http://spamarrest.com/pressoffice/news/index.jsp



Famed hacker endorses Spam Arrest
Toronto Star - August 4, 2003
So what does [Kevin] Mitnick, former
hacker supremo, use to guard against
spam? "I use Spam Arrest," he told
The Guardian. "Any legitimate person
who wants to send me a message has to
jump through hoops before they can be
added to my opt-in list." Read
more...



(thanks to J. for mailing this to me)


AC


-- 
Pass-List -----> Block-List ----> Challenge-Response
The key to taking control of your mailbox.  Design Parameters:
http://tinyurl.com/2t5kp ||   http://tinyurl.com/3c3ag
Challenge-Response links -- http://tinyurl.com/yrfjb

Alan Connor wrote:

> 
> 
> 
> 
> 
> http://spamarrest.com/pressoffice/news/index.jsp
> 
> 
> 
> Famed hacker endorses Spam Arrest
> Toronto Star - August 4, 2003
> So what does [Kevin] Mitnick, former
> hacker supremo, use to guard against
> spam? "I use Spam Arrest," he told
> The Guardian. "Any legitimate person
> who wants to send me a message has to
> jump through hoops before they can be
> added to my opt-in list." Read
> more...
> 

Well, he does not use Elrav, that infamous Joe-Job tool from netkook Alan
Connor
-- 
I say you need to visit Clues 'R' Us. They are having a special on 
slightly used clues.

Alan Connor <zzzzzz@xxx.yyy> wrote:
> http://spamarrest.com/pressoffice/news/index.jsp

Mitnick is not the only famous person using challenge-response.  Dan
Bernstein does also.  About a month ago I received a challenge for some
piece of spam using my address sent to him.  Unlike elrav1, which (as
others have noted before) under the same circumstances would present me
with the dilemma of choosing between

   a) responding, and thereby letting spam into Alan's system, and
   b) not responding, and thereby locking myself out from ever
      writing to Alan,

Dan's qsecretary discourages a response except for legitimate mail:

   If you reply to this notice, you are (1) acknowledging that Professor
   Bernstein does not want to receive bulk mail; (2) confirming that your
   message is not part of a bulk mailing; and (3) agreeing to pay Professor
   Bernstein $250 if your message is part of a bulk mailing.

Suggestions I have seen for resolving the elrav1 dilemma amount to
either choosing a) as a kind of sabotage, or choosing b) because
being unable to write to Alan would be no great loss.  As the designer
of elrav1, Alan, what would you suggest?  

--
John Wingate                        Mathematics is the art which teaches
johnww@worldpath.net                one how not to make calculations.
                                                         --Oscar Chisini

On Sat, 19 Jun 2004 16:57:00 -0000, John Wingate <johnww@worldpath.net> wrote:
> 
> 
> Alan Connor <zzzzzz@xxx.yyy> wrote:
>> http://spamarrest.com/pressoffice/news/index.jsp
> 
> Mitnick is not the only famous person using challenge-response.  Dan
> Bernstein does also.  About a month ago I received a challenge for some
> piece of spam using my address sent to him.  Unlike elrav1, which (as
> others have noted before) under the same circumstances would present me
> with the dilemma of choosing between
> 
>    a) responding, and thereby letting spam into Alan's system, and

To my knowledge, this has never happenned with my program. The 
challenge-response stage is preceded by a passlist AND a very effective
spam filter, the latter which sends 99.9%+ of the spam straight to /dev/null.

No C-Rs are sent in response to those mails.

The program also learns, and automatically blocklists addresses that fail
to return a C-R twice, for a configurable length of time, so the number
of C-Rs sent decreases with time.

Nor would I see any spam if you returned this improbable mis-directed
C-R you have hypothesized. Read on.


Here's what anyone can see if they go to my website, which you either
have not done, or are pretending that you have not done. A copy of
one of my C-Rs:


---------------------------------------------
    this is a computer-generated response
---------------------------------------------

    Greetings....

    Your address is unknown to this program.
    Please take a moment to verify that it
    is  being used by a real human being
    that wants to communicate with me, and
    not some spammer's computer.

    Just hit Reply, paste

      < password >

    anywhere on the Subject line, and send it off.

    [ this is a one-time thing ]

    Thanks for your patience,

    Alan Connor.

P.S. If you did NOT mail me, then your address
is being forged by a spammer or some other
criminal. Notify your network administrator or
abuse at your ISP immediately. I have the
original mail and will be happy to send it
to you.

My apologies. If you will send this back with a
string of big XXXXXXXX's in the body, I will
blocklist your address to make sure it doesn't
happen again. I have no way to tell whether
someone is using their real address other than
this...
----------------------------------------------
NOTE: If you sent anything but plain text with-
out attachments, the mail was deleted and you'll
have to re-send it. Sorry. Any mail over 20k
is deleted on the server, so keep it down.

If this is not returned within 72 hours, the
mail that triggered it will be deleted, unseen,
by elrav1, the program that sent it to you.
----------------------------------------------
      elrav1 -- http://tinyurl.com/3c3ag
----------------------------------------------

As you can see, I take as much responsibility as I can for
any possible mis-directions caused by spammers.

The XXXXXXX is the body would alert my program and the spam
would not be retrieved from quarantine.


>    b) not responding, and thereby locking myself out from ever
>       writing to Alan,
> 

No.  The XXXXXXXX in the body would tell me that a mis-direction
had occurred and I would then contact you directly, ask you if
you wanted a copy of the spam for reporting purposes.

Then, if you thought you might want to contact me in the future,
I have a way of making that easy for people that I want to be
able to contact me.

> Dan's qsecretary discourages a response except for legitimate mail:
> 

I prefer to see that mis-directed C-Rs are not sent by using a
traditional spam filter preceding the C-R stage of the program, and
to give people a choice in the un-likely event that someone ever 
receives a mis-directed C-R from me.


>    If you reply to this notice, you are (1) acknowledging that Professor
>    Bernstein does not want to receive bulk mail; (2) confirming that your
>    message is not part of a bulk mailing; and (3) agreeing to pay Professor
>    Bernstein $250 if your message is part of a bulk mailing.
> 


> Suggestions I have seen for resolving the elrav1 dilemma amount to
> either choosing a) as a kind of sabotage, or choosing b) because
> being unable to write to Alan would be no great loss.  As the designer
> of elrav1, Alan, what would you suggest?  
> 

There is no elrav1 dilemma. You obviously don't know the program at
all.

Or are *pretending* that you don't.



> --
> John Wingate                        Mathematics is the art which teaches
> johnww@worldpath.net                one how not to make calculations.
>                                                          --Oscar Chisini

See that address above? This person is either a malicious liar or
an incompetent boob that runs around mis-representing himself as someone
who is an expert in subjects he knows nothing about.

Feel free to join me in blocklisting him from your mailbox.

(The odds of that being his real name and normal mailbox are zip. Anyone
can get dozens of free, throwaway mailboxes on the web, and put together a
sig like that. However, and munge the headers in their newsposts. if you 
mail him/her/it at that address, any response will have his/her/it's REAL 
IP address in the headers.)

Take it to the whois website and see what's what.

Anyone who would like to check out elrav1, which is so effective at
fighting spam that it drives spammers to do things like engage in
disinformational propaganda campaigns on the Usenet, see the URLS in
my sig.


AC


-- 
Pass-List -----> Block-List ----> Challenge-Response
The key to taking control of your mailbox.  Design Parameters:
http://tinyurl.com/2t5kp ||   http://tinyurl.com/3c3ag
Challenge-Response links -- http://tinyurl.com/yrfjb

Alan Connor wrote:
>
> P.S. If you did NOT mail me, then your address
> is being forged by a spammer or some other
> criminal. Notify your network administrator or
> abuse at your ISP immediately.

Who is expected to do WHAT, exactly?

Thanks in advance for generating more help desk calls and wasting my time.

In article <i7UAc.10084$Wr.7693@newsread1.news.pas.earthlink.net>,
Alan Connor  <xxxx@yyy.zzz> wrote:

<nothing of consequence>

Yawn.  Another logical fallacy.  Argumentum ad verecundiam.  "Use this
because some famous person does."


-A

On Sat, 19 Jun 2004 09:58:38 GMT, Alan Connor hath writ:
>
> http://spamarrest.com/pressoffice/news/index.jsp
>
> Famed hacker endorses Spam Arrest
> Toronto Star - August 4, 2003
> So what does [Kevin] Mitnick, former
> hacker supremo....

'Twasn't a "famous hacker".  
He was an infamous, convicted _cracker_.

Jonesy

Allodoxaphobia did pass the time by typing:
> On Sat, 19 Jun 2004 09:58:38 GMT, Alan Connor hath writ:
>>
>> http://spamarrest.com/pressoffice/news/index.jsp
>>
>> Famed hacker endorses Spam Arrest
>> Toronto Star - August 4, 2003
>> So what does [Kevin] Mitnick, former
>> hacker supremo....
>
> 'Twasn't a "famous hacker".
> He was an infamous, convicted _cracker_.

And a poor _cracker_ at that.  I was wondering when
someone would point out the misuse of the term hacker.

-- 
rbg

On Sat, 19 Jun 2004 09:58:38 GMT, Alan Connor <zzzzzz@xxx.yyy> wrote:
> 
> 
> 
> 
> 
> 
> 
> http://spamarrest.com/pressoffice/news/index.jsp
> 
> 
> 
> Famed hacker endorses Spam Arrest
> Toronto Star - August 4, 2003
> So what does [Kevin] Mitnick, former
> hacker supremo, use to guard against
> spam? "I use Spam Arrest," he told
> The Guardian. "Any legitimate person
> who wants to send me a message has to
> jump through hoops before they can be
> added to my opt-in list." Read
> more...
> 
> 


Kevin Mitnick is also one of the world's foremost
computer security experts, which is one of the
reasons he uses challenge-responses:

People that send viruses and worms and such around
the internet, deliberately or unwittingly, do
not use their real email address or would not know
what mail the challenge-response was referring to if
the did receive one as the result of their address
being forged or used by a malicious program they did
not even know they were running.

They certainly would not have a copy to re-send to
the person whose challenge-response they recieved.

Therefore, his program just dumps the virus/worms
and they are never opened or even saved in memory.

This is very good protection against email-born
malicious programs.

AC


-- 
Pass-List -----> Block-List ----> Challenge-Response
The key to taking control of your mailbox.  Design Parameters:
http://tinyurl.com/2t5kp ||   http://tinyurl.com/3c3ag
Challenge-Response links -- http://tinyurl.com/yrfjb

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-grandpa.email-scan.com-22932-1087707391-0001
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

The fake Alan Connor writes:

> Kevin Mitnick is also one of the world's foremost
> computer security experts,

And, there is absolutely no doubt in my mind that he'll be the first in line 
to call you an asshat.


--=_mimegpg-grandpa.email-scan.com-22932-1087707391-0001
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQBA1Rj/x9p3GYHlUOIRAnfbAJ4inPKN50e0Dj+TcUOdSk60pmWoLQCdE9EX
MLHIZG8rN7L8rLIlgvTfwkc=
=Y66E
-----END PGP SIGNATURE-----

--=_mimegpg-grandpa.email-scan.com-22932-1087707391-0001--

VS> I'm not a lawyer, but I doubt that kooky contract 
VS> would survive in court.

Actually, because of the way that it works, it has a greater than zero 
chance of standing up in court - a far larger one than the similar (but
not identical) "contracts" that some people put in their Usenet 
signatures, for example.

VS> My response to papers from his lawyers after I followed my
VS> practice of responding to all C/R challenges [...]

<URL:http://catless.ncl.ac.uk./Risks/23.38.html#subj15>

VS> The second task I'd give my lawyers would be to sue Dan for [...]
VS> a general history of violations of IETF standards and other
VS> vexatious nonsense in qmail [...]

Actually, "qmail" is as good at following standards as most other mainstream 
MTAs.  If you want to look for mainstream MTAs that violate standards and 
that contain vexations nonsense, there are _far_ better candidates than 
"qmail" around.  Using the badly designed features of Postfix and "exim" 
that cause them to violate RFC 2821 is (alas!) growing ever more popular, 
for example.

VS> Dan's challenge would be an advertisement of his system and 
VS> my response would be the only way to opt-out of additional
VS> advertisements.

Actually, responding to a "qsecretary" challenge does not qualify as
opting out of receiving anything.  You need to find out how "qsecretary"
works.  In particular, you need to stop thinking that it works like
TMDA and start _actually reading_ the text of the challenge that was
posted, which clearly shows the somewhat different way that it does work.

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/djb-qsecretary.html>

Meanwhile, as our hero sinks slowly in the West, on 19 Jun 2004, Sam
<sam@email-scan.com> wrote in
news:cone.1087707391.779704.22932.501@grandpa.email-scan.com: 

> The fake Alan Connor writes:
> 
>> Kevin Mitnick is also one of the world's foremost
>> computer security experts,
> 
> And, there is absolutely no doubt in my mind that he'll be the first
> in line to call you an asshat.

He'll have to wait his turn.

-- 
Solid Web hosting, responsive support, effective spam-blocking.
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
Brad Jesness, net K00k: http://www.wilhelp.com/bj_faq/

In article <40D563D5.360257E7@Tesco.NET>,
Jonathan de Boyne Pollard  <J.deBoynePollard@Tesco.NET> wrote:


>VS> My response to papers from his lawyers after I followed my
>VS> practice of responding to all C/R challenges [...]
>
><URL:http://catless.ncl.ac.uk./Risks/23.38.html#subj15>

Your summary there might fit other people's position, but it is
not close to mine.

As I've repeatedly said here, I have discovered from real challenges
that it is impractical for me to know whether a challenge is for one
of my mail messages.  In theory, most challenges could be determined
to be bogus or not.  In practice, many challenges require a lot of
checking of logs and some challenges simply cannot be (in)validated.
To ensure that my messages get through, I now answer all challenges.
That maximizes my benefits while minimizing my costs.  Side effects
such as increased spam delivered to people who send bogus challenges
for mail I did not send do not matter to me, at least not immediately.


>VS> The second task I'd give my lawyers would be to sue Dan for [...]
>VS> a general history of violations of IETF standards and other
>VS> vexatious nonsense in qmail [...]
>
>Actually, "qmail" is as good at following standards as most other mainstream 
>MTAs. 

That nonsense has always been in the qmail liturgy chanted by members
of that church, but it is false in the real world.

>       If you want to look for mainstream MTAs that violate standards and 
>that contain vexations nonsense, there are _far_ better candidates than 
>"qmail" around.  Using the badly designed features of Postfix and "exim" 
>that cause them to violate RFC 2821 is (alas!) growing ever more popular, 
>for example.

I can't say that Postfix and exim are less bad for their users than
qmail, but they certainly do not cause me, a long time user of sendmail,
as much grief as qmail does.  Based on many years of observations of
many efforts and statements from qmail's source, I tend to assume any
statements from that direction about any what it sees as competition
are grossly misleading.


>VS> Dan's challenge would be an advertisement of his system and 
>VS> my response would be the only way to opt-out of additional
>VS> advertisements.
>
>Actually, responding to a "qsecretary" challenge does not qualify as
>opting out of receiving anything.  You need to find out how "qsecretary"
>works.  In particular, you need to stop thinking that it works like
>TMDA and start _actually reading_ the text of the challenge that was
>posted, which clearly shows the somewhat different way that it does work.
>
><URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/djb-qsecretary.html>

That may be true, but it requires that I spend my time and effort to
discover any differences between qsecretary and other C/R system merely
to benefit qsecretary users.  Responding to most C/R challenges is an
"opt-out," so it is reasonable for me to assume the same of all C/R
challenges without paying more attention to whatever they are selling
than is required to discover how to respond.

Besides, if what you suggest above and in that web page is true,
that qsecretary is used only for mailing lists and that every
submission requires a confirmation dance, qsecretary seems unlikely
to become as popular as other sender authenticating mechanisms
including RMX.  (sarcasm intended)


Vernon Schryver    vjs@rhyolite.com

On Sun, 20 Jun 2004, Jonathan de Boyne Pollard wrote:
> Actually, "qmail" is as good at following standards as most other mainstream
> MTAs.

Although this is not DJB's fault (since it's a third-party patch to qmail 
and not part of DJB distributed qmail), the failure of the SMTP-SASL 
support in qmail to follow standards has been an ongoing waste of my time.

I understand that that third-party patch was remedied, but most qmail 
systems with that patch still run the old non-compliant version.

Although I understand perfectly well that it's not DJB's fault, the fact 
is that what Vernon calls the "qmail liturgy chanted by members of that 
church" tends to imply that there is no such thing as a standards problem 
in any flavor of qmail ever concocted.  This has made it *very* difficult 
to convince ISPs with the broken SMTP-SASL support that they need to take 
action.

The result is that, as far as this particular issue goes, it's like 
dealing with Microsoft.  Difficult to find an intelligent person who will 
research your report instead of blowing you off, difficult to get a patch 
developed, and extremely difficult to get people to update.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

On 20 Jun 2004 15:00:38 GMT, Morely 'I drank what?' Dotes <morelydotes@spamblocked.com> wrote:


Kevin Mitnick is one of the world's foremost
computer security experts, which is one of the
reasons he uses a mail filter that uses challenge-responses

The folks that send worms and viruses around
the internet via email, deliberately or unwittingly, do
not use their real email address or would not know
what mail the challenge-response was referring to if
the did receive one as the result of their address
being forged or used by a malicious program they did
not even know they were running.

And they certainly would not have a copy to re-send to
the person whose challenge-response they recieved.
Therefore, his program just dumps the virus/worms
and they are never opened or even saved in memory.

This is *very* good protection against malicious programs
sent by email.

<snip>


AC

On Sun, 20 Jun 2004 20:36:25 +0000, Alan Connor wrote:

> And they certainly would not have a copy to re-send to
> the person whose challenge-response they recieved.
> Therefore, his program just dumps the virus/worms
> and they are never opened or even saved in memory.

Hmmm....  And how is this different/better than amavis+f-secure ->
spamassasin -> ask ?  

Amavis does a great job of unwrapping email attachments and handing them
over to a virus scanner.

Spamassasin - well, we all know what it does.

And anything that gets through gets checked by ask, which is a C-R system.

On top of that, run a system that's immune/not targeted by virus writers.

Works for me.  

It's also in line with the *nix philosophy of simple, specialized tools
that each to a single task, and do it well, as opposed to the kitchen sink
approach of a single tool that tries to do everything.  Remember the
Bass-a-matic?

Not sure what the intent of your original post was, unless
it was some justification for the flames you received in your latest foray
into the real world.

My S/N ratio for email is about 100:1 not including system log
notifications.  For each message generated by a real person who wants to
communicate with me, I get about 100 spam messages, and about 30 virus
emails / day.

