Updated A mail server's 101 (markdown)

This commit is contained in:
Jean-Denis Vauguet 2020-06-12 06:24:21 +02:00
parent 2b30e8df80
commit 0c6e157844

View file

@ -125,7 +125,7 @@ In many implementations, the mail server doesn't enforce TLS encryption, for bac
A final Submission setup exists and is akin SMTP+STARTTLS on port 587, but on port 25. That port has historically been reserved specifically for unencrypted (plain text) mail exchange though, making STARTTLS a bit of a misusage. As is expected by [RFC 5321](https://tools.ietf.org/html/rfc5321), docker-mailserver uses port 25 for unencrypted Submission in order to support older clients, but most importantly for unencrypted Transfer/Relay between MTAs. A final Submission setup exists and is akin SMTP+STARTTLS on port 587, but on port 25. That port has historically been reserved specifically for unencrypted (plain text) mail exchange though, making STARTTLS a bit of a misusage. As is expected by [RFC 5321](https://tools.ietf.org/html/rfc5321), docker-mailserver uses port 25 for unencrypted Submission in order to support older clients, but most importantly for unencrypted Transfer/Relay between MTAs.
- **docker-mailserver's default configuration enables unencrypted (plain text) for Submission & Transfer/Relay on port 25.** - **docker-mailserver's default configuration enables unencrypted (plain text) for Submission & Transfer/Relay on port 25.**
- It does not enable Explicit TLS (STARTTLS) Transfer/Relay on port 25 by default. One may enable it through advanced custom configuration, either as a replacement (bad!) or as a supplementary mean of secure Submission & Transfer/Relay. - It does not enable Explicit TLS (STARTTLS) on port 25 by default. One may enable it through advanced custom configuration, either as a replacement (bad!) or as a supplementary mean of secure Submission & Transfer/Relay.
- One may also secure Transfer/Relay on port 25 using advanced encryption scheme, such as DANE and/or MTA-STS. - One may also secure Transfer/Relay on port 25 using advanced encryption scheme, such as DANE and/or MTA-STS.
### Retrieval - IMAP ### Retrieval - IMAP