Re: [tor-relays] abuse email for non-exit relay (masergy)

There are two ways this can happen:

Someone set up a tor relay on the "client", and your relay connected to it.

Someone is using the hidden service rendezvous protocol to ask non-exit relays to scan non-tor IP addresses. Specifying a remote address is a feature of the protocol. We have mitigations in place in newer tor relay versions to stop scanning of local addresses, and to provide limited information to the scanning client.

While the subject is not cleared, I suggest firewall rules to stop the communication between ORPort and RFC1918 ranges.

x9p