do some exit relay operators have a policy to prevent connections leaving their exit node via non-encrypted ports (e.g. port 25)?
not even wanting to be in a position to observe users' data passing through the exit node in clear text. hoping that encrypted connections provide some level (even very weak) of plausible deniability in the event that a connection attracts the attention of law enforcement.
The other side... Do not fool yourselves that exit relays not advertising any "encrypted" ports are in any way "secure" for users and IoT, or that the operator is "not in a position", or has default "deniability". MITM tools and attacks happen over such exits ALL THE TIME. And since approximately zero users validate oob and pin down TLS/SSH etc fingerprints, and most just click through warnings, they get jacked all the time. There's plenty of Sybil and TA running out there too. -- This message moderated and censored by torproject for your "protection".