ISP has man in the middle STARTTLS SMTP monitoring and blocks 2465 2587 ports to amazon. Any other options?

0

We're looking to use Amazon SES for our outbound mail since our current datacenter has implemented SMTP traffic inspection (man-in-the-middle) breaking confidentiality on all SMTP connectivity originating from our servers. This shows as a nasty "red padlock" on Gmail.com for example.

Our servers are Linux EXIM (cPanel) and I am following these instructions:

Telnet tests from datacenter to email-smtp.us-east-2.amazonaws.com fail on port 465, 2465, 2587.

While port 25 and 587 do succeed, I am aware of how STARTLS works and so its highly likely the datacenter will continue to break TLS encryption to monitor outbound mails.

Does Amazon SES offer any alternatives to avoid this issue; such as an unpublished port that is not found in the documentation that can alternative be used? or perhaps a way to connect to an VPN tunnel only for SMTP traffic connections that are always encrypted? (TLS wrapper was supposed to do this but datacenter seems to block it)

vint
asked a year ago255 views
1 Answer
0

Hi Vint.

Is there any way to use the Amazon SES SDK/API instead of SMTP? That way you can use TCP/TLS. Also, it would help with achieving higher trhroughput.

I hope this helps.

profile pictureAWS
EXPERT
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions