Tor logoUniversity Challenge

Electronic Frontier Foundation

I Want to Run a Relay

You'll need to do the following

Entry & Middle Relay

A non-exit relay is a great first step for those looking to become a Tor relay operator! They are crucial to the Tor network and are very low maintainance once you have it running.

  • The main tasks here are getting a computer to run it on, and having a person who will maintain the service and server.
  • Bandwidth is the key resource: the more bandwidth you can allocate to the relay, the more useful it will be. 100+ mbit would be nice.
  • For relays with very high bandwidth (100+ mbit), the CPU can be a limiting factor too. Note that a lot of the CPU will be focused on one core; workarounds include using a better CPU or running several relays at once.
  • When you run a non-exit relay, you don’t control whether you are the entry (guard) or middle relay. The Tor protocol automatically uses your relay in the position it thinks is best.
  • Since you aren’t connecting to destinations directly, this role comes with a relatively low risk of upsetting anyone.
  • You can learn more about setting up an entry (guard) / middle relay from the Tor project website.

Exit Relay

Tor exit relays are the final hop in a Tor connection. They are the most crucial part of the Tor network and the most work to run.

  • This is the most valuable role that you can play for the Tor network. But it isn’t for everybody: if your institution isn’t a good spot for an exit relay, that’s fine. You can run a non-exit relay, a snowflake proxy, or a bridge.
  • Maintaining an exit relay provides an opportunity to meet and gain allies at your institution. You should talk to your general counsel and your system administrator first, to teach them what to expect and why you’re doing it.
  • Running an exit relay might involve learning about all sorts of surprise policies at your institution. For example, you might want to use a different network address than your university’s main address block, so you don’t upset libraries or other external services.
  • You can learn more about setting up an exit relay from the Tor project website.

Snowflake Proxy

If you want to do even more after getting your public relay running, consider also helping censored users reach the Tor network with a Snowflake proxy.

  • Snowflake proxies can be run from behind Network Address Translation (NAT). This means you don’t need a public IP address to run one if you only have a computer that has a private IP address, like 192.168.1.10.
  • But if you do have a server directly connected to the internet, Snowflake works better.
  • A Snowflake proxy that is directly connected to the internet with a public IP address and that is  running the standalone version of Snowflake will use 5 to 10 gigabytes each way per hour (10 to 20 Mbps).
  • Run your Snowflake on a separate IP address than your public relay, so it doesn’t get blocked if your public relays gets blocked. It can be on the same computer, but if you’re bandwidth-constrained, put it on a separate computer so your IT dept knows they’re different.
  • You can learn more about Snowflake from our guide to Snowflake.

Bridge

A bridge (also called an obfs4 bridge) is another excellent way to help censored users reach the Tor network.

  • Bridges are great to run if you are bandwidth-constrained. The median obfs4 bridge will use very little bandwidth.
  • The key resource for the obfs4 bridge is the IP address, so if you can get one in a dynamic address block where it’s easy to rotate to a fresh one, that’s even better.
  • Run your bridge on a separate IP address than your public relay. This way it doesn’t get blocked if your public relay gets blocked. It can be on the same computer, but if you’re bandwidth-constrained, consider a separate computer so your IT dept knows they’re different.
  • You can learn more about setting up an obfs4 bridge from the Tor project website.

2

Find Allies

You will have the most success when you work together with other members of your institution

For Students

If you are a student at a college or university, your best ally might be a professor or the head of your computer science department. We have a template below for an email you can send a professor, or you can find them on campus and explain why you think running a Tor relay is a good idea. They may already be familiar with Tor and support the idea immediately. But if they’re not, you can direct them to this website so they can learn more about what you want to do. For your first Tor relay, we recommend starting with a middle node or a bridge.

For Staff

If you are a professor or system administrator, you are already in the best position to set up a Tor relay. You just might want to let university officials or IT staff know that you plan to set one up as part of this challenge. We have sample letters below to help you get the conversation started. If your colleagues have concerns about Tor, our FAQs below cover many of the questions you may receive, but we are also happy to talk through any other questions with them.

Remember that your university is not the first, last, or only university to run Tor relays on campus. It’s a common activity that thousands of people around the world do every day. If you have legal concerns or other questions, see the FAQ below, or write to us.

For Both

For anyone who wants to set up a Tor relay on campus we recommend reading this guide to Tor on campus from the Tor Project. You can also check out our blog post, "Tor on Campus: Icebreakers"  to get ideas on how to start the conversation. If you want to dig deeper into the details, this white paper from the University of Hamburg on considerations for operating Tor relays on campus includes a number of insights and experiences from running relays.

Dear [PROFESSOR NAME],

I’m a student in the [YOUR PROGRAM NAME], and recently came across the Electronic Frontier Foundation’s Tor University Challenge, which encourages universities to run Tor relays. I think our institution would be a great fit for this and I’d like your help figuring out how to make it happen.

If you’re unfamiliar, Tor is a network and software package that helps people use the internet anonymously. A Tor relay is a computer that’s a part of the anonymization process. If our university runs a relay, we’d be a part of the thousands of volunteer-run relays helping protect millions of Tor users. All we’d need is a spare computer, bandwidth, a few more volunteers, and some time.

Tor was originally developed by the U.S. Naval Research Laboratory for the purposes of protecting government communications. But today it’s used to serve a variety of needs, all of which our university should be proud to support: 

  • Journalists use Tor to protect the anonymity of their sources.
  • Citizens in countries where information is censored use Tor as circumvention of oppressive firewalls.
  • Lawyers use Tor to exchange sensitive information relating to cases. 
  • Corporations use Tor to protect trade secrets.
  • People use Tor everyday to have conversations about topics they might feel uncomfortable discussing without the protection anonymity provides. For example, the technology is popular among survivors of rape or gang violence and medical patients who want to take part in online communities, but may only wish to do so anonymously.

I think running a relay would have a benefit for all of us on campus, ranging from forging community groups for research to providing hands-on cybersecurity experience for students. This type of project could also teach us students about the sciences of anonymous communication and censorship resistance, while getting us thinking about global policy, law, and society.

Thank you for your time and consideration. You can find more details about the project at https://torchallenge.eff.org

Sincerely,

[YOUR NAME]

Dear President [NAME],

I’m a [ROLE] at [INSTITUTION NAME], and am writing to let you know that we’re proud of a new Tor relay that we’ve set up in participation with the Electronic Frontier Foundation’s Tor University Challenge.

If you’re unfamiliar, Tor is a network and software package that helps people use the internet anonymously. A Tor relay is a computer that’s a part of the anonymization process. With our relay we’re now a part of the thousands of volunteer-run relays helping protect millions of Tor users. 

Tor was originally developed by the U.S. Naval Research Laboratory for the purposes of protecting government communications. But today it’s used to serve a variety of needs: 

  • Journalists use Tor to protect the anonymity of their sources.
  • Citizens in countries where information is censored use Tor as circumvention of oppressive firewalls.
  • Lawyers use Tor to exchange sensitive information relating to cases. 
  • Corporations use Tor to protect trade secrets.
  • People use Tor everyday to have conversations about topics they might feel uncomfortable discussing without the protection anonymity provides. For example, the technology is popular among survivors of rape or gang violence and medical patients who want to take part in online communities, but may only wish to do so anonymously.

