Re: [yam] draft-daboo-srv-email: POP3S/IMAPS?

[Ned Freed <ned.freed@mrochek.com>]

> On Mon, 18 Jan 2010, Ned Freed wrote:
> >
> > Is smtps as widely deployed as pops or imaps? If it is then yes, it should be
> > in there. But if it isn't - and my experience has been that it isn't - then
> > there's no need.

> Any sites that want to support secure message submission for versions of
> Outlook older than the 2007 have to support smtps. Older Outlook will only
> do SMTP+STARTTLS on port 25, and will only do smtps on other ports.
> Outlook Express / Windows Live Mail / etc. has the same problem though I
> don't know which version fixed it.

If the only way to get a security layer in some relatively recent version of
Lookout was through smtps, that would be a very clear reason to include
smtps. But that's not what's happening.

The tradeoff here is much more subtle - it's question of which is more
problematic, requiring submission stay on port 25 where it's conflated with
relay operations, or accepting the use of smtps to get it to move someewhere
else.

My personal opinion is that smtps is somewhat more problematic, but I freelly
admit that's colored by the flexibility of our products in this area and the
seeming willingness of our customers to deal with this sort of configuration
complexity. I could easily see someone else making the call differently.

But again, this is more about what people actually do than it is about
theoretical tradeoffs. So do others think there's sufficient deployment of
smtps to warrant it's inclusion?

				Ned