This guy sure is persistent! Check out this recent thread: https://lists.torproject.org/pipermail/tor-relays/2017-September/012934.html On Sep 12, 2017 11:17, <jpmvtd261@laposte.net> wrote:

Hello,

Recently, I installed a new Tor exit node. A few days later, I received an email on the address given in the node contact information. This email suggests to change the DNS server my node use, and gives me a specific IP address to use.

Here is the mail (obfuscated with sharps) :

EMAIL BEGIN *********************************** * Sender : info AT backplanedns DOT org * Subject : Your TOR node * Body : ** ** Hello, ** ** I came across your TOR relay on atlas. I run a few relays myself ** along with a bunch of DNS resolvers which are a part of the Open ** Root Server network (ORSN.org) - aimed to fight internet ** censorship and circumvent government surveillance programs ** (ie. prism). ** ** I hope you may be interested in using our anonymous open DNS ** resolvers on your relays. ** ** https://BackplaneDNS.org ** ** Resolver - 172.98.193.4# ** ** Resolver - 162.248.241.9# ** ** ------------------------------------------------------ ** ** Hostmaster@: ** Mr. D##### E#### H##### ** ** Phone: ** +1 (###) ###-#### ** ** E-Mail: ** info AT backplanedns DOT org ** abuse DOT backplanedns DOT org ** ** Linkedin: ** http://linkedin.com/in/d####-######-#########/ *********************************** EMAIL END

I think it could be an attack. If this person send this email to every new exit node operators, there may be a small percentage of rookie operators who will make the change. I found this webpage about Tor exit nodes and DNS : https://nakedsecurity.sophos.com/2016/10/05/unmasking-tor-users-with-dns/

What do you think about this email ?

_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays