
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov? Over the past month I've noticed regardless of which browser, machine on my LAN, and wired or wireless connection utilized it's become impossible to connect to any ca.gov site. I've researched my router, cable modem, and firewall settings, all appear to be fine. Spoke with my ISP, for whatever worth that might have, and was assured no blocking or filters were in place that would keep me from reaching these services and my settings looked fine from what they could see from their end. I'm able to connect to ca.gov sites using my phones 4G network or through Tor, however for some reason my home network and associated I.P. is poison. Any experiences/input would be appreciated. Thanks -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJVx4UrAAoJEJQqkaGlFNDPILMIALq/zYHqdm/QpThUI/vbr74L Q5lzLiVJBbxOxC3nWX/fuJL35FyS2FwOY4K+piI0EcDpY+wZ/m2hZh7wJLzwh9ok z0j0Dcp7GL3N2c64UP/7XFCrlaNtMm/0ke1xsxUkd0NahZNDCqv7BOkR9IX5yAfx lK5qOw9fpjyzVIdLd1LM1VArWGoEI6dR8PI3rmmGmzP6m9OGC8MxqW2rx+g1p0C5 0F+wDgnmM9rUa2VcgGXf7F4lJkEpUOtjwrsrasclLE8WbwBVv47a84eSSCLKCnUm rD5fUjFBgcaJtrVRgrwydWBcCuIujfxyiCz+Ku8+jtazB5cMdeiZjZN1pgRgKS8= =z1cc -----END PGP SIGNATURE----- --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 08/09/2015 12:52 PM, Kurt Besig wrote:
Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov?
Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several "this IP is a source of spam" blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government website maintainers are probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as "more comprehensive" than others). zw -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVx4cSAAoJEJH8wytnaapk/i0QALmPyz3Rmz2SUtyO5vSIKObP DoazDoWJDYHzz35XHRL0QeamzJD0W+6JbB3vdmwK/i5DXIDabP+4VSgZlTqIqSvN eoj8qv0E7TDJ8VQmDz9LAih4XC427geGuuwJFG29cBYT4wlTuJk/kJBHTAdpOh7V 8lV6UEVniLx6MIIMq94hiDVjBmU6qKbDx7yaiKQvcDfbs0t7Kuf2InUIOhevdat7 0RI8xAvu/KBoTpAvAplofaudHcf9KMt7NB8fYh2HN6xvPghLuMbY5mT0jxHOPaKE aJK6oKgOioXP2isH5BeWVpy8+YtMJKyYt470TyDt+3vMFbrc+JWlkYN493T+SIWq fXD5mnOvp3ruZ6xWD6dIOOTTp3I9zz4mmYUXEIWtiFNEFJXGMHPl4ltPwPm+4W8K inIjUF4WnMTvYaZ3MCNopPeq7CrBTPXT/WYN06W0zHSiWbNGBHQ6LHhxeUjpuOtT 2sc9hGTfkvs7jmLghT1wVBT7V7QomhKEFXnI60vjsSsiI94c29kY6gKCEn+COjVX eczdaOBW62pOwPXIAPcLyQMkAc/ACLtGE+dO+zSaMVIofoLcM8g2R4dYhcpdeNWP BwPk0ENOQzy9b2FFFYLciBrx3W7YfAAPw1infabI819e5/HKqYxBiHl2mH6Z5ab5 /A8CjOEk0Jm3beKhxcAq =QJXS -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 8/9/2015 10:00 AM, Zack Weinberg wrote:
On 08/09/2015 12:52 PM, Kurt Besig wrote:
Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov?
Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several "this IP is a source of spam" blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government website maintainers are probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as "more comprehensive" than others).
zw Yes this is a middle relay, on a home network, I've been running for approximately 1.5 years with no issues. Since this is a middle relay and find I have no reason to "hide" my intentions there hasn't been an issue in my mind regarding running a relay on my home network. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJVx4xYAAoJEJQqkaGlFNDP6j4H/1MTp8vS5BtiTAyhfrXfaCe/ t1YBihtJnK/haZ1zDQ8lPp8zjHYWE/0B8/VoTWVh2jEY7aq8UC27zpdiDHzADPqD BOelZyK5Ig1+HAdcwSRaRz5nJ891Icmyj8aURdWz6103IK8yMc2bw5s2dcEUq3TG qLGJ9dKBu7Pl6FIdlrJfs/M104RQuCKhrz1LRMWQFmsUC19AHHHONnguNwv18/nR wzM4C49s+7BwXlQkvptAlyzF8b5lHhtMin8YBtVMXLKlbFNFwd5Ii8etFMIam9ai 3J2A+C3LS34DAsA19JS1pA2Ekj8P/OU6cel0MsDph2jXNTDU2z85Bn4JDa/1w70= =fx4x -----END PGP SIGNATURE----- --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 [Sorry about that - that message was supposed to be *signed*, not encrypted.] On 08/09/2015 12:52 PM, Kurt Besig wrote:
Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov?
Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several "this IP is a source of spam" blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government services' IT department is probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as "more comprehensive" than others). zw -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVx4eNAAoJEJH8wytnaapkBmwQAJWN7NvxaaFGfeweVq3211zY +r28jqBodkUFCBNK2kVICC82CEVTdocgkLFuksNy1JXPPbpDG3QH/TZGQ6nd1oDf 8dlPnhltjAHbMfsK8ryH+tlqHZ/G8MsQhH9uZ2EYw0BoDzfEhzYSJf2QM3qq8+e8 3kl9tOa3smDD1KENkn7kEPYlz6RZAuxKFhYieabrJXXV7FP/miMsQroZ8+Vws8JX s80uzRyrnMSUdRRSCWLtW9HADA8xNV4eSFaQ1WzlygWkp010tvXpd3hpaJYxsS0w uLqOl0SIJYLEa/9nc63iO8huI1kYS0BndeqF4+cf077bKrSKQ1waNkyHlygsfVmV BCHLfid1UPknLdkF7WFDBoL9puzvJN+m8nl7x93vXELM5WSPSzGt2MWy/Gnh/YGT rHwx9QSWKJH54xVLaLjsruICsL+eOQ//M1SWdzcWze4hdmtRQAN3SjOPLA2eH0TX gv17YkkTJejh6rh3tIf79Dhn/3igyOfID4pa1cQWWL5JwS6xIbZGYNFAwEu14Ill oZXXNpND48M4X9ISSDDM7ab+8oWf5H1S3yi92QCPxlksZqG6lCUBoGzDImjF+q0G RDecVt2GZiykOWPttdfZYPdCaNWlPQB+gcuCV8XfBq0i34zHUHzHaeaZrhQeEeXO 0QjewKTaKB511efCSia0 =EScV -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 9 Aug 2015 13:02:14 -0400 Zack Weinberg <zackw@cmu.edu> wrote:
several "this IP is a source of spam" blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes.
Now this is just unnecessarily FUDish, at http://bgp.he.net/ one can check their IPs against 49 RBLs, I checked several of my long-running relays' IPs, and they are on none of the 49. The blocking issue however has came up in the past, back then it was related to the Akamai CDN blocking all relays, as a result people running them couldn't access e.g. www.healthcare.gov from the same IP. Right now healthcare.gov still uses Akamai, but is accessible just fine from relays, so this has been solved. As for the particular hostnames specified in the original post, I believe they might have some DNS-related issue at the moment. Here's what I get from an IP which has never run a Tor relay: ===== $ host www.CA.DMV.gov Host www.CA.DMV.gov not found: 3(NXDOMAIN) $ host www.CA.SDI.gov Host www.CA.SDI.gov not found: 3(NXDOMAIN) $ host www.CA.DMV.gov 4.2.2.3 Using domain server: Name: 4.2.2.3 Address: 4.2.2.3#53 Aliases: www.CA.DMV.gov has address 198.105.244.11 www.CA.DMV.gov has address 198.105.254.11 Host www.CA.DMV.gov not found: 3(NXDOMAIN) $ host www.CA.SDI.gov 4.2.2.3 Using domain server: Name: 4.2.2.3 Address: 4.2.2.3#53 Aliases: www.CA.SDI.gov has address 198.105.244.11 www.CA.SDI.gov has address 198.105.254.11 Host www.CA.SDI.gov not found: 3(NXDOMAIN) ===== (without "www" they are NXDOMAIN no matter what). - -- With respect, Roman -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlXHi50ACgkQTLKSvz+PZwhNHgCgk7Yrl7OlQ76NYcbKNwK4d74K ZX8AnA8lvrvRQ165n5y8FsQRWJ0M9con =dCnr -----END PGP SIGNATURE-----
participants (3)
-
Kurt Besig
-
Roman Mamedov
-
Zack Weinberg