Safe destinations

[Erik Heidt]

Gregory -
I have been struggling with a similar question. I do not have an answer as
to the perfect list of 'safe' sites (wikipedia is at the top of my list).
But I have authored a bash script to turn a list of domains (
mail.google.com, wikipedia.com, etc.com) into rules....

The following script looks for a file called torTarget.txt, and for each
FQDN it:
- Looks up the first ip on the DNS record
- Assigns port 80 by default
- If the word "mail" appears in the FQDN, then I assume that this is a
webmail service and force port 443
- Adds google talk

The output needs to be placed in the torrc file by hand and replace any
existing policies.

Here is the script:

#!/bin/sh
#
# If dig fails, try installing the dnsutils package
# e.g. sudo apt-get install dnsutils
#

echo
echo "# Target List Generated `date`"
echo "#"
echo

cat torTargets.txt | sort -f | while read site
do

 if echo $site | grep -q "mail"
 then
  port="443"
 else
  port="80"
 fi

 dig +short $site | sort | head -n 1 | while read ip
 do

  echo "ExitPolicy accept\t $ip:$port    \t# $site "

 done
done

echo
echo "ExitPolicy accept\t *:5222 \t# Google Talk"
echo
echo
echo "ExitPolicy reject    *:*"
echo
echo "# End of Exit Policy"
echo "#"

Cheers,
Erik


On Thu, Jul 2, 2009 at 11:12 PM, Gregory Maxwell <gmaxwell at gmail.com> wrote:

> There are many people who would like to run tor exits but whom don't
> because of the inevitable flood of abuse complaints.
>
> At the same time, there are a great many high traffic destinations on
> the internet which have little to no complaint potential because they
> are effectively read-only or are otherwise understood to be
> tor/anonymity friendly.
>
> [snip...]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20090702/70469e81/attachment.htm>