North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Why do so few mail providers support Port 587?

  • From: Daniel Senie
  • Date: Tue Feb 15 23:35:27 2005

At 09:00 PM 2/15/2005, you wrote:

Although RFC2476 was published in December 1998, its amazing
how few mail providers support the Message Submission protocol
for e-mail on Port 587.  Even odder, some mail providers
use other ports such as 26 or 2525, but not the RFC recommended
Port 587 for remote authenticated mail access for users.

Large mail providers like AOL, GMAIL and Yahoo support authenticated
mail on port 587; and some also support Port 465 for legacy SMTP/SSL.
But a lot of universities and smaller mail providers don't.
Lots of small companies support these as well, including hosting companies and smaller ISPs, and have done so for 5 or 6 years.

still use SMTP Port 25 for roaming users.  With AT&T, Earthlink, COX,
Netzero and other ISPs filtering port 25 for years, I would have thought
most mail providers would have started supporting Port 587 by now.

What can be done to encourage universities and other mail providers
with large roaming user populations to support RFC2476/Port 587?
Get the software developers to do some useful programming.

What can be done to encourage the mail client software programers (i.e.
Outlook, Eudora, etc) to make Port 587 the default (or at least the
first try) and let the user change it back to port 25 (or automatically
fallback) if they are still using a legacy mail server.
Don't forget enabling SMTP AUTH by default. Microsoft seems to only support SMTPS and POPS (alternate ports).

Eudora finally supports TLS reasonably well now that they switched to using OpenSSL. While Eudora can be configured for port 587, it takes some doing, since users have to install the esoteric settings menu plugin or edit a config file.

It'd be nice if the new account wizards actually got this stuff right. We give customers a document that walks them through the wizard, then walks them through fixing the things the wizard didn't do.

Sendmail now includes Port 587, although some people disagree how
its done.
The configs for sendmail that come with RedHat have it listening only to by default. The config file (.mc) has a good config line for port 587 documented and commented out. They also have a port 465 example, which has encryption required, but not AUTH.

Is the proper configuration or proper examples the responsibility of sendmail developers, those packaging sendmail with systems, or those who deploy the software?