Good evening,
I still don't know what the cause is and got the same email again in same time
period. I can't really keep risking this as I have many other services running
on this server with largest being mirror.diyarciftci.xyz. I already had my IP
blocked once before. For the time being, I will be blocking 1AEO too. Looking
at metrics, it looks like all got bounced at the same time as when the report
came in. When good news comes back, I have no issue with unblocking.
Kind regards,
Diyar Ciftci
-------- Original Message --------
On Thursday, 01/01/26 at 20:35 Chris Enkidu-6 via tor-relays
<[email protected]> wrote:
> It's very nice of you to follow up on the issue and it's much appreciated.
>
> However it's worth noting that to continue calling these abuse reports "false
> positives" is not going to help. Is Hetzner more sensitive to the issue? Yes.
> Is it false? No.
>
> So far the 1AEO team have blamed Hetzner, accused them of having insecure
> practices that are dangerous to TOR, asked the rest of us to appeal to
> Hetzner to stop their practice, etc... The one thing they haven't done is to
> address the fundamental issue which is basically something they're doing to
> cause this.
>
> We need to ask the right questions if we are trying to troubleshoot a problem
> and until we do, we're wasting our time. Right questions such as: Why out of
> over 9000 relays, only 1AEO cause these abuse reports? Until they are willing
> to admit the problem lies on their setup instead of blaming everyone else,
> this problem remains.
>
> I just got another abuse report around the new Years Eve Eastern time and had
> to deal with it, just like I had to deal with abuse reports on Christmas and
> the only thing coming from the 1AEO team is silence.
>
> One of the fundamental problems I noticed is with their BGP setup. When their
> server went down, this is what I got in a trceroute:
>
> traceroute 64.65.1.2
> traceroute to 64.65.1.2 (64.65.1.2), 30 hops max, 60 byte packets
>
> 2 static.129.67.109.65.clients.your-server.de (65.109.67.129) 0.599 ms 0.643
> ms 0.741 ms
> 3 core32.hel1.hetzner.com (213.239.252.181) 0.544 ms 0.484 ms
> core31.hel1.hetzner.com (213.239.252.177) 0.814 ms
> 4 core9.fra.hetzner.com (213.239.224.170) 20.228 ms 20.133 ms 20.180 ms
> 5 core0.fra.hetzner.com (213.239.252.17) 20.321 ms core4.fra.hetzner.com
> (213.239.224.177) 20.560 ms core1.fra.hetzner.com (213.239.245.125) 20.385 ms
> 6 core12.nbg1.hetzner.com (213.239.245.246) 23.726 ms core11.nbg1.hetzner.com
> (213.239.224.233) 25.419 ms 25.358 ms
> 7 * * *
> 8 * * *
> 9 * * *
> 10 * * *
> 11 * * *
> 12 * * *
> 13 * * *
> 14 * * *
> 15 * * *
> 16 * * *
> 17 * * *
> 18 * * *
> 19 * * *
> 20 * * *
> 21 * * *
> 22 * * *
> 23 * * *
> 24 * * *
> 25 * * *
> 26 * * *
> 27 * * *
> 28 * * *
> 29 * * *
> 30 * * *
>
> There are no routes to their server. You don't get IP unreachable, This
> literally has the same effect as scanning the whole non routable 10.1.1.1/24
> block and you're flagged. Their upstream did not provide BGP routes to Europe
> when it took over, if it ever took over.
>
> Again, they have access to their setup and they should troubleshoot the
> problem and fix it, not Hetzner and not me every time I have to fill out a
> form to prevent my IPs from getting blocked. Hetzner's concerns are valid,
> the fundamental problem on 1AEO side is not. Just because Hetzner is more
> sensitive to the issue doesn't mean the problem is imaginary.
>
> So unfortunately I'm forced to block outgoing packets to their servers from
> my own relays to protect myself and I continue to do so until they openly
> admit the problems exist and publicly tell us the problem is fixed. I'm
> willing to limit my blocking only to the servers that cause this and let
> others pass, but unfortunately since there's no transparency on 1AEO's part
> and they haven't pinpointed the problem. I'll have to go with a wider ban.
>
> Cheers.
>
> On 12/30/2025 9:35 AM, tor_appliedprivacy.net via tor-relays wrote:
>
>> Hi,
>>
>> we just wanted to let you know that we got a Hetzner network contact
>> yesterday here at 39C3 to try to get this issue solved at the root.
>>
>> We can not promise anything at this point but we will likely update this
>> thread in a few weeks (January) about the status with Hetzner on this topic.
>>
>> best regards,
>> [email protected]
>>
>> _______________________________________________
>> tor-relays mailing list -- [email protected]
>> To unsubscribe send an email to [email protected]
_______________________________________________
tor-relays mailing list -- [email protected]
To unsubscribe send an email to [email protected]