--Kamus

-- 
           o   |
 o__      >[]  | A roadie who doesn't ride a mountain bike has no soul.
 ,>/'_    /\   | But then a mountain biker who doesn't ride a road bike has no legs...
(_)\(_)   \ \  |                             -Doug Taylor, alt.mountain-bike

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-grandpa.email-scan.com-3969-1087769474-0001
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Beavis writes:

> On 20 Jun 2004 15:00:38 GMT, Morely 'I drank what?' Dotes <morelydotes@spamblocked.com> wrote:
> 
> 
> Kevin Mitnick is one of the world's foremost
> computer security experts, which is one of the
> reasons he uses a mail filter that uses challenge-responses

And, despite all of that, he still thinks Beavis is an asshat.


--=_mimegpg-grandpa.email-scan.com-3969-1087769474-0001
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQBA1guCx9p3GYHlUOIRAtYzAJ0UtE3Gs61ndJkxIUi9egAurtyETwCfflbj
8/PWGp+sCwfYNqHzJWpaGuY=
=Lw/R
-----END PGP SIGNATURE-----

--=_mimegpg-grandpa.email-scan.com-3969-1087769474-0001--

Meanwhile, as our hero sinks slowly in the West, on 20 Jun 2004, Sam 
<sam@email-scan.com> wrote in news:cone.1087769474.316863.3969.501
@grandpa.email-scan.com:

>> Kevin Mitnick is one of the world's foremost
>> computer security experts,

Right. And I'm one of the world's foremost computer engineers, for exactly 
the same reason: I know how to break computers.

Sigh.

-- 
Solid Web hosting, responsive support, effective spam-blocking.
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
Brad Jesness, net K00k: http://www.wilhelp.com/bj_faq/

Le 19 Jun 2004, Alan Connor <zzzzzz@xxx.yyy> a �crit :

> Famed hacker endorses Spam Arrest
> Toronto Star - August 4, 2003
> So what does [Kevin] Mitnick, former
> hacker supremo, use to guard against
> spam? "I use Spam Arrest," he told
> The Guardian. "Any legitimate person
> who wants to send me a message has to
> jump through hoops before they can be
> added to my opt-in list." Read
> more...

Kevin Mitnick? That's no hacker.

Just a friggin' cracker.

I hope bubba had fun with him...

-- 
Here in Canada, we believe in the public good, as in "good for all the
public."  We don't believe in private affluence and public squalor. We
like to balance those two things.
                                -- Heather Mallick, The Globe and Mail

My little NANAE hangout - http://www.spamreaper.org/etaoin

On Sat, 19 Jun 2004, Alan Connor wrote:
> Famed hacker endorses Spam Arrest
> Toronto Star - August 4, 2003
>
> So what does [Kevin] Mitnick, former hacker supremo, use to guard against
> spam? "I use Spam Arrest," he told The Guardian. "Any legitimate person who
> wants to send me a message has to jump through hoops before they can be added
> to my opt-in list." Read more...

Well, that is the last nail in the coffin in proving that AC is a complete
idiot.  He cites as his source a BUSTED hacker.  If KDM were so "smart," then
he never would have been caught in the first place.....

KDM is the only person to ever be expelled from one of the amateur radio clubs
I belong to....

On Sun, 20 Jun 2004, Jonathan de Boyne Pollard wrote:
>...
> Actually, "qmail" is as good at following standards as most other mainstream
> MTAs.  If you want to look for mainstream MTAs that violate standards and ...

Then explain to me why this construct by "qmail" is NOT an RFC 2821 violation:

Mail comes into a qmail server via SMTP acting as a relay and is passed on to
the next host via SMTP.  Qmail has "input" into THREE "Received:" headers as
follows:

Received:  from qmail.server by some.other.system with SMTP ; some_valid_date
Received:  (qmail id 12345 ...) ; some_valid_date
Received:  from some.remote.system by qmail.server with SMTP ; some_valid_date

What is the purpose of the middle header?  Trace headers such as "Received:"
are supposed to record the host-to-host using what protocol type information
that indicates the path travelled, yet this middle header is recording INTERNAL
information ONLY.  Who cares about the INTERNAL workings of a mail server?
That's what the server's LOG FILES are for, not message fields.  Regardless,
why isn't this information known so it can be a comment inserted into the first
header [of the three] added?

Furthermore, if a message comes into a host via SMTP, leaves that host via
SMTP, and nothing more than relaying is done (i.e. no local delivery,
forwarding, list expansion, or other such operations), then when did it leave
what RFC 2821 calls "the SMTP environment" in order for the middle "Received:"
header to not be bound by the stricter syntax of 2821 (requiring "from" and
"by" clauses) as opposed to the looser syntax of RFC 2822?  It is NOT of RFC
2821 syntax.

Thirdly, since comments are supposed to augment information in its respective
header, not stand on their own, what is the purpose and validity of a
comment-stripped header that is effectively:

     "Received: ; some_valid_date"

What is the timestamp by itself indicating that we cannot conclude from the
"Received:" headers preceeding and following.  Although syntactically valid,
what is the SEMANTIC purpose of such a header entry?  What information is it
conveying to us?


Unless your point is to say that practically all (or almost all) mail server
programs violate the RFC standards, which your second sentence makes me think
you did not mean, then please clarify.....

On Mon, 21 Jun 2004, D. Stussy wrote:
> Then explain to me why this construct by "qmail" is NOT an RFC 2821 violation:
>[snip]

You have brought this up come up multiple times, and this has been 
explained to you multiple times.  You are acting like the kook who posts 
as "Alan Connor".

The qmail behavior in question is not a violation of RFC 2821.  That 
Received: header line was not generated by an RFC 2821 agent, and 
consequent falls under the rules of RFC 2822 not RFC 2821.

It does not matter if there is a "purpose" for that header line.  RFCs do 
not require "purpose".  The fact that you do not perceive a purpose does 
not mean that nobody else perceives one.

It is certainly within a mailer's right to have an internal structure in 
which mail exits a logical SMTP environment for internal processing and 
then reenters it.  RFCs dictate protocol.  RFCs do not dictate the 
internal workings of software.

Your bogus attacks on qmail injure the credibility of legitimate 
criticism.  What's worse, when you do so, you not only lower yourself to 
the level of the kook who posts as "Alan Connor", but you pull down the 
legitimate critics with you.

Please stop.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

On Mon, 21 Jun 2004, Mark Crispin wrote:
> On Mon, 21 Jun 2004, D. Stussy wrote:
> > Then explain to me why this construct by "qmail" is NOT an RFC 2821
> > violation:
> > [snip]
>
> You have brought this up come up multiple times, and this has been explained
> to you multiple times.  You are acting like the kook who posts as "Alan
> Connor".
>
> The qmail behavior in question is not a violation of RFC 2821.  That Received:
> header line was not generated by an RFC 2821 agent, and consequent falls under
> the rules of RFC 2822 not RFC 2821.

"... consequent falls ...?"  What is "consequent"(apparently a noun?)???

I disagree - It is my position that RFC 2821 DOES govern as the message
remained in "the SMTP environment" while in transit as it was transferred in
and out by SMTP and not locally delivered or otherwise manipulated.  That
mandates the stricter syntax.

Your prior responses asked "what SMTP environment?"  Granted, RFC 2821 itself
doesn't directly define what that is, but only implies it.  However, it is
clear that this environment includes the transfer in, transfer out, and any
relaying action inbetween that is not a "delivery" of the message.

> It does not matter if there is a "purpose" for that header line.  RFCs do not
> require "purpose".  The fact that you do not perceive a purpose does not mean
> that nobody else perceives one.

If there is no purpose, then why do it?  The RFC text directly contradicts you
on this - as "Received:" is defined in a section called "trace headers."
Obviously, there is a purpose as described....

> It is certainly within a mailer's right to have an internal structure in which
> mail exits a logical SMTP environment for internal processing and then
> reenters it.  RFCs dictate protocol.  RFCs do not dictate the internal
> workings of software.

However, if that were true, then there are other headers that are supposed to
be added (e.g. "Return-Path:") when the message leaves the SMTP environment.
Such other headers, like those indicating a resubmission when it re-enters, are
not present.  If that is in fact what qmail is doing, then it is doing it
wrongly.

> Your bogus attacks on qmail injure the credibility of legitimate criticism.
> What's worse, when you do so, you not only lower yourself to the level of the
> kook who posts as "Alan Connor", but you pull down the legitimate critics with
> you.
>
> Please stop.

Qmail is the only SMTP software that I have seen that makes that particular
departure.  RFC-noncompliance aren't "bogus attacks."

JdeBP> Actually, "qmail" is as good at following standards as
JdeBP> most other mainstream MTAs.  If you want to look for
JdeBP> mainstream MTAs that violate standards and that contain
JdeBP> vexatious nonsense, there are _far_ better candidates than
JdeBP> "qmail" around.  Using the badly designed features of
JdeBP> Postfix and "exim" that cause them to violate RFC 2821 is
JdeBP> (alas!) growing ever more popular, for example.

DS> Then explain to me why this construct by "qmail" is NOT an
DS> RFC 2821 violation:

Why ?  That was explained to you, several times, in depth, and by many people,
in this very discussion forum in October 2002.  Didn't you listen ?

DS> [...] when did it leave what RFC 2821 calls "the SMTP environment" [...]

The answer to the question that I just asked seems to be that, indeed, you
didn't listen.

<URL:http://groups.google.com/groups?selm=Pine.LNX.4.50.0210072019500.2973-100000%40shiva0.cac.washington.edu>

DS> Trace headers such as "Received:" are supposed to record the host-to-host
DS> using what protocol type information that indicates the path travelled,

False.  Read RFC 821.

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/qmail-myths-dispelled.html#MythAboutQQReceivedHeaders>

MC> Although I understand perfectly well that it's not DJB's fault,
MC> the fact is that what Vernon calls the "qmail liturgy chanted 
MC> by members of that church" tends to imply that there is no such
MC> thing as a standards problem in any flavor of qmail ever
MC> concocted.  

Entirely false.  If you do read any of the "qmail" discussion fora you'll find
that the general consensus of the "qmail" users who provide free support to
other users (I'm going to ignore, here, the deliberately provocative
mischaracterisation of it as a "liturgy" of a "church".) is in fact *entirely
in opposition* to such an implication.  The general consensus is that
third-party patches to "qmail" are a problem, that in some cases do cause
difficulties, and should be applied sparingly, with the minimum necessary
amount applied.  The general consensus is that, of all of the third-party
modifications to "qmail", only that handful that are pre-packaged in
"netqmail" (<URL:http://qmail.org./netqmail/>) are those that have any sort of
universal applicability.  (Look at how short the list at
<URL:http://qmail.org./top.html#patches> is.)  The general consensus is that
the unnecessary use of things that aren't vanilla "qmail"/"netqmail" is a
support problem, and to discourage such use.

The "It's non-standard." cry was one that was raised a lot about "qmail" in
its early days, mainly by those who supported the existing long-entrenched
softwares that it was aimed at supplanting.  Of course, most of these claims
about standards have long since been shown to be myths, based upon false
notions of what the standards actually say and how things actually work. 
However, because of the lengthy discussions that the claims engendered where
people showed that the standards did not prohibit what "qmail" did, and the
fact that these claims were repeated often and thus had to be refuted often,
the tactic against "qmail" thus mutated into a subtler one, becoming cry of
"They deny that anything at all about 'qmail' is non-standard.".  That, and
these notions of a "church" and a "liturgy" are simply subtler forms of the
same thing as before.

As I said, "qmail" is as good at following standards as most other mainstream
MTAs, and there are _far_ better candidates than "qmail" around for mainstream
MTAs that violate standards and contain "vexatious nonsense". 

MC> The result is that, as far as this particular issue goes, it's
MC> like dealing with Microsoft.  Difficult to find an intelligent
MC> person who will research your report instead of blowing you off,
MC> difficult to get a patch developed, [...]

Pah!  It's much the same with _all_ softwares.  (Indeed, one of the very
tenets of the Open Source business model is that programmers scratch their own
itches and those of their paying customers.  Are you _really_ surprised that
you find it difficult to get other people to develop patches for you for
free?  And are you really surprised that the fact that the problem is with a
third-party patch and not with the vanilla software itself only exacerbates
the difficulty of finding someone who will deal with it?)  The SMTP-SASL patch
to "qmail" is not different in this regard from any other software.

MC> The fact that you do not perceive a purpose [for such headers]
MC> does not mean that nobody else perceives one.

DS> If there is no purpose, then why do it?  

Your question is a leading question that takes a falsehood as its premise, 
and is thus unanswerable.  Try reading what Mark wrote again, this time 
noting that he nowhere said that there wasn't a purpose.  (There is, of 
course.  And it is one that is readily apparent to any mail administrator 
reading such headers.  You are being deliberately obtuse.)

MC> Your bogus attacks on qmail injure the credibility of legitimate
MC> criticism.  What's worse, when you do so, you not only lower
MC> yourself to the level of the kook who posts as "Alan Connor", 
MC> but you pull down the legitimate critics with you.
MC>
MC> Please stop.

DS> Qmail is the only SMTP software that I have seen that makes 
DS> that particular departure.  

"qmail" isn't making any departure.

DS> [Assertions of] RFC-noncompliance aren't "bogus attacks."

That statement isn't relevant to this thread.

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/qmail-myths-dispelled.html#MythAboutQQReceivedHeaders>

On Sun, 27 Jun 2004, Jonathan de Boyne Pollard wrote:
> MC> Although I understand perfectly well that it's not DJB's fault,
> MC> the fact is that what Vernon calls the "qmail liturgy chanted
> MC> by members of that church" tends to imply that there is no such
> MC> thing as a standards problem in any flavor of qmail ever
> MC> concocted.
> Entirely false.  If you do read any of the "qmail" discussion fora you'll find
> that the general consensus of the "qmail" users who provide free support to
> other users (I'm going to ignore, here, the deliberately provocative
> mischaracterisation of it as a "liturgy" of a "church".) is in fact *entirely
> in opposition* to such an implication.

That may be, but what is being discussed are perceptions.  The "general 
concensus" that you mention does not reach out into the trenches.

For better or worse, that implication is out there.  Worse, it seems that 
sites which use that third-party patch do not understand that it is an 
unsupported patch, not subject to the same level of quality control.

> these claims were repeated often and thus had to be refuted often,
> the tactic against "qmail" thus mutated into a subtler one

This sort of statement is what Vernon refers to as the "qmail liturgy 
chanted by members of that church."  You have to admit that it's a bit 
"tin-foil hat"-ish.

-- Mark --

http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.

On 2004-06-19, Alan Connor <zzzzzz@xxx.yyy> wrote:
> Here's what anyone can see if they go to my website, which you either have
> not done, or are pretending that you have not done. A copy of one of my
> C-Rs:

This is the big problem with C-R systems: each has its own message.
*If* they were all to agree on a standard format for the challenge and the
response, and include the message-ID in the challenge, so that senders could
easily automate handling the responses, *then* they would potentially be a
lot more useful.

-- 
--Tim Smith

Tim Smith  <reply_in_group@mouse-potato.com> wrote:
> This is the big problem with C-R systems: each has its own message.

No system is without it flaws. But (this not to you, but in general
in many cases) there is an inherent hostility bias towards filtering
involving C/R ideas which hinders detached analysis discussion and
communal solution finding.

> *If* they were all to agree on a standard format for the challenge and the
> response, and include the message-ID in the challenge, so that senders could
> easily automate handling the responses, *then* they would potentially be a
> lot more useful.

Yes, of course agreed. The more standardized a message or a
newsposting is, the easier it is to avoid, when one so wishes.
Therefore, keeping the "frame", if you will, as constant as
possible, is indeed highly a desirable in c/r, FAQs and similar
messages and postings. In spam, as you naturally will have noted,
the spammers invent all kinds of artificial variations to pre-empt
filtering rules. In C-R this is not the case nor the goal, contrary
to some frequent name-calling. E.g. mine use a constant subject
header. If it were constant over a number of users, all the better.

   All the best, Timo

-- 
Prof. Timo Salmi ftp & http://garbo.uwasa.fi/ archives 193.166.120.5
Department of Accounting and Business Finance  ; University of Vaasa
mailto:ts@uwasa.fi <http://www.uwasa.fi/~ts/>  ; FIN-65101,  Finland
Spam foiling in effect    http://www.uwasa.fi/~ts/info/spamfoil.html

In article <RkrIc.924$Qu5.435@newsread2.news.pas.earthlink.net>, Tim Smith
<reply_in_group@mouse-potato.com> wrote:

> On 2004-06-19, Alan Connor <zzzzzz@xxx.yyy> wrote:
> > Here's what anyone can see if they go to my website, which you either have
> > not done, or are pretending that you have not done. A copy of one of my
> > C-Rs:
> 
> This is the big problem with C-R systems: each has its own message.

That's one problem, but not the biggest one. The biggest problem is
the C/R systems inevitably end up sending challenges to uninvolved
third parties.

> *If* they were all to agree on a standard format for the challenge and
> the response, and include the message-ID in the challenge, so that senders
> could easily automate handling the responses, *then* they would potentially
> be a lot more useful.

If legitimate senders could easily automate handling the challenges,
then so could spammers, and the whole idea would be even more useless
than it is now.

--

John Doherty <jdoherty@nowhere.null.not> wrote:
> If legitimate senders could easily automate handling the challenges,
> then so could spammers, 

Recycles one of the defeatist pet arguments. "Give up since the
opposition will counteract".

It is fallacious, though. Discarding a message based say on it
subject and responding to the challenge to the correct address and
with the required passphrase are two quite different things. The
essence is making the avoidance of challenges easy, but actually
reponding to them requires manual intervention.

> and the whole idea would be even more useless than it is now.

A preconvinced attitude, incidentally, is also one of the recycled
norms.

   All the best, Timo

-- 
Prof. Timo Salmi ftp & http://garbo.uwasa.fi/ archives 193.166.120.5
Department of Accounting and Business Finance  ; University of Vaasa
mailto:ts@uwasa.fi <http://www.uwasa.fi/~ts/>  ; FIN-65101,  Finland
Spam foiling in effect    http://www.uwasa.fi/~ts/info/spamfoil.html

*** John Wingate (abcjohnww@worldpath.net.edo) wrote in comp.mail.misc on...:

:) Alan Connor <zzzzzz@xxx.yyy> wrote:
:) > http://spamarrest.com/pressoffice/news/index.jsp
:) 
:) Mitnick is not the only famous person using challenge-response.  Dan 
:) Bernstein does also. 

