Hi Alexander. Thanks for running a relay! > If yes, I wanted to ask if anybody knows a way to check every outgoing TCP > connection for connecting to *.sinkhole.shadowserver.org and dropping it > if needed.
I haven't seen any complaints about this with Amunet. The exit policy doesn't accept hostnames (nor wildcards in them) so your best bet is probably to just reject connections to their current honeypots and add more if you keep getting complaints. Here's what robtex reports for the sinkhole subdomains: 74-208-15-160.sinkhole.shadowserver.org 74-208-15-97.sinkhole.shadowserver.org 74-208-164-166.sinkhole.shadowserver.org 74-208-164-167.sinkhole.shadowserver.org 74-208-64-145.sinkhole.shadowserver.org 74-208-64-191.sinkhole.shadowserver.org 87-106-24-200.sinkhole.shadowserver.org 87-106-250-34.sinkhole.shadowserver.org so ExitPolicy reject 74.208.15.160, reject 74.208.15.97, reject 74.208.164.166... etc Cheers! -Damian PS. We also have a tor-relays list you might find a bit more helpful for this sort of question: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays/ _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk