I have just finished setting up a Postfix mail server on a linux (ubuntu) platform. I have it sending and receiving email and it is not an open relay. It also supports secure smtp and imap.
Now this is a pretty beginner question but should I be leaving port 25 open? (since secure smtp is preferred). if so then why?
Also what about port 587?
Also should I require any authentication on either of these ports?
Please excuse my ignorance in this area :P
Port 25 needs to be open in order for it to receive mail from the internet. All mail servers will establish a connection on port 25 and initiate TLS (encryption) on that port if necessary.
SMTPS on port 465 is used only by clients connecting to your server in order to send mail out a.k.a. submission. Since RFC 8314 (January 2018) it is preferred over 587 which used STARTTLS instead of implicit TLS.
Historically, clients started to prefer ports other than 25 because port it is blocked by many ISPs, but nowadays it is standard practice to have a separate port with different settings for submission:
Don't apologize for not knowing. We all start somewhere, and nobody on here knows everything :-)