Please tell all these people to stop using this system. The only thing it 
does is to generate more e-mail traffic in a congested traffic already. 
Bad idea. Please configure your spam filter to not to do this. I will 
never respond to any such challenge messages, please do so too.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Eduardo Chappa <chappa@math.washington.edu> wrote in 
news:Pine.LNX.4.60.9.0407121437230.11484@zeno1.math.washington.edu:

> I will 
> never respond to any such challenge messages, please do so too.
> 

Actually, Eduardo, the best way to handle C/R challenges is to *always* 
respond to them - unless they come in response to mail that you actually 
wrote. In that case, remove the individual who is using C/R from your address 
book, and if you run your own server, block their email address.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

On Mon, 12 Jul 2004 14:40:22 -0700, Eduardo Chappa <chappa@math.washington.edu> wrote:
> 
> 
> *** John Wingate (abcjohnww@worldpath.net.edo) wrote in comp.mail.misc on...:
> 
>:) Alan Connor <zzzzzz@xxx.yyy> wrote:
>:) > http://spamarrest.com/pressoffice/news/index.jsp
>:) 
>:) Mitnick is not the only famous person using challenge-response.  Dan 
>:) Bernstein does also. 
> 
> Please tell all these people to stop using this system. The only thing it 
> does is to generate more e-mail traffic in a congested traffic already. 
> Bad idea. Please configure your spam filter to not to do this. I will 
> never respond to any such challenge messages, please do so too.


This is excellent! Another selling point for challenge-responses:
It keeps ignorant and obnoxious people out of one's mailboxes.
Who could ask for more? No spam and no jerks.

(the above is not a joke)

AC


-- 
Pass-List -----> Block-List ----> Challenge-Response
The key to taking control of your mailbox.  Design Parameters:
http://tinyurl.com/2t5kp ||   http://tinyurl.com/3c3ag
Challenge-Response links -- http://tinyurl.com/yrfjb

*** The Open Sourceror's Apprentice (abcMorelyDotes@spamblocked.com.edo)...:

:) Eduardo Chappa <chappa@math.washington.edu> wrote in 
:) news:Pine.LNX.4.60.9.0407121437230.11484@zeno1.math.washington.edu:
:) 
:) > I will never respond to any such challenge messages, please do so 
:) > too.
:) > 
:) 
:) Actually, Eduardo, the best way to handle C/R challenges is to *always* 
:) respond to them - unless they come in response to mail that you 
:) actually wrote. In that case, remove the individual who is using C/R 
:) from your address book, and if you run your own server, block their 
:) email address.

I have received a couple of C/R messages trying to answer questions posted 
in mailing lists, etc, not very nice. Imagine an internet wher a 
substantial amount of users use C/R, a huge nightmare.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

*** Alan Connor (abczzzzzz@xxx.yyy.edo) wrote in comp.mail.misc on Jul 13, 
2004:

:) On Mon, 12 Jul 2004 14:40:22 -0700, Eduardo Chappa 
:) <chappa@math.washington.edu> wrote:
:) > 
:) > 
:) > *** John Wingate (abcjohnww@worldpath.net.edo) wrote in 
:) > comp.mail.misc on...:
:) > 
:) >:) Alan Connor <zzzzzz@xxx.yyy> wrote:
:) >:) > http://spamarrest.com/pressoffice/news/index.jsp
:) >:) 
:) >:) Mitnick is not the only famous person using challenge-response.  
:) >:) Dan Bernstein does also.
:) > 
:) > Please tell all these people to stop using this system. The only 
:) > thing it does is to generate more e-mail traffic in a congested 
:) > traffic already. Bad idea. Please configure your spam filter to not 
:) > to do this. I will never respond to any such challenge messages, 
:) > please do so too.
:) 
:) 
:) This is excellent! Another selling point for challenge-responses: It 
:) keeps ignorant and obnoxious people out of one's mailboxes. Who could 
:) ask for more? No spam and no jerks.
:) 
:) (the above is not a joke)

That's not a convincing argument to support your point. Look for a more 
intelligent one. I was not joking above, nor now.

-- 
Eduardo
http://www.math.washington.edu/~chappa/personal.html

In article 
<Pine.LNX.4.60.9.0407121904140.21000@zeno1.math.washington.edu>,
 Eduardo Chappa <chappa@math.washington.edu> wrote:

> I have received a couple of C/R messages trying to answer questions posted 
> in mailing lists, etc, not very nice. Imagine an internet wher a 
> substantial amount of users use C/R, a huge nightmare.


Yes, a huge nightmare.

However, at the present time, how do you know whether the challenge you 
received was because you sent mail to someone, or because a spammer 
forged your address?  If you send responses to usenet posts, send to 
people who forward mail, or send to mailing lists, you generall 
-cannot- know.

Therefore, it behooves you to answer all challenges you receive.  Only 
by doing that can you have a chance of seeing your legitimate email go 
through.


Richard

-- 
To reply via email, make sure you don't enter the whirlpool on river left.

My mailbox. My property. My personal space. My rules. Deal with it.
                        http://www.river.com/users/share/cluetrain/

On 2004-07-12, John Doherty <jdoherty@nowhere.null.not> wrote:
>> This is the big problem with C-R systems: each has its own message.
>
> That's one problem, but not the biggest one. The biggest problem is the
> C/R systems inevitably end up sending challenges to uninvolved third
> parties.

If someone is forging your address on spam, you'll get a ton of bounce
messages anyway.  There is no such thing as an uninvolved third party
anymore with the current email system.

....
> If legitimate senders could easily automate handling the challenges, then
> so could spammers, and the whole idea would be even more useless than it
> is now.

If the spammer forges my address, how they are going to automate handling
the challenges, since those will come to me, not the spammer?  If C/R
systems could force spammers to stop forging addresses, that would be a big
improvement over the current state of things: recipients using the C/R
systems would not see forged spam, and the people whose addresses are being
forged would see challenges instead of bounces, which they could easily
ignore.

-- 
--Tim Smith

In article <Pine.LNX.4.60.9.0407121437230.11484@zeno1.math.washington.edu>,
Eduardo Chappa  <chappa@math.washington.edu> wrote:
>
>Please tell all these people to stop using this system. The only thing it 
>does is to generate more e-mail traffic in a congested traffic already. 
>Bad idea. Please configure your spam filter to not to do this. I will 
>never respond to any such challenge messages, please do so too.

Vernon Schryver posted a persuasive argument for responding to ALL
challenges as a matter of policy.

It works like this.  Most of the challenges I get are from mail I
didn't send, but rather from spammers forging my address.  If I
respond to each challenge, then *I* will never again longer receive
a challenge for spam to that person.  As an added bonus, the C/R
operator receives the spam!

By responding to ALL challenges, you ensure that: (a) your mail gets
through, (b) future spam forging your address doesn't result in another
challenge, and (c) the person who has the C/R system has to deal with
the spam.

If enough people do this, then C/R systems will become ineffective
to the point where miscreants like Allan Connor, who don't care what
he does to other people's mailboxes, will stop using them.

-A

"axlq" <axlq@spamcop.net> wrote in message
news:ccvoqq$6kg$1@blue.rahul.net...

> >Please tell all these people to stop using this system. The only thing it
> >does is to generate more e-mail traffic in a congested traffic already.
> >Bad idea. Please configure your spam filter to not to do this. I will
> >never respond to any such challenge messages, please do so too.

> Vernon Schryver posted a persuasive argument for responding to ALL
> challenges as a matter of policy.
>
> It works like this.  Most of the challenges I get are from mail I
> didn't send, but rather from spammers forging my address.  If I
> respond to each challenge, then *I* will never again longer receive
> a challenge for spam to that person.  As an added bonus, the C/R
> operator receives the spam!
>
> By responding to ALL challenges, you ensure that: (a) your mail gets
> through, (b) future spam forging your address doesn't result in another
> challenge, and (c) the person who has the C/R system has to deal with
> the spam.
>
> If enough people do this, then C/R systems will become ineffective
> to the point where miscreants like Allan Connor, who don't care what
> he does to other people's mailboxes, will stop using them.

I like it, except that by clicking yes when you are reasonably sure it's
spam, you are therefore allowing a spammer to get his message across
(helping a spammer, bad) and also being an accessory to someone else's inbox
and networks being abused (helping create more abuse, bad).

I realize that it can be argued that the means justifies the ends and that
the person using C/R doesn't deserve courtesy because they don't have any
courtesy for the rest of the net when it comes to erroneous/spam-generated
C/R messages, but we do try and rise above in our fight rather than sink
down to the level of the abusers and the clueless, don't we?

</Devil's Advocate>

*** Richard Johnson (abcrnews@whirlpool.river.com.edo) wrote in...:

:) In article 
:) <Pine.LNX.4.60.9.0407121904140.21000@zeno1.math.washington.edu>,
:)  Eduardo Chappa <chappa@math.washington.edu> wrote:
:) 
:) > I have received a couple of C/R messages trying to answer questions 
:) > posted in mailing lists, etc, not very nice. Imagine an internet wher 
:) > a substantial amount of users use C/R, a huge nightmare.
:) 
:) 
:) Yes, a huge nightmare.
:) 
:) However, at the present time, how do you know whether the challenge you 
:) received was because you sent mail to someone, or because a spammer 
:) forged your address?  If you send responses to usenet posts, send to 
:) people who forward mail, or send to mailing lists, you generall 
:) -cannot- know.

Which is exactly a good reason why you should not answer the challenge. 
Confirming good addresses to a spammer is similar to shooting yourself on 
the foot.