Now that we’re running a Tor relay we hope to see several benefits for our university including:

Education
  • Provide hands-on cybersecurity experience: setting up and maintaining a Tor relay means students can practice this knowledge in a real environment while helping real people.
  • Show students various career paths: by getting more involved with Tor and running a Tor relay, students get to learn about EFF, Tor Project, Citizen Lab, Access Now, and many more civil society and non-profit organizations.
  • Get students thinking about global policy, law, and society: Tor is more than a technology project. People around the world use Tor for many different reasons, from safe censorship circumvention to simple good data hygiene. Understanding these reasons is a great way to learn about what’s going on in the wider world.
  • Help refine privacy advocacy skills: operating a Tor relay as part of the Tor community creates opportunities to explain the importance of privacy and security, both inside the university and outside it.
Community
  • Connect student groups to professors and research groups: one of the great community-building aspects of running a relay at a university is the process of finding and cultivating allies. Enthusiastic students often need a faculty connection to endorse their relay plans, while faculty are always looking for great students to join their research projects.
  • Support freedom of speech and freedom of learning: universities have long been bastions of learning and cutting-edge thinking. Just as universities have libraries to help maintain and improve knowledge, they should also support more modern equivalents for safe learning. 
  • Increase capacity of the Tor network: the Tor network is made up of volunteer organizations and individuals all around the world who share Tor’s values and are in a position to contribute time and bandwidth.
Research
  • Help the Tor network stay strong so people can use it for research: the sciences of anonymous communication and censorship-resistance are active research fields. Having a testbed is critical to understanding real-world factors ranging from user behavior to network connectivity. 
  • Get a “competitive advantage” over our peer institutions: recruiting the best grad students and faculty is challenging for universities. Being able to point to our participation in Tor—with its impacts on education, community, and research—is a factor that can set our institution apart.
  • Have access to your own Tor relay: some research simply can’t be done without direct access to pieces of the Tor network. But be careful, since you want to make sure that your research isn’t putting users or the network at risk. See the Tor Research Safety Board guidelines to learn more about safe and ethical Tor research.

Thank you for your time. If you’d like to learn more I’m always happy to chat, and you can find more details about the project at https://torchallenge.eff.org 

Sincerely,

[YOUR NAME]

Dear [IT DEPARTMENT HEAD NAME],

I’m a [ROLE] at [INSTITUTION NAME]. I recently came across the Electronic Frontier Foundation’s Tor University Challenge, which is asking universities to set up Tor Relays on college campuses around the world. I think our institution is a great fit for this, but we’ll need some help from you.

All we need to get started is some help from the IT Department, some bandwidth, and an IP address.

If you’re unfamiliar, Tor is a network and software package that helps people use the internet anonymously. A Tor relay is a computer that’s a part of the anonymization process. Once our university runs a relay, we’ll be a part of the thousands of volunteer-run relays helping protect millions of Tor users. 

Tor was originally developed by the U.S. Naval Research Laboratory for the purposes of protecting government communications. But today it’s used to serve a variety of needs: 

  • Journalists use Tor to protect the anonymity of their sources.
  • Citizens in countries where information is censored use Tor as circumvention of oppressive firewalls.
  • Lawyers use Tor to exchange sensitive information relating to cases. 
  • Corporations use Tor to protect trade secrets.
  • People use Tor everyday to have conversations about topics they might feel uncomfortable discussing without the protection anonymity provides. For example, the technology is popular among survivors of rape or gang violence and medical patients who want to take part in online communities, but may only wish to do so anonymously.

Thank you for your time and consideration. You can find more details about the project at https://torchallenge.eff.org 

Sincerely,

[YOUR NAME]

Dear  [GENERAL COUNSEL NAME AND HONORIFIC],

I’m a [ROLE] at [INSTITUTION NAME], and am writing to let you know that we’re proud of a new Tor relay that we’ve set up in participation with the Electronic Frontier Foundation’s Tor University Challenge.

If you’re unfamiliar, Tor is a network and software package that helps people use the internet anonymously. A Tor relay is a computer that’s a part of the anonymization process. With our relay we’re now a part of the thousands of volunteer-run relays helping protect millions of Tor users.

We are currently running a non-exit relay, you can read some of the technical details here. But generally this is the least legally complex type of relay and will generate the fewest amount of legal questions, if any.

