• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved is it safe to close port 465 ?

Linulex

Silver Pleskian
Hello all,

We close smtp relaying and only allow smtp on port 587.
Would it be wise/possible/safe to close port 465 (smtps) in the firewall?

if i am correct: port 465 doesn't accept connections anyway when smtp is closed.

i know i can not close port 25.
regards
Jan
 
Hi Linulex,

actually, your question is not only reasonable, but as well up-to-date to meet the new service-port assignments, made by IANA for RFC conformity ( last updated 18.11.2016 => http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt ), where port 465 has been assigned to the service "urd" ( tcp ) and the service "igmpv3lite" ( upd ).

The definite answer to your question:
Would it be wise/possible/safe to close port 465 (smtps) in the firewall?
... is "YES" ( wise/possible and safe ), when you use SMTP-MSA on your server(s) on port 587.
But ( and here comes the culprit... :D ), if you do that, you have no possible fail back, in case of communication issues between MUA or/and MTA, which could raise support requests due to ( possible ) communications errors from your customers, who use standard settings at their mail - clients ... unfortunately, no mail - client has the standard POP3s- port - setting "465/995", but use instead the POP3 - port - setting "25/110", which will take a looooooong time, untill this changes. :(
 
Hi UFHH01

Ill close it then, thank you. We have been using 587 since we started back in 1999. A lot of connection providers in The Netherlands and Belgium close port 25 to outside and don't allow to send mail via port 25 from another provider. Only there port 25 is allowed. A lot others do the opposite and close port 25, only if you send with an email of there own you can use it.
Using 587 solves the problem of both problems.

POP3 ? The 1990s want there protocol back.

regards
Jan
 
Back
Top