Re: Is this a Tor exit node connecting to me?

[Matt Ghali <matt@xxxxxxxxx>]

On Sun, 25 Mar 2007, Joseph B. Kowalski wrote:

> On Sun, 25 Mar 2007 03:20:10 -0700 Pei Hanru <peihanru@xxxxxxxxx>
> wrote:

> > A small issue. When I query the DNSBL server for my slow,
> > middleman only
> > (reject *:*) server, it returns 127.0.0.2. Is it a good idea to
> > include
> > non-exit Tor servers in this list?
>
> Yes, since when you are performing the first type of query, you are
> simply asking whether an IP address is an active Tor server or not,
> of any kind. Now, if anyone wanted to see if your Tor server would
> exit to their location or not, they could perform the second type
> of query (See my original post for details on the two query types,
> if necessary), which, in your case, would always return NXDOMAIN
> since you don't allow any exiting.

Please consider returning a different A record for the first query 
type to allow differentiation between exit nodes and middlemen. 
Returning 127.0.0.2 for exit nodes and 127.0.0.3 for middleman nodes 
will allow sendmail dnsbl configurations to easily do the 'right' 
thing.

thanks!
matto

--matt@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<darwin><
  Moral indignation is a technique to endow the idiot with dignity.
                                                - Marshall McLuhan