Tor was originally developed by the U.S. Naval Research Laboratory for the purposes of protecting government communications. But today it’s used to serve a variety of needs: 

  • Journalists use Tor to protect the anonymity of their sources.
  • Citizens in countries where information is censored use Tor as circumvention of oppressive firewalls.
  • Lawyers use Tor to exchange sensitive information relating to cases. 
  • Corporations use Tor to protect trade secrets.
  • People use Tor everyday to have conversations about topics they might feel uncomfortable discussing without the protection anonymity provides. For example, the technology is popular among survivors of rape or gang violence and medical patients who want to take part in online communities, but may only wish to do so anonymously.

Now that we’re running a Tor relay we hope to see several benefits for our university including:

Education
  • Provide hands-on cybersecurity experience: setting up and maintaining a Tor relay means students can practice this knowledge in a real environment while helping real people.
  • Show students various career paths: by getting more involved with Tor and running a Tor relay, students get to learn about EFF, Tor Project, Citizen Lab, Access Now, and many more civil society and non-profit organizations.
  • Get students thinking about global policy, law, and society: Tor is more than a technology project. People around the world use Tor for many different reasons, from safe censorship circumvention to simple good data hygiene. Understanding these reasons is a great way to learn about what’s going on in the wider world.
  • Help refine privacy advocacy skills: operating a Tor relay as part of the Tor community creates opportunities to explain the importance of privacy and security, both inside the university and outside it.
Community
  • Connect student groups to professors and research groups: one of the great community-building aspects of running a relay at a university is the process of finding and cultivating allies. Enthusiastic students often need a faculty connection to endorse their relay plans, while faculty are always looking for great students to join their research projects.
  • Support freedom of speech and freedom of learning: universities have long been bastions of learning and cutting-edge thinking. Just as universities have libraries to help maintain and improve knowledge, they should also support more modern equivalents for safe learning. 
  • Increase capacity of the Tor network: the Tor network is made up of volunteer organizations and individuals all around the world who share Tor’s values and are in a position to contribute time and bandwidth.
Research
  • Help the Tor network stay strong so people can use it for research: the sciences of anonymous communication and censorship-resistance are active research fields. Having a testbed is critical to understanding real-world factors ranging from user behavior to network connectivity. 
  • Get a “competitive advantage” over our peer institutions: recruiting the best grad students and faculty is challenging for universities. Being able to point to our participation in Tor—with its impacts on education, community, and research—is a factor that can set our institution apart.
  • Have access to our own Tor relay: some research simply can’t be done without direct access to pieces of the Tor network. But we will need to be careful, since we want to make sure that our research isn’t putting users or the network at risk. See the Tor Research Safety Board guidelines to learn more about safe and ethical Tor research.

Thank you for your time. If you’d like to learn more I’m always happy to chat, and you can find more details about the project at https://torchallenge.eff.org 

Sincerely,

[YOUR NAME]

Letter copied, Cmd + V or Ctrl + V to paste

Get a Prize!

3

If you keep your relay up and running for at least a year we will send your whole crew lovely challenge coins! Email us to let us know!

Email Us

Frequently Asked Questions

Why are universities a good place to run relays?

Universities are ideal candidates for hosting Tor relays as they tend to have good network connectivity, lots of technical expertise to run relays (including professors, students, and IT teams), and generally value freedom of thought and expression. By running a Tor relay, universities can directly promote themselves as defenders of intellectual freedom and vanguards against censorship.

I’m ready to run a relay at my university, but I don’t want to run an exit relay.

That’s fine! The Tor network needs relays of all types to be healthy. By default the relay you set up will act as an entry or middle relay, only relaying traffic to other Tor nodes. This is the most low maintenance form of relay and it ensures you will not have to deal with any complaints or other issues. You can also additionally consider running a bridge or a snowflake proxy to help people access Tor where it is censored.

I’d run a relay, but I don’t want to deal with abuse issues.

Great. That’s exactly why we implemented exit policies.

Each Tor relay has an exit policy that specifies what sort of outbound connections are allowed or refused from that relay. The exit policies are propagated to Tor clients via the directory, so clients will automatically avoid picking exit relays that would refuse to exit to their intended destination. This way each relay can decide the services, hosts, and networks it wants to allow connections to, based on abuse potential and its own situation. Read the support entry on issues you might encounter if you use the default exit policy, and then read Mike Perry’s tips for running an exit node with minimal harassment.

