Forwarding email ports
Dan Mahoney, System Admin
danm at prime.gushi.org
Mon Feb 5 05:03:10 UTC 2007
On Sun, 4 Feb 2007, Michael_google gmail_Gersten wrote:
> I read through the january archives on email ports, specifically 465,
> 587, and 995.
> First, are these the ports needed to support standard secure email
> (SMTP and PoP)?
465 is smtp-over-ssl (auth typically required -- ssl being part of the
587 is SMTP-submission (auth typically required), and TLS (ssl-on-request)
generally supported post-connect.
995 is pop3-over-ssl (implicit, the SSL is part of the handshake).
There's also an imap-over-ssl port (993).
> Second, why were there three of them for two protocols? Did I
> misunderstand something?
See above, some ports are with and without SSL.
> Third, what are the implications -- both security, and legal -- if I
> open these on my machine. I'm thinking in particular, that:
These are mainly used for people to send outbound mail via their own
server, and pick up mail via their own server. Unless there's some sort
of exploit being actively used, most of the people exiting your machine on
these ports will be connecting to a machine for which they have login
> 1. If only one exit node is outputting these ports, it becomes an
> obvious snoop target -- how does that affect security?
I don't believe this to be the case. The nature of tor means snooping
this machine would be largely without point anyway, since even you,
running TCPdump on the machine, even behind the various cryptography,
cannot tell where the packets originate.
> 2. If I'm forwarding email, am I likely to find my site "blacklisted"
Forwarding mail in what sense?
> 3. Am I likely to get some sort of "Cease and desist" letter, or other
> legal hassle, for this?
There are sites that deliver cease and desist letters just for running a
tor node at all. This is a largely subjective question.
> 4. Since my machine has about 22K/s bandwidth, how likely is it that I
> will be badly backlogged / overtargetted?
Also largely subjective, but try it, and if there's a problem, limit it.
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
More information about the tor-talk