Reply to the email, say that you found a misconfiguration in your Tor daemon which could have accounted for this problem and you've repaired it, and hopefully this problem is resolved for the future.

Put the below as your exit policy in torrc, and I'd stop/start the service to be sure it grabbed it.

Using the below exit policy, we've had our exit node running for a couple months or so doing pretty good bandwidth, and not had a single warez-related complaint. Seen some complaints about SQL injection attacks but perhaps those will annoy your ISP less.

ExitPolicy accept *:20-23 # FTP, SSH, telnet ExitPolicy accept *:43 # WHOIS ExitPolicy accept *:53 # DNS ExitPolicy accept *:79-81 # finger, HTTP ExitPolicy accept *:88 # kerberos ExitPolicy accept *:110 # POP3 ExitPolicy accept *:143 # IMAP ExitPolicy accept *:194 # IRC ExitPolicy accept *:220 # IMAP3 ExitPolicy accept *:389 # LDAP ExitPolicy accept *:443 # HTTPS ExitPolicy accept *:464 # kpasswd ExitPolicy accept *:531 # IRC/AIM ExitPolicy accept *:543-544 # Kerberos ExitPolicy accept *:554 # RTSP ExitPolicy accept *:563 # NNTP over SSL ExitPolicy accept *:636 # LDAP over SSL ExitPolicy accept *:706 # SILC ExitPolicy accept *:749 # kerberos ExitPolicy accept *:873 # rsync ExitPolicy accept *:902-904 # VMware ExitPolicy accept *:981 # Remote HTTPS management for firewall ExitPolicy accept *:989-995 # FTP over SSL, Netnews etc ExitPolicy accept *:1194 # OpenVPN ExitPolicy accept *:1220 # QT Server Admin ExitPolicy accept *:1293 # PKT-KRB-IPSec ExitPolicy accept *:1500 # VLSI License Manager ExitPolicy accept *:1533 # Sametime ExitPolicy accept *:1677 # GroupWise ExitPolicy accept *:1723 # PPTP ExitPolicy accept *:1755 # RTSP ExitPolicy accept *:1863 # MSNP ExitPolicy accept *:2082 # Infowave Mobility Server ExitPolicy accept *:2083 # Secure Radius Service (radsec) ExitPolicy accept *:2086-2087 # GNUnet, ELI ExitPolicy accept *:2095-2096 # NBX ExitPolicy accept *:2102-2104 # Zephyr ExitPolicy accept *:3128 # SQUID ExitPolicy accept *:3389 # MS WBT ExitPolicy accept *:3690 # SVN ExitPolicy accept *:4321 # RWHOIS ExitPolicy accept *:4643 # Virtuozzo ExitPolicy accept *:5050 # MMCC ExitPolicy accept *:5190 # ICQ ExitPolicy accept *:5222-5223 # XMPP, XMPP over SSL ExitPolicy accept *:5228 # Android Market ExitPolicy accept *:5900 # VNC ExitPolicy accept *:6660-6669 # IRC ExitPolicy accept *:6679 # IRC SSL ExitPolicy accept *:6697 # IRC SSL ExitPolicy accept *:8000 # iRDMI ExitPolicy accept *:8008 # HTTP alternate ExitPolicy accept *:8074 # Gadu-Gadu ExitPolicy accept *:8080 # HTTP Proxies ExitPolicy accept *:8087-8088 # Simplify Media SPP Protocol, Radan HTTP ExitPolicy accept *:8332-8333 # BitCoin ExitPolicy accept *:8443 # PCsync HTTPS ExitPolicy accept *:8888 # HTTP Proxies, NewsEDGE ExitPolicy accept *:9418 # git ExitPolicy accept *:9999 # distinct ExitPolicy accept *:10000 # Network Data Management Protocol ExitPolicy accept *:11371 # OpenPGP hkp (http keyserver protocol) ExitPolicy accept *:12350 # Skype ExitPolicy accept *:19294 # Google Voice TCP ExitPolicy accept *:19638 # Ensim control panel ExitPolicy accept *:23456 # Skype ExitPolicy accept *:33033 # Skype ExitPolicy reject *:*

On Thursday 24/10/2013 at 9:11 pm, Christopher Jones wrote:

I’ve been running an exit relay for about 3 days and, sure enough, some BitTorrent bugger caused sh3lls.net to send me a DMCA nastygram:

...

We have got the following complain, please remove all illegal torrents immediately from your server:

Evidentiary Information Title: Suits (TV) Infringement Source: BitTorrent Initial Infringement Timestamp: 17 Oct 2013 22:06:17 GMT Recent Infringement Timestamp: 17 Oct 2013 22:06:17 GMT Infringing Filename: Suits Season 3 Episode 6 (The Other Time) (HDTV x264)-ASAP (1GBps SeedBox).mp4 URL if applicable: Infringing File size: 364405400 Infringers IP Address: 64.32.14.34 Bay ID: 7fbb4256bfca558d5a809b9f6536b5fd5e4e782d|364405400 Port ID: 33788

I followed through with the templates provided by the Tor Project as a response to the DMCA takedown notification. A day later, the ISP sent me this:

...

Dear Christopher Whether you run Tor or not, we even told you in past, it's your responsibility to stop all abuse If Tor is causing it, stop the program Tor on your server, if we get another complain we will have to suspend/terminate your services

tor always always gets lots and lots of abuse and complains

Update us within 24 hours

Thanks

I was never provided with the full text of the original DMCA complaint, so I was unable to respond. Furthermore, I was never “even told…in the past” that I had to stop all abuse caused by Tor. Tor is not singled out in the ToS or AUP. And I was certainly never told anything in the past about abuse and Tor specifically. As I said, first warning. Then there’s the “tor always always gets lots and lots of abuse and complains [sic]”. Which is kind of bizarre, because their position on tor seems a bit cagey. Does the claim about lots of abuse mean they won’t allow exit nodes? Or is that just a “hint” that I’d be better off not trying to run it?

And this is an ISP I picked from the good list.

Suggestions are welcome. I’m running with the default exit node policy, which should block most of the abuse-laden ports. BitTorrent’s a little harder to deal with. I’ve no qualms working with the ISP to mitigate their concerns, but I’m not sensing their returning the same spirit of cooperation.

.cpj_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays