Re: Exit node blocking site?

[Michael Holstein <michael.holstein@xxxxxxxxxxx>]

> Right now you're degrading service for other Tor users that try to go to
> groups.google.com, because you trick them into thinking that it resolves
> to something else. Also (and you'll perhaps be more motivated by this), if
> the user resolves the address into an IP first, you're not blocking that.

I have to do something, because I'm trying to minimize the abuse 
complaints I get.

> The better answer is to change your exit policy to reflect the addresses
> and ports that aren't reachable from your server. Then clients will
> learn it from your descriptor and not even try to exit from you.

Unfortunately, Google dosen't seperate services by IP (notice the first 
one).

host groups.google.com
groups.google.com is an alias for groups.l.google.com.
groups.l.google.com has address 64.233.167.99
groups.l.google.com has address 64.233.167.104
groups.l.google.com has address 64.233.167.147

host google.com
google.com has address 64.233.167.99
google.com has address 64.233.187.99


~Mike.