On 14.03.2017 15:36, Juuso Lapinlampi wrote:
My concern with this is the liability on operator. In Finland (and Europe?)
Yes, this is "harmonized" and modelled after the US DMCA law, in Europe in the "e-Commerce directive" respectively the federal implementations. See https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines (and add links to your local implementation!)
I believe FICORA has advised blocking ports as necessary for security reasons (e.g. port 25) is fine, but when it's being extended to IP-address and/or port combinations, that's where it starts becoming gray (in regards to #2).
I would argue it's not. Since you advertise that your network cannot be used for these ports and/or IPs, you do not influence the "selection of the recipient". Otherwise, any network that only routes to particular destinations would lose limited liability, which would be pretty much against how the Internet works.
So far, replying to every abuse complaint and giving advice how to block Tor using DNSBL or similar has worked for me. I can see it's probably not what original poster's ISP would like to hear to have the issue resolved, but it's less ambiguous on law and limited liability. Thus, I suggested looking into other more friendly ISPs.
I agree, helping the "other side" to understand Tor and how to NOT BLOCK using DNSBLs but rather use DNSBLs as a component to identify potentially harmful connections, and treat those differently (eg. require user registration) is a lot better. Having Wordpress plugins and similar things for the most popular CMS would help a lot, if those plugins guide you through a process where you don't end up simply blocking all Tor users right away.
In many cases, ISPs are OK if you explain your options, they just want to see you "dealt with it" within a reasonable timespan (~24 hours) and are in touch with the sender of the complaint.