F. Fox([EMAIL PROTECTED])@Sun, Sep 07, 2008 at 06:27:08PM -0700:
Bill Weiss wrote:
(snip)
My Tor node runs a medium-load mail server as well, and I've never been
blacklisted for spam stuff [1]. That seems like a decent indication of it
not causing problems given how rabid the anti-spam
[EMAIL PROTECTED]([EMAIL PROTECTED])@Thu, Sep 04, 2008 at 04:14:17PM -0400:
On Thu, Sep 04, 2008 at 08:25:20AM -0700, [EMAIL PROTECTED] wrote 1.5K bytes
in 37 lines about:
: -BEGIN PGP SIGNED MESSAGE-
: Supposedly, one of the exit node operators is going to try opening
: 465/587
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Bill Weiss wrote:
(snip)
My Tor node runs a medium-load mail server as well, and I've never been
blacklisted for spam stuff [1]. That seems like a decent indication of it
not causing problems given how rabid the anti-spam people can get.
1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Supposedly, one of the exit node operators is going to try opening
465/587 where he hasn't done so before.
I'm all for opening 465/587 by default, but I also understand the
concern of exit operators that there may be a significant number of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Roger Dingledine wrote:
I know this has been discussed before, but I thought I'd bring it up
again. The following rules are in the default exit policy and I can't
see any reason why they would be:
reject *:465
reject *:587
So is there going
On Thu, Sep 04, 2008 at 08:25:20AM -0700, [EMAIL PROTECTED] wrote 1.5K bytes in
37 lines about:
: -BEGIN PGP SIGNED MESSAGE-
: Supposedly, one of the exit node operators is going to try opening
: 465/587 where he hasn't done so before.
I've done it. So far, no complaints.
--
Andrew
administration on a very large
scale, I know what I'm talking about.
Thanks for pursuing this!
No problem. Hopefully the relevant people are taking note. Who exactly
is responsible for setting the default exit policy, and what is their
opinion on this matter?
1. Your arguments make good technical
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 19/08/08 17:46, Dawney Smith wrote:
I have a *lot* of experience with email administration on a very large
scale, I know what I'm talking about.
I'm sure you do. I'd love to have email work flawlessly and securly with
Tor, so opening ports 465
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
anonym wrote:
I have a *lot* of experience with email administration on a very large
scale, I know what I'm talking about.
I'm sure you do. I'd love to have email work flawlessly and securly with
Tor, so opening ports 465 and 587 would be great
omit, there was a very dedicated secretary down
the hall who dealt with things like forgotten passwords in between all her
regular duties. :-)
Thanks for pursuing this!
No problem. Hopefully the relevant people are taking note. Who exactly
is responsible for setting the default exit policy
/host from the EHLO/HELO messages.
Any way, this is getting pretty off topic. I for one hope that the
default exit policy will be updated as you suggest as I'm tired of
having to rebuild circuits etc. all the time when SMTP times out due to
the scarcity of usable exit nodes.
-BEGIN PGP SIGNATURE
anonym wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/08/08 15:42, 7v5w7go9ub0o wrote:
anonym wrote:
Email clients leak tons of information, the most critical I know of
being your IP address and/or host in the EHLO/HELO in the beginning
of the SMTP(S) transaction.
Nope.
The
anonym wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/08/08 15:42, 7v5w7go9ub0o wrote:
anonym wrote:
Email clients leak tons of information, the most critical I know of
being your IP address and/or host in the EHLO/HELO in the beginning
of the SMTP(S) transaction.
Nope.
The
Quoting 7v5w7go9ub0o [EMAIL PROTECTED]:
anonym wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/08/08 15:42, 7v5w7go9ub0o wrote:
anonym wrote:
Email clients leak tons of information, the most critical I know of
being your IP address and/or host in the EHLO/HELO in the beginning
of
Am 20.08.2008 um 19:04 schrieb [EMAIL PROTECTED]:
Sorry, I didn't get it: in case I'm using Thunderbird and Torbutton,
and connect to the smtp server trough tor. Will my real ip adress
occur in the mail headers, or the ip of the exit node?
I'm guessing the ip of the exit node, right?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sven Anderson wrote:
Sorry, I didn't get it: in case I'm using Thunderbird and Torbutton,
and connect to the smtp server trough tor. Will my real ip adress
occur in the mail headers, or the ip of the exit node?
