Re: [tor-relays] Please do not use 9.9.9.9 as your DNS on an exit relay

Subject: Re: [tor-relays] Please do not use 9.9.9.9 as your DNS on an exit relay

From: Vinícius Zavam <egypcio@xxxxxxxxxxxxxx>

Date: Wed, 29 Nov 2017 15:33:41 +0000

Delivery-date: Wed, 29 Nov 2017 10:34:04 -0500

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=oD3tO9amajuuvMnD0sXRusYftnKpi9ttxX4+7FtauVw=; b=neaGaw9mBXd0ydL8yEMFWWtd4n/6t8/SNpQINFhJOZqvunLmAS3LaTdURiRcBsX7r9 2Siw8YokvV2vHe4LdeWprKCthYJ7awenLi+Pa1VBOLguunb8GZH/Yg6hU9izFcVGpwi4 2ak5Cf5Ul+qxGvyX89VJX1oSlPP7jFKv32oT+K07zF1peKcImAz9gHIxAm+seyLc3z+L Un5CQETC9dMU/qwSHrcKUMVPQSfuoBVYhib+OITUGngFUAw5c5vB7Z+IaTMmQdJBa7WL NiuPo+hLqRGHXE9VdtL9bPWFbK1QBSDm1qioAlCx1da6fdWyXbiT+o1eX4un//f106YW O3+g==

In-reply-to: <b3edf34b-00d3-d110-6b77-5fb90c330459@gmx.de>

List-archive: <http://lists.torproject.org/pipermail/tor-relays/>

List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>

List-id: "support and questions about running Tor relays $exit, non-exit, bridge$" <tor-relays.lists.torproject.org>

List-post: <mailto:tor-relays@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>

References: <000501d3638a$f3039010$d90ab030$@bulger.co.uk> <49ded759-c760-bd9a-65ee-a417fcb9cd49@riseup.net> <006a01d363e1$e49bbf00$add33d00$@bulger.co.uk> <qd8NAHJ-DyhXqOsALOwAwr4HzcGgoM2wC-NNJbuA7rPJoxh1UJob1APxiRTRbvVio3dfVFDeyfI6mw-XTqPMY60wB9TkK67SHlJPm2wH8sQ=@anondroid.com> <1511403010.3743380.1181699680.027C2BB5@webmail.messagingengine.com> <b3edf34b-00d3-d110-6b77-5fb90c330459@gmx.de>

Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

2017-11-23 18:23 GMT+00:00 Toralf Förster <toralf.foerster@xxxxxx>:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 11/23/2017 03:10 AM, Dave Warren wrote:
> > One note, 9.9.9.10 does no filtering, but sadly also doesn't enforce
> > DNSSEC. It has the same privacy policy and similar.
> The former is good, the later not a problem, b/c DNSSEC validation has to be made by the client nevertheless.
>
> I do persoanlly use 9.9.9.10 together with dnsmasq (whihc does the DNSSEC job) at my desktop b/c I couldn't get DNSSEC woring with the DNS servs of my ADSL provider here in Hamburg.
>
> - --
> Toralf
> PGP C4EACDDE 0076E94E
> -----BEGIN PGP SIGNATURE-----
>
> iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWhcSCRccdG9yYWxmLmZv
> ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTjRxAPwMNZQCFk7av7cyMbRCjCyqIPq4
> 91jnvwX6lLXnL9bEywEAhaZgeF3oFKvRENSMJls/NeSHm/jfCXGjrQ/0/yaGChQ=
> =zma+
> -----END PGP SIGNATURE-----

I wrote something kinda related to this thread to help a few friends; w.i.p.
https://openbsd-br.org/pub/egypcio/debian-unbound-socat-tor.sh

you are invited to read the code before running/testing. feel free to modify, or w/e.

SHA256 (debian-unbound-socat-tor.sh)

23a74b162af7b219827c84be669083a4595d6fee15c585ac73ce10d17cece9b5

--
Vinícius Zavam
keybase.io/egypcio/key.asc

_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays