[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] German company Webtropia: Terminated contract without notice because of abuse

To: <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] German company Webtropia: Terminated contract without notice because of abuse
From: tor@xxxxxxx
Date: Wed, 30 Jul 2014 09:01:08 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 30 Jul 2014 09:01:20 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t-3.net; s=default; t=1406725270; bh=H1pVuPqkOQXWIZxyUwa9qb3IPBRgRgBE5rSQUK/gw4A=; h=From:To:Subject:Date; b=bBXd0Pg9k8p0VxLDf0c5vhdPw7kMLFDxeBNfjroQrJP0EwRKJ4I9wceiXyzPUogad BRRDCjsdt1tcFSxS26vAHRQVk0Tqs13DiOGXgSlIndNhULwcSgLiQEmOQhAUILBt/0 nDFw/oTwZ5eqkVQj/kTkywSprlWsHyn2tQn19xWs=
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

IMO, even relaying SMTP-like for the email which typically requiresauth first isn't a great idea if there is any concern about anupstream getting abuse complaints about a relay (such as a leasedbox).

A frequent way that spammers get their garbage out these days is tocompromise a user account, I say this as a mail server admin who hasto deal with the mess regularly. Oftentimes they guess the PW viadictionary attacks, but sometimes they keylog the user's box to getthe email login.

If the spammer has compromised an account and is forced to use webmailto dump the spam instead of an SMTP-like means, your relay doesn'tshow up in the email headers in the same way and may even beobfuscated. The differences are good things if you want to minimizeabuse complaints of this sort. Also the SMTP-like sending seems to getmore spam out the door faster than something which must use webmailinstead.



On 07/30/2014 03:08 PM, krishna e bera wrote:
> On 14-07-30 05:11 AM, tor@xxxxxxx wrote:
>>

>> You somewhat made a mistake here - you've got to have an exitpolicy>> that (minimally) rejects ports 25 and 465, or else your relaybecomes

>> giant abuse tool for spammers, scammers, and phishers instead ofwhat>> you intended it to be (which was a standard-functioning Torrelay).

>>
>> You might try telling your ISP that you made a mistake in your

>> configuration which allowed spam email to go out, and you'rewilling

to
>> correct that error and move forward.
>>
>>
>> ExitPolicy reject *:25
>> ExitPolicy reject *:465
>
> Most SMTP servers i have seen listening on port 465 and 587 require

> authentication, so it shouldnt be necessary to block those ports.Can

> anyone name some that dont need authentication to send email?
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Prev by Author: [tor-relays] German company Webtropia: Terminated contract without notice because of abuse
Next by Author: Re: [tor-relays] German company Webtropia: Terminated contract without notice because of abuse
Previous by thread: Re: [tor-relays] German company Webtropia: Terminated contract without notice because of abuse
Next by thread: Re: [tor-relays] German company Webtropia: Terminated contract without notice because of abuse
Index(es):
- Author
- Thread