[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Forwarding email ports
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Forwarding email ports
- From: "Dan Mahoney, System Admin" <danm@xxxxxxxxxxxxxxx>
- Date: Mon, 5 Feb 2007 00:03:10 -0500 (EST)
- Cc: or-talk@xxxxxxxx
- Delivered-to: archiver@seul.org
- Delivered-to: or-talk-outgoing@seul.org
- Delivered-to: or-talk@seul.org
- Delivery-date: Mon, 05 Feb 2007 00:03:31 -0500
- Dkim-signature: a=rsa-sha1; c=simple/simple; d=prime.gushi.org; s=primegushiorg; t=1170651791; bh=axgqsLfEfIb3n6T+8RM+ILzszqk=; h=DomainKey-Signature: Received:Date:From:To:cc:Subject:In-Reply-To:Message-ID:References: MIME-Version:Content-Type; b=KSfda4LSlZIseHELEQrpKN8teiw+S9QSef6/lh kj4OrX5yYWMbyQuvlqpgQCA1edVEe/DUA9oBWvPf7wYZGDHA==
- Domainkey-signature: a=rsa-sha1; s=primegushiorg; d=prime.gushi.org; c=nofws; q=dns; h=received:date:from:to:cc:subject:in-reply-to:message-id: references:mime-version:content-type; b=a8RNHDTJQ6mub9zQQ+yi7OZBc1ml5gWuEPgf6wUuCtuCOFCOm/mk5HjYmVk15FXoG TChqmzfikzxcnX6DMNfiw==
- In-reply-to: <1bd71ad80702042018w3aca6440yf43e7d5d69c8fffd@mail.gmail.com>
- References: <1bd71ad80702042018w3aca6440yf43e7d5d69c8fffd@mail.gmail.com>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Sun, 4 Feb 2007, Michael_google gmail_Gersten wrote:
I read through the january archives on email ports, specifically 465,
587, and 995.
First, are these the ports needed to support standard secure email
(SMTP and PoP)?
465 is smtp-over-ssl (auth typically required -- ssl being part of the
handshake)
587 is SMTP-submission (auth typically required), and TLS (ssl-on-request)
generally supported post-connect.
995 is pop3-over-ssl (implicit, the SSL is part of the handshake).
There's also an imap-over-ssl port (993).
Second, why were there three of them for two protocols? Did I
misunderstand something?
See above, some ports are with and without SSL.
Third, what are the implications -- both security, and legal -- if I
open these on my machine. I'm thinking in particular, that:
These are mainly used for people to send outbound mail via their own
server, and pick up mail via their own server. Unless there's some sort
of exploit being actively used, most of the people exiting your machine on
these ports will be connecting to a machine for which they have login
credentials.
1. If only one exit node is outputting these ports, it becomes an
obvious snoop target -- how does that affect security?
I don't believe this to be the case. The nature of tor means snooping
this machine would be largely without point anyway, since even you,
running TCPdump on the machine, even behind the various cryptography,
cannot tell where the packets originate.
2. If I'm forwarding email, am I likely to find my site "blacklisted"
somewhere?
Forwarding mail in what sense?
3. Am I likely to get some sort of "Cease and desist" letter, or other
legal hassle, for this?
There are sites that deliver cease and desist letters just for running a
tor node at all. This is a largely subjective question.
4. Since my machine has about 22K/s bandwidth, how likely is it that I
will be badly backlogged / overtargetted?
Also largely subjective, but try it, and if there's a problem, limit it.
-Dan
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------