:) Therefore, it behooves you to answer all challenges you receive.  Only 
:) by doing that can you have a chance of seeing your legitimate email go 
:) through.

I will sound presumptious, but in my opinion, I do not loose by the 
receiver not receiving my message. I lost a couple of minutes, my 
recipient lost my message. It's up to you to decide who lost more.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

*** axlq (abcaxlq@spamcop.net.edo) wrote in comp.mail.misc on Jul 13, 2004:

:) In article 
:) <Pine.LNX.4.60.9.0407121437230.11484@zeno1.math.washington.edu>, 
:) Eduardo Chappa <chappa@math.washington.edu> wrote:
:) >
:) >Please tell all these people to stop using this system. The only thing 
:) >it does is to generate more e-mail traffic in a congested traffic 
:) >already. Bad idea. Please configure your spam filter to not to do 
:) >this. I will never respond to any such challenge messages, please do 
:) >so too.
:) 
:) Vernon Schryver posted a persuasive argument for responding to ALL 
:) challenges as a matter of policy.
:) 
:) It works like this.  Most of the challenges I get are from mail I 
:) didn't send, but rather from spammers forging my address.  If I respond 
:) to each challenge, then *I* will never again longer receive a challenge 
:) for spam to that person.  As an added bonus, the C/R operator receives 
:) the spam!

That's a very persuasive argument, except by the fact that I do not think 
that a particular e-mail address sends spam twice to the same account, 
even when it's forged. Of course this principle is wrong, but in general 
the error should be marginal with respect to the real amount of spam that 
is not generated in the way described here. If this is a big problem in 
the sense that you are consistently receiving a C/R from the same person, 
then it pays to respond to such challenge, unless you are being sent a 
challenge message from an account that belongs to a spammer which only 
collects addresses of people that responds to such challenges which only 
serves the purpose to confirm your e-mail address, in which case you are 
only going to get more spam.

:) By responding to ALL challenges, you ensure that: (a) your mail gets 
:) through, (b) future spam forging your address doesn't result in another 
:) challenge, and (c) the person who has the C/R system has to deal with 
:) the spam.

True and false as I've shown above.

:) If enough people do this, then C/R systems will become ineffective to 
:) the point where miscreants like Allan Connor, who don't care what he 
:) does to other people's mailboxes, will stop using them.

If enough people do this, those same people may get more and more spam.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

On 13 Jul 2004 Brian K. O'Neill (dont@spam.me.INVALID) wrote:
>> By responding to ALL challenges, you ensure that: (a) your mail gets
>> through, (b) future spam forging your address doesn't result in another
>> challenge, and (c) the person who has the C/R system has to deal with
>> the spam.
>>
>> If enough people do this, then C/R systems will become ineffective
>
> I like it, except that by clicking yes when you are reasonably sure it's
> spam, you are therefore allowing a spammer to get his message across
> (helping a spammer, bad) and also being an accessory to someone else's inbox
> and networks being abused (helping create more abuse, bad).
>
> I realize that it can be argued that the means justifies the ends and that
> the person using C/R doesn't deserve courtesy because they don't have any
> courtesy for the rest of the net when it comes to erroneous/spam-generated
> C/R messages, but we do try and rise above in our fight rather than sink
> down to the level of the abusers and the clueless, don't we?


The person using the C/R most likely *does* deserve courtesy 
because they probably have no clue about the problems of C/R. 
It's the company providing the C/R system who deserves no 
courtesy. And if they make a statement like this:

  "Challenge/Response blocks 100% of Spam"

which appears here:

  <http://spamarrest.com/>

Then I think it is a worthwhile endeavor to take Vernon's advice 
and respond to the spam-instigated challenge, not because:

  "(c) the person who has the C/R system has to deal with the 
spam."

but because

  (d) the company providing the C/R system will get complaints 
from their customers about the ineffectiveness of their C/R 
system.

Nancy
Infinite Ink
www.ii.com

On 2004-07-13, axlq <axlq@spamcop.net> wrote:
> By responding to ALL challenges, you ensure that: (a) your mail gets
> through, (b) future spam forging your address doesn't result in another
> challenge, and (c) the person who has the C/R system has to deal with
> the spam.

(d) your email address gets passed among spammers as one that is good to forge,
because it gets through C/R systems, and (e) people learn that blocking on your
email address reduces their spam.

-- 
--Tim Smith

On 13 Jul 2004 Tim Smith (reply_in_group@mouse-potato.com) wrote:
>
>> By responding to ALL challenges, you ensure that: (a) your mail gets
>> through, (b) future spam forging your address doesn't result in another
>> challenge, and (c) the person who has the C/R system has to deal with
>> the spam.
>
> (d) your email address gets passed among spammers as one that is good to forge,
> because it gets through C/R systems, and (e) people learn that blocking on your
> email address reduces their spam.


And if it is one of your spam-trap email addresses, that's OK. My 
new plan is to follow Vernon's advice only for challenges that 
come to my spam-trap addresses. Challenges that come to my real 
addresses, I ignore.

Nancy
Infinite Ink
www.ii.com

Tim Smith wrote:

> On 2004-07-13, axlq <axlq@spamcop.net> wrote:
>> By responding to ALL challenges, you ensure that: (a) your mail gets
>> through, (b) future spam forging your address doesn't result in another
>> challenge, and (c) the person who has the C/R system has to deal with
>> the spam.
> 

Right. Best possible solution to this C/R spamming

> (d) your email address gets passed among spammers as one that is good to
> forge, because it gets through C/R systems, 

No. They have no indication at all. The response would not get back to the
spammer, but to the C/R using system

> and (e) people learn that 
> blocking on your email address reduces their spam.
> 

Well, anyone using C/R can happily block my email address, since I am not
interested to exchange mail with such retards
-- 
Lord, grant me the serenity to accept the things I can not change,
the courage to change the things I can, and the wisdom to hide the
bodies of those I had to kill because they pissed me off.

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-29634-1089717235-0003
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

Alan Connor writes:

> This is excellent! Another selling point for challenge-responses:
> It keeps ignorant and obnoxious people out of one's mailboxes.

=E2=80=A6 by being more ignorant, and more obnoxious.



--=_mimegpg-commodore.email-scan.com-29634-1089717235-0003
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBA88Pzx9p3GYHlUOIRAo8tAJ9k+vEifbU4cJb8H4kNjWZVPfaQGACfeMX9
am5wWQr8Do7P51PN6XVaMFg=
=3GR3
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-29634-1089717235-0003--

Jonathan de Boyne Pollard <J.deBoynePollard@Tesco.NET> writes:
>Actually, responding to a "qsecretary" challenge does not qualify as
>opting out of receiving anything.  You need to find out how "qsecretary"
>works.  In particular, you need to stop thinking that it works like
>TMDA and start _actually reading_ the text of the challenge that was
>posted, which clearly shows the somewhat different way that it does work.

The way it *does* work, especially in Bernstein's case, is to act as a
spamming vector. I wrote about this a while back, I get qsecretary notices
all the time from Dan, with the complete spam attached at the bottom,
addressed to me. qsecretary is effectively an open relay.

I used to just shitcan every C/R notice I received (and castigated any
friends using it), now I just reply to them all, secure in the knowledge
that I have annoyed the abusive C/R user with spam. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

Eduardo Chappa <chappa@math.washington.edu> writes:
>Which is exactly a good reason why you should not answer the challenge. 
>Confirming good addresses to a spammer is similar to shooting yourself on 
>the foot.

The one place a bounce or C/R reply will NOT go to is the spammer. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

Eduardo Chappa <chappa@math.washington.edu> writes:
>That's a very persuasive argument, except by the fact that I do not think 
>that a particular e-mail address sends spam twice to the same account, 
>even when it's forged.

What she was saying is that the less-broken C/R systems will only send the
challenge once to a given address. So, if you reply, you will never again
get a C/R notice when a spammer exploits the poor sucker who put one on
their email account.

Of course, on *really* broken ones like qsecretary, you get the damned
notices ever single time anyway, which is why spammers have started using
Dan's email address to relay their crap. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

xxxx@yyy.zzz writes:
>Kevin Mitnick is also one of the world's foremost
>computer security experts, which is one of the
>reasons he uses challenge-responses:

Kevin Mitnick has, or rather had, a mental problem, and couldn't stop
himself from what he was doing. His current expertise is an interesting way
of turning his psychological pathology into a career, but it doesn't make
him a foremost at anything. He's just a guy with some really interesting
stories. Ever read "Takedown"? Mitnick isn't the one that comes off as the
bad guy. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

In article <Pine.LNX.4.60.9.0407130828180.7367@zebes.dreamhost.com>,
 Nancy McGough <nm-reverse-spam-filter@ii.deflexion.com> wrote:

> And if it is one of your spam-trap email addresses, that's OK. My 
> new plan is to follow Vernon's advice only for challenges that 
> come to my spam-trap addresses. Challenges that come to my real 
> addresses, I ignore.


Unless you respond to every challenge, mail you send that ends up 
forwarded to addresses you don't immediately recognize won't be 
delivered.

Also, contrary to the previous poster's supposition, spammers won't 
know your address is a good one to forge.  This is because the sender 
of the challenge and not the spammer will receive your responses.

You should respond to all challenges if you respond to any at all.


Richard

-- 
To reply via email, make sure you don't enter the whirlpool on river left.

