What should the default exit policy be?

coderman coderman at charter.net
Wed Dec 10 10:13:02 UTC 2003


Roger Dingledine wrote:

>Here is a possible default exit policy. ...
>
>reject subnets 127/8, 192.168/16, 10/8, 172.16/12
>accept ports 80(http), 443(https), 22(ssh), 20,21(ftp), 53(named),
>  79(finger), 143(imap), 110(pop), 873(rsync)
>accept ports 1024-*
>reject *
>
>Some questions:
>a) Notice that we're rejecting everything else by default. ...
>   ... In part this is to ensure we
>   don't run into too much trouble initially as we start to grow. But
>   we should also consider whether it will be possible to tighten exit
>   policies down the road, or only loosen them.
>
Those policies look pretty good to me.  I would prefer to err on
the side of caution and open up new ports as suggested by those
who encounter a need.

>b) Speaking of which, I've left smtp off the list of approved ports. While
>   it would be nice to have it, I don't know of anybody using it, and
>   "by default you can't use the Tor network to deliver spam" seems like
>   a nice phrase to be able to say to people.
>
Yes!  The spammers are ever so wiley and a large scale
tor network would give them a huge opportunity.  If mail
is really needed, perhaps it can be integrated with a
blacklist like Spamhaus...

 [ see http://www.securityfocus.com/guest/24043 ]



More information about the tor-dev mailing list