wiki:doc/ReportingBadRelays

Version 16 (modified by grarpamp, 5 years ago) (diff)

Move 80/443/6667 to reflect current spec.

Reporting Bad Relays

Ran into a misconfigured, malicious, or suspicious relay while using Tor? Please let us know by sending email to bad-relays AT lists DOT torproject DOT org! Many bad relays are caught thanks to our wider community, so many thanks for all your help and vigilance!

What is a bad relay?

A bad relay is one that either doesn't work properly or tampers with our users' connections. This can be either through maliciousness or misconfiguration. Some common examples are...

  • Tampering with exit traffic in any way. This might be accidental (such as an anti-virus filter) or malicious (commonly SSLStrip, which replaces https:// links with http:// to snoop on traffic).
  • Manipulating the DHT that is used for onion services, e.g., by positioning itself in the DHT.
  • Using a DNS provider that censors its results (such as some OpenDNS configurations).
  • Performing a Sybil attack, which means flooding the network with new relays in an effort to deanonymize users. If you want to run multiple relays then that's great! But please be sure to set the MyFamily parameter.

Also, if your relay is stolen or goes missing, please report it as well, so we can blacklist it in case whoever took it puts it back online.

The following are currently permitted yet do have some discussion for prohibition (as such, they should not be reported at this time)...

  • Only allowing plain-text traffic (for instance, just port 80). There's no good reason to disallow its encrypted counterpart (like port 443), making these relays highly suspect for sniffing traffic. See context and spec.

How do I report a bad relay?

If you encounter a bad relay then please let us know and write to bad-relays AT lists DOT torproject DOT org. If you want to encrypt the email, please use the OpenPGP key B369 E7A2 18FE CEAD EB96 8C73 CF70 89E3 D7FD C0D0 (available online) and send the email to phw AT torproject DOT org instead.

You can check which exit you are using at any time by visiting tor check. Please include the following in your report:

  1. The relay's IP address or fingerprint. The fingerprint is a forty-character hex string such as 203933ED4E55EF8A3C3518427D1A1ED6A4CC285E.
  2. What kind of behavior did you see?
  3. Any additional information we'll need to reproduce the issue.

However, if you need help with anything Tor-related, please contact the help desk instead.

What happens to bad relays?

After a relay is reported and we've verified the behavior we'll attempt to contact the relay operator. Often we can sort things out but if not (or the relay lacks contact information) we'll flag it to prevent it from continuing to be used.

We have thee types of flags we can apply:

  • BadExit - Never used as an exit relay (for relays that appear to mess with exit traffic)
  • Invalid - Never used unless AllowInvalidNodes is set (by default this only allows for middle and rendezvous usage)
  • Reject - Dropped from the consensus entirely

Which we use depends on the severity of the issue, and if it can still be safely used in certain situations.

My relays was given the BadExit flag. What's up?

In just about all cases we're unable to contact the operator to resolve the issue, so if your relay has been flagged as a BadExit then please let us know so we can work together to fix the issue.

Do you actively look for bad relays?

Yes. For our automated issue detection see exitmap and sybilhunter.

Other monitors include tortunnel, SoaT, torscanner, and DetecTor.