Problems with listed subnets and opsb/neostats or bopm

Hi folks,

once again, since this seems to be a growing problem, a few words
on the subnet listing:
Yes, we list every /24 (aka "class-c") which contains a tor node, too.
And yes, this may lead to false positives, but: we do *not* recommend
to use the subnet listing to block users!
See www.sectoor.de/tor.php:
Warning: the /24 listing of subnets containing a tor node isn't usefull
for direct blocking users. Use this only for "scoring" or to alert you
when a connect comes from a subnet which contains a tor node. If you use
the subnet listing for banning people from your service, expect false
positives!

Then another problem showed up: OPSB from neostats doesn't support reply
types for dns blacklists at all. This first popped up on rizon and we
reported it to the neostats staff. Since implementing reply type
checking was not a quick solution, we set up a new subzone which
contains only tor nodes itself. This change was commited to opsb cvs
the same day and we thought they'll release it quickly, but they didn't.

So, for everyone who runs software which isn't able to check the reply
type, please use:
exitnodes.tor.dnsbl.sectoor.de
instead.

If you have any questions, feel free to ask.

Thanks and have a nice week!

Regards,
Sven Michels

PS: there is an ongoing problem with the subnet listing because of the
new ip irc.netsplit.de uses to gather its statistics. So please check
if you're affected and change your configs, otherwise netsplit cannot
get statistics for your irc network! If you know affected networks,
please point them to this posting (will be on webarchive, too).
-- 
sectoor GmbH - Sven Michels  <*>  eMail: smichels(at)sectoor.de
Geschaeftsfuehrer / CEO      <*>  Web  :  http://www.sectoor.de
Huehnerweg 18                <*>  Tel  :    +49 (0)69 9637 6000
D - 60599 Frankfurt am Main  <*>  Fax  :    +49 (0)69 9637 6006