Mondior Folimun(mfoli...@elitemail.org)@Sun, Jun 27, 2010 at 04:17:15AM +0200: > On Wed, 23 Jun 2010 12:49 +0200, "Moritz Bartl" <t...@wiredwings.com> > wrote: > > Hi, > > > > > Out of curiosity, what exit policy are you now using? Perhaps we > > > want to standardize on a policy that is effective at reducing these > > > complaints. > > > > At the moment, I allow ports 20-22,53,79-81,110,143,443,706,873,993, > > 995,8008,8080,8888. Feel free to suggest others. > > I also allow 465 and 563. Those are used by authenticated SMTPS and > NNTPS. > So far, I have not received any spam abuse complaints from them, after > running a 10Mbit+ exit for the past 2-3 years (though I do occasionally > get web spam abuse complaints).
Interestingly, I was contacted by the police at some university a couple of years ago about abuse through my Tor node on port 587 (authenticated SMTP). After a ton of explaining what Tor was (at first they believed the abuser to be a client of mine because his bits were coming from my machine), it turned out that they had a severely busted submission port: it was the same as port 25 (so, accepted unauthenticated email from the world). The person they were investigating had used this to send email via Tor to an address there. I finally explained to them that their damaged configuration was letting spam through, and they stopped bothering me. Ah well. I'd suggest adding that port to the mix, since it should be authenticated and TLSed (despite the occasional evidence otherwise). -- Bill Weiss Break yo pipe man, and the funny dudes scribblin' licence plates go away. -- Kha0s, alt.2600 *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/