Update to default exit policy

anonym anonym at lavabit.com
Wed Aug 20 15:01:02 UTC 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 20/08/08 15:42, 7v5w7go9ub0o wrote:
> anonym wrote:
>> Email clients leak tons of information, the most critical I know of
>> being your IP address and/or host in the EHLO/HELO in the beginning
>> of the SMTP(S) transaction.
>
> Nope.
> 
> The encrypted connection occurs before the smtp handshake.
> 
> IP/host info is not compromised, this is not an issue.

Care to elaborate on this?

The way I understand it, the encrypted connection will only prevent
eavesdroppers from snooping the IP address/host, but the destination
email server will get it in the EHLO/HELO message. IMHO, that equals a
compromise of grand scale.


I'm certainly no expert in these areas, so please enlighten me if I'm
incorrect.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkisMa0ACgkQp8EswdDmSVjFdgCeJh44mkWoKHWWpPpLKjMmEuqi
UMoAn0KrYtHEbglbWdjqn09c64ACsskX
=EmYH
-----END PGP SIGNATURE-----



More information about the tor-talk mailing list