is SMTP, SSL/TLS port 465 using UDP ports?
A fresh install of the CSF firewall settings shows that they are not using any UDP ports for port 465 SMTP, SSL/TLS not even TCP_OUT is in use. cPanel however recommends them to have open on their website, see url, what is correct?
Anyone advise please?
-
A quick Google search pulled this up. In theory SMTP can be handled by either TCP, UDP, or some 3rd party protocol. As defined in RFC 821, RFC 2821, and RFC 5321: SMTP is independent of the particular transmission subsystem and requires only a reliable ordered data stream channel. In addition, the Internet Assigned Numbers Authority has allocated port 25 for both TCP and UDP for use by SMTP. In practice however, most if not all organizations and applications only choose to implement the TCP protocol. For example, in Microsoft's port listing port 25 is only listed for TCP and not UDP. The big difference between TCP and UDP that makes TCP ideal here is that TCP checks to make sure that every packet is received and re-sends them if they are not whereas UDP will simply send packets and not check for receipt. This makes UDP ideal for things like streaming video where every single packet isn't as important as keeping a continuous flow of packets from the server to the client. Considering SMTP, it makes more sense to use TCP over UDP. SMTP is a mail transport protocol, and in mail every single packet is important. If you lose several packets in the middle of the message the recipient might not even receive the message and if they do they might be missing key information. This makes TCP more appropriate because it ensures that every packet is delivered.
Hope this helps.0 -
Hello, Yes, the service should still function normally with the default CSF rules. The previous post should help explain it further. Thank you. 0 -
Thank you both, I will use CSF recommendations and no UDP Ports then. 0
Please sign in to leave a comment.
Comments
3 comments