What is still blocking my IP address?

As mentioned in my first post, I tried running a Tor node.
Set up as non-exit relay. It just worked directly.
Running on my home fibre, our usual IP address.

Just a few hours later daughter complained she was blocked from some online game. At the moment I thought it was not related as my Tor was not an Exit relay.

Anyhow, as I was in combat mode and set to try out and document using Tor on my favourite distro, after some more hours I also enabled exit function, with ReducedExitPolicy thinking (erroneously probably) that would stop most illicit activity.

Naturally, next day, my IP address was on a blacklist: all.sh5.net but it was easy to reset after having shut off exit mode.

According to most blacklist listing sites, now my IP address is not on any.

https://whatismyipaddress.com/blacklist-check tells my IP addr is on dnsbl.spfbl.net, but a internet wizard told me that only means i have not a fixed IP or something like that and that should net lead to any blocking.

IP Address Blacklist Check, IP DNSBL Check | IPVoid indicate IPsum, GitHub - stamparm/ipsum: Daily feed of bad IPs (with blacklist hit scores). Do someone know the reason one get listed there?

https://ipinfo.io/ say I am running Tor. I wonder how that detection works, and how long until it get reset? Does that mean also non-exit Tor? Or even just middle relay? Nine hour ago I stopped running Tor at all.

Which one is the reason several sites block me?

And how to be unblocked soonish?

Three days ago I removed my LAN router port forwarding, and stopped Tor - but forgot it was set start automatically and shortly afterwards I rebooted for new kernel… But still, last days it was running with no port forwarding. Anyhow, now I keep it completely off until I can access some important sites again…

Is it correct that also non-exit Tor relays makes that IP address blocked?
And even middle relay only?

Thanks in advance
/Morgan

Yes, some block-lists just blacklist you by being a middle-relay. Consider running a bridge, then this problem is very unlikely to occur.

Yes, which is why it is NOT recommended to run tor relays on a home connection. This time it was just a harmless online game, the fun stops when your bank blocks you and completely locks your accounts. My PayPal account got onto a watchlist once maaany years ago (2011 or 2012?) because I was logging in ONCE from the same IP as one of my middle relay. I was getting asked some very interesting questions and it took me weeks and a lot of effort to get my account back at all.

I recommend to run a bridge or snowflake proxy. They are not listed anywhere and therefore can’t be blocked.

As per the current blocks, it’ll go away after a bit (maybe a day, maybe week, maybe a month - depends on the provider) after you’ve stopped hosting a tor relay.

How did they notice he ran a middle relay?
In my understanding, the middle relay only connects to other tor related points like guard/entry and exit. Do they actively scan for middle relay IPs!? What sense does it make after all to blacklist a middle relay? It doesn´t harm anyone.

middle relays have to be known, so they are in the consensus and on metrics. here is a list which is often used for blocking (not accessible via Tor): TOR Node List

a lot of stuff on the internet doesn’t make sense - but things lacking common-sense do not just cease to exist

OK I was lucky then, I can still use all banking etc by using my mobile phone as access point.

Thanks for the link. I am not in that TOR node list.

ExoneraTor – Tor Metrics last saw me running Tor 2022-03-10 23:00:00, Which interestingly is some time between i removed LAN port forward, and i really finally shut down tor. Some timeot trying to reach it maybe.

ipinfo still say I run Tor. What worries me is if it will never stop doing that, or how many days it will take.

Examples of where I am still blocked:
No response: https://sso.skatteverket.se/ms/ms_web/login.do, ICA Banken
With message: Logga in på ditt Zettle-konto, https://www.kjell.com/

The friendly support at https://ipinfo.io/

Notified me that I am still listed as exit node at https://openinternet.io/tor/tor-exit-list.txt, which is strange as it is said on https://openinternet.io/ to be updated every ten minutes.

I have now mailed the sysop indicated on that page about this.

UPDATE: openinternet.io list gathers addresses from directory authorities (where I am not listed) and also from https://check.torproject.org/torbulkexitlist - where I see I am listed. I have now mailed a contact at torproject.

UPDATE:
§ I am no longer listed at https://openinternet.io/tor/tor-exit-list.txt after a service restart here. One less site is blocking me but still a few important ones. May just need time to propagate.

§ https://ipinfo.io/ came back now saying they do not use openinternet.io lists. And the “tor” status mean tor exit, not non-exit. So there is at least one more source, so I asked them again…

UPDATE: ipinfo.io updated their API, and do not list me as tor (= tor relay) since a couple days, and i can finally log in to tax authorities.

Only one left i know is Spotify desktop app (windows exe and linux flatpak) responding “auth:15” but the browser login and android apps are fine. Strange product discrepancy.

Happy to hear, so most of the sites took around 2 weeks to unlist you. Give it another 2 weeks for the remaining stranglers and you should be good.

The delays/false listing at openinternet.io tor-exit-list and ipinfo.io was due to problems their side and they were happy I told them.
Shit happens…

all.sh5.net blocked my IP from my Server - i don’t know why …

My relay can’t reach at this time from Network - i only get this " Unable to find IPv4 address for ORPort 9001. You might want to specify IPv6Only to it or set an explicit address or set Address." in NYX and it’s saying “Relaying Disabled” … Very stupid …