[tor-relays] my provider null routed my exit. advice?

[Christopher Yeager]

Hello,

I run a 100mb exit hosted at server.lu since sometime in late 2013. There
have been a couple dozen abuse reports but normally they forward them to me
to deal with and nothing much happens. However a week or so ago, while I
was travelling, there was an abuse report that made them decide to file a
ticket which then led to them suspending my IP as I 'ignored' it while I
was gone. So now I'm trying to convince them to turn the system back on and
they are pushing back, and after some back and forth they say they want me
to run an exit policy consisting of ports 53, 80, and 443. I've been
running the suggested reduced exit policy since day one and am very
reluctant to pare it down further, and certainly not to just 3 ports. I
wrote a short note explaining my point of view and I wonder if any of you
would do me the courtesy of telling me if I am likely to convince them to
let me leave the exit policy alone. I'm very willing to edit my response as
required. I think it bears mentioning that I am several messages in and I
did not get a good sense that whoever I am talking to understands Tor very
well at all - I was repeatedly asked to find and block my customer, and
told I must have logs if I provide a service, etc. I can show you the
longer exchange if you think it might be helpful. Thanks in advance and
here goes:

---
Hello,

We have nothing against Tor but IP is listed at 11 blacklists including
Spamhaus ZEN.
So we have to ask you block all ports except 80, 53 and 443 to prevent
scan, spam and other infringing activity from your IP.
Hope such proposal will be suitable for you.

Regards,
ROOT S.A.

---

Hello again,

I would rather not block any more ports that are already blocked. The
system is already set up to use the reduced exit policy detailed at
https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy which
allows as many Internet services as possible while still blocking the
majority of TCP ports. Currently, the policy allows approximately 65 ports.
I am reluctant to further reduce the ports because there is vastly more to
the internet than just the world wide web. Email, chat, remote desktop,
cache, and vpn services are all valid uses of the network that would not be
allowed by such a restrictive exit policy. I'm also afraid that it will not
help much in getting this IP off the various blocklists that it is on, as
2/3rds of the abuse reports I've been sent were due to traffic on ports 80
or 443. Several of the lists such as SECTOOR and Dans TOREXIT and related
are simply reporting to the world that this system is a Tor node. The
system is only in the Spamhaus Zen list due to its listing in the CBL for
being "infected with, or is NATting for a machine infected with s_vawtrak"
which is a Microsoft Windows virus that connected to their sinkhole IP on
port 80. Being on blocklists is something that happens when you are running
a Tor exit node and supporting Tor means putting up with them and
explaining why Tor is worth supporting even though abuse is guaranteed to
happen.

Naturally if you require this change I will be forced to make it. I hope,
however, that you can be persuaded that it is not helpful to Tor and will
not solve the problem of abuse and blacklists even if it were. Thanks again.

--

Thanks for getting this far. I await your replies with interest. :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150730/d54bdc76/attachment-0001.html>