General question about exit policies...

Michael cozzi at cozziconsulting.com
Wed Jul 1 02:20:26 UTC 2009


    Hi all,

    One thing I do not see is support for an exit policy such as:

    accept *.yahoo.com:80
    accept *.google.com:80

    Is this type of statement supported but undocumented, and what would 
people think of having that ability?

    From my standpoint, it would certainly make running an exit easier 
for me to handle from an abuse management standpoint. In this way server 
admins who might have servers in unfriendly environments could perhaps 
allow exits to hard to abuse locations that are high traffic sites. Thus 
increasing bandwidth overall.

    And while I know I can dig up the addresses myself with some degree 
of accuracy and provide exit in that manner, it would allow admins to 
ensure that the port that was opened, was actually being used for the 
protocol for which it was intended, by only allowing exit to an intended 
target.

    This isn't a judgment about the people using Tor, but rather a tool 
that admins can use to provide bandwidth in a less risky manner.

    Thoughts or comments?

    Michael



More information about the tor-talk mailing list