possible spam compromise - advice please
mick
mbm at rlogin.net
Fri Feb 18 13:27:07 UTC 2011
Firstly, my apologies if this list is inappropriate for this question.
If it should be aimed elsewhere, plesae let me know.
I currently run two exit nodes at toroftheworld.aibohphobia.org and
toroftheworld2.aibohphobia.org. I have just been contacted by the
provider of one of these nodes to say that they have received a
complaint from spamcop that my IP address has been responsible for
sending bulk email (spam). I can't yet see any evidence on my box of
this, but I thought I'd check here before saying categorically that tor
usage cannot be responsible.
My exit policy is strict - viz:
ExitPolicy reject 0.0.0.0/8:*
ExitPolicy reject 127.0.0.0/8:*
ExitPolicy reject 10.0.0.0/8:*
ExitPolicy reject 169.254.0.0/16:*
ExitPolicy reject 172.16.0.0/12:*
ExitPolicy reject 192.168.0.0/16:*
#
## just allow http and https
##
ExitPolicy accept *:80
ExitPolicy accept *:443
ExitPolicy reject *:*
and the mailserver on that box listens only on local loopback
(127.0.0.1).
My question is, does that configuration lend itself to exploitation by
spammers in any way?
If tor users are not responsible, I might have a bigger problem :-)
Mick
---------------------------------------------------------------------
The text file for RFC 854 contains exactly 854 lines.
Do you think there is any cosmic significance in this?
Douglas E Comer - Internetworking with TCP/IP Volume 1
http://www.ietf.org/rfc/rfc854.txt
---------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20110218/82a541a2/attachment.pgp>
More information about the tor-relays
mailing list