-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov? Over the past month I've noticed regardless of which browser, machine on my LAN, and wired or wireless connection utilized it's become impossible to connect to any ca.gov site. I've researched my router, cable modem, and firewall settings, all appear to be fine. Spoke with my ISP, for whatever worth that might have, and was assured no blocking or filters were in place that would keep me from reaching these services and my settings looked fine from what they could see from their end. I'm able to connect to ca.gov sites using my phones 4G network or through Tor, however for some reason my home network and associated I.P. is poison. Any experiences/input would be appreciated.
Thanks
--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 08/09/2015 12:52 PM, Kurt Besig wrote:
Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov?
Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several "this IP is a source of spam" blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government website maintainers are probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as "more comprehensive" than others).
zw
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 8/9/2015 10:00 AM, Zack Weinberg wrote:
On 08/09/2015 12:52 PM, Kurt Besig wrote:
Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov?
Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several "this IP is a source of spam" blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government website maintainers are probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as "more comprehensive" than others).
zw
Yes this is a middle relay, on a home network, I've been running for approximately 1.5 years with no issues. Since this is a middle relay and find I have no reason to "hide" my intentions there hasn't been an issue in my mind regarding running a relay on my home network.
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
[Sorry about that - that message was supposed to be *signed*, not encrypted.]
On 08/09/2015 12:52 PM, Kurt Besig wrote:
Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov?
Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several "this IP is a source of spam" blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government services' IT department is probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as "more comprehensive" than others).
zw
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Sun, 9 Aug 2015 13:02:14 -0400 Zack Weinberg zackw@cmu.edu wrote:
several "this IP is a source of spam" blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes.
Now this is just unnecessarily FUDish, at http://bgp.he.net/ one can check their IPs against 49 RBLs, I checked several of my long-running relays' IPs, and they are on none of the 49.
The blocking issue however has came up in the past, back then it was related to the Akamai CDN blocking all relays, as a result people running them couldn't access e.g. www.healthcare.gov from the same IP. Right now healthcare.gov still uses Akamai, but is accessible just fine from relays, so this has been solved.
As for the particular hostnames specified in the original post, I believe they might have some DNS-related issue at the moment. Here's what I get from an IP which has never run a Tor relay:
===== $ host www.CA.DMV.gov Host www.CA.DMV.gov not found: 3(NXDOMAIN)
$ host www.CA.SDI.gov Host www.CA.SDI.gov not found: 3(NXDOMAIN)
$ host www.CA.DMV.gov 4.2.2.3 Using domain server: Name: 4.2.2.3 Address: 4.2.2.3#53 Aliases:
www.CA.DMV.gov has address 198.105.244.11 www.CA.DMV.gov has address 198.105.254.11 Host www.CA.DMV.gov not found: 3(NXDOMAIN)
$ host www.CA.SDI.gov 4.2.2.3 Using domain server: Name: 4.2.2.3 Address: 4.2.2.3#53 Aliases:
www.CA.SDI.gov has address 198.105.244.11 www.CA.SDI.gov has address 198.105.254.11 Host www.CA.SDI.gov not found: 3(NXDOMAIN) =====
(without "www" they are NXDOMAIN no matter what).
- -- With respect, Roman
tor-relays@lists.torproject.org
-
Kurt Besig -
Roman Mamedov -
Zack Weinberg