[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Leaseweb exit relay notice
On 05/22/2015 12:19 AM, Speak Freely wrote:
> The problem is compounded by the fact each BL company is racing
it's way
> to the bottom, adding each others finds to their own lists.
SpamHaus has
> OVER 1 *BILLION* addresses listed.
>
> I lost several relays (11) from OVH because DanTor recorded my
relays,
> then CBL recorded DanTor, then SpamHaus Zen recorded CBL, which
allowed
> OVH to claim "100% of your IPs are blacklisted on multiple lists"
when
> in reality it was from a guy in the UK who publishes all Tor relays
-
> guard, middle, exit - that caused this whole problem for me. Not
one
> single complaint from anyone against any of my relays.
>
>
> Matt
> Speak Freely
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
A lot of trouble would be prevented for exit node operators if, when
they brought their relays up for the first time, they ensured that the
exit policy rejected port 25. Even if they desire to run as
unrestricted a relay as possible, in my experience, that one really
should be rejected. It is the port which email servers tend to use to
deliver mail to one another, and some bad/old clients might try to use
it as well.
In theory, open-relay port 25 is just about sending email. It can send
email on behalf of anyone in the world. Big deal, right? But in
practice, open-relay port 25 is all about spam. Has been for years and
years. It's always been abused by awful spammers wherever it may be
found. It's never been used as some great tool for anonymity or email
freedom.
As far as Tor exits go specifically, there is someone out there who is
apparently watching Tor for when exits appear that are willing to send
on port 25. They very quickly begin dumping spam out of any such
relays, should they appear. I know this because I briefly turned on
relay for port 25, and the spammers found it fast. They immediately
transformed it into a spam-vomiting heap of crap. Traffic graphs on it
skyrocketed (although within the configured maximums). The new mail in
the admin mailbox for the netblock clearly reflected what the box was
doing. I closed that port off fast, and problem solved.
In addition to port 25, relay operators who want to be extra careful
of their relationship with their ISP may also wish to reject ports 465
and 587. Doing that would more-completely lock the Tor exit away from
the tricks spammers use.
By blocking off the email portion of the relay (especially port 25),
the machine doesn't spew spam, and therefore doesn't get noticed by
those who are trying to stop spam. This is good for the relay because
the 'net is more accepting of it (IP reputation lists, RBLs, etc), and
good for the exit relay operator's working relationship with the
hosting ISP. Reputable ISPs tend to dislike spam, and if a billion
spam complaints flood in for your relay, it's not going to help your
cause.
People who are trying to do anonymous email have means to do so which
do not include dumping anything directly to port 25. And if a direct
push from Tor to 465 or 587 is wanted, it can always go to the relays
which don't perceive any ISP-related risk from it.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays