Exim port 465 vs 587

[John Schmerold]

On a Reddit PCI forum I asked about the use of port 465 vs 587, the response was a reasonable argument for the use of 587. Anyone know why cPanel favors 465 and if there would be adverse consequence(s) associated with shutting down 465 and migrating to 587?

Here is the Reddit reply:
Since the registration for port 465 for encrypted email was revoked by IANA years ago, I could see where some ASV's would identify it as an issue, as they generally would with any non-standard port. Using a non-standard port, however, does not violate PCI DSS. In fact, there may be very good reasons to have a service listen on a port other than the well-known port that has been registered with IANA. In these cases, typically you'd use the ASV's "false positive" appeal mechanism to explain why the port is open, e.g., that it's not a rogue service. FWIW, RFC 8314 was proposed in Jan. 2018 to address the use of port 465 for email submission. Nonetheless, the current situation is that RFC 6409 (Message Submission for Mail) specifies the use of port 587 for message submission (sites MAY choose to use port 25)... thus making the "better" way of solving the issue to use port 587.

 

[m.eid]

Is they have said, 587 is for non secure smtp connection while 465 is the default port for secure connection over SSL, while these are default ports CPanel offers, you can modify them for other ports and configure them well.

 

[cPanelLauren]

Thanks for the answer @m.eid this is exactly what I would have said as well!