[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Ports 465/587 in exit policy (was Re: Update to default exit policy)
As someone involved heavily in IRC and the running of several IRC networks, I think the primary reason most networks use random blacklists for tor (there are several, some better than others in terms of operating properly) is the unusual format of the official dnsel (https://www.torproject.org/tordnsel/
). Notably, with the software most people use for proxy scanning, getting the exact port used to connect is difficult or impossible, and sometimes the server IP is as well.
It might be beneficial to provide the DNSEL in a standard format (without the destination ip/port) as well, for situations where that distinction isn't feasible. This would at least be better than leaving that blacklisting to third parties who often don't understand quite what they're doing :P
- John Brooks
On Sun, Sep 7, 2008 at 7:27 PM, F. Fox <kitsune.or@xxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----Bill Weiss wrote:
> My Tor node runs a medium-load mail server as well, and I've never beenI've gotten on some DNSBL list, which basically keeps me off of several
> blacklisted for spam stuff . That seems like a decent indication of it
> not causing problems given how rabid the anti-spam people can get.
> 1: I've gotten blacklisted twice by SORBS for "virus" activities, which
> were people using IRC (for bad things, I assume) via my node. That
> doesn't count.
IRC networks. The catch is: I'm running a middleman-only node!
I really hate how some of those blocklist maintainers indiscriminately
add the entire contents of the Tor directory to their proxy lists. It'd
be really nice if they used the exit-only list that is put out
specifically for that purpose...
-----END PGP SIGNATURE-----