Hello dear torrorists :)

I'm wanting to do some weird things with iptables in order to force some connections through Tor's TransProxy, but before that I have an interrogation on its internals:

How does it detect if we're wanting to use, let's say, SMTP over Tor? Is there any kind of sniffer that tells tor "ok, so this one wants to go to mail.google.com:25, this other one to www.ethack.org:443 with SSL" ?

If so, how does it work? It seems it may cause some problems when using Tor on a gateway, like some android device with tethering: forcing tethered connections through tor [orbot] seems to be really hard.

Thank you in advance for your enlightenment.

Cheers,

C.