The default exit policy allows access to many popular services (e.g. web browsing), but restricts some due to abuse potential (e.g. mail) and some since the Tor network can’t handle the load (e.g. default file-sharing ports). You can change your exit policy by editing your torrc file. If you want to avoid most if not all abuse potential, set it to “reject *:*”. This setting means that your relay will be used for relaying traffic inside the Tor network, but not for connections to external websites or other services.

If you do allow any exit connections, make sure name resolution works (that is, your computer can resolve internet addresses correctly). If there are any resources that your computer can’t reach (for example, you are behind a restrictive firewall or content filter), please explicitly reject them in your exit policy otherwise Tor users will be impacted too.

Doesn’t Tor enable criminals to do bad things?

Tor’s mission is to advance human rights with free and open-source technology, empowering users to defend against mass surveillance and internet censorship. We hate that there are some people who use Tor for nefarious purposes, and we condemn the misuse and exploitation of our technology for criminal activity.

It’s essential to understand that criminal intent lies with the individuals and not the tools they use. Just like other widely available technology, Tor can be used by individuals with criminal intent. And because of other options they can use it seems unlikely that taking Tor away from the world will stop them from engaging in criminal activity. At the same time, Tor and other privacy measures can fight identity theft, physical crimes like stalking, and be used by law enforcement to investigate crime and help support survivors.

What about distributed denial of service attacks?

Distributed denial of service (DDoS) attacks typically rely on having a group of thousands of computers all sending floods of traffic to a victim. Since the goal is to overpower the bandwidth of the victim, they typically send UDP packets since those don’t require handshakes or coordination.

But because Tor only transports correctly formed TCP streams, not all IP packets, you cannot send UDP packets over Tor. (You can’t do specialized forms of this attack like SYN flooding either.) So ordinary DDoS attacks are not possible over Tor. Tor also doesn’t allow bandwidth amplification attacks against external sites: you need to send in a byte for every byte that the Tor network will send to your destination. So in general, attackers who control enough bandwidth to launch an effective DDoS attack can do it just fine without Tor.

What about spammers?

First of all, the default Tor exit policy rejects all outgoing port 25 (SMTP) traffic. So sending spam mail through Tor isn’t going to work by default. It’s possible that some relay operators will enable port 25 on their particular exit node, in which case that computer will allow outgoing mails; but that individual could just set up an open mail relay too, independent of Tor. In short, Tor isn’t useful for spamming, because nearly all Tor relays refuse to deliver the mail.

Of course, it’s not all about delivering the mail. Spammers can use Tor to connect to open HTTP proxies (and from there to SMTP servers); to connect to badly written mail-sending CGI scripts; and to control their botnets — that is, to covertly communicate with armies of compromised computers that deliver the spam.

This is a shame, but notice that spammers are already doing great without Tor. Also, remember that many of their more subtle communication mechanisms (like spoofed UDP packets) can’t be used over Tor, because it only transports correctly-formed TCP connections.

Does Tor get much abuse?

Tor has implemented exit policies. Each Tor relay has an exit policy that specifies what sort of outbound connections are allowed or refused from that relay. This way each relay can decide the services, hosts, and networks it wants to allow connections to, based on abuse potential and its own situation. We also have a dedicated team, Network Health, to investigate bad relays behavior and kick them out of the network.

It is important to note that while we can combat some type of abuse like bad relays in our network, we can’t see or manage what users do on the network and that is by design. This design overwhelmingly allows for beneficial uses by providing human rights activists, journalists, domestic violence survivors, whistleblowers, law enforcement officers, and many others with as much privacy and anonymity as possible. Learn more about our users here: https://community.torproject.org/user-research/personas/.

So what should I expect if I run an exit relay?

