Hey Ole, That is a bad actor on tor, attempting to send spam email that uses smtp ports to using your tor node as a relay, potentially spoofing the source to make it look like your relay is the sender. be sure to block any and all ports for smtp, 25, 465, 587, 2525 (not a comprehensive list of ports) for both incoming and outgoing connections. Your host, once it appears that your server is sending mass amounts of spam, may suspend or terminate your account. just went through this with hetzner this week. On Thu, Jun 11, 2026 at 3:53 AM Ole Rydahl via tor-relays < tor-relays@lists.torproject.org> wrote:
Hi,
I have noticed that my firewall registers connection attempts from my tor-server on port 465 and 587. My relay performs normally, so it appears that they have no significance for the operation.
Could somebody please explain the logic behind those SMTP connections? I am a bit puzzled!
/Ole Rydahl
OS: Fedora Linux 43 (Server Edition), Platform: Tor 0.4.9.8 on Linux
_______________________________________________ tor-relays mailing list -- tor-relays@lists.torproject.org To unsubscribe send an email to tor-relays-leave@lists.torproject.org
-- Thanks, Robert Shults IT Administrator & Solution Architect CEO, TheMadHacker LLC https://themadhacker.net