I'm guessing the ip of the exit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/08/08 19:04, [EMAIL PROTECTED] wrote:
Sorry, I didn't get it: in case I'm using Thunderbird and Torbutton, and
connect to the smtp server trough tor. Will my real ip adress occur in
the mail headers, or the ip of the exit node?
I'm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dominik Schaefer wrote:
Those are ports used for mail submission, not for mail relay. They wont
be abused by spammers. ISPs often block their consumer broadband users
from connecting to port 25 on servers outside of their network, to
prevent
Dawney Smith wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
krishna e bera wrote:
I'm not clear on how authentication (on any port) stops spam,
other than the ISP cutting off a given userid after complaints.
A lot of spam already comes from malware infected computers
via their
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
For what it's worth, I second Dawn's position on this issue - it could
be very useful to allow 465 and 587 by default.
Indeed, many users have stopped using Gmail because of the privacy
policies; however depending on the purpose of a particular
Hi,
one question related to the port 465/587 thread.
Could it be useful to open at least the ports for mixmaster remailers,
capable of submission via TLS, SSL connections or SMTP (2525)?
reject private:*
# drooper.mixmin.net (banana)
accept 88.198.22.131:587
accept 88.198.22.131:2525
accept
Dawney Smith schrieb:
Those are ports used for mail submission, not for mail relay. They wont
be abused by spammers. ISPs often block their consumer broadband users
from connecting to port 25 on servers outside of their network, to
prevent spam. They don't block 465 and 587, because they're
Hi,
I know this has been discussed before, but I thought I'd bring it up
again. The following rules are in the default exit policy and I can't
see any reason why they would be:
reject *:465
reject *:587
Those are ports used for mail submission, not for mail relay. They wont
be abused
I know this has been discussed before, but I thought I'd bring it up
again. The following rules are in the default exit policy and I can't
see any reason why they would be:
reject *:465
reject *:587
Are you absolutely positivily sure that you can not misconfigure e-mail MTAs
who use smtps
Just as with SMTP, security [with SMTP-submit] is optional. See
RFC 4409 for details on the protocol.
4.3. Require Authentication
The MSA MUST by default issue an error response to the MAIL command
if the session has not been authenticated using [SMTP-AUTH], unless
it has already
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
What about creating a white list/black list for domains in Tor. That way Tor
could allow certain domains (such as google.com) to bypass the default
blocks. This way you would be maintaining security while adding
functionality.
-BEGIN PGP
On Mon, May 26, 2008 at 08:04:16PM -0500, Nathaniel Dube wrote:
What about creating a white list/black list for domains in Tor. That way Tor
could allow certain domains (such as google.com) to bypass the default
blocks. This way you would be maintaining security while adding
On Mon, 26 May 2008 20:04:16 -0500 Nathaniel Dube [EMAIL PROTECTED]
wrote:
What about creating a white list/black list for domains in Tor. That way Tor
could allow certain domains (such as google.com) to bypass the default
blocks. This way you would be maintaining security while adding
Nathaniel Dube([EMAIL PROTECTED])@Thu, May 22, 2008 at 11:59:28PM -0500:
The only part of that I have in my config file is [accept *:*]. Is the rest
some kind of defaults? I noticed one of the defaults is [reject *:587] which
I'm wondering why that would be in the defaults. That ports is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Bill Weiss wrote:
(snip)
As part of that, I allow 587, because it's supposed to
be authenticated, right? It turns out that a lot of sites out there treat
587 just like 25: optional authentication, optional encryption, maybe some
relaying,
On 2008-05-22 Nathaniel Dube wrote:
I noticed one of the defaults is [reject *:587] which I'm wondering
why that would be in the defaults. That ports is used for sending
secure email. Port 25 I can understand but 587?!
No, port 587/tcp is not used for secure e-mail (whatever that's
supposed
The first seven are set by ExitPolicyRejectPrivate 1. Set it to 1 to
allow these addresses (I do) if you are not concerned with security
problems associated, or wish to be more selective blocking networks.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was looking at my server's stats at https://torstatus.kgprog.com and noticed
that it has an exit policy that I didn't put in my config file. For
example...
reject 0.0.0.0/8:*
reject 169.254.0.0/16:*
reject 127.0.0.0/8:*
reject 192.168.0.0/16:*
requested might actually be blocked by the ISP,
but also it would help to protect novice Tor users who want to
contribute some bandwidth but who are unaware of the potential
pitfalls of running an exit node.
There are two reasons that Tor's default exit policy allows some
common ports rather than
34 matches
Mail list logo