If you run a Tor relay that allows exit connections (such as the default exit policy), it’s probably safe to say that you will eventually hear from somebody. Abuse complaints may come in a variety of forms. For example:

  • Somebody connects to Hotmail, and sends a ransom note to a company. The FBI sends you a polite email, you explain that you run a Tor relay, and they say “oh well” and leave you alone. [Port 80]
  • Somebody tries to get you shut down by using Tor to connect to Google groups and post spam to Usenet, and then sends an angry mail to your ISP about how you’re destroying the world. [Port 80]
  • Somebody connects to an IRC network and makes a nuisance of himself. Your ISP gets polite mail about how your computer has been compromised; and/or your computer gets DDoSed. [Port 6667]
  • Somebody uses Tor to download a Vin Diesel movie, and your ISP gets a DMCA takedown notice. See EFF’s Tor DMCA Response Template, which explains why your ISP can probably ignore the notice without any liability. [Arbitrary ports]

Some hosting providers are friendlier than others when it comes to Tor exits. For a listing see the good and bad ISPs wiki.

For a complete set of template responses to different abuse complaint types, see the collection of templates. You can also proactively reduce the amount of abuse you get by following these tips for running an exit node with minimal harassment and running a reduced exit policy.

You might also find that your Tor relay’s IP is blocked from accessing some Internet sites/services. This might happen regardless of your exit policy, because some groups don’t seem to know or care that Tor has exit policies. (If you have a spare IP not used for other activities, you might consider running your Tor relay on it.) In general, it’s advisable not to use your home internet connection to provide a Tor relay.

How do I respond to my ISP about my exit relay?

A collection of templates for successfully responding to ISPs is collected here.

How does Tor manage the misuse of Tor technology?

We condemn the misuse and exploitation of our technology for criminal activity and nefarious purposes. We built Tor to advance human rights and will act to the best of our abilities whenever we detect malicious activity – or activity that violates our code of conduct and mission statement – by our relay operators. However, because of the design of Tor, we are incapable of tracking users and managing their use of our technology. While we can ban bad relays, we can’t ban users.

Please consider that our software is used every day for a wide variety of purposes by human rights activists, journalists, domestic violence survivors, whistleblowers, law enforcement officers, and many others. Unfortunately, the protection that our software can provide to these groups of people can also be abused by criminals and malware authors.

For technical questions we recommend reviewing the Tor relay operators FAQ and the Tor community portal for relay operators.

If your questions aren’t answered there please contact us.

NOTE: This FAQ is for informational purposes only and does not constitute legal advice. Our aim is to provide a general description of the legal issues surrounding Tor in the United States. Different factual situations and different legal jurisdictions will result in different answers to a number of questions. Therefore, please do not act on this information alone; if you have any specific legal problems, issues, or questions, seek a complete review of your situation with a lawyer licensed to practice in your jurisdiction.

Also, if you received this document from anywhere besides the EFF web site or https://community.torproject.org/relay/community-resources/eff-tor-legal-faq, it may be out of date. Follow the link to get the latest version.

Last reviewed: March 2023

Has anyone ever been sued or prosecuted for running Tor?

Although we are not aware of an individual being sued, prosecuted, or convicted for running a Tor relay, law enforcement in the United States and other countries has occasionally mistakenly investigated individuals running a Tor relay. We believe that running a Tor relay, including an exit relay that allows people to anonymously send and receive traffic, is legal under U.S. law. Law enforcement, however, often misunderstands how Tor works and has occasionally attributed illegal traffic on the network as originating from a Tor exit relay. This has resulted in police suspecting Tor relay operators of crimes and sometimes seizing computer equipment, including Tor relays. For example, in 2016 Seattle police mistakenly raided the home of a privacy activist operating a Tor exit relay. And Russian authorities wrongfully arrested math instructor and Tor relay operator Dmitry Bogatov, though they later cleared him of charges.

Should I use Tor or encourage the use of Tor for illegal purposes?

No. Tor has been developed to be a tool for free expression, privacy, and human rights. It is not a tool designed or intended to be used to break the law, either by Tor users or Tor relay operators.

