* on the Mon, Dec 28, 2009 at 09:12:10PM -0600, Scott Bennett wrote: >> Actually, no. The default exit policy blocks smtp ports. Sometimes, >> you can find exit nodes that allow smtp. These are times are typically >> few and far between. > > I thought that, pursuant to a discussion here last year or the year > before, the default exit policy was changed to allow the smtps port. Did > that change not get made after all?
It did. Port 25 is rejected in the default policy, but 587 and 465 are not any longer: r...@esse:~# grep '\*:465' /var/lib/tor/cached-descriptors|wc -l 296 r...@esse:~# grep '\*:587' /var/lib/tor/cached-descriptors|wc -l 297 r...@esse:~# grep '\*:25' /var/lib/tor/cached-descriptors|wc -l 1127 r...@esse:~# If you're using TLS on port 587 then some information will be sent in plain text for the exit node to sniff. The welcome banner, and the EHLO request/response. If you can use SSL on connect on port 465, then nothing is sent in plain text. Other than DNS leaks, you need to make sure Thunderbird doesn't leak any other information in the EHLO or the headers when sending mail. -- Erilenz *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
