Here's another test message - shouldn't have a "NG" :) header on it. 
Give 'er a whirl, Nathan.

Best,
Frank

In article  <4B5E94FC.60708@myfairpoint.net>
           fbkotler@myfairpoint.net "Frank Kotler" writes:

> Here's another test message - shouldn't have a "NG" :) header on it. 
> Give 'er a whirl, Nathan.
> 
> Best,
> Frank

?? I understand this is a test, but will it propagate properly without 
a ng header?  My newsreader knows which group I'm in so has inserted 
one -- hope that doesn't spoil your test...

Pete
-- 
   "We have not inherited the earth from our ancestors,
    we have borrowed it from our descendants."

pete@nospam.demon.co.uk wrote:

....
> ?? I understand this is a test, but will it propagate properly without 
> a ng header?

My observation is that, without a "Newsgroups:" header line, the nntp 
server accepts the post, says "240"... but it doesn't actually get 
posted even on Giganews where we post it. I modified my toy so that it 
only searches the header now, so the word "Newsgroups:" in the body 
"shouldn't" screw me up now.

> My newsreader knows which group I'm in so has inserted 
> one

Yeah, they do that, apparently. I'm cc'ing a couple to 
clax86-submit@inspiretomorrow.net to confirm that. A "freshly composed" 
message, just mailed, doesn't have it, of course. I may mail off a 
couple more to check that I *am* adding it right, but it "seems to work".

> -- hope that doesn't spoil your test...

Oh, no. We need tests of all kinds. Well, we've got enough spam, I 
think. We can delete it "by hand". Haven't thought much about 
auto-detecting spam. I just tried gcc on your "deliver.c"... bunch of 
errors... no dos.h, to begin with. Well, we wouldn't be using it as-is, 
anyway. I think there might be some interesting parts. I like the fact 
that you've got the "whitelist" built right into the "rules" file. 
Thanks for showing us that!

I think the "regular newsgroups" use a Perl script to detect spam. We'll 
look at that, too. And Albretch has offered to help, too. We'll be 
wanting to kick some ideas around, I imagine, but I don't feel "ready" 
to think much about that yet. I'll be happy to get a whitelist going! If 
we can get "known good" posts approved automatically, so this puppy can 
run unattended on a schedule, we've got plenty of time to delete spam. 
If we can detect "known on-topic" posts, even if the sender isn't on out 
whitelist, reliably enough so everything could be "auto-approved" on a 
schedule, that would be paradise... but seems optimistic at this point...

Won't happen if I don't get back to it...

Best,
Frank

In article  <4B60DE12.3000900@myfairpoint.net>
           fbkotler@myfairpoint.net "Frank Kotler" writes:

> pete@nospam.demon.co.uk wrote:
> ...
> > -- hope that doesn't spoil your test...
> 
> Oh, no. We need tests of all kinds. Well, we've got enough spam, I 
> think. We can delete it "by hand". Haven't thought much about 
> auto-detecting spam. I just tried gcc on your "deliver.c"... bunch of 
> errors... no dos.h, to begin with.

Yeah -- it was written around BorlandC 3.1 for DOS use...

> Well, we wouldn't be using it as-is, 
> anyway. I think there might be some interesting parts. I like the fact 
> that you've got the "whitelist" built right into the "rules" file. 
> Thanks for showing us that!

My pleasure.  If I get the chance this weekend I might just take a 
hacksaw to it and remove all the stuff that I think wouldn't be needed 
for the alternative use.

Pete

PS re test eax, eax: you could mix in "and" or "or".  But heck, it's 
code, not an essay competition, so if "test" is what's needed, "test" 
is what it is ;-)
-- 
   "We have not inherited the earth from our ancestors,
    we have borrowed it from our descendants."

"Frank Kotler" <fbkotler@myfairpoint.net> wrote in message
news:4B60DE12.3000900@myfairpoint.net...
> Oh, no. We need tests of all kinds.

Ok:

test eax, eax
test eax, eax
test eax, eax
test eax, eax

Are you guys trying to scrub email addresses, IP's, and DNS names in the
message headers?  If so, some are making it through.

E.g., email headers like the "Received: from" or "Received: by" sections
should be removed.

E.g., nntp headers, if possible, should be scrubbed: "NNTP-Posting-Host",
"X-Originating-IP", "Injection-Info: somedns.name.com;
posting-host=xxx.xxx.xxx.xxx", should be scrubbed, if possible...


RP

pete@nospam.demon.co.uk wrote:

....
> PS re test eax, eax: you could mix in "and" or "or".  But heck, it's 
> code, not an essay competition, so if "test" is what's needed, "test" 
> is what it is ;-)

Yeah, I prefer "test" to "and" or "or". The latter two have a "store" 
phase - nothing is changed, but conceptually, they store a result. 
"test" inherently does not store a result, and thus should be faster (or 
less demanding of cpu resources). I have *no* idea if that is actually true.

No, I meant, "Eax, eax, eax. Why is it always eax? Why don't you ever 
test *me*?" :)

Speaking of tests... Congratulations, Pete! You're the first name on our 
whitelist! May not last - I'm seriously thinking of putting Chuck's name 
first on the list, in memorium. But you get the actual, physical honor. 
Doesn't get you "auto-approved", as yet. Before I can write the software 
to auto-approve anyone in the whitelist, I've gotta have a whitelist! Or 
at least know what its contents are going to be. I'm not sure I do, still...

I think I'm leaning toward two lines per capita. One "true" and one 
"munged". We don't have to do anything to yours, but...

From: fbkotler@myfairpoint.net
From: fbkotler@MUNGED.microcosmotalk.com

The latter just an example, the way Jim liked it. Dunno how Nathan wants 
it. In any case, if a user opts in to a "truefrom" list - you want your 
true address to show - we copy the first line over the second. We search 
on the first line and send the second. Trying to keep this as simple as 
possible (but no simpler). That's why the "From:" is in there - keeps me 
from having to trim it out and put it back in. :)

That may not be how it goes. I may get a better idea.

This is only a test.

Best,
Frank

On 28 Jan, 08:13, "Rod Pemberton" <do_not_h...@havenone.cmm> wrote:

....

> Are you guys trying to scrub email addresses, IP's, and DNS names in the
> message headers? =A0If so, some are making it through.
>
> E.g., email headers like the "Received: from" or "Received: by" sections
> should be removed.
>
> E.g., nntp headers, if possible, should be scrubbed: "NNTP-Posting-Host",
> "X-Originating-IP", "Injection-Info: somedns.name.com;
> posting-host=3Dxxx.xxx.xxx.xxx", should be scrubbed, if possible...

I appreciate that you prefer the privacy, Rod, but

1. Are you looking for greater anonymity than afforded by posting to
non-moderated groups?

2. Apart from personal preference can you justify the use of the word
"should" in your comments?

I can see value in removing headers if the moderators receive posts
via e-mail but would query the value of removing those received by
nntp unless they contain something other than posts to non-moderated
groups.

James

"James Harris" <james.harris.1@googlemail.com> wrote in message
news:861568b4-e5d8-46b9-80aa-15b2cc3fe30a@k35g2000yqb.googlegroups.com...
On 28 Jan, 08:13, "Rod Pemberton" <do_not_h...@havenone.cmm> wrote:
>
> > Are you guys trying to scrub email addresses, IP's, and DNS names in the
> > message headers? If so, some are making it through.
> >
> > E.g., email headers like the "Received: from" or "Received: by" sections
> > should be removed.
> >
> > E.g., nntp headers, if possible, should be scrubbed:
> > "NNTP-Posting-Host",
> > "X-Originating-IP", "Injection-Info: somedns.name.com;
> > posting-host=xxx.xxx.xxx.xxx", should be scrubbed, if possible...
>
> I appreciate that you prefer the privacy, Rod, but
>
> 1. Are you looking for greater anonymity than afforded by posting to
> non-moderated groups?
>

No, not at all.  I mentioned it because the posts by other people to clax,
both recent and in the past, have had either their IP's or the IP of clax's
posting server displayed.  The newserver that I post through attempts to
remove them.

> 2. Apart from personal preference can you justify the use of the word
> "should" in your comments?

"should ... if possible".

"if possible": It may not be possible for the current moderators to control
the Usenet headers, since they are posting through a normal commercial
service: Giga-news.  I don't see the "NNTP-Posting-Host" on the test
messages through Giga-news, but I did see the other two I mentioned...

"should": Who wants their machines hacked?

Even it it's just a router, email or nntp forwarder, no one wants their
machine's IP publicly revealed and logged.  There are numerous programs
which can be used to strip all email addresses, email servers, nntp hosts,
IP's, etc. from newsgroup posts.  I use one myself, for non-nefarious
reasons.  It's entirely automatic.  You just tell it what newserver to get
the info from.  Then, it'll test a few hundred thousand sites by itself.  It
takes about half a day.

For example, in your immediate post to me on clax, there is an IP in the
message header with the "Injection-Info" line.  On alt.lang.asm, it's in the
"NNTP-Posting-Host" line.  So, it is probably your IP, maybe a library, or
work.  It's "homesurf", so more likely a home user.  It's "pcl-ag01".  That
part of the name typically refers to the physical city or physical gateway
location.  It's a "dyn.plus.net" IP which means the service provider is BT
Group's Plusnet, Sheffield, UK.  The IP is registered to "PlusNet
Technologies Ltd" in GB as a dial-up or ADSL pool line.  If it's dial-up you
could be anywhere, but if it's ADSL, you're within a few miles depending on
the type of ADSL.  What's interesting is that ADSL pool lines usually have
round-robbin, dynamic IP's instead of the static IP you have.  The IP's
physical location is _supposed_ to be Oxford, England, UK.  Much of this is
available from the Whois entry, but some of it isn't...  A little bit more
digging, and "pcl-ag01" stands for "Plusnet Central Link - Aggregator 01" in
London.  It's using a Juniper E320 router as either "Plusnet8" or
"Plusnet13".  Nearby Oxford is a city or township called Abingdon.  Did you
know there is a "James Harris Investigations" in Abingdon, Oxfordshire?
Well, talk about a coincidence.  Any relation?  One listing locates JHI on
Abingdon Rd, another lists as Milton Park.  I thought they might be
cross-streets, but I couldn't locate where they crossed.  And, a third
listing's address is in Didcot.

Scary?

> I can see value in removing headers if the moderators receive posts
> via e-mail but would query the value of removing those received by
> nntp

The moderators don't receive *any* posts by nntp in a moderated newsgroup.
It's emailed to the moderator.  When the moderator approves it, then it's
posted by nntp.  As for the nntp headers, yes, it makes sense to remove
valid IP's, domain names.  Many modern servers do this to protect people and
machines, but some don't.

> unless they contain something other than posts to non-moderated
> groups.

They do.  The recent test posts by both Frank Kotler and Nathan Baker
contain the email header's routing info with valid IP's, domain names, etc.
of active machines.  I.e., "hackers delight"...


Rod Pemberton

In article  <hjrh01$tsv$1@speranza.aioe.org>
           do_not_have@havenone.cmm "Rod Pemberton" writes:

> Are you guys trying to scrub email addresses, IP's, and DNS names in the
> message headers?  If so, some are making it through.
> 
> E.g., email headers like the "Received: from" or "Received: by" sections
> should be removed.

Probably.  Or munged in some way as "From:" headers are much easier to 
harvest than e.g. "Reply-To:" headers.

> E.g., nntp headers, if possible, should be scrubbed: "NNTP-Posting-Host",
> "X-Originating-IP", "Injection-Info: somedns.name.com;
> posting-host=xxx.xxx.xxx.xxx", should be scrubbed, if possible...

Probably not.  I, like I suppose most posters, prefer to make it as 
difficult as possible for spammers to find an easy route into my 
inbox.  But these types of headers are IME "low risk" yet do provide a 
degree of traceability in cases where tracing the originator is deemed 
appropriate.  I think most/all are added by the poster's ISP for just 
such purposes and I don't believe that it is the job of a moderator to 
remove them.

Anybody that paranoid about revealing their IP address can always post 
through an "anonymising" server after all...

Pete
-- 
   "We have not inherited the earth from our ancestors,
    we have borrowed it from our descendants."

In article  <hjrkc0$2ue$1@speranza.aioe.org>
           fbkotler@myfairpoint.net "Frank Kotler" writes:

> pete@nospam.demon.co.uk wrote:
> 
> ...
> > PS re test eax, eax: you could mix in "and" or "or".  But heck, it's 
> > code, not an essay competition, so if "test" is what's needed, "test" 
> > is what it is ;-)
> 
> Yeah, I prefer "test" to "and" or "or". The latter two have a "store" 
> phase - nothing is changed, but conceptually, they store a result. 
> "test" inherently does not store a result, and thus should be faster (or 
> less demanding of cpu resources). I have *no* idea if that is actually true.

Nor me.  Though someone will be along soon to let us know ;-)

> No, I meant, "Eax, eax, eax. Why is it always eax? Why don't you ever 
> test *me*?" :)

Probably historical, where the A reg (later AX, EAX then RAX) was the 
special "accumulator" reg and which had its own special instructions 
presumably optimised for speed/fewer cycles.  Probably no longer true 
these days, but old habits die hard...

> Speaking of tests... Congratulations, Pete! You're the first name on our 
> whitelist! May not last - I'm seriously thinking of putting Chuck's name 
> first on the list, in memorium. But you get the actual, physical honor. 

I feel honoured, if somewhat embarrassed!  Surely you, the mods, 
should be in that place (after Chuck, of course)?

> Doesn't get you "auto-approved", as yet. Before I can write the software 
> to auto-approve anyone in the whitelist, I've gotta have a whitelist! Or 
> at least know what its contents are going to be. I'm not sure I do, still...
> 
> I think I'm leaning toward two lines per capita. One "true" and one 
> "munged". We don't have to do anything to yours, but...
> 
> From: fbkotler@myfairpoint.net
> From: fbkotler@MUNGED.microcosmotalk.com
> 
> The latter just an example, the way Jim liked it. Dunno how Nathan wants 
> it. In any case, if a user opts in to a "truefrom" list - you want your 
> true address to show - we copy the first line over the second. We search 
> on the first line and send the second. Trying to keep this as simple as 
> possible (but no simpler). That's why the "From:" is in there - keeps me 
> from having to trim it out and put it back in. :)
> 
> That may not be how it goes. I may get a better idea.

Looks like a reasonable starting point -- after all, the whitelisting 
function and the "what gets posted in headers" function are separate 
bits of logic.  But I'd even question whether the latter is even a job 
for the moderation software; if contributors wish to be attributed 
with a munged email address maybe they could post from same?

Pete
-- 
   "We have not inherited the earth from our ancestors,
    we have borrowed it from our descendants."

On Thu, 28 Jan 2010 12:41:16 -0500, "Rod Pemberton"
<do_not_have@havenone.cmm> wrote:

>No, not at all.  I mentioned it because the posts by other people to clax,
>both recent and in the past, have had either their IP's or the IP of clax's
>posting server displayed.  The newserver that I post through attempts to
>remove them.


Lately I've been using aioe.org:

>NNTP-Posting-Host: kSWD0Qbf3TCn9k7s4I0R5A.user.speranza.aioe.org

They are free.  No authentication required.  They seem to carry all the
text groups I'm interested in.


-- 
Web mail, POP3, and SMTP
http://www.beewyz.com/freeaccounts.php
 

"Frank Kotler" <fbkotler@myfairpoint.net> wrote in message 
news:hjrkc0$2ue$1@speranza.aioe.org...
>
> I think I'm leaning toward two lines per capita. One "true" and one 
> "munged". We don't have to do anything to yours, but...
>
> From: fbkotler@myfairpoint.net
> From: fbkotler@MUNGED.microcosmotalk.com
>
> The latter just an example, the way Jim liked it. Dunno how Nathan wants 
> it.

I don't care how we do it.  If there is some valid rationale for doing 
"@MUNGED.inspitetomorrow.net" that is fine.  Otherwise, 
"@MUNGEDmyfairpoint.net" seems like a reasonable approach.

Nathan.

On 28 Jan, 17:41, "Rod Pemberton" <do_not_h...@havenone.cmm> wrote:
> "James Harris" <james.harri...@googlemail.com> wrote in message

....

[I was going to put OT in the subject line but this is about
moderation alterations to nntp headers and the subject is "More
construction debris" so I guess it's just about on topic.]

> Even it it's just a router, email or nntp forwarder, no one wants their
> machine's IP publicly revealed and logged. =A0There are numerous programs
> which can be used to strip all email addresses, email servers, nntp hosts=
,
> IP's, etc. from newsgroup posts. =A0I use one myself, for non-nefarious
> reasons. =A0It's entirely automatic. =A0You just tell it what newserver t=
o get
> the info from. =A0Then, it'll test a few hundred thousand sites by itself=
.. =A0It
> takes about half a day.

Sorry for swapping the following round but I'm going to have to answer
the latter part of your post first so as to keep the thoughts in a
logical order:

> > I can see value in removing headers if the moderators receive posts
> > via e-mail but would query the value of removing those received by
> > nntp
>
> The moderators don't receive *any* posts by nntp in a moderated newsgroup=
..
> It's emailed to the moderator.

You can submit via nntp (as I do). Any such submission should have all
the normal headers your news client spits out and your nntp server
retains plus those it adds itself. These can then be converted to e-
mail to get to a moderator as Frank explained recently in the thread
entitled, "trying to post a message to comp.lang.asm.x86."

I meant that if the moderators receive posts directly from individuals
(or programs) via e-mail that I could see value in manipulating those
headers, but the ones originated by nntp submissions should be the
same as those sent to unmoderated groups so I was querying what
secrecy was to be gained by asking that they be altered.