Can EFF promise that I won’t get in trouble for running a Tor relay?

No. All new technologies create legal uncertainties, and Tor is no exception. We cannot guarantee that you will never face any legal liability as a result of running a Tor relay.

Will EFF represent me if I get in trouble for running a Tor relay?

Maybe. While EFF cannot promise legal representation for all Tor relay operators, it will assist relay operators in assessing the situation and will try to locate qualified legal counsel when necessary. Inquiries to EFF for the purpose of securing legal representation or referrals should be directed to our intake coordinator by sending an email to info at eff.org. Such inquiries will be kept confidential subject to the limits of the attorney/client privilege. Note that although EFF cannot practice law outside of the United States, it will still try to assist non-U.S. relay operators in finding local representation.

How should I deal with a police visit/raid/interrogation?

If you are detained and questioned by police, you have a right to request to speak with an attorney before and during any questioning. It is best to say “I want my attorney and I choose to remain silent” and then refuse questioning until you have a chance to talk to a lawyer.

However, if you do decide to waive your right to the assistance of counsel and answer questions without an attorney present, be sure to tell the truth. Lying to law enforcement may lead to more trouble than for whatever it was they wanted to talk to you about in the first place.

Does U.S. law provide any protections for the Tor network against civil lawsuits?

Yes. A federal law, 47 U.S.C. § 230 (often called Section 230), provides legal immunity for online intermediaries that host or republish speech. Though there are important exceptions for certain criminal and intellectual property-based claims, Section 230’s immunity protects online services, such as the Tor network, against a range of laws that might otherwise be used to hold them legally responsible for what others say and do. Another federal law, 17 U.S.C. § 512(a), part of the Digital Millennium Copyright Act, provides a legal safe harbor against copyright infringement claims based on material that is simply transmitted without modification, as a Tor relay does.

No. Tor’s developers are available to answer technical questions, but they are not lawyers and cannot give legal advice. Nor do they have any ability to prevent illegal activity that may occur through Tor relays. Furthermore, your communications with Tor’s developers are not protected by any legal privilege, so law enforcement or civil litigants could subpoena and obtain any information you give to them.

You can contact info@eff.org if you face a specific legal issue. We will try to assist you, but given EFF’s small size, we cannot guarantee that we can help everyone.

Do Tor’s core developers make any promises about the trustworthiness or reliability of Tor relays that are listed in their directory?

No. Although the developers attempt to verify that Tor relays listed in the directory maintained by the core developers are stable and have adequate bandwidth, neither they nor EFF can guarantee the personal trustworthiness or reliability of the individuals who run those relays. Tor’s core developers further reserve the right to refuse a Tor relay operator’s request to be listed in their directory or to remove any relay from their directory for any reason.

Exit Relays

Exit relays raise special concerns because the traffic that exits from them can be traced back to the relay’s IP address. While we believe that running an exit relay is legal, it is practically impossible to stop the use of an exit relay for illegal activity. That may attract the attention of private litigants or law enforcement. An exit relay may forward traffic that is considered unlawful, and that traffic may be attributed to the operator of a relay. Indeed, police have mistakenly attributed traffic from an exit relay as coming from the relay’s operator. If you are not willing to deal with that risk, a bridge or middle relay may be a better fit for you. These relays do not directly forward traffic to the internet and so can’t be easily mistaken for the origin of allegedly unlawful content.

The Tor Project’s blog has some excellent recommendations for running an exit with as little risk as possible. We suggest that you review their advice before setting up an exit relay.

Should I run an exit relay from my home?

No, this is risky and not recommended. If law enforcement becomes interested in traffic from your exit relay, it’s possible that officers will mistakenly attribute that traffic as originating from your home. This could result in law enforcement raiding your home, seizing your computer, and suspecting you of criminal activity. For that reason, it’s best not to run your exit relay in your home or using your home Internet connection.

Given those risks, you should instead consider running your exit relay in a commercial facility that is supportive of Tor. Have a separate IP address for your exit relay, and don’t route your own traffic through it.

Of course, you should avoid keeping any sensitive or personal information on the computer hosting your exit relay, and you never should use that machine for any illegal purpose. If you do decide to run an exit relay from your home despite these risks, please review Tor’s recommendations, including telling your ISP and obtaining a separate IP address for the exit relay.

Should I tell my ISP that I’m running an exit relay?

Yes. Make sure you have a Tor-friendly ISP that knows you’re running an exit relay and supports you in that goal. This will help ensure that your internet access isn’t cut off due to abuse complaints. The Tor community maintains a list of ISPs that are particularly Tor-savvy, as well as ones that aren’t.

Is it a good idea to let others know that I’m running an exit relay?

Yes. Be as transparent as possible about the fact that you’re running an exit relay. If your exit traffic draws the attention of the government or disgruntled private party, you want them to figure out quickly and easily that you are part of the Tor network and not responsible for the content. This could mean the difference between having your computer seized by law enforcement and being left alone.

The Tor Project suggests the following ways to let others know that you’re running an exit relay:

  • Set up a reverse DNS name for the IP address that makes clear that the computer is an exit relay.
  • Set up a notice like this to explain that you’re running an exit relay that’s part of the Tor network.
  • If possible, get an ARIN registration for your exit relay that displays contact information for you, not your ISP. This way, you’ll receive any abuse complaints and can respond to them directly. Otherwise, try to ensure that your ISP forwards abuse complaints that it receives to you.
Should I snoop on the plaintext traffic that exits through my Tor relay?

No. You may be technically capable of modifying the Tor source code or installing additional software to monitor or log plaintext that exits your relay. However, Tor relay operators in the United States can possibly create civil and even criminal liability for themselves under state or federal wiretap laws if they monitor, log, or disclose Tor users’ communications, while non-U.S. operators may be subject to similar laws. Do not examine anyone’s communications without first talking to a lawyer.

Educate them about Tor. In most instances, properly configured Tor relays will have no useful data for inquiring parties, and you should feel free to educate them on this point. To the extent you do maintain logs, however, you should not disclose them to any third party without first consulting a lawyer. In the United States, the data may be protected by the Electronic Communications Privacy Act, and relay operators outside of the United States may be subject to similar data protection laws.

You may receive legal inquiries where you are prohibited by law from telling anyone about the request. We believe that, at least in the United States, such gag orders do not prevent you from talking to a lawyer, including calling a lawyer to find representation. Inquiries to EFF for the purpose of securing legal representation should be directed to our intake coordinator (info at eff.org). Such inquiries will be kept confidential subject to the limits of the attorney/client privilege.

For more information about responding to abuse complaints and other inquiries, check out the Tor Abuse FAQ and the collection of abuse response templates on the Tor Project’s website.

For information on what to do if law enforcement seeks access to your digital devices, check out EFF’s Know Your Rights guide.

My ISP, university, etc. just sent me a DMCA notice. What should I do?

EFF has written a short template to help you write a response to your ISP, university, etc., to let them know about the details of the Digital Millennium Copyright Act’s safe harbor, and how Tor fits in. Note that template only refers to U.S. jurisdictions, and is intended only to address copyright complaints that are based on a relay of allegedly infringing material through the Tor node.

If you like, you should consider submitting a copy of your notice to the Lumen Database. The email address for submissions is team@lumendatabase.org. This will help us recognize trends and issues that the lawyers might want to focus on. Lumen encourages submissions from people outside the United States too.

EFF believes that Tor relays should be protected from copyright liability for the acts of their users because a Tor relay operator can raise an immunity defense under Section 512 of DMCA as well as defenses under copyright’s secondary liability doctrines. However, no court has yet addressed these issues in the context of Tor itself. If you are uncomfortable with this uncertainty, you may consider using a reduced exit policy (such as the default policy suggested by the Tor Project) to try to minimize traffic types that are often targeted in copyright complaints.


Top