Dedicated Snowflake server port as a way to tell if host allows Snowflake connections

Disclaimer: I'm no networking / information security expert.

I was thinking about using Snowflake for non-Tor applications (like 1/2-hop VPN).

Currently Snowflake proxies are configured to only forward connections to certain domains / domain patterns (i.e. the Snowflake Tor relay), which constrains the usefulness of Snowflake network to Tor only. Not only that, but it also doesn't allow for truly distributed Snowflake relay network (#40129 (closed)).

And I thought - how about we allow clients to ask proxies to connect to arbitrary addresses, but only to certain port(s)?

This should limit its use for malicious purposes as a botnet, like DDOS (from both malicious clients and malicious broker). For further DDOS protection, proxies could set a timeout for server / client if a connection is rejected by the server (port is closed, or port is open, but host rejected the protocol (either transport-level, or data-level (i.e. there is a Snowflake-specific handshake)), or rejected the client with this IP (if it's forwarded), maybe something else). Also, as was said in #40248 (comment 2869324), probably need to reject local addresses. Of course, more thorough analysis is required.