>  When the moderator approves it, then it's
> posted by nntp.  As for the nntp headers, yes, it makes sense to remove
> valid IP's, domain names.  Many modern servers do this to protect people =
and
> machines, but some don't.
>
> > unless they contain something other than posts to non-moderated
> > groups.
>
> They do.  The recent test posts by both Frank Kotler and Nathan Baker
> contain the email header's routing info with valid IP's, domain names, et=
c.
> of active machines.  I.e., "hackers delight"...

OK

 - Back to the rest in original order:

> For example, in your immediate post to me on clax, there is an IP in the
> message header with the "Injection-Info" line. =A0On alt.lang.asm, it's i=
n the
> "NNTP-Posting-Host" line. =A0So, it is probably your IP, maybe a library,=
 or
> work. =A0It's "homesurf", so more likely a home user. =A0It's "pcl-ag01".=
 =A0That
> part of the name typically refers to the physical city or physical gatewa=
y
> location. =A0It's a "dyn.plus.net" IP which means the service provider is=
 BT
> Group's Plusnet, Sheffield, UK. =A0The IP is registered to "PlusNet
> Technologies Ltd" in GB as a dial-up or ADSL pool line. =A0If it's dial-u=
p you
> could be anywhere, but if it's ADSL, you're within a few miles depending =
on
> the type of ADSL. =A0What's interesting is that ADSL pool lines usually h=
ave
> round-robbin, dynamic IP's instead of the static IP you have. =A0The IP's
> physical location is _supposed_ to be Oxford, England, UK. =A0Much of thi=
s is
> available from the Whois entry, but some of it isn't... =A0A little bit m=
ore
> digging, and "pcl-ag01" stands for "Plusnet Central Link - Aggregator 01"=
 in
> London. =A0It's using a Juniper E320 router as either "Plusnet8" or
> "Plusnet13". =A0Nearby Oxford is a city or township called Abingdon. =A0D=
id you
> know there is a "James Harris Investigations" in Abingdon, Oxfordshire?
> Well, talk about a coincidence. =A0Any relation? =A0One listing locates J=
HI on
> Abingdon Rd, another lists as Milton Park. =A0I thought they might be
> cross-streets, but I couldn't locate where they crossed. =A0And, a third
> listing's address is in Didcot.
>
> Scary?

:-)

Sorry but No. I am on ADSL with PlusNet but nowhere near Sheffield.
That's probably just the registered address of the ISP. I'm not near
Oxford or London or Abingdon either ... or Didcot. And I don't know
the James Harris in Abingdon.

I wish this wasn't seen as an all-or-nothing issue. (I.e. if you find
out all about me that IPs should be hidden OR you get it all wrong
which proves that IPs are safe to disclose.) My point was simply that
if IPs appear in the posts I send (via nntp) it's unreasonable to ask
the moderators of clax86 to remove them.

On IPs: a person who runs an internet service (web server or other)
will have his IP address known and he should have suitable firewall
protection. On the other hand a person who runs only clients might
want to change his ip address from time to time. I do.

James

On Thu, 28 Jan 2010 19:10:37 +0000 (UTC), pete@nospam.demon.co.uk wrote:

>Probably not.  I, like I suppose most posters, prefer to make it as 
>difficult as possible for spammers to find an easy route into my 
>inbox.

I wonder if it's difficult for spambots to strip "nospam" from an email
address.

I post my real email and still don't get much spam.  Wonder how my mail
service manages that ... send me a test email if you want to know if my
email address is real.


-- 
Web mail, POP3, and SMTP
http://www.beewyz.com/freeaccounts.php
 

On 28 Jan, 09:04, Frank Kotler <fbkot...@myfairpoint.net> wrote:

....

> Yeah, I prefer "test" to "and" or "or". The latter two have a "store"
> phase - nothing is changed, but conceptually, they store a result.
> "test" inherently does not store a result, and thus should be faster (or
> less demanding of cpu resources). I have *no* idea if that is actually true.

I do similar. To zero a register I use xor reg, reg rather than sub
reg, reg as it's intrinsically less demanding - no carry between bit
positions. That said, on any machines I've checked xor and sub take
the same time. I think that's because the CPUs are all synchronous -
i.e. clocked. AIUI hardware architects plan in whole numbers of
cycles. An instruction which completes in less than one cycle will
still take one cycle.

Non-clocked designs are rare and AFAICS are not really supported in
hardware languages like VHDL and Verilog. (If anyone's interested
there's an absence of support for relative place and route timing: if
there's no clock you need some way to identify when an operation has
finished - you can't count cycles - but place and route can optimise
the wrong path.) But in an unclocked design simpler instructions
should be able to execute more quickly and take less power ... at
least in theory.

James

Rod Pemberton wrote:
> "Frank Kotler" <fbkotler@myfairpoint.net> wrote in message
> news:4B60DE12.3000900@myfairpoint.net...
>> Oh, no. We need tests of all kinds.
> 
> Ok:
> 
> test eax, eax
> test eax, eax
> test eax, eax
> test eax, eax

I *had* those ones, Rod! :)

> Are you guys trying to scrub email addresses, IP's, and DNS names in the
> message headers?  If so, some are making it through.

Currently, we are not.

> E.g., email headers like the "Received: from" or "Received: by" sections
> should be removed.
> 
> E.g., nntp headers, if possible, should be scrubbed: "NNTP-Posting-Host",
> "X-Originating-IP", "Injection-Info: somedns.name.com;
> posting-host=xxx.xxx.xxx.xxx", should be scrubbed, if possible...

Okay. I cut-and-pasted a section on this subject out of the "Moderator's 
Manual" as a comment into the code I was working on, 'cause I knew I was 
going to have to deal with it.. Took it back out - too cluttered - but 
I'll need it back soon, and maybe I'll paste this in as a comment, too.

You know what a DKIM signature is? This puppy already threw me for a 
loop! It appears if I cc (or mail directly?) to the clax86-submit 
address, not if I just post.

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=myfairpoint.net;
     s=alpha; t=1264633395;
     bh=KgeuYCRET2ZlcT+SWWH5SWZvCmTbt+LT0oYHXXUpvzk=;
     h=Message-ID:Date:From:MIME-Version:CC:Subject:References:
      In-Reply-To:Content-Type:Content-Transfer-Encoding;
     b=nk2bTriBRDWz+/se3cVysV8PVdT5Y2yHcOrD/5+sk+Lza7CD2c5fFwt32IW4qZoZN
      W2QZDGN2xs0fPeZ4yOigUP18zbX4xA/vXLqk6C7yJ/U/+QRQNVFwXYuB19oozxW3qE
      QXrrru+QgI20yyeC/5bWQVES3hCJPhQVYjbTH1s0=

My attempt to find the "From:" (and "Subject:") line was coming up with 
that. I wasn't expecting to find "From:" in the header except one place, 
and I didn't spot it right away in the garbage when I went looking for 
*what* the problem was. Okay, besides not searching the body of the 
message (Duh!), I must look only at the start of a line. I'm learning, 
with a little help from my friends.

Not long ago, this program looked like this:

the_message:
db "From: Frank Kotler <fbkotler@myfairpoint.net>", NL
db "Organization: N", NL
db "Subject: like and, but no storage", NL
db "Date: Thu, 23 Apr 2009 3:05:00 -0400 (EDT)", NL
;db "Approved: clax86 moderation fbkotler@myfairpoint.net", NL
db "Newsgroups: comp.lang.asm.x86", NL
db NL
db "Yes, this is a test message. ", NL
db "If you see it, this is a Good Thing!", NL
db "Probably won't be able to reply or post... yet.", NL
db "Bear with us, we're workin' on it!", NL
db "Best,", NL
db "Frank", NL
db NL, '.', NL
the_message_len equ $ - the_message

Note that the "Date:" line is grossly out of date - and that we're not 
really supposed to send one. The "Approved:" line is commented out, 
because I was sending this via aioe. Thanks for the tip on that! They 
won't let me approve a message, though (appropriate: no login).

I actually approved that message via nntp.verizon.net - Verizon sold me 
to Fairpoint, and Fairpoint doesn't do nntp at all. I talked to their 
tech-support guy about it. You know what a deer in the headlights sounds 
like on the telephone? So I just kept using the Verizon account, and 
they kept accepting my login. (theft of services, I suppose, but they 
never told me to change it) Well, Verizon dropped all nntp, too (they'd 
dropped the "alt" hierarchy previously - which is where your tip on aioe 
  saved my butt) - just in time to coincide with Jim's sudden 
relocation. Approved posts (should call them "articles" to correspond 
with the docs) are currently being posted on... another account.

When I realized that the previous methods weren't working out, and we 
really needed something to post messages, the next version went:

the_message:
incbin "the.msg"
the_message_len equ $ - the_message

Get the message (using wget at one point!), tweak up "the.msg" in a text 
editor, run it through "todos" to get dos-style line endings, assemble 
the program, and run it. Some interface, eh? :)

So progress is being made in small steps. "Header management" will be 
coming up soon. Having found that I *could* "send everything", that's 
what I did, for now. The section from the moderator's handbook that I 
mentioned goes into some detail, but mentions a specific list of headers 
which should be scrubbed:


        NNTP-Posting-Host:
        Status:
        Lines:
        Received:
        Apparently-To:
        X-*
        Cc:
        Message-ID:
        Sender:
        In-Reply-To:
        X-VM-v5-Data:
        Originator:

If we wanna kick that around and add some (I'll go with 
"DKIM-signature:"!!!), I'll try to implement it.

