[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Unexpected SMTP

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Unexpected SMTP
From: Drake Wilson <drake@xxxxxxxxxxxxxx>
Date: Fri, 02 Jan 2015 15:15:24 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 02 Jan 2015 16:15:41 -0500
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=x-sasl-enc:message-id:date:from :mime-version:to:subject:references:in-reply-to:content-type :content-transfer-encoding; s=smtpout; bh=6k1p74gMGp/pdH5TyAdQP+ YV1Sg=; b=q/AcVavWO/4k9Wj1IrGkP0A+lxHC8qaclIz5ttsjQHhVZscdkD3Xc5 IlNqwCfGcxKquKOrSFXA6ZXIi6ouvfx98ktNKi/uBMtfltyeOMAsAPEnBDZ7shZT niOheYjetk8oYfsoggv2QlM9yqWiAJ/VBMlRG6DflnSUQQOm/SeA8=
In-reply-to: <54A6F179.1090608@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <54A6F179.1090608@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.3.0

Cyrus wrote:
> My server is behind a Tor transparent proxy on a separate machine.
> Customers have just started reporting getting email from their sites,
> and the headers show this to be coming from exit nodes. I can't see any
> update news that the policy on SMTP has changed.
> 
> It might just be bad exit nodes, but according to one of these customers
> emails have been coming constantly since Dec 31. For a lot of idiots
> this means their sites are now leaking information. This can include
> information on password resets, account activities, and even private
> messages.

Sorry, I can't quite tell what configuration this is you're talking about.
Did you mean: "I run a Web hosting service accessible primarily or only
via Tor; outgoing traffic is routed via Tor as well, and I expected this
to implicitly block all outgoing email, but many users run dynamic websites
with backend code that sends email anyway, which is now being insecurely
routed"?  (If so, it would have been nice if you'd mentioned that
explicitly.)

If you actually need to _block_ email, you need to actually block it, not
rely on "no exit would ever accept this connection" (which you have already
found out).

If your users want to be able to run all the Cool New Web Applications that
rely on the open Internet in all the popular ways, but then also run them
behind Tor and not get weirdly hosed at random, that's... less than practical
without an awful lot of mediating work (as you also probably know).  The sets
of prevailing assumptions are too incompatible.

As far as I know, the Tor network and Tor project set no global hard policy
on where exit nodes are allowed to exit; the Tor project provides defaults
and some sets of suggested rules, but each node can override this however
they want.  (For instance, allowing exit to the SMTP relay port at a specific
set of servers known to handle this well could be entirely reasonable.  The
distinction between SMTP relay and SMTP submission ports may also be relevant,
depending on what your users are seeing.)

   ---> Drake Wilson

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Unexpected SMTP
  - From: Cyrus

Prev by Author: [tor-talk] Reminder invitation
Next by Author: [tor-talk] documentation for Windows users
Previous by thread: [tor-talk] Unexpected SMTP
Next by thread: [tor-talk] [rt.torproject.org #38223] Firefox Web Shortcuts
Index(es):
- Author
- Thread