blocking google groups [was Re: ExitPolicy abuse]

Valient Gough vgough at pobox.com
Wed Feb 9 11:41:13 UTC 2005



Roger Dingledine wrote:
>(I assume you mean Usenet.)
>
>Hm, this is a tricky one. For example, if Google starts filtering posts,
>liability issues may come up. Also, Google tends to get bad publicity
>when they do things that can be seen as "censorship."
>  
Right, meant Usenet..   I would expect that google will also get bad 
publicity if they do nothing and act as an anonymous gateway for spam to 
usenet.  The same way that TOR gets bad publicity on certain IRC 
networks because it is used as a gateway for abuse.  Or hotmail for 
spam, etc, etc.

Perhaps Usenet readers will block all messages from google.com, similar 
to how some IRC networks block all connections for TOR nodes...

>>So until google fixes the problem, I've rejected access to google's 
>>network.  I don't know how many ways groups.google.com may be accessed, 
>>but my first stab is to block 216.239.37.0/24 , which contains the 3 
>>servers listed right now in DNS.
>>    
>
>Ok, but groups.google.com is an alias for groups.google.akadns.net,
>which doesn't bode well for easily enumerating its addresses. :)
>  
dig groups.google.com gives:

;; ANSWER SECTION:
groups.google.com.      860     IN      CNAME   groups.google.akadns.net.
groups.google.akadns.net. 216   IN      A       216.239.37.104
groups.google.akadns.net. 216   IN      A       216.239.37.99
groups.google.akadns.net. 216   IN      A       216.239.37.147

I can confirm that when I load a browser and type in 
"groups.google.com", it connected to one of those IP addresses..  So the 
exitpolicy block should work...


regards,
Valient



More information about the tor-talk mailing list