[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Tor Exit: Complaints of IP being used for "spam" despite exit policy

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Tor Exit: Complaints of IP being used for "spam" despite exit policy
From: lists@xxxxxxxxxxxxxxx
Date: Wed, 04 May 2022 14:31:57 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 04 May 2022 08:32:17 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=for-privacy.net; s=easymail; t=1651667523; bh=WyKhFAM4DcMwxb4IYXs5PHOabGN+0WyXHFf2Ztnm6VI=; h=From:To:Subject:Date:In-Reply-To:References:From; b=ZzhcTMWbBCJEDA5S2eRZ9LOcdaG77mP3sT1rnzhlDMaeITRVWxSI3J/iLtw/YJzlf IhMTEs+3se+ar5mayy4Rvsdt1UvdQOh/QfJIGIQD7xOCvTSTGmj6KjqwQTYzDOCFnK kZVZlkpC4tdj5TrBIIV745YQbmC7cM5+TyytHDhNeMUhxb74tKy1JUvSM6OF5QeJes ifGRsLtCEpVtKvvsal7RBTzYBBAI0D2Obz4HD3fJ/jlhB7y0vW2xX8dOXSmyM/IQbL 5+V/yuX3xphJmG7Ft2kZ58CpphisGhAv3ay9XzI6hpmvX4UI1n1rxJ1NeBRbLdLGjG 5ehvWYwAOC2Vw==
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=for-privacy.net; s=easymail; t=1651667523; bh=WyKhFAM4DcMwxb4IYXs5PHOabGN+0WyXHFf2Ztnm6VI=; h=From:To:Subject:Date:In-Reply-To:References:From; b=ZzhcTMWbBCJEDA5S2eRZ9LOcdaG77mP3sT1rnzhlDMaeITRVWxSI3J/iLtw/YJzlf IhMTEs+3se+ar5mayy4Rvsdt1UvdQOh/QfJIGIQD7xOCvTSTGmj6KjqwQTYzDOCFnK kZVZlkpC4tdj5TrBIIV745YQbmC7cM5+TyytHDhNeMUhxb74tKy1JUvSM6OF5QeJes ifGRsLtCEpVtKvvsal7RBTzYBBAI0D2Obz4HD3fJ/jlhB7y0vW2xX8dOXSmyM/IQbL 5+V/yuX3xphJmG7Ft2kZ58CpphisGhAv3ay9XzI6hpmvX4UI1n1rxJ1NeBRbLdLGjG 5ehvWYwAOC2Vw==
In-reply-to: <4ed4d514e71d5636cb06ca0946956e73@neelc.org>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <4ed4d514e71d5636cb06ca0946956e73@neelc.org>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Tuesday, May 3, 2022 8:42:20 PM CEST Neel Chauhan wrote:

> A day or two ago, my Tor exit host, Psychz Networks, has sent me
> complaints about my IPs being used to send "spam" despite me having
> blocked Port 25 (and 465/587) in the exit policy.
> 
> Psychz threatened to block Port 25 even when my exit policy explicitly
> blocks 25/465/587.

Yes, unfortunately you get this SPAM abuse, although it is clear that the mail 
was submitted via a webmailer :-(

> Sometimes I think "is my FreeBSD exploited and being used to send spam",
> but then I also see Linux relays on other ISPs also on the blocklists.

It's actually very unlikely that a longer running exit can send mails. ;-)
I can't even send myself log mails from my exit IP's because all IP's are 
blacklisted. On abusix.com and similar.

> Yes, I am aware Tor exit relays will land on blacklists. But getting
> complaints from spam is new, especially when my relays are blocking
> SMTP.
> 
> I am worried I would have to find a new host if they continue
> complaining. Darn, Psychz has been one of the more reliable exit hosts
> (on-and-off) for many years, although they are more vigilant on abuse
> than say BuyVM.

If possible, try to get an ARIN SWIP record:
https://blog.torproject.org/tips-running-exit-node/
5. Get ARIN registration

99% of the abuse is f*cking auto-generated stuff from tools like fail2ban. If 
you reply, you will not get an answer or 'message is undeliverable' back.

> BuyVM is similarly priced (although my Psychz is an special offer) and
> solid but has too many exits. OVH and TerraHost only allow exits on much
> more expensive dedicated servers. Prgmr and HostMaze allow exits but has
> so-so peering.
https://rdp.sh/ is not overcrowded yet.

> I just hope Psychz doesn't continue to complain.

We all hope with you.
As I've mentioned here before, IPv6 only relays are important. An AS with 
IPv6/48 is affordable. Then it's much easier to set up your own bulletproof 
ISP.

-- 
╰_╯ Ciao Marco!

Debian GNU/Linux

It's free software and it gives you freedom!

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Tor Exit: Complaints of IP being used for "spam" despite exit policy
  - From: Neel Chauhan
- Re: [tor-relays] Tor Exit: Complaints of IP being used for "spam" despite exit policy
  - From: yl

References:
- [tor-relays] Tor Exit: Complaints of IP being used for "spam" despite exit policy
  - From: Neel Chauhan

Prev by Author: Re: [tor-relays] Debian is not allowing tor to update despite it being listed as a trusted respritory
Next by Author: Re: [tor-relays] Debian is not allowing tor to update despite it being listed as a trusted respritory
Previous by thread: Re: [tor-relays] Tor Exit: Complaints of IP being used for "spam" despite exit policy
Next by thread: Re: [tor-relays] Tor Exit: Complaints of IP being used for "spam" despite exit policy
Index(es):
- Author
- Thread