[tor-relays] Exit policy question

[Jesus Cea]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/06/11 21:16, Justin Aplin wrote:

> Most people on this list seem to have a lot of success with the
> "standard" reduced exit policy (6 of [1]). Generally even ISPs who are
> hostile to Tor will give you several warnings before shutting down
> service, so if reasoning with them doesn't work, you always have the
> option of dropping down to a middle node later on down the line.

I run a TOR node in OVH (France). They shutdown my server several times
because it was "hacked" in the sense of "we don't think a server should
make outgoing port 443 connections". After a lof of complains and
arguments, and a dozen of shutdowns, I restricted my node to NON-EXIT.
And filter my 443 outgoing at FW level, because even connecting to port
443 of other TOR nodes were considered "you have a compromised machine".

Unsatisfying. But at least I provide 50Mbps to TOR mesh, 24x7, as an
internal relay node. Could be worse, I guess.

- -- 
Jesus Cea Avion                         _/_/      _/_/_/        _/_/_/
jcea at jcea.es - http://www.jcea.es/     _/_/    _/_/  _/_/    _/_/  _/_/
jabber / xmpp:jcea at jabber.org         _/_/    _/_/          _/_/_/_/_/
.                              _/_/  _/_/    _/_/          _/_/  _/_/
"Things are not so easy"      _/_/  _/_/    _/_/  _/_/    _/_/  _/_/
"My name is Dump, Core Dump"   _/_/_/        _/_/_/      _/_/  _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQCVAwUBTejXaZlgi5GaxT1NAQJUZAP7BTOhSkFLIr1+ZrRwMaYhsGFkOCb5VRKn
UUTu1WMG6o/6Vm1AZBRTp9/PtldnWTVsmC6foM1U5nHtGfbgJfy6oLqXTTqegd6Z
ZV8u4x+e0w+MlWq0mZxahyGMqWt0MvIb3gRXuP47SvBjoJQVflevTF8lkGAOXCQr
2l27ehta/CY=
=jmq+
-----END PGP SIGNATURE-----