Ports 465/587 in exit policy (was Re: Update to default exit policy)
tor-operator at sky-haven.net
tor-operator at sky-haven.net
Thu Sep 4 09:27:47 UTC 2008
Scríobh John Brooks:
> But it is worth noting that ISPs often are very unfriendly to spam. I've
> received several abuse notifications from my dedi's ISP due to tor exit
> traffic, all of it because of outgoing spam using insecure webmail
> services (where my node's IP shows up in the headers as originating IP).
> I imagine they'd take direct spam (from you to a mailserver) much more
> seriously, so it could create more problems for node operators if their
> nodes are involved in that so directly. I would say that is reason
> enough to not open port 25 by default, and likewise with 465/587 *IF*
> they are commonly unsecured. Running an exit node is difficult enough
> already without having the ISP all over you for being a spammer :P
>
> It's an interesting balancing act, but might be worth trying for the
> uses it does have. The other option would be for operators to explicitly
> allow these ports to gmail IPs, but there might be quite a few of those,
> and it wouldn't take care of other providers.
Hi,
All of the above is correct. However, I sort-of feel that exit policy
stuff w.r.t. keeping your hosting provider from being annoyed with you
is the node operator's problem, not the Tor Project's problem. All of
the "default" exit policy blocks can be overridden by the node's
operator, even ones like RFC1918 destinations which would be practically
silly to remove.
More information about the tor-talk
mailing list