[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Update to default exit policy



anonym wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 19/08/08 17:46, Dawney Smith wrote:
I have a *lot* of experience with email administration on a very large
scale, I know what I'm talking about.

I'm sure you do. I'd love to have email work flawlessly and securly with
Tor, so opening ports 465 and 587 would be great (currently I do have
problems since there's few exit nodes which do that). But as I
understand it, email clients + Tor might be a very bad idea ATM. Email
clients leak tons of information, the most critical I know of being your
IP address and/or host in the EHLO/HELO in the beginning of the SMTP(S)
transaction.

Nope.

The encrypted connection occurs before the smtp handshake.

IP/host info is not compromised, this is not an issue.


Really, this isn't an argument countering your in any way, but rather a
plea that the issues of using email clients with Tor are researched and
resolved before that combination gets promoted (IMHO opening ports 465
and 587 is a step towards promoting it). It's very likely your average
user will screw up given the current state of things.

TOR guidelines are clear.

Don't use active content; Do use encrypted protocols.

(Now it will be the case that some users do NOT use email encryption - they are lost anyway!)