SMTPS

SMTPS (Simple Mail Transfer Protocol Secure) refers to a method for securing SMTP with transport layer security. It is intended to provide authentication of the communication partners, as well as data integrity and confidentiality.

SMTPS is not a proprietary protocol and not an extension of SMTP. It is just a way to secure SMTP at the transport layer. SMTPS uses port 587.

This means that the client and server speak normal SMTP at the application layer, but the connection is secured by SSL or TLS. This happens when the connection is established before any mail data has been exchanged. Since whether or not to use SSL or TLS is not negotiated by the peers, SMTPS services are usually reachable on a dedicated port of their own.

Originally, in early 1997, the Internet Assigned Numbers Authority registered 465 for SMTPS. [1] By the end of 1998, this was revoked when STARTTLS had been specified.[2] With STARTTLS, the same port can be used with or without TLS. SMTP was seen as particularly important, because clients of this protocol are often other mail servers, which can not know whether a server they wish to communicate with will have a separate port for TLS.[3] The port 465 is now registered for Source-Specific Multicast audio and video.[4][5]

In 2014, many services continue to offer the deprecated SMTPS interface on port 465 in addition to (or instead of) the message submission interface on the port 587 defined by RFC 6409.[6] Service providers that maintain port 465 do so because[7] older Microsoft applications (including Entourage v10.0 and its successor, Outlook for Mac 2011) do not support STARTTLS,[8] and thus not the SMTP submission standard (ESMTPS on port 587). The only way for service providers to offer those clients an encrypted connection is to maintain port 465.

References

  1. "NEW DRAFT: Regularizing Port Numbers for SSL". w3. 1997-02-07. Retrieved 2013-07-27.
  2. Hoffman, Paul (1998-11-12). "Revoking the smtps TCP port". ietf-apps-tls (Mailing list). Internet Mail Consortium. Archived from the original on 2015-06-03. Retrieved 2016-10-22.
  3. Paul Hoffman (1997-06-01). "Do we need IMAP / TLS or POP / TLS?". Internet Mail Consortium. Retrieved 2009-09-16.
  4. "Port Numbers". Internet Assigned Numbers Authority. 2009-09-14. Retrieved 2009-09-16.
  5. "SSM". Cisco Systems. Retrieved 2009-09-16.
  6. "Re-mishap in Gmail". Heise Online. 2009-09-24. Retrieved 2009-09-25.
  7. "SMTP mail settings". The Art Farm. Retrieved 28 April 2013.
  8. "Postfix TLS support". Retrieved 28 April 2013.


This article is issued from Wikipedia - version of the 10/22/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.