[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Update to default exit policy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 19/08/08 17:46, Dawney Smith wrote:
> I have a *lot* of experience with email administration on a very large
> scale, I know what I'm talking about.
I'm sure you do. I'd love to have email work flawlessly and securly with
Tor, so opening ports 465 and 587 would be great (currently I do have
problems since there's few exit nodes which do that). But as I
understand it, email clients + Tor might be a very bad idea ATM. Email
clients leak tons of information, the most critical I know of being your
IP address and/or host in the EHLO/HELO in the beginning of the SMTP(S)
transaction.
Really, this isn't an argument countering your in any way, but rather a
plea that the issues of using email clients with Tor are researched and
resolved before that combination gets promoted (IMHO opening ports 465
and 587 is a step towards promoting it). It's very likely your average
user will screw up given the current state of things.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkir/F8ACgkQp8EswdDmSVhXFACeOa208cVQzxS5uzWLyK4zOMTG
JosAn1j8g02lmNX9EunThkG4yEzzmBCP
=8ku6
-----END PGP SIGNATURE-----