-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Bill Weiss wrote: (snip) > As part of that, I allow 587, because it's supposed to > be authenticated, right? It turns out that a lot of sites out there treat > 587 just like 25: optional authentication, optional encryption, maybe some > relaying, whatever. Thus, allowing 587 through Tor causes some > complaints. I've still got it open, but every time someone complains I > consider turning it off. (snip)
Well, I guess I was way off-base with my original deductions about port 587. It's kinda sad that it can still do relaying. While I think it isn't as important whether it requires crypto or not (security and privacy for a Tor user is, in the end, what they make of it anyway [like anyone else]), it would really help if it was strictly submission-only. I know for one, I do have a Gmail account I use entirely through Tor - and I do use the best practice. Crypto is win. - -- F. Fox AAS, CompTIA A+/Network+/Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSDnJlOj8TXmm2ggwAQjiahAAjVkFx6249ahvdDdQldzNygWlw+V/SNvy DRxGmmNAIWzDOPtcPKQ15caxI65O8WcBAf5mT53qr3/pfkD43ZjMpzhqeFV6R3H3 LE1IfKpe69ezqv0LAhxu9G0HXfjaRPq7LHXW1sEzuXZ+hpSxPsNxS9pusT5z9Eb/ 1ORXnyVwQ0Dz8DzGH78TTdL09BoNBFd/dXbbYNFUfqNpt1LbwCaANoZTUO1JgPdr bHk2RDjW0z1SXL9ks53c+9drs92DfSugJqNVS/c2umQGbRLDj0B2rTsy3MZJSQiZ U5o9glDUGTwkUWvaa5ResFxuF587W1kNxrWF0UiH/H9oVknobT7A638PXXvBia8R fkqv4iTA/SCgPlA55eLAMd/jOpkKTlaNFcvkmGua8J+odMR44ssl7mMpuB3xhT7Q lyyHUTK/uBGYbVUkJr6aq6GlderwjVPSQxOGPeqMngKbatZ31r8VHxdnIO0E1fg6 IbkbNuZxZFgYDZdnCeVkE2HDjy7kGwPklPUxAzQ4gAuTGPB4X4kWE1bfrhG3GETj FYfYJASPd0ni1r1zXRvlI0/vweVXnpNdFhSa2tlMNu3IyPArosG9V3CUVsLdmXzA X2SHKks2WzndKbOpU7c2VjtDFp2/sY4BJZ3QyJwXY53NWzJ8PCEjXITfm78pv/cw GDfeTVAH2W4= =dz8o -----END PGP SIGNATURE-----
