John Schmerold

Well-Known Member
Apr 21, 2004
81
6
158
st. louis
cPanel Access Level
Root Administrator
On a Reddit PCI forum I asked about the use of port 465 vs 587, the response was a reasonable argument for the use of 587. Anyone know why cPanel favors 465 and if there would be adverse consequence(s) associated with shutting down 465 and migrating to 587?

Here is the Reddit reply:
Since the registration for port 465 for encrypted email was revoked by IANA years ago, I could see where some ASV's would identify it as an issue, as they generally would with any non-standard port. Using a non-standard port, however, does not violate PCI DSS. In fact, there may be very good reasons to have a service listen on a port other than the well-known port that has been registered with IANA. In these cases, typically you'd use the ASV's "false positive" appeal mechanism to explain why the port is open, e.g., that it's not a rogue service. FWIW, RFC 8314 was proposed in Jan. 2018 to address the use of port 465 for email submission. Nonetheless, the current situation is that RFC 6409 (Message Submission for Mail) specifies the use of port 587 for message submission (sites MAY choose to use port 25)... thus making the "better" way of solving the issue to use port 587.
 

m.eid

Well-Known Member
Jun 4, 2014
54
6
83
Jordan
cPanel Access Level
Root Administrator
Twitter
Is they have said, 587 is for non secure smtp connection while 465 is the default port for secure connection over SSL, while these are default ports CPanel offers, you can modify them for other ports and configure them well.
 
  • Like
Reactions: cPanelLauren