My mailbox. My property. My personal space. My rules. Deal with it.
                        http://www.river.com/users/share/cluetrain/

In article 
<Pine.LNX.4.60.9.0407122207150.23919@zeno1.math.washington.edu>,
 Eduardo Chappa <chappa@math.washington.edu> wrote:

> *** Richard Johnson (abcrnews@whirlpool.river.com.edo) wrote in...:
> :) However, at the present time, how do you know whether the challenge you 
> :) received was because you sent mail to someone, or because a spammer 
> :) forged your address?  If you send responses to usenet posts, send to 
> :) people who forward mail, or send to mailing lists, you generall 
> :) -cannot- know.
> 
> Which is exactly a good reason why you should not answer the challenge. 
> Confirming good addresses to a spammer is similar to shooting yourself on 
> the foot.


How is answering a challenge confirming a good address to a spammer?  
The spammer does not receive the response.


> :) Therefore, it behooves you to answer all challenges you receive.  Only 
> :) by doing that can you have a chance of seeing your legitimate email go 
> :) through.
> 
> I will sound presumptious, but in my opinion, I do not loose by the 
> receiver not receiving my message. I lost a couple of minutes, my 
> recipient lost my message. It's up to you to decide who lost more.


I'm more interested in providing back-pressure against those who bother 
me with challenges based on forged mail.  I lose time and bandwidth 
regardless because of such spam challenges, so I might as well push 
back.


Richard

-- 
To reply via email, make sure you don't enter the whirlpool on river left.

My mailbox. My property. My personal space. My rules. Deal with it.
                        http://www.river.com/users/share/cluetrain/

In article <2lie4oFdaghlU2@uni-berlin.de>, rnews@whirlpool.river.com 
says...

> Also, contrary to the previous poster's supposition, spammers won't 
> know your address is a good one to forge.  This is because the sender 
> of the challenge and not the spammer will receive your responses.
 
Unless the mail is an HTML one containing web-bugs that the spammer can 
use to identify the from address.

-- 
Contact Address matchstick a t oofg d o t com
"The wages of sin are death... but the hours are good and the perks are 
fantastic."

On 2004-07-13, Richard Johnson <rnews@whirlpool.river.com> wrote:
> Also, contrary to the previous poster's supposition, spammers won't know
> your address is a good one to forge.  This is because the sender of the
> challenge and not the spammer will receive your responses.

Two problems with this.

(1) Spammers can send challenges and see which ones get responses, thereby
finding the "always answer" people.

(2) I expect at some point to see someone start a list of known "always
answer" addresses and make it available.  It's purpose will be to let C/R
users block on those addresses, but spammers will be able to get it, too.

-- 
--Tim Smith

On 13 Jul 2004 Richard Johnson (rnews@whirlpool.river.com) wrote:
>
> I said:
>> Challenges that come to my real addresses, I ignore.
>
> Unless you respond to every challenge, mail you send that ends up
> forwarded to addresses you don't immediately recognize won't be
> delivered.

But I don't care! I basically quit doing email about a year ago 
and anyone who's paying attention knows that it's much more 
likely for me to respond in a discussion group than to personal 
email. Email is dead and if you don't believe me, look at this:

  <http://del.icio.us/Deflexion.com/Messaging/EmailIsDead>


> Also, contrary to the previous poster's supposition, spammers won't
> know your address is a good one to forge.  This is because the sender
> of the challenge and not the spammer will receive your responses.

But it might be that the person using the C/R system will get 
malicious or -- more likely -- the people running the C/R system 
will get mailicious.


> You should respond to all challenges if you respond to any at all.

That depends on one's goal.

Nancy
Infinite Ink
www.ii.com

In article <4%TIc.1211$mL5.5@newsread1.news.pas.earthlink.net>,
Tim Smith  <reply_in_group@mouse-potato.com> wrote:

>> Also, contrary to the previous poster's supposition, spammers won't know
>> your address is a good one to forge.  This is because the sender of the
>> challenge and not the spammer will receive your responses.
>
>Two problems with this.
>
>(1) Spammers can send challenges and see which ones get responses, thereby
>finding the "always answer" people.
>
>(2) I expect at some point to see someone start a list of known "always
>answer" addresses and make it available.  It's purpose will be to let C/R
>users block on those addresses, but spammers will be able to get it, too.

Neither of those will be real problems until and unless C/R systems
are so widely used that spammers would care.  When and if that happens,
the scaling problem implicit in C/R systems will have us all receiving
almost as many C/R challenges as we now receive forged spam, and that
have forced everyone except the most extreme kooks accept the fact
that C/R systems are based on sending lots of substantially identical
messages to people who didn't ask for them, i.e. spam.


Vernon Schryver    vjs@rhyolite.com

*** Richard Johnson (abcrnews@whirlpool.river.com.edo) wrote in...:

> In article 
> <Pine.LNX.4.60.9.0407122207150.23919@zeno1.math.washington.edu>, Eduardo 
> Chappa <chappa@math.washington.edu> wrote:
>
>> *** Richard Johnson (abcrnews@whirlpool.river.com.edo) wrote in...:
>> :) However, at the present time, how do you know whether the challenge 
>> :) you received was because you sent mail to someone, or because a 
>> :) spammer forged your address?  If you send responses to usenet posts, 
>> :) send to people who forward mail, or send to mailing lists, you 
>> :) generall -cannot- know.
>>
>> Which is exactly a good reason why you should not answer the challenge. 
>> Confirming good addresses to a spammer is similar to shooting yourself 
>> on the foot.
>
>
> How is answering a challenge confirming a good address to a spammer? The 
> spammer does not receive the response.

Unless the spammer set the C/R system, just to confirm good e-mail 
addresses.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Eduardo Chappa wrote:

> *** Richard Johnson (abcrnews@whirlpool.river.com.edo) wrote in...:
> 
>> In article
>> <Pine.LNX.4.60.9.0407122207150.23919@zeno1.math.washington.edu>, Eduardo
>> Chappa <chappa@math.washington.edu> wrote:
>>
>>> *** Richard Johnson (abcrnews@whirlpool.river.com.edo) wrote in...:
>>> :) However, at the present time, how do you know whether the challenge
>>> :) you received was because you sent mail to someone, or because a
>>> :) spammer forged your address?  If you send responses to usenet posts,
>>> :) send to people who forward mail, or send to mailing lists, you
>>> :) generall -cannot- know.
>>>
>>> Which is exactly a good reason why you should not answer the challenge.
>>> Confirming good addresses to a spammer is similar to shooting yourself
>>> on the foot.
>>
>>
>> How is answering a challenge confirming a good address to a spammer? The
>> spammer does not receive the response.
> 
> Unless the spammer set the C/R system, just to confirm good e-mail
> addresses.
> 

And using a valid email address to do so? Yeah, right
-- 
I refuse to have a battle of wits with an unarmed person.

Eduardo Chappa <chappa@math.washington.edu> wrote in 
news:Pine.LNX.4.60.9.0407122216120.23919@zeno1.math.washington.edu:

> That's a very persuasive argument, except by the fact that I do not think 
> that a particular e-mail address sends spam twice to the same account, 
> even when it's forged.

Would you like 3,127 individual pieces of proof that you are mistaken?

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Tim Smith <reply_in_group@mouse-potato.com> wrote in news:4%TIc.1211$mL5.5
@newsread1.news.pas.earthlink.net:

> (1) Spammers can send challenges and see which ones get responses, thereby
> finding the "always answer" people.

They will find that to be a very painful exercise - for them.

> (2) I expect at some point to see someone start a list of known "always
> answer" addresses and make it available.  It's purpose will be to let C/R
> users block on those addresses, but spammers will be able to get it, too.

See previous response.


-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Matchstick <matchstick@deadspam.com> wrote in news:MPG.1b5e1b6a4ceaad6989683
@news-60.giganews.com:

> In article <2lie4oFdaghlU2@uni-berlin.de>, rnews@whirlpool.river.com 
> says...
> 
>> Also, contrary to the previous poster's supposition, spammers won't 
>> know your address is a good one to forge.  This is because the sender 
>> of the challenge and not the spammer will receive your responses.
>  
> Unless the mail is an HTML one containing web-bugs that the spammer can 
> use to identify the from address.

What sort of idiot reads email with a mail client that renders HTML by 
default?


-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Tim Smith <reply_in_group@mouse-potato.com> wrote in
news:_3LIc.964$mL5.942@newsread1.news.pas.earthlink.net: 

> (d) your email address gets passed among spammers as one that is good to
> forge, because it gets through C/R systems, and (e) people learn that
> blocking on your email address reduces their spam.

People who use CR systems have already demonstrated that they are incapable 
of learning; ergo, they won't figure out which address to block.

And in the event that they do, by some lucky circumstance - how does that 
harm the non-C/R-using non-spammer? It's the C/R user who's deprived of 
legitimate email from me; since my outgoing email is usually in response ot a 
request for help, *I* am not going to be suffering if Joe C/R User fails to 
get my reply.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Nancy McGough <nm-reverse-spam-filter@ii.deflexion.com> wrote in 
news:Pine.LNX.4.60.9.0407130653440.7367@zebes.dreamhost.com:

>   <http://spamarrest.com/>

You *are* aware that you have just cited a spammer, are you not?

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

	Correct me if I am wrong: Is it not the case that what Mr. Mitnick
excelled at was manipulating people into giving him information, rather
than at technical prowess?

