[Cryptography] SUBMIT is not SMTP, was IAB Statement on Internet Confidentiality

Abe Singer abe at oyvay.nu
Wed Nov 19 17:37:11 EST 2014

On Wed, Nov 19, 2014 at 03:00:57PM -0500, Jerry Leichter wrote:
> So, sure, within the community of email experts, the protocol may have a new name, and port 25 may be effectively deprecated.  It's perfectly legitimate that experts in the domain speak in those terms.  But to everyone else in the world, it's still "SMTP", and 25 remains a possible submission port (even if it's blocked on most networks), and if an expert wants to communicate with everyone else ... he needs to be aware of that.

For a slightly different example of using "wrong" ports, I have to
run KDCs on ports 80 and 443 in addition to the standard ports, due
to various guest wireless networks (seemingly mostly at universities)
that inexplicably block all other outbound ports.

With regard to using port 25 for submission, I'm pretty sure that it's
entirely possible for an ESMTP server to accept both authenticated and
unauthenticated mail and treat each appropriately.

Regarding the justification of breaking the encrytped, authenticated
session to check for spam, if an ISP considers that activity on port
587 to be acceptable, then it really has no justification do
otherwise for the same on port 25.

More information about the cryptography mailing list