[tor-relays] Is there any reason to keep the default exit policy?

Roger Dingledine arma at mit.edu
Mon Nov 4 09:10:55 UTC 2013

On Mon, Nov 04, 2013 at 08:53:11AM +0100, tor-admin wrote:
> > Whoops, thanks for the correction Roger.  I guess I've been configuring
> > exit relays for so long that I forget what it's like to configure a
> > non-exit. :)
> Same for me. I also thought that setting up a relay would still make it a non-
> exit by default, as it was in the old days.

It was never that way in the old days. The default exit policy has
been the default exit policy since we added the notion of exit policies
in 2003.

> I would make non-exit the default.

Lunar opened https://trac.torproject.org/projects/tor/ticket/10067

I've retitled this thread to try to get more opinions.

I'm inclined to agree with the idea -- first because the Internet abuse
landscape has changed a lot since 'the old days', but mainly because
I worry about the "slash and burn agriculture" approach to running Tor
relays, where you set up an exit relay, and if anybody gets angry you move
on to another ISP. That approach is really appealing since it's simple,
but it assumes the Internet is infinite. If in fact we're destroying
land without regard to sustainability, and we run out of land...

Today's interactions with ISPs influence Tor's future viability. So if
people are accidentally exit relays without knowing it, I worry as much
about the damage to the ISP's view of Tor as I do about the temporary
hassle for the operator.


More information about the tor-relays mailing list