We know that these lines wanna stay...

Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

right? Or do we only want to pass lines with certain values? I can see 
that this is going to complicate a nice simple program! :)

It's "too simple" anyway. Everything in sight hard coded into it. I'd 
love to toss it out as a "project", but it's got passwords in it. I can 
expunge the passwords, but then no one can "test" it. It isn't intended 
for the "general public", anyway. A highly "specific" program. Betov 
would be proud of me! :)

Best,
Frank

James Harris wrote:
> I do similar. To zero a register I use xor reg, reg rather than sub
> reg, reg as it's intrinsically less demanding - no carry between bit
> positions. That said, on any machines I've checked xor and sub take

It is even more sneaky than that:

Some current cpus run better if you "MOV reg,0" because that is an 
explicit break in the register content dependency chain.

I.e. after said MOV, the register renaming logic knows that the value in 
the register doesn't depend on any previous value.

OTOH, XOR EAX,EAX as well as SUB REG,REG are such common idioms that 
another set of cpu architects will recognize them as ZERO REG 
pseudo-ops, which also breaks the dependency chain!

> the same time. I think that's because the CPUs are all synchronous -
> i.e. clocked. AIUI hardware architects plan in whole numbers of
> cycles. An instruction which completes in less than one cycle will
> still take one cycle.

It is rather the opposite: A cpu architect starts with the set of 
instructions that needs to run in a single cycle, then tweaks the 
pipeline until the slowest of all these instructions run as fast as 
possible.

Very often that will indeed by ADD or SUB, since these either need a 
_lot_ of hardware or a very slow carry propagation network.

Usually a modern ADD has ways to speed that network up, the easiest to 
explain is probably carry select:

Assume that a regular carry network can handle 16 bits in a fraction of 
a cycle, but not all 32: We can then implement the adder as three (not 
two!) 16-bit adders, one for the lower 16 bits, and two for the upper 16.

The two upper adders will start by assuming that the incoming carry will 
be zero or one, then calculate the two possible results. By the time 
that has been done, the lower half has finished, possibly generating a 
carry out of the top, right?

The carry select logic then uses that low half carry to SELECT the 
proper version of the high half result, meaning that you get the full 
32-bit result in about the same time as a 17-bit adder would have used.

You can of course apply this idea recursively, making each 16-bit adder 
out of 3 8-bit adders, giving the final result in ~10-bit adder time, 
but using a total of 9*8=72 full one-bit adders.

With one more layer we'd end up with 27*4=108 adders and ~7 bit adder 
time usage, i.e. we're quickly reaching the point of diminishing returns!

Terje
-- 
- <Terje.Mathisen at tmsw.no>
"almost all programming can be viewed as an exercise in caching"

In article  <hjtfk7$vc2$1@speranza.aioe.org>
           fbkotler@myfairpoint.net "Frank Kotler" writes:
....
> So progress is being made in small steps. "Header management" will be 
> coming up soon. Having found that I *could* "send everything", that's 
> what I did, for now. The section from the moderator's handbook that I 
> mentioned goes into some detail, but mentions a specific list of headers 
> which should be scrubbed:
> 
> 
>         NNTP-Posting-Host:
>         Status:
>         Lines:
>         Received:
>         Apparently-To:
>         X-*
>         Cc:
>         Message-ID:
>         Sender:
>         In-Reply-To:
>         X-VM-v5-Data:
>         Originator:
> 
> If we wanna kick that around and add some (I'll go with 
> "DKIM-signature:"!!!), I'll try to implement it.

  Message-ID: ???

I don't know how official your "Moderator's Handbook" is, Frank, but 
I'd certainly refer to rfc5536 for a perhaps more official view:

  http://www.ietf.org/rfc/rfc5536.txt

Section 3 deals with usenet headers, and Message-ID is mandatory.

Just trying to help...
Pete
-- 
   "We have not inherited the earth from our ancestors,
    we have borrowed it from our descendants."

"James Harris" <james.harris.1@googlemail.com> wrote in message
news:92be34f5-dca6-40e6-baeb-c10ee13d1305@g29g2000yqe.googlegroups.com...
> >
> > [too much personal info related to IP address]
> > Scary?
>
> Sorry but No.

Well, I was hoping for a closer match to make the point of not revealing
IP's.

So, let's take me instead. I'm on cable broadband. If you did that with my
IP, you'd know the geographic area I live to within a few square miles or
kilometers. With a phone directory, you could locate where I live. That's
scary. The IP location info for my IP is accurate.  It's possible that that
may be a legal requirement here, e.g., for emergency services with VOIP.

> I wish this wasn't seen as an all-or-nothing issue.

It's not. Authorities have access to the information via legal methods for
legal reasons. But, non-authorities shouldn't have access to that
information. When they do, you can become exposed to dangerous situations.
The information isn't needed publicly. So, why reveal it?

> it's unreasonable to ask
> the moderators of clax86 to remove them.

I didn't realize, until Frank described it, that they are creating a whole
new parsing framework from scratch. So, maybe it is a difficult request at
this point in time. It could be quite some work to handle all the headers
Frank listed, especially if he doesn't use tools like flex or awk, or
something more powerful and flexible.


RP

On 29 Jan, 15:43, "Rod Pemberton" <do_not_h...@havenone.cmm> wrote:

....

> So, let's take me instead. I'm on cable broadband. If you did that with m=
y
> IP, you'd know the geographic area I live to within a few square miles or
> kilometers. With a phone directory, you could locate where I live. That's
> scary. The IP location info for my IP is accurate. =A0It's possible that =
that
> may be a legal requirement here, e.g., for emergency services with VOIP.

Well, I had a look for you and may have found you - which I agree is a
little scary. I won't write the details here just in case but I can
pass on the details by e-mail if you like. Whether right or not I
understand and agree with your point.

That said, there is still little value in asking clax86 moderators to
strip headers that a person sends to other groups (but it's not a big
point). At any rate someone like yourself who sensibly withholds
certain details will have them hidden from any group.

James

pete@nospam.demon.co.uk wrote:
 > I don't know how official your "Moderator's Handbook" is, Frank, but
> I'd certainly refer to rfc5536 for a perhaps more official view:
> 
>   http://www.ietf.org/rfc/rfc5536.txt
> 
> Section 3 deals with usenet headers, and Message-ID is mandatory.
> 
> Just trying to help...

Thanks, Pete! Some question in my mind as to "who does what?" and even 
"who am I?". From the POV of the final nntp server, I'm an "agent". But 
I'm "not an agent", in that an original nntp server has seen these 
things, and has added headers of its own. So *some* headers I'm not 
expected to add, just pass through (some of) what I'm given.

I've cribbed together a version to try, and need a test message. This is 
it. :)

Best,
Frank

Rod Pemberton wrote:

....
> Are you guys trying to scrub email addresses, IP's, and DNS names in the
> message headers?  If so, some are making it through.
> 
> E.g., email headers like the "Received: from" or "Received: by" sections
> should be removed.
> 
> E.g., nntp headers, if possible, should be scrubbed: "NNTP-Posting-Host",
> "X-Originating-IP", "Injection-Info: somedns.name.com;
> posting-host=xxx.xxx.xxx.xxx", should be scrubbed, if possible...

Working on it. Some dissent on some of the headers you mention - that 
rfc5536 that Pete pointed me at seems to think that "NNTP-Posting-Host" 
and "Injection-Info" are "standard" for nntp. I've pretty much retained 
anything they say is "standard", plus the "Mime-Version", etc. that we 
want(?) to get rid of the "quoted-unprintable" issue (maybe). Everything 
else is discarded.

See what you think of the current configuration. A very minimal header 
"seems to work", and "send everything" "seems to work", so apparently 
there's some leeway. It's a work in progress (loosely defined).

Isn't discarding headers censorship??? :)

Best,
Frank

Frank Kotler wrote:
> 
> 
> Rod Pemberton wrote:

See if we can get rid of the excess blank lines at the beginning of 
message...

Later,
Frank

Frank Kotler wrote:
> Frank Kotler wrote:
>>
>>
>> Rod Pemberton wrote:
> 
> See if we can get rid of the excess blank lines at the beginning of 
> message...

That's better...

Best,
Frank

Frank Kotler wrote:

....
> That's better...

Jeez, it's got me talkin' to myself! :)

If this works, it will have "auto-approved", 'cause I'm on the 
whitelist. You are too, or will be (probably...). A "goalpost" of sorts. 
Now I suppose I've gotta learn how to run "cron", or so...

