[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Ports 465/587 in exit policy (was Re: Update to default exit policy)

On Sun, Aug 31, 2008 at 04:32:29PM +0100, Dawney Smith wrote:
> Dawney Smith wrote:
> >> I know this has been discussed before, but I thought I'd bring it up
> >> again. The following rules are in the default exit policy and I can't
> >> see any reason why they would be:
> >>
> >> reject *:465
> >> reject *:587
> So is there going to be a change to the default Exit Policy?
> Dawn

Hi Dawn,

Thanks for sticking with this. I'm probably the closest person there is
for changing the default exit policy. I confess I still haven't worked
my way through all the off-topic garbage on or-talk from a few weeks ago.

Unfortunately, I'm not up on all the different ways that people screw up
configuring their mail services these days. Back in 2005 when we first
added 465 and 587 to the exit policies:
we did it because people showed up and explained that many sites were
running services on those ports that were basically equivalent to what
they run on port 25.

It sounds like nobody has any objections to opening these ports back up.
And it sounds like it could help those folks using gmail, etc.

So I am inclined to do it.

We can do it in the 0.2.1.x development series, and that way it'll be
pretty easy to change our minds if anything comes up.

(Ultimately, I don't think it should even be necessary to reject port
25 by default. The spammers are doing great on the Internet already,
and Tor is tremendously inefficient compared to the spamming engines
they use now. But these economic arguments are too subtle when used on a
really really angry person, so we've preferred the simpler "Tor doesn't
allow that" approach so far.)