[tor-relays] Blocking Domains

Diarmaid McManus diarmaidmcmanus at gmail.com
Tue Nov 1 11:27:11 UTC 2016


I wouldn't recommend blocking at the DNS level, as this could flag your
exit with a BADEXIT for modifying traffic.

The current official way to do this is through the exit policy, but this is
in a configuration file.
*Relay Operators*: is there a way to dynamically update the exit policy as
a relay is running?

On 1 November 2016 at 10:35, teor <teor2345 at gmail.com> wrote:

>
> > On 1 Nov. 2016, at 07:42, SuperSluether <supersluether at gmail.com> wrote:
> >
> > They give me the IP address to block. The problem is yesterday it was on
> s01.panelboxmanager.com. Today it was s502.panelboxmanager.com. I was
> hoping for a way to block all sub-domains of panelboxmanager.com to
> prevent further abuse on that particular network. Guess I'll keep going
> per-IP for now.
> >
> >
> > On 10/31/2016 03:38 PM, Jason Jung wrote:
> >> You need to block them via IP address.  Do a DNS lookup of the domain in
> >> question if the e-mail doesn't contain it.
> >>
> >> On Mon, Oct 31, 2016 at 07:55:43AM -0500, Tristan wrote:
> >>> Is it possible to block domain names in Tor's ExitPolicy? I've been
> getting
> >>> abuses on *.panelboxmanager.com, and I'd like to be proactive about
> this if
> >>> possible.
>
> If you run a local caching resolver, you can tell it not to answer requests
> for these domains. (Or, more precisely, answer them with NXDOMAIN.)
>
> And you should block the IP addresses for the netblock in your exit policy
> as well, so the blocking is at least somewhat transparent.
>
> T
>
> --
> Tim Wilson-Brown (teor)
>
> teor2345 at gmail dot com
> PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
> ricochet:ekmygaiu4rzgsk6n
> xmpp: teor at torproject dot org
> ------------------------------------------------------------
> ------------------
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20161101/67399fb0/attachment.html>


More information about the tor-relays mailing list