This doesn't attempt to distinguish between legitimate posts and spam, 
justs "approves" posts from senders on the whitelist. All else is left 
for a human to either reject, or approve, optionally adding sender to 
whitelist (run without the "-a" switch). Gives the moderators a chance 
to prove they're smarter than a machine. :)

Couple more tests and I'll get this "snapshot" off to Nathan, so we can 
be synchronized.

Best,
Frank

Frank Kotler wrote:

....
> Now I suppose I've gotta learn how to run "cron", or so...

That looks too complicated. Try making 'er sleep for... 900 seconds? 
She's sleeping now (if all is going well), and may autoapprove this 
message... soon... if all goes well.

Best,
Frank

"Frank Kotler" <fbkotler@MUNGED.myfairpoint.net> wrote in message 
news:hkl56a$h2r$1@speranza.aioe.org...
> Frank Kotler wrote:
>
> ...
>> Now I suppose I've gotta learn how to run "cron", or so...
>
> That looks too complicated. Try making 'er sleep for... 900 seconds? She's 
> sleeping now (if all is going well), and may autoapprove this message... 
> soon... if all goes well.
>

(Most) all "goes well" but I believe I know a Nasmist who thinks he might be 
"going crazy!"  However, I submit that you can't be "talking to yourself" if 
you are posting to Usenet -- you've got an audience!  :)

About the "most" -- well... uh... I've got an "oopsie" to report.  I saw 
that a valid post was samwiched between some spam, so I decided to test 
'claxmod08' in "manual" mode.  Everything *appeared* to be "going well" but 
I do not see the post here in the group.  Sorry, Wolfgang!  I will "fetch it 
from the bin" and post it shortly.  Luckily, it is in "msg.txt" and I can 
post it the old-old-fashion way.

Thanks again for all your efforts.

Nathan.

On Feb 9, 3:14=A0pm, "Nathan Baker" <nathancba...@gmail.com> wrote:
>
> About the "most" -- well... uh... I've got an "oopsie" to report. =A0I sa=
w
> that a valid post was samwiched between some spam, so I decided to test
> 'claxmod08' in "manual" mode. =A0Everything *appeared* to be "going well"=
 but
> I do not see the post here in the group. =A0Sorry, Wolfgang! =A0I will "f=
etch it
> from the bin" and post it shortly. =A0Luckily, it is in "msg.txt" and I c=
an
> post it the old-old-fashion way.
>

Strike that!  No "dropped articles" in CLAX-land.  Apparently the news-
servers are experiencing a l-o-n-g delay today.  :(

Nathan.

Nathan Baker wrote:
> "Frank Kotler" <fbkotler@MUNGED.myfairpoint.net> wrote in message 
> news:hkl56a$h2r$1@speranza.aioe.org...
>> Frank Kotler wrote:
>>
>> ...
>>> Now I suppose I've gotta learn how to run "cron", or so...
>> That looks too complicated. Try making 'er sleep for... 900 seconds? She's 
>> sleeping now (if all is going well), and may autoapprove this message... 
>> soon... if all goes well.
>>
> 
> (Most) all "goes well" but I believe I know a Nasmist who thinks he might be 
> "going crazy!"

Actually, I'm having fun (mostly). It's crazy to be writing this thing 
in assembly language... but I was like that before I started. :)

>  However, I submit that you can't be "talking to yourself" if 
> you are posting to Usenet -- you've got an audience!  :)

Well, that's true. I guess. Hard to tell, if the audience doesn't talk 
back. We *know*(?) that "sleeping beauty" will auto-approve a message 
from *me*...

> About the "most" -- well... uh... I've got an "oopsie" to report.  I saw 
> that a valid post was samwiched between some spam, so I decided to test 
> 'claxmod08' in "manual" mode.  Everything *appeared* to be "going well" but 
> I do not see the post here in the group.  Sorry, Wolfgang!  I will "fetch it 
> from the bin" and post it shortly.  Luckily, it is in "msg.txt" and I can 
> post it the old-old-fashion way.

Okay, apparently that *did* work, but there's a "oopsie" in claxmod09 
that I sent you. In "auto mode", if a user is already in the whitelist, 
we're supposed to auto-approve (and auto-delete - was I too quick with 
that?) the message. Due to an unintended curlicue in the spaghetti, it 
stopped and waited for a key (only supposed to happen in "manual mode"). 
This resulted in being logged off for inactivity (unlike the "snake 
thing", Dovecot lets me log back in). This may have caused trouble with 
Wolfgang's message, although it seems to have posted okay in the end.

Also, I posted William Zhang's address unmunged. Sorry. Next post should 
be auto-approved and munged. I'm working on auto-munge. Currently, I'm 
doing "realname@MUNGED.realisp" ("by hand"). It would be simpler to call 
everybody "spamtrap@inspiretomorrow.net" (or some fixed string). No big 
deal to look for the '@', if we prefer that.

Currently, claxmod is auto-rejecting messages with "the v-word" in the 
"From:" line. (A surprising number of them!)

WARNING! WARNING! WARNING!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Do not use the v-word in your address. This will cause your message to 
be rejected. My apologies if you were in the habit of doing that. :)
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

> Thanks again for all your efforts.

A pleasure (mostly). I'm not looking for "applause", but we need lots 
more test messages, both from people already on the whitelist (so we can 
test "auto-approve") and people not yet on the whitelist (so we can test 
"manual-add" and perhaps "auto-munge").

So thanks (and TIA, I hope) for the test messages. Special thanks to 
William (and Wolfgang) for the "normal conversation". That's what this 
thing is supposed to be "for"! :)

Best,
Frank

Frank Kotler wrote:
....
>>  However, I submit that you can't be "talking to yourself" if you are 
>> posting to Usenet -- you've got an audience!  :)
> 
> Well, that's true. I guess. Hard to tell, if the audience doesn't talk 
> back. We *know*(?) that "sleeping beauty" will auto-approve a message 
> from *me*...

Talk about timing! I no sooner posted this than claxmod woke up and 
approved it - and deleted a "v-word" message at the same time!

("Don't get cocky, Kid!")

Best,
Frank

Frank Kotler wrote:

....
> ("Don't get cocky, Kid!")

Mmmm. My test of "auto-munge", after removing myself from the whitelist, 
just segfaulted, deleting the message, but not posting it. That's what 
we want *not* to happen, Frank!

Later,
Frank

Frank Kotler wrote:
> Frank Kotler wrote:
> 
> ...
>> ("Don't get cocky, Kid!")
> 
> Mmmm. My test of "auto-munge", after removing myself from the whitelist, 
> just segfaulted,

Newbie mistake. "[munged_addr]" vs "munged_addr". Sometimes I wonder if 
I'm smart enough to do this! Well, fixed, I guess... try 'er again!

Best,
Frank

Nathan wrote:

<q> ;damned OE didn't quote again

> About the "most" -- well... uh... I've got an "oopsie" to report. I saw
> that a valid post was samwiched between some spam, so I decided to test
> 'claxmod08' in "manual" mode. Everything *appeared* to be "going well" but
> I do not see the post here in the group. Sorry, Wolfgang! I will "fetch it
> from the bin" and post it shortly. Luckily, it is in "msg.txt" and I can
> post it the old-old-fashion way.
>

Strike that!  No "dropped articles" in CLAX-land.  Apparently the news-
servers are experiencing a l-o-n-g delay today.  :(

Nathan.
</q>

I'm familiar with a one day delay from moderated groups anyway :)

But I see the whole net became awful slow since a week.
Satelites may be in use for something else yet.
Perhaps some kind of war ahead ?

__
wolfgang

Frank Kotler wrote:
> Frank Kotler wrote:
>> Frank Kotler wrote:
>>
>> ...
>>> ("Don't get cocky, Kid!")
>>
>> Mmmm. My test of "auto-munge", after removing myself from the 
>> whitelist, just segfaulted,
> 
> Newbie mistake. "[munged_addr]" vs "munged_addr". Sometimes I wonder if 
> I'm smart enough to do this! Well, fixed, I guess... try 'er again!

.... and another dumb mistake discovered! "copy-and-paste" should have 
been "cut-and-paste" - added myself to whitelist twice. Sigh. Now try 
"auto mode" again...

Best,
Frank

Frank Kotler wrote:
....
> Currently, claxmod is auto-rejecting messages with "the v-word" in the 
> "From:" line. (A surprising number of them!)

> WARNING! WARNING! WARNING!

> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> Do not use the v-word in your address. This will cause your message to be 
> rejected. My apologies if you were in the habit of doing that. :)
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Could just be that my coffee weren't strong enough today ...
What the heck is a v-word ?

>> Thanks again for all your efforts.

> A pleasure (mostly). I'm not looking for "applause", but we need lots more 
> test messages, both from people already on the whitelist (so we can test 
> "auto-approve") and people not yet on the whitelist (so we can test 
> "manual-add" and perhaps "auto-munge").

