[tor-relays] Digital Ocean - running Exit node locked

Matthew Finkel matthew.finkel at gmail.com
Sat Oct 8 00:04:47 UTC 2016


On Sat, Oct 08, 2016 at 12:16:39AM +0200, Markus Koch wrote:
> 2016-10-08 0:09 GMT+02:00 Tristan <supersluether at gmail.com>:
> > This page has 3 policies: Reduce exit policy, reduced-reduced exit policy,
> > and a lightweight example policy.
> >
> > https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
> >
> >
> > On Oct 7, 2016 5:01 PM, "Markus Koch" <niftybunny at googlemail.com> wrote:
> >>
> >> reduced-reduced exit policy. ?
> >>
> >> Illuminate me, pls.
> >>
> Thank you both!
> 
> Will try https://tornull.org. Perhaps it helps.
> 
> Markus
> 

I spotchecked a few of the rejects on the list. Spamhaus returned a page
showing only [0][1][2][3]:

  Error SH-403-001 


Are all of those tornull rejects legit?

Another one I checked said:

  "Network operated by cybercriminals, providing services to spammers and
  botnet operators. Can't trust anything originating from AS59564."


And that came from [4]:

  "Upstream Adjacent AS list
  AS3255 UARNET-AS State Enterprise Scientific and Telecommunication Centre
  "Ukrainian Academic and Research Network" of the Institute for Condensed
  Matter Physics of the National Academy of Science of Ukraine (UARNet),UA"


I worry about blindly following a list of rejected subnets. I won't argue that
it's not safer for the exit operator, but I hope someone's cross-checking and
confirming each entry is needed.


[0] https://www.spamhaus.org/sbl/query/SBL113323
[1] https://www.spamhaus.org/sbl/query/SBL169644
[2] https://www.spamhaus.org/sbl/query/SBL300589
[3] https://www.spamhaus.org/sbl/query/SBL310432
[4] https://www.spamhaus.org/sbl/query/SBL244638



More information about the tor-relays mailing list