Update to default exit policy

7v5w7go9ub0o 7v5w7go9ub0o at gmail.com
Tue Aug 19 16:48:45 UTC 2008 

Dawney Smith wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> krishna e bera wrote:
> 
>> I'm not clear on how authentication (on any port) stops spam,
>> other than the ISP cutting off a given userid after complaints.
>> A lot of spam already comes from malware infected computers 
>> via their legitimately configured email.
>> Those computers are probably not using Tor, let alone transparent proxy, 
>> but malware could grab their credentials and then 
>> use Tor on another host to send out spam over port 587,
>> if that port was allowed in exit policies.
> 
> There is a clear misunderstanding of the issue at hand by many people
> here. The exit policy was put in place to prevent connections between
> Tor users and the last hop (the end MX server), *not* to prevent
> connections between Tor users and SMTP relays, which is what everybody
> keeps repeating.
> 
> There is no problem with a Tor user connecting to an SMTP relay and
> sending email. If they can do it using Tor, they can do it without using
> Tor, faster. In those cases, it is the administrator of the SMTP relay
> that is responsible to stop spam.
> 
> Just to repeat the problem. It is Tor users connecting to the
> destination MX server that is the problem. Mail relay, not mail submission.
> 
> Ports 465 and 587 are mail submission ports. Port 25 is for both
> submission *and* relay.
> 
> I have a *lot* of experience with email administration on a very large
> scale, I know what I'm talking about.

Thanks for pursuing this!

1. Your arguments make good technical sense.

2. In fact, many endpoints have already enabled those ports without
experiencing problems.

3. Many of us routinely handle our ssl email accounts via TOR, and your
proposal (open them by default) would help spread the load, as well as
reasonably expanding the default functionality of TOR.

Thanks Again!

(p.s. this post is being sent via ssl GMAIL, which will include the 
"posting host" when using smtps. My posting host will be a TOR exit node 
:-) )

More information about the tor-talk mailing list