[CentOS] sendmail sending out on port 587

Mon Mar 22 03:53:33 UTC 2010
Robert Nichols <rnicholsNOSPAM at comcast.net>

On 03/21/2010 07:25 PM, Les Mikesell wrote:
> Gregory P. Ennis wrote:
>>
>> On Mon, 2010-03-22 at 09:21 +1100, Jobst Schmalenbach wrote:
>>> Install dovecot on the server.
>>> Use firewall rules to block out all networks for 993 BUT
>>> the network of your laptop (whatever ISP your on).
>>> Use thunderbird (or whatever) to read you email.
>>>
>>> I do that with all our mobiles/laptops.
>>>
>>>
>>> Jobst
>>>
>>>
>> Jobst,
>>
>> I had been doing what you suggested above.  This resulted in being able
>> to read all e-mail, but I could not send any e-mail in that port 25 was
>> being blocked by the hotel.
>
> The other common option is to use port 465 for smtp over ssl - which should be
> something you can activate by uncommenting lines in your sendmail.mc and most
> clients handle.  Or use an outside account like gmail or yahoo that does this.
> You still need to configure client authentication, and on your own server, relay
> only if authenticated.

Sendmail can't initiate an outgoing port 465 connection on its own.  The
only way sendmail can use a secure outgoing connection is by starting out
unencrypted and using STARTTLS to switch to secure mode.  Port 465 doesn't
work that way.  I've been through that, consulted with the Gods, etc., and
the only way to make outgoing port 465 from sendmail work is to route the
connection via 'stunnel'.  Yes, that can be done, but it's a bit of a
PITA, and I'm glad I don't have to do it any more.

Port 587 + STARTTLS should be quite straightforward, though I've never
had to play with the incoming side of that.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.