[CentOS] SMTP Port 465 - Postfix

Nataraj incoming-centos at rjl.com
Sat Mar 31 17:01:49 EDT 2012


You can run an smtp server on any port you want.  The advantage to not
using one of the standard ports is that you won't have as many attacks
from spammers and password guessing attacks.

The smtp parameters that are specified in main.cf are the default for
all of your smtp servers however any of the parameters can be overridden
in master.cf.  So to define an smtp server on port 1234 which requires
TLS (issued via a STARTTLS) and must have SASL authentication you would
add the following entry to master.cf:


1234     inet n       -       n       -       -       smtpd
  -o smtpd_enforce_tls=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

The port number can also be any named port in /etc/services.


For any public SMTP server on the internet, I believe the relevant RFC
specifies that you must accept unauthenticated, unencrypted (NON-TLS)
connections on port 25 (sort of obvious if you want to receive incoming
mail from the Internet).  What I do on my servers is to disallow
relaying and authentication from my port 25 smtp server and require all
of my mail clients to connect on the port that I designate, requiring
TLS+SASL auth.

Nataraj



More information about the CentOS mailing list