Sorry, it seems that you are using an IP address or a proxy that is listed in the forum anti spam blacklist.
Feel free to contact our staff on irc freenode #maemo channel.

Originally Posted by jukey

Hi, I would like to use the talk.maemo.org site while I am connected to the Tor Network. However, I alsways get the following error message:
*Sorry, it seems that you are using an IP address or a proxy that is listed in the forum anti spam blacklist.*

Originally Posted by peterleinchen

Exactly.

There was/is a massive attack against (our) forum from tor exit nodes.
So to keep it up running there was the need to blacklist those (few) bad guys/IPs.

Why the heck do you need to access a forum via tor???

Originally Posted by jukey

1. The more people using Tor at the same time the better it helps to protect those who need.

2. I would like to hide my location and browsing habits.

3. I would like to have a weapon against Telecommunications data retention.

Originally Posted by nieldk

While I sort of understand the reasoning for not allowing access from tor exit nodes, I have to agree with Jukey.
My God to honest opnion - blocking tor exit nodes is a violation of our privacy rights on this forum, and completely the oposite as supporting SFOS and opensource.

Originally Posted by Copernicus

So... What do we do when folks using TOR exit nodes perform a successful DOS attack on this forum?

Originally Posted by nieldk

Anyways, that is not an excuse for blocking tor services at all.

Originally Posted by Copernicus

I'm just basically saying that I see no reason to give TOR exit points additional privileges over normal IP addresses. If your main defense against malicious accesses coming from a particular address is to block that address, and you decide that some addresses now cannot be blocked, well... now you've got a giant hole in your defense, right?

If a particular address is being used maliciously, it should be treated as any other address being used for malicious purposes. Treating some addresses as special would seem to defeat the purpose...

Your forum accepts posts from anybody. That is your core problem. Connecting to your site from various IP throughout the world is trivial, if only by using Tor. Tor provides "high anonymity" in that not only the user's identity is hidden, but each request is anonymous -- you cannot, from the outside, make sure whether two distinct requests are from the same human user or not.

This can be fixed at two levels:

1) Restricted anonymity: enforce user registration and authentication. Users may use a pseudonym, and need not provide an email address or any other identification, but your forum will insist on a login process before posting. That way, you can know whether two comments come from the same person. Note that this does not totally solve the issue; instead, that moves it to the registration process. The poor sob who has nothing better to do with his time than defacing your forum will adapt and engage into mass registration of phony accounts.

2) No anonymity (with regards to you): user registration, this time with an email address, which is verified during registration (you make sure that the registrant can read an email sent at the address he provided). The possibility to be identified, if only by law enforcement agencies, could be a powerful deterrent for wannabe spammers (even if the said spam is not necessarily punished by Law: to my constant dismay, there is no law against writing "LOLOLOLOL").

If you choose to retain anonymous posting, then, well, welcome to the wonderful world of Mankind. While most humans are civilized, honest and polite, there is always one user who thinks exposing his lack of education is a smart thing to do. The best you could do, then, is to patiently clean up (possibly proactively, by enforcing pre-publication control of all posts by trusted moderators) until the perpetrator loses interest or reaches the age of 14, whichever comes first. This may take a few weeks or months.

Historically, most societies have dealt with troublemakers by a mixture of ostracism and actual penalties (up to and including death). The apparent anonymity of Internet prevents efficient penalties (with a lot of resources, this anonymity can usually be unraveled, but police forces will not do that until an actual crime is committed). Ostracism is social pressure, so it does not work on people who do not feel the target forum as being a "society" they are part of.

Originally Posted by nieldk

If you choose to retain anonymous posting, then, well, welcome to the wonderful world of Mankind. While most humans are civilized, honest and polite, there is always one user who thinks exposing his lack of education is a smart thing to do. The best you could do, then, is to patiently clean up (possibly proactively, by enforcing pre-publication control of all posts by trusted moderators) until the perpetrator loses interest or reaches the age of 14, whichever comes first. This may take a few weeks or months.