Delivery-Date: Tue, 10 May 2016 10:27:40 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL,
	DKIM_SIGNED,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id B00B51E04EB;
	Tue, 10 May 2016 10:27:38 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 89ADD3A5F2;
	Tue, 10 May 2016 14:27:33 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id B0B0D3A5F5;
 Tue, 10 May 2016 14:27:29 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 5OL_OFXKhVr9; Tue, 10 May 2016 14:27:29 +0000 (UTC)
Received: from mail2.openmailbox.org (mail2.openmailbox.org [62.4.1.33])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 825713A466;
 Tue, 10 May 2016 14:27:29 +0000 (UTC)
Received: by mail2.openmailbox.org (Postfix, from userid 1001)
 id 39D53104191; Tue, 10 May 2016 16:27:25 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org;
 s=openmailbox; t=1462890445;
 bh=lSLNZVq8PRBFBS3DiLXAzKnKhmwM/1MMUEq3pofZKhk=;
 h=Subject:To:References:From:Date:In-Reply-To:From;
 b=NUox/JBk3cDzZZ7SytFrU2mXYPLMaSgtkC6o8Qd6HozomrXuy3CyGITu6d8hFXNUX
 LDlv8bXAutd09IsXG4O+x6A6mKq4kZoNnnELN8KLKpteoDHJDADQKhigaMabSOeuFY
 iuKodevo96qgOlvPF9FWitSVMUESGI2wLY2QLEpw=
Received: from 127.0.0.1 (politkovskaja.torservers.net [77.247.181.165])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 (Authenticated sender: nusenu@openmailbox.org)
 by mail2.openmailbox.org (Postfix) with ESMTPSA id DE68410414D;
 Tue, 10 May 2016 16:27:16 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org;
 s=openmailbox; t=1462890441;
 bh=lSLNZVq8PRBFBS3DiLXAzKnKhmwM/1MMUEq3pofZKhk=;
 h=Subject:To:References:From:Date:In-Reply-To:From;
 b=iGDac6DG26UA5+jJb4CuxtG/O7n0z2xuZzmV4uBylHYjS8+tXd82p9J8orDOjmmzV
 wAvxfI1p6GkWSQ2L//ziAHB/M1hRPV5H0LLX+QRdvm0em3LSv0t3tiO5gRfkaGpiZh
 Wi0sPrva97X64zz5vXQz+dSSY8QE89xI1SiMr8xw=
To: tor-talk@lists.torproject.org, bad-relays@lists.torproject.org
References: <20160509142833.GA29776@inner.h.apk.li>
From: nusenu <nusenu@openmailbox.org>
X-Enigmail-Draft-Status: N1110
Message-ID: <4b001f59-8b8d-46d6-12b0-6933e8cd0598@openmailbox.org>
Date: Tue, 10 May 2016 14:27:05 +0000
MIME-Version: 1.0
In-Reply-To: <20160509142833.GA29776@inner.h.apk.li>
Subject: Re: [tor-talk] Are squid proxies acceptable on exit nodes?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============6360571324677564406=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6360571324677564406==
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="7ccMpjCPtKqTP0o6l8niC0P0Ui7SoWWFT"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--7ccMpjCPtKqTP0o6l8niC0P0Ui7SoWWFT
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

> recently I occasionally get things like depicted in
> https://twitter.com/akrey/status/729677599652380672
>=20
> A squid error page that the connection to the remote
> host timed out (here 193.99.144.85, which is the
> address of www.heise.de which I wanted to reach).
>=20
> To me it looks like the tor exit is using a squid
> proxy - is that an acceptable thing to do as a
> relay operator?

Exit relays should not route their traffic through transparent proxies
because that causes problems when TCP ports are not used for the usual
protocols and also generates more logs then there should be.

Also they seem to have timeouts a lot, where other exits are able to
deliver the same sites without problems (maybe their squid is overloaded?=
).

This one is also using a squid proxy and it is likely operated by the
same entity (see last restart timestamp):
https://atlas.torproject.org/#details/8E15D869D266DF5B08351122185F9660CA6=
D0FA2

as
https://atlas.torproject.org/#details/4F0003EAB0E8712B94B29A84BF8B8F34C95=
927BC
and
https://atlas.torproject.org/#details/C2C7796F98D22EAB910648FDD54951089E6=
233DE

unfortunately we can not ask them if they or their upstream is running
squid since they have no ContactInfo set.

Please consider giving them the badexit flag.

you might also want to have a look at other exits on that AS to find out
if their upstream is running squid.
https://compass.torproject.org/#?exit_filter=3Dall_relays&links&sort=3Dcw=
&sort_reverse&country=3D&ases=3DAS49981&top=3D-1&exits_only


--7ccMpjCPtKqTP0o6l8niC0P0Ui7SoWWFT
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXMe+9AAoJEFv7XvVCELh0cZYQAKcf8Xj/GuX0I1S7rkJPmYC2
g+V4jap3IO80gOxqo4VSs8ZrFxjxS1Zh60V00Kf6yhjGSoABhJmPwyj7xCuAKMBX
0GZuJtGHb2wzExqFy/vQ+9DT+fKqXNtP0f6ZN2RSi0QzUk3xlGN7F+zH7VkHh27N
u8BD3S6JPnFuLVO86KsLcgwrSdWLxRf26vrcRnK695P4wzAnzorlgPoF2P1KrwuQ
6q7uxdvYXgQfLZOkX9+Aa4hQV/t6aZfGPlYWfsaS8Z3shv9kfOmTz2Kc1+Rqb7fA
XLODUboRzAnIEi/l9GmTw5MRHb3Lmwwe85gjuTpBOF8ISx8NELzSaHJCfDd7nW77
UKyBArMz08O49yDSeYKe6F4LQzbS9hiLnCOzBBl0aSJ6A+gjnXNy5CBheYunrvJk
a1qFxi/mWoFVb5JFMNPMQmRTyCIOxqyVLCgVMzKQE56jSErYTS4e3RogefDNd5NO
s2qGKkXdgxzKq9xjU+W0xN/4Y3Rx18d7onmskvtk69FLvQzRD0RzI5zau+mG6JOo
o4H3Yx05joVZfvVTLR3U7MItVpIBxGdOd3fz6Ofha8SaT8eqQMJmgd/hk+EVOtL1
zftBxBsJFwoVBh4UrXyCXrYgdL4253fVtK6kO7Y0iek3QeSe3fMQBilhDf0rnV3t
BdVD64oHg+L2GQEq+Z9p
=cs+B
-----END PGP SIGNATURE-----

--7ccMpjCPtKqTP0o6l8niC0P0Ui7SoWWFT--

--===============6360571324677564406==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============6360571324677564406==--