> So thanks (and TIA, I hope) for the test messages. Special thanks to 
> William (and Wolfgang) for the "normal conversation". That's what this 
> thing is supposed to be "for"! :)

Oh, I didn't realise we were the rabbits in the laboratory :)

__
wolfgang

I posted just a few minutes ago :

;and the OE quotes (this time), weird isn't it ?

> Nathan wrote:
>
> <q> ;damned OE didn't quote again
>
>> About the "most" -- well... uh... I've got an "oopsie" to report. I saw
>> that a valid post was samwiched between some spam, so I decided to test
>> 'claxmod08' in "manual" mode. Everything *appeared* to be "going well" 
>> but
>> I do not see the post here in the group. Sorry, Wolfgang! I will "fetch 
>> it
>> from the bin" and post it shortly. Luckily, it is in "msg.txt" and I can
>> post it the old-old-fashion way.
>>
>
> Strike that!  No "dropped articles" in CLAX-land.  Apparently the news-
> servers are experiencing a l-o-n-g delay today.  :(
>
> Nathan.
> </q>
>
> I'm familiar with a one day delay from moderated groups anyway :)
>
> But I see the whole net became awful slow since a week.
> Satelites may be in use for something else yet.
> Perhaps some kind of war ahead ?
>
> __
> wolfgang

Don't put me onto the whitelist, I can be very nasty, sometimes ...

__
wolfgang

wolfgang kern wrote:
> Frank Kotler wrote:
> ...
>> Currently, claxmod is auto-rejecting messages with "the v-word" in the 
>> "From:" line. (A surprising number of them!)
> 
>> WARNING! WARNING! WARNING!
> 
>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>> Do not use the v-word in your address. This will cause your message to be 
>> rejected. My apologies if you were in the habit of doing that. :)
>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> 
> Could just be that my coffee weren't strong enough today ...
> What the heck is a v-word ?

BIAGRA. Don't get much spam, eh? :)

>>> Thanks again for all your efforts.
> 
>> A pleasure (mostly). I'm not looking for "applause", but we need lots more 
>> test messages, both from people already on the whitelist (so we can test 
>> "auto-approve") and people not yet on the whitelist (so we can test 
>> "manual-add" and perhaps "auto-munge").
> 
>> So thanks (and TIA, I hope) for the test messages. Special thanks to 
>> William (and Wolfgang) for the "normal conversation". That's what this 
>> thing is supposed to be "for"! :)
> 
> Oh, I didn't realise we were the rabbits in the laboratory :)

Well not *just* rabbits in the laboratory. I'll still respect you in the 
morning. :)

Best,
Frank

On Wed, 10 Feb 2010 05:20:53 -0500, spamtrap@inspiretomorrow.net wrote:

>>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>>> Do not use the v-word in your address. This will cause your message to be 
>>> rejected. My apologies if you were in the habit of doing that. :)
>>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>> 
>> Could just be that my coffee weren't strong enough today ...
>> What the heck is a v-word ?
>
>BIAGRA. Don't get much spam, eh? :)

No.  A good mail service is not hard to find.


>>>> Thanks again for all your efforts.
>> 
>>> A pleasure (mostly). I'm not looking for "applause", but we need lots more 
>>> test messages, both from people already on the whitelist (so we can test 
>>> "auto-approve") and people not yet on the whitelist (so we can test 
>>> "manual-add" and perhaps "auto-munge").

Rock and rool.


-- 
Web mail, POP3, and SMTP
http://www.beewyz.com/freeaccounts.php
 

<spamtrap@inspiretomorrow.net> schrieb im Newsbeitrag 
news:hku1bd$hdh$1@speranza.aioe.org...

I kept the first lines above as they appeared.

> wolfgang kern wrote:
>> Frank Kotler wrote:
>> ...
>>> Currently, claxmod is auto-rejecting messages with "the v-word" in the 
>>> "From:" line. (A surprising number of them!)

>>> WARNING! WARNING! WARNING!

>>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>>> Do not use the v-word in your address. This will cause your message to 
>>> be rejected. My apologies if you were in the habit of doing that. :)
>>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

>> Could just be that my coffee weren't strong enough today ...
>> What the heck is a v-word ?

> BIAGRA. Don't get much spam, eh? :)

Oh, future is near, but I never needed this medication  ... )*
Seems my newsdummy and also my provider save me from spam at all.


>>>> Thanks again for all your efforts.
>>
>>> A pleasure (mostly). I'm not looking for "applause", but we need lots 
>>> more test messages, both from people already on the whitelist (so we can 
>>> test "auto-approve") and people not yet on the whitelist (so we can test 
>>> "manual-add" and perhaps "auto-munge").
>>
>>> So thanks (and TIA, I hope) for the test messages. Special thanks to 
>>> William (and Wolfgang) for the "normal conversation". That's what this 
>>> thing is supposed to be "for"! :)
>>
>> Oh, I didn't realise we were the rabbits in the laboratory :)

> Well not *just* rabbits in the laboratory. I'll still respect you in the 
> morning. :)

)* ...  especially not in the morning :)

__
wolfgang

<spamtrap@inspiretomorrow.net> wrote in message
news:hku1bd$hdh$1@speranza.aioe.org...
> wolfgang kern wrote:
> > Frank Kotler wrote:
> > ...
> >> Currently, claxmod is auto-rejecting messages with "the v-word" in the
> >> "From:" line. (A surprising number of them!)
> >
> >> WARNING! WARNING! WARNING!
> >
> >> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> >> Do not use the v-word in your address. This will cause your message to
be
> >> rejected. My apologies if you were in the habit of doing that. :)
> >> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> >
> > Could just be that my coffee weren't strong enough today ...
> > What the heck is a v-word ?
>
> BIAGRA. Don't get much spam, eh? :)
>

Vegan? Vista? I was going to ask also...

FYI, Google searches indicate that the "v-word" is: vagina.  Interesting, I
just noticed that an anagram of the spam "v-word" is only one letter
different from the real "v-word"...

Is this worthy of a delete test?  ;-)


Rod Pemberton

Rod Pemberton wrote:
> <spamtrap@inspiretomorrow.net> wrote in message
> news:hku1bd$hdh$1@speranza.aioe.org...
>> wolfgang kern wrote:
>>> Frank Kotler wrote:
>>> ...
>>>> Currently, claxmod is auto-rejecting messages with "the v-word" in the
>>>> "From:" line. (A surprising number of them!)
>>>> WARNING! WARNING! WARNING!
>>>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>>>> Do not use the v-word in your address. This will cause your message to
> be
>>>> rejected. My apologies if you were in the habit of doing that. :)
>>>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>>> Could just be that my coffee weren't strong enough today ...
>>> What the heck is a v-word ?
>> BIAGRA. Don't get much spam, eh? :)
>>
> 
> Vegan? Vista? I was going to ask also...

A "cultural thing", I guess. I'm pretty sure Jim and Nathan, and the 
moderators of other groups, knew which word I meant.

> FYI, Google searches indicate that the "v-word" is: vagina.

Well *that's* on-topic! Although perhaps not here...

> Interesting, I
> just noticed that an anagram of the spam "v-word" is only one letter
> different from the real "v-word"...
> 
> Is this worthy of a delete test?  ;-)

I don't think I'm up to anagrams. :)

What do you think about current headers? Do you think "Injection-Info:" 
gives too much away, and should be scrubbed? Current code looks like:


     findneedle my_buf, [header_size], LF, "Message-ID:"
     copy_header_line

     findneedle my_buf, [header_size], LF, "Date:"
     copy_header_line

     findneedle my_buf, [header_size], LF, "Path:"
     copy_header_line

     findneedle my_buf, [header_size], LF, "Comments:"
     copy_header_line

     findneedle my_buf, [header_size], LF, "Keywords:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Reply-to:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Sender:"
     copy_header_line

; is anyone going to listen if we say no?
     findneedle my_buf, [header_size], LF, "Archive:"
     copy_header_line

; do we wanna pass this on?
     findneedle my_buf, [header_size], LF, "Control:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Distribution:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Expires:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Followup-To:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Injection-Date:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "NNTP-Posting-Date:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Injection-Info:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Organization:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "References:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Summary:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Supersedes:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "User-Agent:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Xref:"
     copy_header_line


;added these for "quoted-unprintable"

     findneedle my_buf, [header_size], LF, "Mime-Version:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Content-Type:"
     copy_header_line
     findneedle my_buf, [header_size], LF, "Content-Transfer-Encoding:"
     copy_header_line

     findneedle my_buf, [header_size], LF, "Newsgroups:"
     jz no_ng
     copy_header_line
     jmp foundng
     ...

The macros hide horrid convoluted cruft, but it's easy to edit to 
add/remove headers, if desired...

The address-munging is "in progress". I'm assuming that anything 
"pre-munged", like yours, is passed on intact. Everything else gets 
munged. I "over-munged" a few, there. Sorry. Try it again. :)

Best,
Frank

"Frank Kotler" <spamtrap@inspiretomorrow.net> wrote in message
news:hl1n9l$d5e$1@speranza.aioe.org...
> Do you think "Injection-Info:"
> gives too much away, and should be scrubbed?

