[tor-relays] MY IP adress on blacklist and then in exit relay policy
Zack Weinberg
zackw at cmu.edu
Mon Mar 30 15:01:40 UTC 2015
This *will* happen again. You need to have a conversation with your
provider and convince them to ignore reports of this form for your
exit node, or else you need to get a new provider. I would open the
conversation with something like this:
| This machine is a Tor exit node, which, as part of its normal operation,
| proxies traffic for other hosts on the Internet. By design, it is impossible
| for me to identify those other hosts or communicate with their operators.
| It is one of those other hosts that was infected with s_downloaderbot-mxb.
|
| Because Tor users are very diverse, I can't guarantee that this will never
| happen again. You should expect ongoing false positives for this machine
| on all checks for malware infection, outdated operating system, etc.
|
| I have the ability to disable proxying to specific IP address ranges and
| specific TCP ports, but this should be considered a last resort tactic. It
| does not actually prevent anyone from using Tor to send spam or whatever;
| the traffic will just move to some other exit node. I also have the
ability to
| limit the total bandwidth consumed by Tor.
|
| I'm happy to work with you to minimize the impact of this service on your
| network. I hope you will consider allowing it to remain in operation, as it
| is extremely valuable for people who need to conceal their official
| identities online, especially in countries where access to the Internet
| is restricted. For more information please see
| https://www.torproject.org/about/overview.html#overview
zw
On Mon, Mar 30, 2015 at 9:04 AM, Cmar433 <cmar433 at yandex.com> wrote:
>
>
> https://globe.torproject.org/#/relay/9DCF76179FCF47224D235ECD4A6165FED22ECE7B
>
> So, i am running exit node. My provider send me an email .. "This IP is infected with, or is NATting for a machine infected with s_downloaderbot-mxb"
> Any idea what can i do with this problem ?
>
>
>
> Now i can see my IP in my server exit policy ...
>
> After my "delist action" is clean ..
>
> http://www.senderbase.org/lookup/ip/?search_string=37.157.192.208
>
> I need just wait ? And all outgoing packet from my server still droped ?
>
> Thanks ..
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
More information about the tor-relays
mailing list