[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [Need quick help] 30+ mbps node taken down by host

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] [Need quick help] 30+ mbps node taken down by host
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Wed, 4 Jul 2012 14:32:32 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 04 Jul 2012 14:32:08 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=LZPOKPd5GDa8y8ypoYwVBZzebjnozSmh3r58w02Z/Uo=; b=Ug3KOMGek366IXxx/E1j6plKgOTFB+z3pOrLqRkWNROypFsQaimDsx9CFiFF+jbKZT LX0o3rb2ER/Z15nOJKOTfRq05SH5wRL14WGapgBXMP4Zbg2/ikmjPSKGyV130Vq3J7Ba /CYisPY5K67L7a6QDzlmrAz1wCoHJm/Z8n7DcHlCoKL1eqb09ND/vGwkIFdDm6Y4px3k Vu6C4aTBF8aGUSCml20glSNmKOVw+HlsQ5qtjNByN32AhaZCdJV5jTDOJ2P1pDb7JFdp la9d9/Iu1p+Jh0CqQgDlvfVajyynSKXz4BG2YE3lancimw+JS+lH09f6I3Nl4qoWCnl3 fI4A==
In-reply-to: <20120704110706.GA12615@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4FF3D4EE.4080105@xxxxxxxxx> <4FF3D58A.9050903@xxxxxxxxx> <CAJSW5N2D9TVY+ot_hnBciMYcvY786kjHOnHbMkT248WjSpzUtw@xxxxxxxxxxxxxx> <4FF41CB4.6050306@xxxxxxxxx> <20120704110706.GA12615@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

>> Thank you for the response. Unfortunately, it looks like this might be
>> an impossible problem to solve, since they followed it up and said it's
>> forum spam and hack attempts, not just email spam.  Basically, my node
>
> So they're keep changing their story. It seems they want to get rid of you.

Seems more like they're just sending more details.
I'd tell them you'd like to resolve each ticket they have for them.
That you want the reports, including headers so you can reply
and work with the complainant.
That you want to block the original sites to prevent future issues.
You already know and can block buyandsmoke.
Learn them about Tor a bit... used by journalists, employers,
students at school, etc. Tell them you'll try to close every
report they send you. Explain port 80/443 is going to generate
reports, but you can kill it if you have to.
Reduce the exit policy... imaps, pop3s, submission, ssh, bitcoin, etc.
These places see tickets, they want to see someone stand up
and close and try to prevent them is all.
If none of that works, go non-exit mode, or start shopping.

> I personally use the following Exit Policy:

Curiously missing is submission(587) which is RFC'd to be
the authenticated and usually encrypted means for submitting
outgoing mail to the provider of your @account for delivery
to your recipients @mx. That delivery by the server may then
happen over smtps(465), which is really just encryption over
the same old (open)relay or @mx endpoint smtp(25) config.
25/465 can have starttls and auth, but 587 does by default.
587 is more important for users sending, while 25/465 is
now usually for mail servers in the backend cloud.
A side benefit of 587 is that reports often stop at the MSA, as it
is their @account and they deal with it. Whereas with smtp relay,
they just see the source IP and report it to the ISP, who then shut
down your Tor node.

https://en.wikipedia.org/wiki/Mail_submission_agent
https://tools.ietf.org/html/rfc6409

Who uses telnets(992)? MUD's? Really?
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] 30+ mbps node taken down by host
  - From: Name Withheld

References:
- [tor-talk] [Need quick help] 30+ mbps node taken down by host
  - From: Name Withheld
- Re: [tor-talk] [Need quick help] 30+ mbps node taken down by host
  - From: morphium
- Re: [tor-talk] [Need quick help] 30+ mbps node taken down by host
  - From: Name Withheld
- Re: [tor-talk] [Need quick help] 30+ mbps node taken down by host
  - From: Eugen Leitl

Prev by Author: Re: [tor-talk] [info] Anonymous Publishing Is Dead.
Next by Author: Re: [tor-talk] How to pin the SSL certificate for torproject.org?
Previous by thread: Re: [tor-talk] [Need quick help] 30+ mbps node taken down by host
Next by thread: Re: [tor-talk] 30+ mbps node taken down by host
Index(es):
- Author
- Thread