> So my idea is, maybe consider making directory authorities blacklist some > ports as being unacceptable as ORPorts, 22 and 53 come to mind for a start, > along with maybe 25 to avoid false alarms from anti-spam countermeasures.
ORport config exists to give better anti blocking/censorship performance. So Tor should not exclude any OR port/protocol. The problem is with you and your ISP, not other relays who have fine working relationships with their ISP regarding binding to those ports. So if end user feels they are at risk of dumb triggers/policies they should block their client from contacting such nodes in their config. Easier if exists new option: ClientNoORPorts [...,] . Or block such outbound ports on their firewall. A relay operator who feels they are at risk of making such contact should probably work with their host or find another one instead of narrowing their possible outbound paths. (The impact to tor network of RelayNoORPorts would depend on percent nodes having your noisy ORport and traffic weights. May also affect clients reaching specific exit relay using said ports. And add more overhead signaling. Better to find new host.) -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
