Update to default exit policy
xiando
xiando at xiando.com
Sat Aug 16 17:44:00 UTC 2008
> I know this has been discussed before, but I thought I'd bring it up
> again. The following rules are in the default exit policy and I can't
> see any reason why they would be:
>
> reject *:465
> reject *:587
Are you absolutely positivily sure that you can not misconfigure e-mail MTAs
who use smtps (465) and submission (587) to be open relays?
My understanding is from my quick search on this topic is that IF you setup an
open relay then that relay can be used regardless of the connection coming
through a SSL encrypted connection or a plain-text connection on port 25.
Plain-text (25) or encrypted (465) has nothing to do with authentication, just
like you can visit many websites using http (80) and https (443) without
actually logging in.
I am not sure having them open by default would be a good thing.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20080816/47057fcf/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20080816/47057fcf/attachment.pgp>
More information about the tor-talk
mailing list