Re: What should the default exit policy be?

[coderman <coderman@charter.net>]

Roger Dingledine wrote:

> Here is a possible default exit policy. ...
>
> reject subnets 127/8, 192.168/16, 10/8, 172.16/12
> accept ports 80(http), 443(https), 22(ssh), 20,21(ftp), 53(named),
>  79(finger), 143(imap), 110(pop), 873(rsync)
> accept ports 1024-*
> reject *
>
> Some questions:
> a) Notice that we're rejecting everything else by default. ...
>   ... In part this is to ensure we
>   don't run into too much trouble initially as we start to grow. But
>   we should also consider whether it will be possible to tighten exit
>   policies down the road, or only loosen them.
Those policies look pretty good to me.  I would prefer to err on
the side of caution and open up new ports as suggested by those
who encounter a need.

> b) Speaking of which, I've left smtp off the list of approved ports. While
>   it would be nice to have it, I don't know of anybody using it, and
>   "by default you can't use the Tor network to deliver spam" seems like
>   a nice phrase to be able to say to people.
Yes!  The spammers are ever so wiley and a large scale
tor network would give them a huge opportunity.  If mail
is really needed, perhaps it can be integrated with a
blacklist like Spamhaus...

[ see http://www.securityfocus.com/guest/24043 ]