[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Aggressive abuse report

To: Moritz Bartl <moritz@xxxxxxxxxxxxxx>
Subject: Re: [tor-relays] Aggressive abuse report
From: Juuso Lapinlampi <wub@xxxxxxxxxxx>
Date: Tue, 14 Mar 2017 14:36:51 +0000
Cc: tor-relays@xxxxxxxxxxxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 14 Mar 2017 10:37:05 -0400
In-reply-to: <fa92ad47-3283-b302-fb36-bf2f34bc2aba@torservers.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <827903e2-cf65-c841-24fd-79c3499d498f@uclouvain.be> <fa92ad47-3283-b302-fb36-bf2f34bc2aba@torservers.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Tue, Mar 14, 2017 at 02:17:14PM +0100, Moritz Bartl wrote:
> about it" might not be the best argument here either: I suggest you
> block the destination IP address(es) for some weeks via ExitPolicy, let

My concern with this is the liability on operator. In Finland (and
Europe?), the limited liability provisions have three criteria for
service/network providers (Tietoyhteiskuntakaari 7.11.2014/917, 182 §
Vastuuvapaus tiedonsiirto- ja verkkoyhteyspalveluissa):

1. You're not the one initiating the network transfer;
2. You're not selecting the recipient; and
3. You don't select or modify the data to be transferred.

I believe FICORA has advised blocking ports as necessary for security
reasons (e.g. port 25) is fine, but when it's being extended to
IP-address and/or port combinations, that's where it starts becoming
gray (in regards to #2).

So far, replying to every abuse complaint and giving advice how to block
Tor using DNSBL or similar has worked for me. I can see it's probably
not what original poster's ISP would like to hear to have the issue
resolved, but it's less ambiguous on law and limited liability. Thus, I
suggested looking into other more friendly ISPs.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Aggressive abuse report
  - From: Moritz Bartl
- Re: [tor-relays] Aggressive abuse report
  - From: Sec INT

References:
- [tor-relays] Aggressive abuse report
  - From: Florentin Rochet
- Re: [tor-relays] Aggressive abuse report
  - From: Moritz Bartl

Prev by Author: Re: [tor-relays] Hackers
Next by Author: Re: [tor-relays] Aggressive abuse report
Previous by thread: Re: [tor-relays] Aggressive abuse report
Next by thread: Re: [tor-relays] Aggressive abuse report
Index(es):
- Author
- Thread