[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Extreme Exit Policy
On Mon, Dec 17, 2018 at 11:40:05PM +0000, gerard@xxxxxxxxxxxx wrote:
> I always blocked the obvious abuse ports, but for reasons I do not know, blocking port 80 except to a few subnets, abolished complaints about my exits. I widened the number of subnets and complaints started again, so put restrictions back.
>
> 443 wide open, along with very wide range of ports and most high numbers. I am puzzled that port 80 attracts the abuse complaints. Is it because the port 80 traffic is more easily read by agencies sniffing for bad things and copyright infringements?
One plausible explanation would be that when you blocked too much of port
80, you lost the Exit flag, which caused most clients to not consider
you as suitable for use in the third hop of their circuit.
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2564
That is, by closing down your exit policy so much, you signaled to clients
that they shouldn't try using you as their exit, so most of them didn't.
(You might still see a few exit requests anyway, since clients with a
stream request for port 443 would still consider you a legit option if
they don't have an available circuit. But when they're making preemptive
circuits, they would skip over you because you don't seem like the sort of
relay that's likely to be able to satisfy whatever their future requests
will be.)
--Roger
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays