wiki:doc/TorAbuseTemplates

Version 2 (modified by trac, 9 years ago) (diff)

--

Below are a collection of letters you can use to respond to your ISP about their complaint in regards to your Tor exit server. The idea is to create a master template for responses. This template is in the spirit of DMCA Response template for Tor node maintainer to ISP as written by the EFF. This provides a template that has proven effective in working with an Abuse Dept about some traffic through your Tor exit node. The DMCA template is great for DMCA take down requests of multimedia files. It's not so great a response to Google Groups, IRC Networks, or Law Enforcement's concerns about traffic through your Tor exit node.

The best answer is to follow a pattern with the complaining party. This is not legal advice. This was not written or reviewed by a lawyer. It was written by someone with experience in working with various ISPs who had issues with a Tor exit node on their network. It has also been reviewed by someone who works in Abuse at a major ISP.

  • Read the Tor Overview. Be prepared to summarize and answer basic questions. Assume the person with which you're going to converse knows nothing about Tor. Assume this same person isn't going to trust anything you say.
  • Arrange to talk, or meet, with the complaintant.
  • During the conversation make sure you explain a few points:
    • You are not the perpetrator of the issue.
    • You are a responsible server operator and concerned about the complaintant's problem.
    • You are not insane. You may be insane, but we don't want the complaintant to guess this is true.
  • In many cases, your ISP will be involved as a conduit for the 3rd party complaintant. Your ISP wants to know:
    • Your server is not compromised.
    • Your server is not a spam relay.
    • Your server is not a trojan/zombie.
    • You are a competent server administrator and can address the issue. Minimally, you can at least discuss and respond to the issue intelligently.
    • The ISP is not at fault and not liable for your actions. This is normally the case, but the poor abuse person dealing with the issues just wants to hear it isn't the ISPs problem. They will move on after they are comfortable.
  • Discuss options. Options Phobos has been offered:
    • The ISP/Complaintant may very well demand to see logfiles. Fortunately, by default, nothing sensitive disclosed. You may want a new ISP if they demand access to log files ad hoc.
    • The ISP/Complaintant suggests you convert to middleman.
    • The ISP/Complaintant demands you disable Tor. You may want a new ISP as a result.
    • The ISP/Complaintant states they will firewall off the traffic on the default ports. You may want a new ISP as a result.
    • Update the config to disallow traffic to a certain IP range from your exit node.
  • After all has been discussed, offer a follow up conversation within a week. Make sure your agreed upon changes are implemented. Neither the ISP nor Complaintant may want to do this, but the fact that you offered is in your credit. This may help them feel "comfortable" with you.

Good luck!