[tor-relays] Handling abuse - like to get your help please
pa011
pa011 at web.de
Mon Jun 20 09:19:09 UTC 2016
Hi all,
thanks again for your hints - in my case they obviously find Tor less
fancy - their response today is following:
"Hello.
You need to take steps to ensure that the complaint would be no longer
received.
This software is only allowed if there are no complaints on the server."
As I cant close Port 80 and the next attack would be a different target
I guess there is not much room for response :-(
Rgds
Paul
Am 18.06.2016 um 03:05 schrieb s7r:
> Hello,
>
> Thanks for running an exit relay.
> That is just an automated email message. You do not want to reply to
> every single automated message you receive, firstly because these
> replies go into a black hole and they are not read by any humans, so
> your effort may be useless.
>
> Generally, you should only reply to abuse reports which are personalized
> and properly addressed, indicating a clear problem or concern, sent by
> simple internet users, authorities, investigatory bodies, etc. The
> emails don't have to come from some organization/government/authority in
> order to demand reply, simple concerned users are also rightful to
> receive a human written personalized reply. You will quickly learn to
> make the difference between an automated message and a real abuse report.
>
> Over 90% of the abuse reports are fail2ban automated emails, emails sent
> by intrusion preventing systems / firewalls - some of them clearly state
> it's an automated message, others claim not to be responsible for the
> content, others are addressed to 'whom it may concern', these are all
> the same, copy/pasted text emails spammed to the abuse addresses.
>
> These are not by any means strict rules, you are free to reply to
> whatever you want, this is just my advice and purely informational. I
> run quite a bunch of exits.
>
> On 6/17/2016 11:12 PM, pa011 wrote:
>> Thank you Michael, solving that obviously easy question :-)
>>
>> So what was this "attac" then about, on which way, how can I see that ?
>>
>> Nice weekend to all
>>
>> Paul
>>
>>
>> Am 17.06.2016 um 21:53 schrieb Michael Armbruster:
>>> On 2016-06-17 at 21:51, pa011 wrote:
>>>> Thank you both !
>>>>
>>>> @ Michael: that’s exactly what I did so far and in the past
>>>> @ Moritz: I will try my best - yes it was an automated response with
>>>> just an name in Germany and no IP given, that I could possibly block
>>>>
>>>> "HTTP/1.1 404 293..." are these the ports the traffic went trough ?
>>>>
>>>
>>> Hi,
>>>
>>> Glad to hear other people already helped you out with your first question :)
>>>
>>> To answer this one: No, this is just the HTTP version (so protocol and
>>> version), the HTTP status code (404 for "Not Found"; file was not found
>>> on the server) and the size of the message that was transmitted to the
>>> client, 293 bytes in this case.
>>>
>>> Best Regards,
>>> Michael Armbruster
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xC8C330E7.asc
Type: application/pgp-keys
Size: 3104 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160620/53cc213a/attachment.key>
More information about the tor-relays
mailing list