Well-Known Member
Aug 10, 2002
cPanel Access Level
Root Administrator
Forgive me if this has been discussed before. I did some searches, and found this mentioned, but never really fully discussed.

I'm wondering how many people have their e-mail systems set up to accept SMTP connections on port 587. There is an RFC for this at:

Perhaps I am reading this wrong, but it seems to me that you are suppose to be using port 587 for connecting to your outgoing mail server to send out mail, and then mail servers use port 25 to talk back and forth to each other. Is that correct? If so, I'm somewhat puzzled, what advantage does this cause? So instead of using port 25, your using port 587?

The main reason I ask, is because I do not have port 587 open on any of our servers. I know a lot of ISPs are starting to block access for their customers to remote port 25 SMTP servers. My stance with this has always been that if you are affected by this then you should use your ISP's outgoing mail server or consider this an issue between the affected client and their ISP. I actually consider this to be a more ideal set up. Using your ISP's outgoing mail server does not offer any negative side-effects and its less traffic going through our servers.

However, if port 587 is suppose to be open and accept mail, then perhaps users really should be allowed to use this port to send mail from our server. I am reluctant to open just some arbitrary port, such as port 26, just to allow customers whose ISP is blocking remote SMTP servers to send out mail from our servers. To my knowledge, port 26 does not have any standards in place in regards to sending mail.

If port 587 is suppose to be opened, is there a way to enforce some type of authentication on this port. When I originally read the RFC, that's what I thought was suppose to happen. I thought port 587 was used for message submission, which required some form of SMTP authentication to accept mail. I know you can open an additional port for exim to run on on cPanel servers, but this was basically just a copy of port 25. Now reading the RFC, I'm not that sure. Apparently it is just a message submission port, and can be used just like regular port 25 acceptance.

I'm just really interested to see other people's take of this. I like to stay as standards compliant as I can, within reason. And if blocking port 587 is breaking a type of standard, then perhaps I should have it open. I'm really under the impression that most hosts do not offer this. Just interested in a discussion of the valid points of having this enabled.


Well-Known Member
Verifed Vendor
Jun 15, 2002
Go on, have a guess
If you search the ietf site for references to port 587 you'll find that there's a wealth of discussion about its adoption. From what I've only briefly read about it, it doesn't appear that port 587 is intended for use by MUA's but by what it refers to as MSA's. You'll probably find that once an RFC is adopted that changes the way an MTA should work, the respective developers will implement it. Since it's not a default configuration in any MTA that I'm aware of, I wouldn't lose any sleep over it.

For a more informed discussion about this, you might want to try a discussion about it over on the exim mailing list (and search its archives).