to port 465 or 587? Hugo Villeneuve-Lapointe <hugo_villap@email.invalid> - 2026-04-13 23:27 -0400
                Re: SMART_HOST to port 465 or 587? Claus Aßmann <INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please)@esmtp.org> - 2026-04-14 02:20 -0400
                Re: SMART_HOST to port 465 or 587? Hugo Villeneuve-Lapointe <hugo_villap@email.invalid> - 2026-04-14 22:24 -0400
                Re: SMART_HOST to port 465 or 587? Bjørn Mork <bjorn@mork.no> - 2026-04-14 08:26 +0200
                Re: SMART_HOST to port 465 or 587? John Levine <johnl@taugh.com> - 2026-04-14 18:27 +0000
  Re: SMART_HOST to port 465 or 587? Andrzej Adam Filip <anfi@onet.eu> - 2026-04-13 21:00 +0200

csiph-web