[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Ports 465/587 in exit policy (was Re: Update to default exit policy)

Scríobh John Brooks:
But it is worth noting that ISPs often are very unfriendly to spam. I've received several abuse notifications from my dedi's ISP due to tor exit traffic, all of it because of outgoing spam using insecure webmail services (where my node's IP shows up in the headers as originating IP). I imagine they'd take direct spam (from you to a mailserver) much more seriously, so it could create more problems for node operators if their nodes are involved in that so directly. I would say that is reason enough to not open port 25 by default, and likewise with 465/587 *IF* they are commonly unsecured. Running an exit node is difficult enough already without having the ISP all over you for being a spammer :P

It's an interesting balancing act, but might be worth trying for the uses it does have. The other option would be for operators to explicitly allow these ports to gmail IPs, but there might be quite a few of those, and it wouldn't take care of other providers.


All of the above is correct. However, I sort-of feel that exit policy stuff w.r.t. keeping your hosting provider from being annoyed with you is the node operator's problem, not the Tor Project's problem. All of the "default" exit policy blocks can be overridden by the node's operator, even ones like RFC1918 destinations which would be practically silly to remove.