[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [Need quick help] 30+ mbps node taken down by host

>> Thank you for the response. Unfortunately, it looks like this might be
>> an impossible problem to solve, since they followed it up and said it's
>> forum spam and hack attempts, not just email spam.  Basically, my node
> So they're keep changing their story. It seems they want to get rid of you.

Seems more like they're just sending more details.
I'd tell them you'd like to resolve each ticket they have for them.
That you want the reports, including headers so you can reply
and work with the complainant.
That you want to block the original sites to prevent future issues.
You already know and can block buyandsmoke.
Learn them about Tor a bit... used by journalists, employers,
students at school, etc. Tell them you'll try to close every
report they send you. Explain port 80/443 is going to generate
reports, but you can kill it if you have to.
Reduce the exit policy... imaps, pop3s, submission, ssh, bitcoin, etc.
These places see tickets, they want to see someone stand up
and close and try to prevent them is all.
If none of that works, go non-exit mode, or start shopping.

> I personally use the following Exit Policy:

Curiously missing is submission(587) which is RFC'd to be
the authenticated and usually encrypted means for submitting
outgoing mail to the provider of your @account for delivery
to your recipients @mx. That delivery by the server may then
happen over smtps(465), which is really just encryption over
the same old (open)relay or @mx endpoint smtp(25) config.
25/465 can have starttls and auth, but 587 does by default.
587 is more important for users sending, while 25/465 is
now usually for mail servers in the backend cloud.
A side benefit of 587 is that reports often stop at the MSA, as it
is their @account and they deal with it. Whereas with smtp relay,
they just see the source IP and report it to the ISP, who then shut
down your Tor node.


Who uses telnets(992)? MUD's? Really?
tor-talk mailing list