contrib/tor-exit-notice.html

   1 <html>
   2 <head>
   3 <title>This is a Tor Exit Router</title>
   4
   5 <!--
   6
   7 This notice is intended to be placed on a virtual host for a domain that
   8 your Tor exit node IP reverse resolves to so that people who may be about
   9 to file an abuse complaint would check it first before bothering you or
  10 your ISP. Ex:
  11 http://tor-exit.yourdomain.org or http://tor-readme.yourdomain.org.
  12
  13 This type of setup has proven very effective at reducing abuse complaints
  14 for exit node operators.
  15
  16 There are a few places in this document that you may want to customize.
  17 They are marked with FIXME.
  18
  19 -->
  20
  21 </head>
  22 <body bgcolor=white text=black>
  23
  24 <center><h1>This is a Tor Exit Router</h1></center>
  25
  26 <p>Most likely you are accessing this website because you had some issue with
  27 the traffic coming from this IP. This router is part of the <a
  28 href="https://www.torproject.org/">Tor Anonymity Network</a>, which is
  29 dedicated to <a href="https://www.torproject.org/30seconds.html.en">providing
  30 privacy</a> to people who need it most: average computer users. This
  31 router IP should be generating no other traffic, unless it has been
  32 compromised.
  33
  34 <p>
  35
  36
  37 <!-- FIXME: you should probably grab your own copy of how_tor_works_thumb.png
  38 and serve it locally -->
  39 <center><a href="https://www.torproject.org/overview.html">
  40 <img src="https://www.torproject.org/images/how_tor_works_thumb.png"></a></center>
  41
  42 <p>
  43
  44 Tor sees use by <a href="https://www.torproject.org/torusers.html.en">many
  45 important segments of the population</a>, including whistle blowers,
  46 journalists, Chinese dissidents skirting the Great Firewall and oppressive
  47 censorship, abuse victims, stalker targets, the US military, and law
  48 enforcement, just to name a few.  While Tor is not designed for malicious
  49 computer users, it is true that they can use the network for malicious ends.
  50 In reality however, the actual amount of <a
  51 href="https://www.torproject.org/faq-abuse.html">abuse</a> is quite low. This
  52 is largely because criminals and hackers have significantly better access to
  53 privacy and anonymity than do the regular users whom they prey upon. Criminals
  54 can and do <a
  55 href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_tools.html">build,
  56 sell, and trade</a> far larger and <a
  57 href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_distributing_your.html">more
  58 powerful networks</a> than Tor on a daily basis. Thus, in the mind of this
  59 operator, the social need for easily accessible censorship-resistant private,
  60 anonymous communication trumps the risk of unskilled bad actors, who are
  61 almost always more easily uncovered by traditional police work than by
  62 extensive monitoring and surveillance anyway.
  63
  64 <p>
  65
  66 In terms of applicable law, the best way to understand Tor is to consider it a
  67 network of routers operating as common carriers, much like the Internet
  68 backbone. However, unlike the Internet backbone routers, Tor routers
  69 explicitly do not contain identifiable routing information about the source of
  70 a packet, and no single Tor node can determine both the origin and destination
  71 of a given transmission.
  72
  73 <p>
  74
  75 As such, there is little the operator of this router can do to help you track
  76 the connection further. This router maintains no logs of any of the Tor
  77 traffic, so there is little that can be done to trace either legitimate or
  78 illegitimate traffic (or to filter one from the other).  Attempts to
  79 seize this router will accomplish nothing.
  80 <p>
  81
  82 <!--- FIXME: US-Only section. Remove if you are a non-US operator -->
  83
  84 Furthermore, this machine also serves as a carrier of email, which means that
  85 its contents are further protected under the ECPA. <a
  86 href="http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002707----000-.html">18
  87 USC 2707</a> explicitly allows for civil remedies ($1000/account
  88 <i><b><u>plus</u></b></i>  legal fees)
  89 in the event of a seizure executed without good faith or probable cause (it
  90 should be clear at this point that traffic with an originating IP address of
  91 FIXME_DNS_NAME should not constitute probable cause to seize the
  92 machine). Similar considerations exist for 1st amendment content on this
  93 machine.
  94
  95 <p>
  96
  97 <!-- FIXME: May or may not be US-only. Some non-US tor nodes have in
  98 fact reported DMCA harassment... -->
  99
 100 If you are a representative of a company who feels that this router is being
 101 used to violate the DMCA, please be aware that this machine does not host or
 102 contain any illegal content. Also be aware that network infrastructure
 103 maintainers are not liable for the type of content that passes over their
 104 equipment, in accordance with <a
 105 href="http://www4.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00000512----000-.html">DMCA
 106 "safe harbor" provisions</a>. In other words, you will have just as much luck
 107 sending a takedown notice to the Internet backbone providers. Please consult
 108 <a href="https://www.torproject.org/eff/tor-dmca-response.html">EFF's prepared
 109 response</a> for more information on this matter.
 110
 111 <p>For more information, please consult the following documentation:
 112
 113 <ol>
 114 <li><a href="https://www.torproject.org/overview.html">Tor Overview</a></li>
 115 <li><a href="https://www.torproject.org/faq-abuse.html">Tor Abuse FAQ</a></li>
 116 <li><a href="https://www.torproject.org/eff/tor-legal-faq.html">Tor Legal FAQ</a></li>
 117 </ol>
 118 <p>
 119
 120 That being said, if you still have a complaint about the router,  you may
 121 email the <a href="mailto:FIXME_YOUR_EMAIL_ADDRESS">maintainer</a>. If
 122 complaints are related to a particular service that is being abused, I will
 123 consider removing that service from my exit policy, which would prevent my
 124 router from allowing that traffic to exit through it. I can only do this on an
 125 IP+destination port basis, however. Common P2P ports are
 126 already blocked.
 127
 128 <p>You also have the option of blocking this IP address and others on
 129 the Tor network if you so desire. The Tor project provides a <a
 130 href="https://tor-svn.freehaven.net/svn/tor/trunk/contrib/exitlist">python script</a> to
 131 extract all IP addresses of Tor exit nodes, and an official <a
 132 href="https://www.torproject.org/tordnsel/">DNSRBL</a> is also available to
 133 determine if a given IP address is actually a Tor exit server. Please
 134 be considerate
 135 when using these options. It would be unfortunate to deny all Tor users access
 136 to your site indefinitely simply because of a few bad apples.
 137
 138 </body>
 139 </html>
 140