Hi,
sorry for replying rather late!
In response to 1): Thinking about it, I think the main (possible) problem is that my MTA is rejected by SMTP servers it connects to because of a Tor blacklist. Is this probable? Has someone got experience running a complete mail system and a (public) Tor relay on the same host/IP?
About 2): That is indeed very unfortunate, but at the same time a reason to start contributing to Tor! (Sadly, I am presently occupied by various other projects, but I think Tor is definitely worth a 'visit'.)
Now about something else. I recently had to restart my server for unrelated reasons. (The relay had the Guard and Stable flag at that time.) I sadly forgot to add the Tor service to the default runlevel, so it was not started at boot time. I went to bed thinking everything was OK and was only able to start Tor about 12 hours later. Unfortunately, my relay got no flags since then -- not even "Running"! The Tor consensus website confirms this: Three Auths voted for all previous/normal flags except Guard, the others only for Valid and V2Dir leading to my relay getting no flags! I cannot really explain this to myself. What is going on here?
Tobias
On Sun, Mar 02, 2014 at 07:32:17PM +0100, Moritz Bartl wrote:
On 03/02/2014 04:06 PM, Tobias Markus wrote:
I've been running a new tor relay for about a week now
Great. Thank you!
- I plan on running other services than tor on my server, including a
(private) mail system. Other than the general possibility of tor having security holes and my server (and its IP address) being public and thus possibly target of attacks, are there security implications I should consider?
Unfortunately, many sites block Tor relay IPs regardless of their exit policy. So, if you share one IP between the relay and other services, your might be impacted. This is especially true for exit relays.
- I would be interested to eventually run a directory/bandwith
authority, so I read about them in [1] and [2], but the places seemed a bit odd (hidserv-perf branch in tor svn/torflow repo) so I thought I better ask here: Would I really just have to follow the steps in [1] to become a dirauth? Is there currently a need for auths, would contribution be welcomed?
The offer is well appreciated. In the current design, directory authorities and bandwidth authorities play a very special role. There are several ideas on how to improve the situation and then open participation to the broader community, but for the time being, authorities can only be run by people very close to the core dev team.