[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
RE: Tor nodes blocked by e-gold
SORBS marks TOR servers as zombie spammers I believe.
Regards,
Tony.
-----Original Message-----
From: owner-or-talk@xxxxxxxxxxxxx [mailto:owner-or-talk@xxxxxxxxxxxxx]
On Behalf Of Mike Cardwell
Sent: 27 April 2007 16:23
To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor nodes blocked by e-gold
Really? In which one of the following lists does Sorbs list Tor servers?
And in what way does the description mislead the user as to the purpose
of the listing?
1.) http.dnsbl.sorbs.net
2.) socks.dnsbl.sorbs.net
3.) misc.dnsbl.sorbs.net
4.) smtp.dnsbl.sorbs.net
5.) web.dnsbl.sorbs.net
6.) new.spam.dnsbl.sorbs.net
7.) recent.spam.dnsbl.sorbs.net
8.) old.spam.dnsbl.sorbs.net
9.) spam.dnsbl.sorbs.net
10.) escalations.dnsbl.sorbs.net
11.) block.dnsbl.sorbs.net
12.) zombie.dnsbl.sorbs.net
13.) dul.dnsbl.sorbs.net
They each have very specific listing criteria, but none of them specify
"Tor exit node"...
Mike
* on the Fri, Apr 27, 2007 at 03:53:31PM +0100, Tony wrote:
> SORBS lists TOR servers as being SPAM related. Which is rather
unlikely to be the case.
>
>
> Regards,
>
> Tony.
>
> ________________________________
>
> From: owner-or-talk@xxxxxxxxxxxxx on behalf of Mike Cardwell
> Sent: Fri 27/04/2007 14:42
> To: or-talk@xxxxxxxxxxxxx
> Subject: Re: Tor nodes blocked by e-gold
>
>
>
> Sorbs have *many* different lists. They do not just list sources of
spam,
> and nor do they claim to. See http://www.au.sorbs.net/using.shtml
>
> If someone ignorantly decides to start blocking mail or http requests
> based on an IP being listed on the aggregate of all sorbs zones, ie
> dnsbl.sorbs.net then it is they who are at fault, not Sorbs. Sorbs
does
> not tell you what to do with their lists.
>
> Examples:
>
> http.dnsbl.sorbs.net - List of Open HTTP Proxy Servers.
> socks.dnsbl.sorbs.net - List of Open SOCKS Proxy Servers.
> misc.dnsbl.sorbs.net - List of open Proxy Servers not
> listed in the SOCKS or HTTP lists.
>
> So... If you're listed in http.dnsbl.sorbs.net, sorbs are saying,
> "Last time we checked. There's an open HTTP proxy at IP x. Do
> what you want with this free information". What they're *not*
> saying is "Block IP x or you'll get hacked and spammed!!!"
>
> So there are three main possibilities as far as E-Golds actions go as
far
> as I can see.
>
> 1.) They're ignorantly blocking Tor users without realising.
> 2.) They're blocking them on purpose because the collatoral damage is
> worth it to protect their other customers.
> 3.) They're ignorantly blocking Tor users without realising, but if
they
> knew about Tor they'd do it on purpose anyway to protect their
service
> and customers.
>
> Sorbs are not doing anything evil, or scamming anyone. They are
publicly
> expressing their opinion and observations of behaviour from IP
> addresses, and letting people do what they want to with that
> information.
>
> The only solution to this problem is to contact E-Gold and try to get
> them to whitelist TOR exit nodes, perhaps using
> ip-port.torhosts.nighteffect.us. They might say yes, they might so no,
> or they might ignore you. You're free to take your business elsewhere
of
> course.
>
> Mike
>
> * on the Fri, Apr 27, 2007 at 04:17:29PM +0300, M wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Yeah, SORBS suck a big time.
> >
> > My Tor exit-node was a couple of years ago listed in SORBS db. Once
I
> > changed Tor servers ip to another and closed ports that are commonly
> > used to connect to irc servers I got off the list and havent gotten
> > relisted since.
> >
> > What irc has to do with email / smtp? Some ISP's block all incoming
mail
> > if smtp server is listed in SORBS. I have contacted couple of
finnish
> > ISP's and they all we're very uncooperative.
> >
> > M
> >
> >
> >
> > > No, its just SORBS, thay havnt got a clue. Avoid with long
bargepole....
> > >
> > >
> > > Tony.
> > >
> > > ________________________________
> > >
> > > From: owner-or-talk@xxxxxxxxxxxxx on behalf of Karsten N.
> > > Sent: Fri 27/04/2007 09:03
> > > To: or-talk@xxxxxxxxxxxxx
> > > Subject: Re: Tor nodes blocked by e-gold
> > >
> > >
> > >
> > > Hi,
> > >
> > > I have checked a few long-runnig TOR nodes in the Sorbs SPAM
blacklist:
> > >
> > > http://www.au.sorbs.net/lookup.shtml
> > >
> > > Many of this servers are blacklisted in the database of
> > > vulnerable/hacked servers:
> > >
> > > "Likely Trojaned Machine, host running unknown trojan"
> > >
> > > The nodes I checked are mostly well administrated and run actually
> > > software over a time of 1 year. It may be, they are listed in
other SPAM
> > > blacklists too.
> > >
> > > Karsten N.
> > >
> > > force44@xxxxxxxxxxxxx schrieb:
> > >> Hi,
> > >>
> > >> Since 24 hours, e-gold has decided to block all TOR nodes, and
not only. In fact they check 3 "spam databases" and if the user's IP is
in one of them, e-gold just declines any operation, people cannot even
login into their accounts.
> > >>
> > >> There are a few things here:
> > >>
> > >> It is the first time I see a website blocking IP that appear in
SPAM databases! Spam is, as far as I know, an EMAIL problem, so why
would a domain block surfing from these IP?
> > >>
> > >> About TOR particularly, I feel very strange that all exit nodes
would be listed in spam databases, as most of them (if not all) don't
accept sending mail requests. That is why I rather believe that e-gold
in fact fetches the TOR exit nodes list, and directly block their IP
addresses.
> > >>
> > >> A friend, connecting from his home in Germany without TOR,
without any proxy, cannot enter his account as his IP address (a dynamic
one from a dialup provider) was listed 2 months ago for spam!!!
> > >>
> > >> A few people are already complaining that they cannot get into
their accounts, and so their money seems to be lost! E-gold was already
known to block accounts without any warning and explanations, recently
blocked accounts of all Iranian people and KEPT their funds, now they
automatize the scam process!
> > >>
> > >> E-gold seems to be the next (or TODAY'S) major scam of the
internet!
> > >>
> > >> F44
> > >>
> > >
> > >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.7 (MingW32)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
<http://enigmail.mozdev.org/>
> >
> > iD8DBQFGMffp6fSN8IKlpYoRAqJ/AKCNRh8RbmKN9bTgsK8UnnOKBFxVRQCghDwu
> > 62FQ7ZkADYWAxBvl/h9neMc=
> > =NxJe
> > -----END PGP SIGNATURE-----
>
>