[tor-relays] Calling for more Exit Relays

[Tom van der Woerdt]

spiros_spiros at freemail.gr schreef op 21/08/15 om 19:32:
>
> Στις 21 του Αυγούστου 2015, 13:21, Sharif Olorin <sio at tesser.org> έγραψε:
>
>> Could you estimate the number of abuse complaints you receive, or the
>> amount of time you need to spend responding to them - and how many
>> exits for how long, for context?
>
> I am the operator of exit relays in Iceland, England and Czech republic (as well as some non-exit relays where the providers are less friendly to Tor/don’t understand Tor). The nodes have been built in the last six months (financial circumstance only permitted me to start contributing recently), and I hope to run them for many years to come. As such they are all Debian Linux based with administration via Chef, so I probably spend an hour per month on the admin for all of them in total.
>
> Abuse complaints generally come in the form of automated email from Webiron and similar services, via the hosting providers. In one case, the hosting provider is happy to change the PTR record and abuse email in the WHOIS to an address that I control, so that they don’t bother forwarding the mail. I get about 5 of these per month for all of the exits, and no action is necessary. In rare cases, the hosting company based in the Czech republic asks me what steps I have taken in response to the abuse report. In this case I respond quickly with a polite message with the actions I’ve taken (blocking the host in the firewall, temporarily restricting the port in question or agreeing with the complainant that they will block the host). I spend about an hour per month on this task as well. The most frustrating part of this is when one of the exit nodes attacks a honeypot or connects to a sinkholed DNS domain, and I have to query the NIDS to make sure it is legit Tor traffic and my boxe
>   s aren’t compromised.
>
> The other category of abuse is far more rare but takes a lot of time, and that is legal threat from a company or state entity. I’ve been very lucky and so far only had two such cases, both of which required multiple emails to be sent and staff to be educated in the purpose and functionality of Tor to make the issue go away. These cases took a few hours of work and worrying each.
>
> All of my exits have a web page on port 80 explaining that they are a Tor exit and what that means.
>
> Hope this is helpful.
>
> Spiros

I used to run a lot of exit relays. Roughly 3Gbit/s.

Then the bwauth problems popped up, and some of my exit relays would 
suddenly lose all their traffic for a few weeks.

Then at some point the German government decided to spam my main ISP 
with legal requests. They didn't like that so they told me to switch 
them to normal relays. I tried to convince them, but to be fair, the 
amount of time they had to invest dealing with the government was not 
worth the money I sent them. So those nodes are no more.

Right now I am left with ~350Mbit/s of exit bandwidth, and the bwauth 
problems are not really solved. Image to illustrate: 
http://i.imgur.com/xRrr12W.png

The bwauth problem has been dragging along for several months now and 
despite my attempts to help out, nothing has changed.

I am talking with some providers to maybe get some decent contracts 
again. However, I will not commit to anything before my trust in the 
bandwidth authorities (and, by extension, the directory authorities) has 
been restored. Committing to annual contracts that cost hundreds of 
euros per month is not fun when you can't do a thing to actually get 
them utilized properly.

Please don't get me wrong, I strongly believe in the importance of Tor 
and would be happy to contribute. Sadly I feel that the Tor Project is 
not paying any attention to relay operators or users that have been 
affected by issues that have been dragging along for months. It seems 
that their main focus is on the research and implementation of cool 
projects. Research is nice, but if your network is having trouble, you 
may want to shift priorities a bit.

I'm looking forward to a future where the Tor Project operates as a 
non-profit company with a focus on keeping its relay operators and users 
happy, instead of the research.

As soon as my trust in this operational part of the Tor Project has been 
restored, I will probably commit to running more exits again. Until then 
it just seems like a waste of time and money.

Tom

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3729 bytes
Desc: S/MIME-cryptografische ondertekening
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150821/2d538bd9/attachment-0001.bin>