[afnog] is my sendmail an open-relay?
Joe Abley
jabley at ca.afilias.info
Mon Dec 11 01:13:30 UTC 2006
On 10-Dec-2006, at 17:16, Andy Davidson wrote:
> Running a private (and locked down) smtp server on tcp/80 may well
> get you round even more firewalls.. Running a private OpenVPN system
> on tcp/80 may well be even more useful.
tcp/443 is a better bet, much of the time. There are many
environments in which tcp/80 is transparently redirected to caches,
and when the client doesn't talk HTTP, unpredictable things may happen.
Since HTTPS (tcp/443) involves SSL/TLS, which itself involves end-to-
end exchange of certificates, it's less likely to be interfered with.
Joe
More information about the afnog
mailing list