Yes.

In addition to the three I mentioned before, I found two others that also
have IP's.  I'm not sure if they're normal headers or not.  I'd scrub, if
allowed:

"X-Trace"
"X-Trace-PostClient-IP"
"NNTP-Posting-Host"
"X-Originating-IP"
"Injection-Info: somedns.name.com, posting-host=xxx.xxx.xxx.xxx"
"Received: from"
"Received: by"

>     findneedle my_buf, [header_size], LF, "Message-ID:"
>     copy_header_line

Required, keep.

>     findneedle my_buf, [header_size], LF, "Date:"
>     copy_header_line

Keep.

>     findneedle my_buf, [header_size], LF, "Path:"
>     copy_header_line

Definately, keep.  Isn't this one required?

>     findneedle my_buf, [header_size], LF, "Comments:"
>     copy_header_line
>      findneedle my_buf, [header_size], LF, "Keywords:"
>     copy_header_line

Keep.

>     findneedle my_buf, [header_size], LF, "Reply-to:"
>     copy_header_line

Definately, keep.

>     findneedle my_buf, [header_size], LF, "Sender:"
>     copy_header_line

Keep.

> ; is anyone going to listen if we say no?
>      findneedle my_buf, [header_size], LF, "Archive:"
>      copy_header_line

Keep.

> ; do we wanna pass this on?
>      findneedle my_buf, [header_size], LF, "Control:"
>      copy_header_line
>      findneedle my_buf, [header_size], LF, "Distribution:"
>      copy_header_line

Keep.

>      findneedle my_buf, [header_size], LF, "Expires:"
>      copy_header_line

Probably, keep.

>      findneedle my_buf, [header_size], LF, "Followup-To:"
>      copy_header_line

Definately, keep.

>      findneedle my_buf, [header_size], LF, "Injection-Date:"
>      copy_header_line
>      findneedle my_buf, [header_size], LF, "NNTP-Posting-Date:"
>      copy_header_line

Probably, keep.

>      findneedle my_buf, [header_size], LF, "Injection-Info:"
>      copy_header_line

Remove, if allowed.

>      findneedle my_buf, [header_size], LF, "Organization:"
>      copy_header_line

Probably, keep.

>      findneedle my_buf, [header_size], LF, "References:"
>      copy_header_line

Definately, keep.  Isn't this one required?

>      findneedle my_buf, [header_size], LF, "Summary:"
>      copy_header_line

Probably, keep.

>      findneedle my_buf, [header_size], LF, "Supersedes:"
>      copy_header_line

Keep.

>      findneedle my_buf, [header_size], LF, "User-Agent:"
>      copy_header_line

Interesting, not needed.

>      findneedle my_buf, [header_size], LF, "Xref:"
>      copy_header_line

Probably, keep.


RP

"wolfgang kern" <nowhere@never.at> wrote in message 
news:hku18q$1jc$1@newsreader2.utanet.at...
>
> Don't put me onto the whitelist, I can be very nasty, sometimes ...
>

Ha... I'm sure most of us have a bit of a "thick skin" in this "dark alley" 
of Usenet.  I can't imagine you offending anyone, at any rate.

Nathan.

On Feb 11, 7:42=A0pm, "Nathan Baker" <nathancba...@gmail.com> wrote:
> "wolfgang kern" <nowh...@never.at> wrote in message
>
> news:hku18q$1jc$1@newsreader2.utanet.at...
>
>
>
> > Don't put me onto the whitelist, I can be very nasty, sometimes ...
>
> Ha... I'm sure most of us have a bit of a "thick skin" in this "dark alle=
y"
> of Usenet. =A0I can't imagine you offending anyone, at any rate.
>
> Nathan.

I hope to stay off the brown list, but hey, here's me posting from
google land, see what cruft they add..

Steve

munged or not, present and accounted for.

wolfgang kern wrote:
> I posted just a few minutes ago :
> 
> ;and the OE quotes (this time), weird isn't it ?
> 
>> Nathan wrote:
>>
>> <q> ;damned OE didn't quote again

OE? Isn't that the one governments are ordering their employees not to 
use, because of the vulnerabilities? :)

>>> About the "most" -- well... uh... I've got an "oopsie" to report. I saw
>>> that a valid post was samwiched between some spam, so I decided to test
>>> 'claxmod08' in "manual" mode. Everything *appeared* to be "going well" 
>>> but
>>> I do not see the post here in the group. Sorry, Wolfgang! I will "fetch 
>>> it
>>> from the bin" and post it shortly. Luckily, it is in "msg.txt" and I can
>>> post it the old-old-fashion way.
>>>
>> Strike that!  No "dropped articles" in CLAX-land.  Apparently the news-
>> servers are experiencing a l-o-n-g delay today.  :(
>>
>> Nathan.
>> </q>
>>
>> I'm familiar with a one day delay from moderated groups anyway :)

I understand that *some* moderated groups can be several days before an 
approval. Asm is faster! :)

>> But I see the whole net became awful slow since a week.
>> Satelites may be in use for something else yet.
>> Perhaps some kind of war ahead ?

As if I didn't have enough to be paranoid about! When I was a kid, I was 
taught that if I heard the siren, get to the shelter (basement of the 
school) immediately. If I saw the bright flash, get under the desk, put 
my hands over my head - elbows over my ears, put my head between my 
knees... and kiss my asm goodbye. I guess if the net gets slow, we have 
time to dig a hole, if it stops suddenly, "Duck and Cover!"...

> Don't put me onto the whitelist, I can be very nasty, sometimes ...

Well, we all can. I try not to post between when I wake up and when I've 
had my coffee. Folks, if Wolfgang gets nasty, don't retaliate in kind. 
Don't escalate. Don't continue with arguments that are going nowhere. 
Stay on topic (oops, I'm not doing that!). Generally remember "where you 
are", and we can have a newsgroup to enjoy, without anyone being 
blacklisted (except the obvious spammers).

If you seriously don't want to be on the whitelist, get in touch by 
private mail. After some discussion, the moderation team has decided 
that who is and is not on the whitelist/blacklist/rainbowlist is not a 
proper topic for discussion "in the group". We'll argue the point, but 
not here. Maybe I should have kept the very existence of the rainbowlist 
a secret. :)

Also, if you want your address to appear "unmunged), get in touch by 
private mail. We're leaning towards a form like 
"fbkotler@MUNGED.myfairpoint.net", rather than "spamtrap". As long as 
it's got me talkin' to myself anyway, might as well quote myself:

"... Depends on what we think the purpose of the munging is. The fantasy 
is, the moderators want you to use a true address so we can mail you a 
rejection notice (or so). So... what would you do if we *hadn't* asked 
you to use a valid address. Some people might want to disguise 
themselves entirely, some just don't want their address "harvested", but 
don't mind if humans contact them. I suppose the former category are 
already disguising themselves...

The thought just crossed my mind that we could go with "nospicedham" in 
memory of Beth. :)"

My last attempt at "auto-munging" turned out to be "overkill", so we're 
temporarily back to doing it "by hand", but I'm about to tackle it again 
soon. I'm open to persuasion, if anyone has strong opinions. You're apt 
to see "any old thing" in the interim. I'll try not to lose who it's 
from entirely... Might "out" somebody - first post that gets you on the 
whitelist - until I get it "fixed". Pre-munged addresses may get "double 
munged"... I don't think I want to try to auto-detect that. We can clean 
it up "by hand".

Testing... testing...

Best,
Frank

Rod Pemberton wrote:
> "Frank Kotler" <spamtrap@inspiretomorrow.net> wrote in message
> news:hl1n9l$d5e$1@speranza.aioe.org...
>> Do you think "Injection-Info:"
>> gives too much away, and should be scrubbed?
> 
> Yes.

Okay, it's gone... Subject to someone convincing me that it should be back.

> In addition to the three I mentioned before, I found two others that also
> have IP's.  I'm not sure if they're normal headers or not.  I'd scrub, if
> allowed:
> 
> "X-Trace"
> "X-Trace-PostClient-IP"
> "NNTP-Posting-Host"
> "X-Originating-IP"
> "Injection-Info: somedns.name.com, posting-host=xxx.xxx.xxx.xxx"
> "Received: from"
> "Received: by"
> 
>>     findneedle my_buf, [header_size], LF, "Message-ID:"
>>     copy_header_line
> 
> Required, keep.

True, this is "required", but if "I" don't have one, the nntp server 
will add one. If it's there, it should be passed on, of course.

I don't recall which nntp server it was, aioe or verizon, that when I 
issued "POST", responded with a suggested Message-ID. Giganews does not.

>>     findneedle my_buf, [header_size], LF, "Date:"
>>     copy_header_line
> 
> Keep.

Some controversy on this one. I'm inclined to keep it. IIRC, the 
Moderator's Handbook says it can screw up some servers if it's "stale" 
(or "ahead", I suppose). I *think* if I remove it, the "final injection 
date" will be "the" date - and that may not reflect the posting order, 
if some are "auto-approved" and some are "hand approved", especially.

