[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] "Very Safe" Exit Policy

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] "Very Safe" Exit Policy
From: "Steve Snyder" <swsnyder@xxxxxxxxxxxxx>
Date: Tue, 10 Feb 2015 18:06:41 -0500 (EST)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 10 Feb 2015 18:12:22 -0500
Importance: Normal
In-reply-to: <20150210175732.72a971f5@lapsdeb>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <20150210175732.72a971f5@lapsdeb>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

This is a good place to start:

    https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy


On Tuesday, February 10, 2015 5:57pm, "Stephen R Guglielmo" <srguglielmo@xxxxxxxxx> said:

> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> Hi list,
> 
> I was looking for suggestions/discussion on very conservative policies
> for an exit relay. I run a relay now that is "reject *:*" and I wanted
> to open up a few exit ports. I don't want to open up major ports due to
> potential abuse issues. My server host states that, although they do
> allow Tor, there is a chance of the relay being terminated at their will
> [1].
> 
> I was considering using a whitelist exit policy and opening up only the
> following ports to be "safe":
> 43 - WHOIS protocol
> 53 - DNS
> 389 - LDAP
> 464,543,544,749 - Kerberos
> 531 - AOL IM
> 636 - LDAP over SSL
> 706 - SLIC
> 873 - rsync
> 5190 - ICQ and AOL Instant Messenger
> 5222,5223,5269,5280,5281,5298 - XMPP
> 5353 - Multicast DNS
> 5999 - CVSup
> 8332,8333 - Bitcoin
> 9091 -Transmission (BitTorrent client) Web Interface
> 11371 - OpenPGP key server
> 64738 - Mumble/Murmur
> 
> I constructed the list based on a quick skimming of the WP ports list
> [2]. I suspect allowing IRC would eventually be grounds for my host to
> terminate my relay.
> 
> This would be my first time running an exit relay and I'd be happy to
> hear advice and suggestions!
> 
> Thanks,
> Steve
> 
> 
> [1]
> https://trac.torproject.org/projects/tor/wiki/doc/ISPCorrespondence#OVH
> [2] https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
> 


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] "Very Safe" Exit Policy
  - From: Toralf FÃrster

References:
- [tor-relays] "Very Safe" Exit Policy
  - From: Stephen R Guglielmo

Prev by Author: Re: [tor-relays] 7 relays gone because of spammers
Next by Author: Re: [tor-relays] "Very Safe" Exit Policy
Previous by thread: [tor-relays] "Very Safe" Exit Policy
Next by thread: Re: [tor-relays] "Very Safe" Exit Policy
Index(es):
- Author
- Thread