What is a bad relay?

A bad relay is one that either doesn't work properly or tampers with our users' connections. This can be either through maliciousness or misconfiguration. Ran into a misconfigured, malicious, or suspicious relay while using Tor? Please let us know by sending an email to bad-relays AT lists DOT torproject DOT org. Many bad relays are caught thanks to our wider community, so many thanks for all your help and vigilance. The description of bad relays as well as the criteria for rejecting them can be found in the Network Health wiki.

Also, if your relay is stolen or goes missing, please report it as well, so we can blocklist it in case whoever took it puts it back online.

How do I report a bad relay?

If you encounter a bad relay then please let us know and write to bad-relays AT lists DOT torproject DOT org.

If you are using Tor Browser you can check which exit relay you got at any time by visiting the circuit icon on the URL bar. Also, there is more information about specific relays available on our metrics website via the relay-search portal. Please include the following in your report:

  1. The relay's IP address or fingerprint. The fingerprint is a forty-character hex string such as 203933ED4E55EF8A3C3518427D1A1ED6A4CC285E.
  2. What kind of behavior did you see?
  3. Any additional information we'll need to reproduce the issue.

However, if you need help with anything Tor-related, please use the Tor Forum instead.

What happens to bad relays?

After a relay is reported and we've verified the behavior we'll attempt to contact the relay operator. Often we can sort things out but if not (or the relay lacks contact information) we'll flag it to prevent it from continuing to be used.

We have two types of flags we can apply:

  • BadExit - Never use the relay as an exit relay (for relays that e.g. show broken DNS resolver configurations)
  • MiddleOnly - Only use the relay in a middle position without any relevant flag, like the HSDir flag

Additionally, we can drop relays from the consensus entirely. Which of those options we deploy depends on the severity of the issue, and if the relay can still be safely used in certain situations.

My relay was given the BadExit or MiddleOnly flag. What's up?

If your relay has been flagged as a BadExit or got the MiddleOnly flag then please let us know (see above for contact info) so we can work together to fix the underlying issue.

Do you actively look for bad relays?

Yes. For our automated issue detection see e.g. exitmap.