Email ports and servers

Outgoing: e.g email leaving outlook
25 for for server to server. neither encryption nor authentication.
587 for MUA to connect, with authentication
Encryption: by STARTTLS command
Authentication: by AUTH LOGIN command. no Authentication needed on internal network
or none: just as port 25
465 smtps: SMTP over SSL, 465 is to 25 as 443 is to 80. therefore neither plain HELO nor EHLO

Incoming: e.g. Retrieval to outlook:
110 POP3 Non-Encrypted
995 POP3 over SSL
143 IMAP Internet Message Access Protocol
993 IMAP over SSL

Some programs:
msmtp: for sending. I was using this to send notifications to my gmail account.
is MUA, talking to MTA port 587 for further sending,
For example, it talks to with my login to send to
Postfix: MTA
Receive emails from MUA with authentication on port 587
Receive emails from other MTA without authentication on port 587 or 25 or 465
Send emails to other MTA
I used it to setup my own email server for
Need reverse DNS record in order to be accepted by MTA community
More detail at
ssmtp: it’s like half Pstfix, only sending no receiving
sendmail: MUA and MTA in the 1980s
mail: MUA, calls /usr/sbin/sendmail, which connects to local MTA like port 25.
mutt: MUA, read from POP/IMAP and send to local MTA


TLS Transport Layer Security is to replace SSL Secure Sockets Layer
It’s to encryt, e.g. SMTP or HTTP.
For Emai:
eSMTP Enhanced SMTP is SMTP + SSL, which introduced some new commands, including EHLO
client says: EHLO myHostName
<- options I can accept, like STARTTLS PIPELINING
client says: STARTTLS to start encrypted communication,
or AUTH LOGIN to start authentication by username and password, Base64 encoded
For web site:
SSL version can be checked by:
Chrome: pressing F12 then Security tab
command line: openssl.exe s_client -connect -tls1_2
nginx is defaulted to TLS 1.2 since 1.9.1.
if manually upgrading OpenSSL/TLS, add this line to nginx.conf
ssl_protocols TLSv1.2; this line under listen 443
check SSL version: $ openssl version ; OpenSSL 1.1.1 supports TLS v1.3


Remote desktop

In preparation for the corona virus, setting up working from home.
I have two setups: Window10 built-in Remote Desktop Connection and Vcxsrv+SSH

1. Remote Desktop: windows doesn’t need to install anything since it’s built in.
Server in office CentOS7, install xrdp
install: yum install xrdp
check: check: systemctl status xrdp sudo systemctl start xrdp
Client side Windows:
Run Remote Desktop Connection, type in server address, connect.
Choose xvnc; the option is xorg, which I didnt’ use
A new desktop shows up, which is not a clone of the local gnome desktop as vnc shows.
A pitfall: in case of VsCode, all instance of vscode on local desktop have to be closed.
Otherwise, when start vscode on “remote desktop”, vscode shows up the linux local   desktop, which is not what we want.

2. Vcxsrv+SSH this is not really desktop, but a GUI environment
Server side: no work needed
No need to manually set up $DISPLAY; sshd automatically sets it up since X11 forwarding enabled
Client side Windows:
No installation needed. Just copy two folders from internet, one for Vcxsrv and one for SSH.
Run set DISPLAY=
Run \VcXsrv\vcxsrv.exe
Run ssh.exe -X -F configFile -o UserKnownHostsFile=known_hosts MyCentOsSvrHost
-X so that this windows host doesn’t have to accept incoming x11 connection

Most articles talk about tigervnc-server. I avoided this option because it requires client to install vnc.

Smart TV platforms

RokuOS: from Roku
Tech: linux – native layer: Application Framework – BrightScript for apps
Used by: TCL Hisense Haier Hitachi Insignia Westinghouse

FireTV: from Amazon.
Tech: Android based, see Android TV

tvOS: from Apple

Android TV: from Google
Tech: Linux – [libraries + ART Android Run Time] – Application Framework – apps
Used by: Sharp Hisense Philips Sony Toshiba

Tizen OS: from Samsung, used by Samsung
Tech: Linux – HTML5-based, free, also for wearables

Panasonic: my Home Screen Firefox OS
LG: webOS
Viera Cast and Viera Connect
TiVo: apps are HTML 5 based and live in Opera TV store
Vizio TV: TV has Chromecast built-in