[tor-relays] I.P. being Blocked?

teor teor2345 at gmail.com
Mon Aug 10 03:47:20 UTC 2015 

> On 10 Aug 2015, at 04:57 , Roman Mamedov <rm at romanrm.net> wrote:
> 
> On Mon, 10 Aug 2015 06:39:45 +1200
> Carlin Bingham <cb at viennan.net> wrote:
> 
>> Try MX Toolbox's blacklist check[0], it searches over 90 blacklists and you'll find at the very least you're on one of the Tor-specific lists.
>> 
>> 
>> [0] https://mxtoolbox.com/blacklists.aspx
> 
> Yeah on precisely one:
> 
>> DAN TOR
>> This DNS blacklist contains ALL tor nodes (both entry and exit nodes) - The
>> tor nodelist is updated every hour automatically from the live tor network.
>> There is no complaint procedure to have an IP address removed from this list
>> as it will be automatically removed once the tor node ceases to run (with a
>> maximum of 1 hour delay). More information about DAN TOR can be found at
>> their website: https://www.dan.me.uk/dnsbl
> 
> So not "several", and not a "this IP is a source of spam" list, that one is
> not even a blacklist per se, and those using it as one are incompetent and
> wrong. In fact I would also categorize the person "so helpfully running it" as
> such, since there is no reason whatsoever to track non-exit relays in any kind
> of a publicly offered "black"list, unless you just want to inflict harm onto
> the relay operators and get them unfairly blocked from various services.

I just asked the operator of the "DAN TOR" blocklists to make it easier for people to use the exit-only blocklist, and link to the relevant Tor FAQs so they can make an informed decision.

I'll let you know if he responds.

> Begin forwarded message:
> 
> From: teor <teor2345 at gmail.com>
> Subject: Tor Blocklist Confusion
> Date: 10 August 2015 13:42:26 AEST
> To: me at dan.me.uk
> 
> Hi Dan,
> 
> It appears that a number of website operators are using the .tor.dan.me.uk blocklist to block website access from the entire Tor network. It appears that they are doing this by mistake, because they are confusing the .tor.dan.me.uk and .torexit.dan.me.uk blocklists (or don't know which one to choose).
> 
> Could you make some changes to the blocklist page to avoid this happening in future?
> 
> [I have personally experienced the Apple Support Forums and various other sites blocking non-exit relay IPs. Other Tor relay operators complain about this regularly on the tor-relays mailing list. (One operator even questions why the full Tor network blocklist exists in the first place.)
> See the thread https://lists.torproject.org/pipermail/tor-relays/2015-August/007595.html ]
> 
> If you are willing, the following changes could make it easier for website operators to choose the appropriate list:
> 
> 1. Place the .torexit.dan.me.uk blocklist at the top of the page, above the .tor.dan.me.uk blocklist.
> 2. Explain that by blocking Tor exits, you will block normal people who use Tor to protect their privacy https://www.torproject.org/about/torusers.html.en
> 3. Provide a link to the Tor Project's FAQ about blocking Tor nodes at https://www.torproject.org/docs/faq-abuse.html.en#Bans
> 
> 4. Explain that using the .tor.dan.me.uk blocklist will block Tor nodes that don't allow outbound connections (non-Exit nodes), and that there is typically no reason to do this, and direct users to the .torexit.dan.me.uk blocklist instead. (The current "think carefully" doesn't provide enough information for people to make an informed decision, particularly if they aren't familiar with Tor.)
> 5. Link to the Tor Project FAQ on Exit Policies at https://www.torproject.org/docs/faq.html.en#ExitPolicies
> 
> (A more radical change could be to rename or remove the .tor.dan.me.uk blocklist. This would help avoid confusion and misuse, but would break current setups - so I can't imagine this being an option for you.)
> 
> Thank you for considering my request
> 
> Tim (teor)

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
pgp ABFED1AC
https://gist.github.com/teor2345/d033b8ce0a99adbc89c5

teor at blah dot im
OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150810/2de4fa4b/attachment.sig>

More information about the tor-relays mailing list