[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: SORBS vs Tor and the world

To: or-talk@xxxxxxxxxxxxx
Subject: Re: SORBS vs Tor and the world
From: Mike Cardwell <tor@xxxxxxxxxxxxxxxxxx>
Date: Mon, 07 Jan 2008 23:06:32 +0000
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 07 Jan 2008 18:06:45 -0500
In-reply-to: <20080107214015.GH5566@xxxxxxxxxxxxxxxxxx>
References: <3922422b0801051518gd019da8nfbeeac8fe7539c13@xxxxxxxxxxxxxx> <4e79549a0801051614j31c035cfq9c137b6bd75ecbae@xxxxxxxxxxxxxx> <3922422b0801051616s5820b871k3a78cf75df0e55d1@xxxxxxxxxxxxxx> <200801071445.49864.xiando@xxxxxxxxxx> <4782384E.5040705@xxxxxxxxxxx> <20080107214015.GH5566@xxxxxxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
Sp4mtr4p: D0 N0T EM4IL <sp4m-tr4p-d0-n0t-em4il@xxxxxxxxxxxx>
User-agent: Thunderbird 2.0.0.9 (Macintosh/20071031)

Nick Mathewson wrote:

On the other hand, if your only goal is to block anonymous SMTP, and
you agree that blocking all Tor servers is very overreaching, you
might instead try looking at the more targetted DNSEL service
available at
   http://exitlist.torproject.org/
It lets you block _exactly_ those servers that relay traffic on given
ports to your address.  For a more thorough rationale, and a fairly
detailed spec of how to make a compatible implementation, see
   https://www.torproject.org/svn/trunk/doc/contrib/torel-design.txt


For reference, one might use this list in an ACL chunk in Exim4 as follows:

deny dnslists =$interface_port.${sg{$interface_address}{\N^(\d+)\.(\d+)\.(\d+)\.(\d+)$\N}{\$4.\$3.\$2.\$1}}.ip-port.exitlist.torproject.org=127.0.0.2message = $sender_host_address is running a Tor exit node thatexits to $interface_address:$interface_port


Mike

References:
- List Suggestion
  - From: Ringo Kamens
- Re: List Suggestion
  - From: KT
- Re: List Suggestion
  - From: Ringo Kamens
- Re: SORBS vs Tor and the world (was: List Suggestion)
  - From: xiando
- Re: SORBS vs Tor and the world
  - From: Michael Holstein
- Re: SORBS vs Tor and the world
  - From: Nick Mathewson

Prev by Author: Re: Proper TOR DNS Configuration Testing Help
Next by Author: We're missing a certificate from authority tor26
Previous by thread: Re: SORBS vs Tor and the world
Next by thread: Re: SORBS vs Tor and the world
Index(es):
- Author
- Thread