Reply to the email, say that you found a misconfiguration in your Tor
daemon which could have accounted for this problem and you've repaired
it, and hopefully this problem is resolved for the future.

Put the below as your exit policy in torrc, and I'd stop/start the
service to be sure it grabbed it.

Using the below exit policy, we've had our exit node running for a
couple months or so doing pretty good bandwidth, and not had a single
warez-related complaint. Seen some complaints about SQL injection
attacks but perhaps those will annoy your ISP less.

ExitPolicy accept *:20-23     # FTP, SSH, telnet
ExitPolicy accept *:43        # WHOIS
ExitPolicy accept *:53        # DNS
ExitPolicy accept *:79-81     # finger, HTTP
ExitPolicy accept *:88        # kerberos
ExitPolicy accept *:110       # POP3
ExitPolicy accept *:143       # IMAP
ExitPolicy accept *:194       # IRC
ExitPolicy accept *:220       # IMAP3
ExitPolicy accept *:389       # LDAP
ExitPolicy accept *:443       # HTTPS
ExitPolicy accept *:464       # kpasswd
ExitPolicy accept *:531       # IRC/AIM
ExitPolicy accept *:543-544   # Kerberos
ExitPolicy accept *:554       # RTSP
ExitPolicy accept *:563       # NNTP over SSL
ExitPolicy accept *:636       # LDAP over SSL
ExitPolicy accept *:706       # SILC
ExitPolicy accept *:749       # kerberos
ExitPolicy accept *:873       # rsync
ExitPolicy accept *:902-904   # VMware
ExitPolicy accept *:981       # Remote HTTPS management for firewall
ExitPolicy accept *:989-995   # FTP over SSL, Netnews etc
ExitPolicy accept *:1194      # OpenVPN
ExitPolicy accept *:1220      # QT Server Admin
ExitPolicy accept *:1293      # PKT-KRB-IPSec
ExitPolicy accept *:1500      # VLSI License Manager
ExitPolicy accept *:1533      # Sametime
ExitPolicy accept *:1677      # GroupWise
ExitPolicy accept *:1723      # PPTP
ExitPolicy accept *:1755      # RTSP
ExitPolicy accept *:1863      # MSNP
ExitPolicy accept *:2082      # Infowave Mobility Server
ExitPolicy accept *:2083      # Secure Radius Service (radsec)
ExitPolicy accept *:2086-2087 # GNUnet, ELI
ExitPolicy accept *:2095-2096 # NBX
ExitPolicy accept *:2102-2104 # Zephyr
ExitPolicy accept *:3128      # SQUID
ExitPolicy accept *:3389      # MS WBT
ExitPolicy accept *:3690      # SVN
ExitPolicy accept *:4321      # RWHOIS
ExitPolicy accept *:4643      # Virtuozzo
ExitPolicy accept *:5050      # MMCC
ExitPolicy accept *:5190      # ICQ
ExitPolicy accept *:5222-5223 # XMPP, XMPP over SSL
ExitPolicy accept *:5228      # Android Market
ExitPolicy accept *:5900      # VNC
ExitPolicy accept *:6660-6669 # IRC
ExitPolicy accept *:6679      # IRC SSL 
ExitPolicy accept *:6697      # IRC SSL 
ExitPolicy accept *:8000      # iRDMI
ExitPolicy accept *:8008      # HTTP alternate
ExitPolicy accept *:8074      # Gadu-Gadu
ExitPolicy accept *:8080      # HTTP Proxies
ExitPolicy accept *:8087-8088 # Simplify Media SPP Protocol, Radan HTTP
ExitPolicy accept *:8332-8333 # BitCoin
ExitPolicy accept *:8443      # PCsync HTTPS
ExitPolicy accept *:8888      # HTTP Proxies, NewsEDGE
ExitPolicy accept *:9418      # git
ExitPolicy accept *:9999      # distinct
ExitPolicy accept *:10000     # Network Data Management Protocol
ExitPolicy accept *:11371     # OpenPGP hkp (http keyserver protocol)
ExitPolicy accept *:12350     # Skype
ExitPolicy accept *:19294     # Google Voice TCP
ExitPolicy accept *:19638     # Ensim control panel
ExitPolicy accept *:23456     # Skype
ExitPolicy accept *:33033     # Skype
ExitPolicy reject *:*

 
 
On Thursday 24/10/2013 at 9:11 pm, Christopher Jones wrote:
I’ve been running an exit relay for about 3 days and, sure enough, some BitTorrent bugger caused sh3lls.net to send me a DMCA nastygram:

We have got the following complain, please remove all illegal torrents immediately from your server:

Evidentiary Information
Title: Suits (TV)
Infringement Source: BitTorrent
Initial Infringement Timestamp: 17 Oct 2013 22:06:17 GMT Recent Infringement Timestamp: 17 Oct 2013 22:06:17 GMT Infringing Filename: Suits Season 3 Episode 6 (The Other Time) (HDTV x264)-ASAP (1GBps SeedBox).mp4 URL if applicable: 
Infringing File size: 364405400
Infringers IP Address: 64.32.14.34
Bay ID: 7fbb4256bfca558d5a809b9f6536b5fd5e4e782d|364405400
Port ID: 33788

I followed through with the templates provided by the Tor Project as a response to the DMCA takedown notification. A day later, the ISP sent me this:

Dear Christopher
Whether you run Tor or not, we even told you in past, it's your responsibility to stop all abuse
If Tor is causing it, stop the program Tor on your server, if we get another complain we will have to suspend/terminate your services

tor always always gets lots and lots of abuse and complains

Update us within 24 hours

Thanks

I was never provided with the full text of the original DMCA complaint, so I was unable to respond. Furthermore, I was never “even told…in the past” that I had to stop all abuse caused by Tor. Tor is not singled out in the ToS or AUP. And I was certainly never told anything in the past about abuse and Tor specifically. As I said, first warning. Then there’s the “tor always always gets lots and lots of abuse and complains [sic]”. Which is kind of bizarre, because their position on tor seems a bit cagey. Does the claim about lots of abuse mean they won’t allow exit nodes? Or is that just a “hint” that I’d be better off not trying to run it? 

And this is an ISP I picked from the good list.

Suggestions are welcome. I’m running with the default exit node policy, which should block most of the abuse-laden ports. BitTorrent’s a little harder to deal with. I’ve no qualms working with the ISP to mitigate their concerns, but I’m not sensing their returning the same spirit of cooperation.

.cpj
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays