Tor can be used to "bounce" tcp connections trough some nodes around the world, leaving the tor network via some exit server. These exit servers are the "peer" you can see in your logs if someone uses Tor to connect to your server.
Since nobody can control which ports are allowed on the exit servers (the tor project itself denies smtp by default, but this can be changed) it's a potential risk that someone abuses the tor network to hide his ip while he's spamming around.
Every IP which is known to run a tor server and allow their clients to connect to one of the following ports get listed: 25, 194, 465, 587, 994, 6657, 6660-6670, 6697, 7000-7005, 7070, 8000-8004, 9000, 9001, 9998, 9999
Is the information on our site wrong or incomplete? You don't want us to monitor your blacklist? Or do you operate a similar blacklist? We would like to hear from you!
We keep some statistics on blacklists. Below is the graph for tor.dnsbl.sectoor.de. We test blacklists by asking them to respond to known IP's that are blacklisted and known IP's that can't be blacklisted. Not every blacklist has such IP's, we test them with what is possible. We keep if we get any response or error messages and the response duration. Lower response times are better. These statistics may be useful for email server administrators to pick which blacklist to use.