[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tor server for port 443
Scott Bennett wrote:
While port 587 is the official standard port for email submission, it
doesn't *require* the usage of SSL. GMail does however have this
Also, I'd still personally prefer to use port 465 over port 587 for mail
submission when both are available, purely because when using port 465
you negotitate SSL immediately, whilst with port 587 there is some plain
text negotiation first which *could* accidently leak identifying
information such as your hostname in the EHLO, to the Exit node.
Now, if we keep 25 blocked, are we risking undoing the benefit from that
blockage by unblocking 587? It turns out that I was rejecting exits for
port 465 and 587, so now I'm wondering whether it might be a Bad Thing to
accept exits to 587. Also, the new allocation of 465 is for urd (URL
Rendezvous Directory for SSM). Offhand, I don't know what SSM may be nor
whether accepting exits for this service would be okay.
Port 25 is used for both mail relay and mail submission, whilst ports
587 and 465 are only used for mail submission. Mail submission over Tor
isn't a problem, mail relay over Tor would allow it to be abused for
spamming. There is nothing bad about opening up ports 465 and 587. I am
also unfamiliar with SSM but I'd bet my left testicle that it's usage on
the Internet is insignificant in comparison to smtps over port 465.