>>     findneedle my_buf, [header_size], LF, "Path:"
>>     copy_header_line
> 
> Definately, keep.  Isn't this one required?

Again, it seems the server adds it if it's not there. I think a minimum 
of "not-for-mail" is supposed to be there. Giganews seems to know it's 
"not-for-mail" - might be more important to multi-purpose servers(?). It 
may be that I "should" or "must" add myself to the path (gotta re-read 
that). I'm not currently doing that, and won't if I can "get away with 
it" (which earlier experiments indicate that I can)...

>>     findneedle my_buf, [header_size], LF, "Comments:"
>>     copy_header_line
>>      findneedle my_buf, [header_size], LF, "Keywords:"
>>     copy_header_line
> 
> Keep.
 >
>>     findneedle my_buf, [header_size], LF, "Reply-to:"
>>     copy_header_line
> 
> Definately, keep.
> 
>>     findneedle my_buf, [header_size], LF, "Sender:"
>>     copy_header_line
> 
> Keep.
> 
>> ; is anyone going to listen if we say no?
>>      findneedle my_buf, [header_size], LF, "Archive:"
>>      copy_header_line
> 
> Keep.
> 
>> ; do we wanna pass this on?
>>      findneedle my_buf, [header_size], LF, "Control:"
>>      copy_header_line

Ya think? I understand that "Control:" (and "Supersedes:") could be used 
for "mischief". "Not my problem", I suppose... I dunno.

>>      findneedle my_buf, [header_size], LF, "Distribution:"
>>      copy_header_line
> 
> Keep.

The moderator's handbook suggests that this can do more harm than good. 
Apparently, servers differ in what they'll accept (and honor) for 
"values", so you can get no distribution where you want it, and 
distribution where you don't. I doubt if "netwide", like Nasm claims, is 
acceptable. I suppose it's "not my business" to disturb somebody's 
intended "Distribution:", even if it isn't going to work.

>>      findneedle my_buf, [header_size], LF, "Expires:"
>>      copy_header_line
> 
> Probably, keep.

Yeah. I wondered, at one point, whether it was this that was keeping the 
big FAQ messages off aioe ("don't tell *me* when it expires") but that 
wasn't it. They might not honor it. Not my problem.

>>       findneedle my_buf, [header_size], LF, "Followup-To:"
>>      copy_header_line
> 
> Definately, keep.

Agreed. Might be worth checking content, on this one. I understand it is 
*not* to be an email address, but "poster" or the name(s) of 
newsgroup(s). Our "munging" will screw up "poster". It has occurred to 
me that this might allow posting of "controversy-prone" messages, with 
"Followup-To: alt.lang.asm"... but I guess that wouldn't be nice. :)

>>      findneedle my_buf, [header_size], LF, "Injection-Date:"
>>      copy_header_line
>>      findneedle my_buf, [header_size], LF, "NNTP-Posting-Date:"
>>      copy_header_line
> 
> Probably, keep.
> 
>>      findneedle my_buf, [header_size], LF, "Injection-Info:"
>>      copy_header_line
> 
> Remove, if allowed.

Catch me if you can! :)

>>      findneedle my_buf, [header_size], LF, "Organization:"
>>      copy_header_line
> 
> Probably, keep.

I've noticed that, if none, some people take the opportunity to 
"advertise". Also, I noticed the "PyModerator", which we were previously 
using, "advertised":

X-psw: PyModerator 0.31

X-moderaton-agent: claxmod - the world's first all-asm robomoderator!

Naw... (although it might be useful to know "what version did *this*?" 
for debugging purposes)

>>      findneedle my_buf, [header_size], LF, "References:"
>>      copy_header_line
> 
> Definately, keep.  Isn't this one required?

If it's to "thread" properly, I guess - although some browsers seem to 
do it by subject.

>>      findneedle my_buf, [header_size], LF, "Summary:"
>>      copy_header_line
> 
> Probably, keep.
> 
>>      findneedle my_buf, [header_size], LF, "Supersedes:"
>>      copy_header_line
> 
> Keep.

Mmmm... see notes on "Control:"...

>>      findneedle my_buf, [header_size], LF, "User-Agent:"
>>      copy_header_line
> 
> Interesting, not needed.

I've been known to use this to try to guess "what OS?" a question was 
about... I'm inclined to keep it, although it might divulge 
"unneccessary information"...

>>      findneedle my_buf, [header_size], LF, "Xref:"
>>      copy_header_line
> 
> Probably, keep.

Okay, we're largely in agreement here, I think. See how this goes... I 
guess I'll cc this to the clax86-submit address - that generates 
different headers, that we might want to scrub. Apologies in advance if 
claxmod posts it twice...

Thanks for the feedback!

Best,
Frank

Nathan Baker wrote:

>> Don't put me onto the whitelist, I can be very nasty, sometimes ...

> Ha... I'm sure most of us have a bit of a "thick skin" in this "dark 
> alley"
> of Usenet.  I can't imagine you offending anyone, at any rate.

many thanks Nate, but you should insert a filter:
if a post from wolfgang contains "HLA" then discard it :)

__
wolfgang

Frank Kotler replied:

>> I posted just a few minutes ago :
>> ;and the OE quotes (this time), weird isn't it ?
>>> Nathan wrote:
>>> <q> ;damned OE didn't quote again
> OE? Isn't that the one governments are ordering their employees not to 
> use, because of the vulnerabilities? :)

probably, but I use this free 30 days of the XP-installation since years,
because windoze will heavy crash before this time limit anyway.
Annie once showed the correct interpretation of the abbreviation OE:
Outhouse_Excess

....
>>> I'm familiar with a one day delay from moderated groups anyway :)
> I understand that *some* moderated groups can be several days before an 
> approval. Asm is faster! :)

Yeah, of course.

>>> But I see the whole net became awful slow since a week.
>>> Satelites may be in use for something else yet.
>>> Perhaps some kind of war ahead ?

> As if I didn't have enough to be paranoid about! When I was a kid, I was 
> taught that if I heard the siren, get to the shelter (basement of the 
> school) immediately. If I saw the bright flash, get under the desk, put my 
> hands over my head - elbows over my ears, put my head between my knees... 
> and kiss my asm goodbye. I guess if the net gets slow, we have time to dig 
> a hole, if it stops suddenly, "Duck and Cover!"...

LMFAO on: 'kiss your asm goodby'

>> Don't put me onto the whitelist, I can be very nasty, sometimes ...

> Well, we all can. I try not to post between when I wake up and when I've 
> had my coffee. Folks, if Wolfgang gets nasty, don't retaliate in kind. 
> Don't escalate. Don't continue with arguments that are going nowhere. Stay 
> on topic (oops, I'm not doing that!). Generally remember "where you are", 
> and we can have a newsgroup to enjoy, without anyone being blacklisted 
> (except the obvious spammers).

:):)
I think you know me since a while, but RH/HLA are red blankets for me.

> If you seriously don't want to be on the whitelist, get in touch by 
> private mail. After some discussion, the moderation team has decided that 
> who is and is not on the whitelist/blacklist/rainbowlist is not a proper 
> topic for discussion "in the group". We'll argue the point, but not here. 
> Maybe I should have kept the very existence of the rainbowlist a secret. 
> :)

Rainbow ?
in my country this term is used for gay-parades and 'newspapers' which
report useless facts (who f..ks whom) about the stupid high society.

I got my news-dummy anyway, so there is no further need to protect me.

> Also, if you want your address to appear "unmunged), get in touch by 
> private mail. We're leaning towards a form like 
> "fbkotler@MUNGED.myfairpoint.net", rather than "spamtrap". As long as it's 
> got me talkin' to myself anyway, might as well quote myself:

> "... Depends on what we think the purpose of the munging is. The fantasy 
> is, the moderators want you to use a true address so we can mail you a 
> rejection notice (or so). So... what would you do if we *hadn't* asked you 
> to use a valid address. Some people might want to disguise themselves 
> entirely, some just don't want their address "harvested", but don't mind 
> if humans contact them. I suppose the former category are already 
> disguising themselves...

Right. Chuck knew my real address, and I think you also have it,
but I use the nowhere@never just to fool spam-robots.

> The thought just crossed my mind that we could go with "nospicedham" in 
> memory of Beth. :)"

I miss her long replies and much more her inspireing ideas.
Seems nobody know what may have happened to her, I hope she finally got
married and is now busy with growing a horde of future Asmers ...

> My last attempt at "auto-munging" turned out to be "overkill", so we're 
> temporarily back to doing it "by hand", but I'm about to tackle it again 
> soon. I'm open to persuasion, if anyone has strong opinions. You're apt to 
> see "any old thing" in the interim. I'll try not to lose who it's from 
> entirely... Might "out" somebody - first post that gets you on the 
> whitelist - until I get it "fixed". Pre-munged addresses may get "double 
> munged"... I don't think I want to try to auto-detect that. We can clean 
> it up "by hand".

> Testing... testing...

well done so far, keep up doing ...

__
wolfgang