On 6 Dec 2017, at 01:35, tor@t-3.net wrote:
Abuse complaints are how this thing goes. With your limited exit policy, you would hardly see any complaints (relatively speaking), and what you do see would be mostly like SQL hack complaints and such. It's usually not going to be cases where someone got all the way into someone's machine, it's going to be mainly complaints about attempts.
Our provider became concerned about the volume of abuse complaints we were receiving, so we added a "reject IP:Port" to our exit policy for each one. (Or a /24 for noisy netblocks.)
The volume dried up pretty quickly when we went back through historical emails and added about 30 entries. It seems that there are only a few really big complainers.
So that's another alternative that preserves access to 99% of the Internet from your exit.
T