[tor-relays] Amazon abuse report

Moritz Bartl moritz at torservers.net
Sat Nov 2 16:10:50 UTC 2013

On 11/02/2013 02:46 PM, Paritesh Boyeyoko wrote:
> I'm just finding it difficult to accept that there's little to be done.  As far 
> as I can see, the only way BitTorrent content distibution can work across Tor 
> is because exits are allowing accept *:* as their exit policy - torrent 
> clients are typically on non-standard ports.
> The effect of this is that Tor gets a bad rep for copyright abuse right 
> alongside BitTorrent, and people shy away from running exits due to 
> the hassle involved.

As one of the large operators that indeed allows exiting on all ports
except 25: This is on purpose. I don't consider applications that choose
random ports as bad, I don't consider file sharing per se as bad. I
don't want to interfere with user traffic. I wish I could leave 25 open
as well, but our ISPs don't like that.

> Observation:  the URI you linked above is accessed from this page
> https://trac.torproject.org/projects/tor/wiki//doc/TorExitGuidelines
> but you must go halfway down the page, under "Handling abuse complaints" to 
> get to it.  Perhaps on this page
> https://www.torproject.org/docs/tor-relay-debian.html.en
> running an exit should be given its own section on this page.

I can understand the intention. The exit guidelines should be linked
from there, I agree. On the other hand, I am not a fan of "making it
easier" to run exit relays. Reading a (somewhat lengthy) document as the
exit guidelines should really be the least you can require. There's some
things you just can't optimize away.

> Question:  why not ship the reduced ExitPolicy as part of the default torrc, 
> but commented out, and with reject *:* as the default ExitPolicy?

The current torrc ships with

#ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
#ExitPolicy accept *:119 # accept nntp as well as default exit policy
#ExitPolicy reject *:* # no exits allowed

So, "reject *:*" is already an example rule in there. Listing all
examples from the reduced exit policy will make reading the file more
complicated, especially for the majority that will not want to run an
exit relay in the first place.

Also, it has:

## Look at https://www.torproject.org/faq-abuse.html#TypicalAbuses
## for issues you might encounter if you use the default exit policy.

And that URL mentions the DMCA problem and links to both the reduced
exit policy and the exit guidelines.

Moritz Bartl

More information about the tor-relays mailing list