Gregory -<div><br></div><div>I have been struggling with a similar question. I do not have an answer as to the perfect list of 'safe' sites (wikipedia is at the top of my list). But I have authored a bash script to turn a list of domains ( <a href="http://mail.google.com">mail.google.com</a>, <a href="http://wikipedia.com">wikipedia.com</a>, <a href="http://etc.com">etc.com</a>) into rules....</div>
<div><br></div><div>The following script looks for a file called torTarget.txt, and for each FQDN it:</div><div>- Looks up the first ip on the DNS record</div><div>- Assigns port 80 by default</div><div>- If the word "mail" appears in the FQDN, then I assume that this is a webmail service and force port 443</div>
<div>- Adds google talk</div><div><br></div><div>The output needs to be placed in the torrc file by hand and replace any existing policies.</div><div><br></div><div>Here is the script:</div><div><br></div><div><div><font class="Apple-style-span" face="'courier new', monospace">#!/bin/sh</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">#</font></div><div><font class="Apple-style-span" face="'courier new', monospace"># If dig fails, try installing the dnsutils package</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"># e.g. sudo apt-get install dnsutils</font></div><div><font class="Apple-style-span" face="'courier new', monospace">#</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace">echo </font></div><div><font class="Apple-style-span" face="'courier new', monospace">echo "# Target List Generated `date`"</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">echo "#"</font></div><div><font class="Apple-style-span" face="'courier new', monospace">echo</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace">cat torTargets.txt | sort -f | while read site</font></div><div><font class="Apple-style-span" face="'courier new', monospace">do</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> if echo $site | grep -q "mail"</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> then</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> port="443"</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> else </font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> port="80"</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> fi</font></div><div><font class="Apple-style-span" face="'courier new', monospace"><br>
</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> dig +short $site | sort | head -n 1 | while read ip</font></div><div><font class="Apple-style-span" face="'courier new', monospace"> do</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace"> echo "ExitPolicy accept\t $ip:$port \t# $site "</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"> </font></div><div><font class="Apple-style-span" face="'courier new', monospace"> done</font></div><div><font class="Apple-style-span" face="'courier new', monospace">done</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace"><br></font></div><div><font class="Apple-style-span" face="'courier new', monospace">echo</font></div><div><font class="Apple-style-span" face="'courier new', monospace">echo "ExitPolicy accept\t *:5222 \t# Google Talk"</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">echo</font></div><div><font class="Apple-style-span" face="'courier new', monospace">echo</font></div><div><font class="Apple-style-span" face="'courier new', monospace">echo "ExitPolicy reject *:*"</font></div>
<div><font class="Apple-style-span" face="'courier new', monospace">echo</font></div><div><font class="Apple-style-span" face="'courier new', monospace">echo "# End of Exit Policy"</font></div><div>
<font class="Apple-style-span" face="'courier new', monospace">echo "#"</font></div><div><br></div></div><div>Cheers, </div><div>Erik</div><div><br><br><div class="gmail_quote">On Thu, Jul 2, 2009 at 11:12 PM, Gregory Maxwell <span dir="ltr"><<a href="mailto:gmaxwell@gmail.com">gmaxwell@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">There are many people who would like to run tor exits but whom don't<br>
because of the inevitable flood of abuse complaints.<br>
<br>
At the same time, there are a great many high traffic destinations on<br>
the internet which have little to no complaint potential because they<br>
are effectively read-only or are otherwise understood to be<br>
tor/anonymity friendly.<br>
<br>[snip...]
</blockquote></div><br></div>