Changes between Version 40 and Version 41 of doc/TorExitGuidelines

Mar 10, 2018, 8:32:59 PM (11 days ago)

Reverted to version 39.


  • doc/TorExitGuidelines

    v40 v41  
    8585If you have your own experience of abuse handling, just share it on our public mailing list or write us an email to
     87== Technical ==
     89Please read all the technical details before getting started. If you have any questions or need help, please contact us at
     91 * Hardware
     93  The minimum desired speed for your Tor relay is 256 kbps.
     95  With one modern CPU core, you will be able to push ~100 Mbps. If you want to do more than that, you need to run more than one Tor process. There is [ a modified initscript]  to help you with that.  Ideally, you have a CPU with [ AES-NI support], which allows around 300 Mbps per core.
     97 * Software
     99  Tor relays should work on Linux, FreeBSD 5.x+, OS X Tiger or later, and versions of Windows with the word Server in their name. That said, you'll likely be happiest with the packages for Debian (or with Ubuntu but only if you [ use our debs] ). published a helpful setup guide at It helps you with some improvements such as kernel settings and settings in your torrc, so you can have a super-fast relay. This is really helpful for the Tor network.
     101 * Set up an informative website on the exit IP(s) on port 80.
     103  A disclaimer helps giving people the right idea about what is behind traffic coming from these IPs. A simple notice can be published without a separate webserver using Tor's "DirPortFrontPage " directive.
     105 * Try to use dedicated IPs, and when possible dedicated hardware.
     107 * Disk encryption might be useful to protect your node keys, but on the other hand unencrypted machines are easier to "audit" if required. We feel it's best to be able to easily show that you do Tor exiting, and nothing else (on that IP or server).
     109 * Set reverse DNS to something that signals its use, e.g. 'anonymous-relay', 'proxy', 'tor-proxy'. so when other people see the address in their web logs, they will more quickly understand what's going on. If you do, and if SMTP is allowed in your exit policy, consider configuring [ SPF] on your domain: this will protect you from users using your exit node to forge e-mails which look like they come from you.
    87111== Support ==
    88112 * If you are running an exit, or are thinking about it, you should subscribe to the [ Tor-Relays list].