On 10/6/21 22:50, Tor Relays wrote:
On Tue, Jun 08, 2021 at 01:56:33PM +0200, Tor Relays wrote: And Tor exits are particularly susceptible to getting put on these kind of blocklists, because all it takes is one person trying to connect to the honey address, and bam the exit relay's IP address gets on the blocklist. --Roger
This would explain it when the relay in question would be an exit relay, but it is an ordinary relay.
Maybe it impacts your own trust level when you frequently connect to IPs with a bad reputation (e.g. exits).
Or maybe they flagged as suspicious the activity towards ports 9001? Maybe its worth the effort to debug this by only accepting tor circuits involving downstream relays over port 443 for some time so as to see if G-Core Labs whitelists you again? (No idea how to actually do this) This could mean an additional point to encourage people to deploy relays on port 443.
Also, maybe someone is running a relay on port 25/465/587/whatnot and that is what triggered G-Core Labs alarms? I don't know how to find this with relay search. Orport shows in the results but searches for orport:NNN will fail.
When they don't provide any information it's only speculation
That's it :(
Salut