*** The Open Sourceror's Apprentice (abcMorelyDotes@spamblocked.com.edo)...:

> Eduardo Chappa <chappa@math.washington.edu> wrote in 
> news:Pine.LNX.4.60.9.0407122216120.23919@zeno1.math.washington.edu:
>
>> That's a very persuasive argument, except by the fact that I do not 
>> think that a particular e-mail address sends spam twice to the same 
>> account, even when it's forged.
>
> Would you like 3,127 individual pieces of proof that you are mistaken?

Sure, put the in the web. Let me know where I can see them.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Eduardo Chappa <chappa@math.washington.edu> wrote in 
news:Pine.LNX.4.60.9.0407131403441.14919@zeno1.math.washington.edu:

>> Would you like 3,127 individual pieces of proof that you are mistaken?
> 
> Sure, put the in the web. Let me know where I can see them.

news:news.admin.net-abuse.sightings

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

"Augustus S.F.X Van Dusen" <asfxvd@story.net> writes:
>	Correct me if I am wrong: Is it not the case that what Mr. Mitnick
>excelled at was manipulating people into giving him information, rather
>than at technical prowess?

He was and still is pretty good with the telephone system, but otherwise
that's mostly right. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-857-1089758538-0006
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

Eduardo Chappa writes:

> *** The Open Sourceror's Apprentice (abcMorelyDotes@spamblocked.com.edo)..=
..:
> 
>> Eduardo Chappa <chappa@math.washington.edu> wrote in 
>> news:Pine.LNX.4.60.9.0407122216120.23919@zeno1.math.washington.edu:
>>
>>> That's a very persuasive argument, except by the fact that I do not 
>>> think that a particular e-mail address sends spam twice to the same 
>>> account, even when it's forged.
>>
>> Would you like 3,127 individual pieces of proof that you are mistaken?
> 
> Sure, put the in the web. Let me know where I can see them.

Jun 13 14:17:24 headache courieresmtpd: error,relay=3D::ffff:216.39.87.40,fr=
om=3D<adv@4epurchase.com>,to=3D<sam@email-scan.com>: 511 Blocked - see http:=
//www.spambag.org/cgi-bin/spambag?mailfrom=3Dsheckmedia

[ =E2=80=A6 ]

Jun 29 05:54:07 headache courieresmtpd: error,relay=3D::ffff:64.70.43.83,fro=
m=3D<ADV@REAL-COUPONS.COM>,to=3D<sam@email-scan.com>: 511 Blocked - see http=
://www.spambag.org/cgi-bin/spambag?mailfrom=3Dsheckmedia

This is the Sheckmedia spamhaus repeatedly trying to spam the same mailbox.

What you don't see are hundreds of other attempts, in the same time frame.

Despite being told, via SMTP in no uncertain terms, to fuck off, they've 
been spamming (or trying to spam) the same mailbox for several months.  I 
believe that the only reason they stopped was that they did not renew their 
hosting contract with their provider, since the spew stopped precisely at 
the end of the calendar month.

Your belief that no spammer spams the same mailbox twice is very, very 
naive.


--=_mimegpg-commodore.email-scan.com-857-1089758538-0006
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBA9GVKx9p3GYHlUOIRAmY+AJ46LNs3gtSuw7xHZqteA37ImNCK1ACfTCrr
6oEO2/pJQstbckDXlNJOutA=
=xdfL
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-857-1089758538-0006--

["Followup-To:" header set to comp.os.linux.misc.]
On 2004-07-13, Nancy McGough <nm-reverse-spam-filter@ii.deflexion.com> wrote:

> But it might be that the person using the C/R system will get 
> malicious or -- more likely -- the people running the C/R system 
> will get mailicious.

Unfortunately, we've already seen plenty of that... :-(

-- 

-John (john@os2.dhs.org)

["Followup-To:" header set to comp.os.linux.misc.]
On 2004-07-13, The Open Sourceror's Apprentice <MorelyDotes@spamblocked.com> wrote:

> What sort of idiot reads email with a mail client that renders HTML by 
> default?

"First rate, Mr Danger.  First rate."

(apologies to Firesign theater)

-- 

-John (john@os2.dhs.org)

axlq said in news:ccvoqq$6kg$1@blue.rahul.net:
> Vernon Schryver posted a persuasive argument for responding to ALL
> challenges as a matter of policy.
>=20
> It works like this.  Most of the challenges I get are from mail I
> didn't send, but rather from spammers forging my address.  If I
> respond to each challenge, then *I* will never again longer receive
> a challenge for spam to that person.  As an added bonus, the C/R
> operator receives the spam!
>=20
> By responding to ALL challenges, you ensure that: (a) your mail gets
> through, (b) future spam forging your address doesn't result in
> another challenge, and (c) the person who has the C/R system has to
> deal with=20
> the spam.
>=20
> If enough people do this, then C/R systems will become ineffective
> to the point where miscreants like Allan Connor, who don't care what
> he does to other people's mailboxes, will stop using them.
>=20
> -A

The problem with this is that you assume the challenge is really a =
message from a C-R user and not from a spammer or scammer.  I've already =
started hearing about web sites that are scams to get senders to divulge =
personal information.  They send the user a message which looks for all =
intent and purposes to be a challenge e-mail.  Take any of the C-R =
webmail providers, like BlueBottle or Mailblocks, open a temp account, =
send an e-mail to it, and get back the challenge so you know how to =
compose a message that looks just like it.  However, insert your own web =
site into the links that the sender is supposed to click on to =
supposedly verify their previously sent e-mail.

Will all e-mail users scan through all their messages to verify that the =
e-mail that the challenge said they sent was something they actually =
sent?  No.  The challenge may provide the To and Subject lines to =
supposedly clue the sender in regarding what e-mail they supposedly =
sent, but obviously that can be made vague enough so that enough =
recipients of this bogus challenge may think it was indeed something =
they sent.  So now they click on the link (because most e-mail users do =
NOT look at the HTML code to see where the link really takes them), get =
to a site that looks like where they are supposed to enter some numbers =
from a graphical image to verify they sent the e-mail (i.e., they answer =
the challenge).  However, this bogus challenge web site also asks them =
for personal information, like their e-mail address and could even ask =
for a password so the scammer could hijack their accounts.  Are you =
going to investigate on every challenge if there is indeed a C-R service =
running at that web site?  And so what if there is?  How do you know it =
is a reputable C-R service that actually has users rather than someone =
running a scam site that is issuing bogus challenge e-mails for users =
they don't have so obviously no one could be sending e-mails that should =
be generating challenges?

I sure doesn't look smart to be answering all challenges as a general =
policy.  I don't answer any of them.  Instead I use enough info in their =
supposedly standard formatted challenge (which is only standard within =
that C-R service) to define a rule to auto-delete their challenge from =
my mail server.

(read here, following up here)

On 2004-07-14, *Vanguard* <lh_vanguard@mailblocks.com> wrote:
>
> The problem with this is that you assume the challenge is really a \
> message from a C-R user and not from a spammer or scammer.  ...

Would you please limit the line length in your postings as
netiquette recommends?  At least some newsreaders don't show
more than the first 80 characters per line.  Longer lines
prevent people from seeing your points.

Thanks.

Robert Riches
spamtrap42@verizon.net
(Yes, that is one of my email addresses.)

Tim Smith said in
news:RkrIc.924$Qu5.435@newsread2.news.pas.earthlink.net:=20
> On 2004-06-19, Alan Connor <zzzzzz@xxx.yyy> wrote:
>> Here's what anyone can see if they go to my website, which you
>> either have not done, or are pretending that you have not done. A
>> copy of one of my C-Rs:
>=20
> This is the big problem with C-R systems: each has its own message.
> *If* they were all to agree on a standard format for the challenge
> and the response, and include the message-ID in the challenge, so
> that senders could easily automate handling the responses, *then*
> they would potentially be a lot more useful.

But ISPs are starting to reject "challenge spam".  And the C-R user will =
never know it.

As a test, I opened a bogus BlueBottle.com account (they are a C-R =
provider with free accounts that provide webmail and POP3/IMAP/SMTP =
servers).  It's bogus because all the profile information that I entered =
is bogus (they monitor that stuff and will kill your account in about a =
day).  I can send an e-mail from my BlueBottle account to my Yahoo =
account and receive it okay in my Yahoo account.  So I know that Yahoo =
is not blocking e-mails from the BlueBottle domain.  Then I send an =
e-mail from my Yahoo account to my BlueBottle account.  It goes into the =
Pending folder of my BlueBottle account and a challenge supposedly gets =
sent immediately (this according to a tech support reply from BlueBottle =
regarding how long they wait before sending a challenge).  I then wait, =
and wait, and wait for the challenge e-mail to show up in my Yahoo =
account.  After 4 hours, still not challenge e-mail.  I send several =
more test e-mails from multiple Yahoo accounts to my BlueBottle account. =
 Still no challenges get received back in my Yahoo accounts.  I contact =
BlueBottle who says that Yahoo's spam filtering might be the reason for =
never getting the challenges.  Nope, nothing in my Bulk folder where all =
the spam gets moved.

Then I start to wonder about rejection during the SMTP handshaking.  =
What if BlueBottle connects to Yahoo, tries to send the challenge =
e-mail, but Yahoo rejects it right there during the mail transfer?  With =
a normal e-mail that I would send, my mail server would return a NDR =
(non-delivery report) message saying my e-mail got rejected by the =
receiving mail server.  However, the challenge wasn't sent by me.  It =
was sent by BlueBottle's C-R mechanisms.  So I will never get notified =
that a challenge got rejected. =20

While this test was just against Yahoo, I'm hearing more and more ISPs =
are rejecting challenge spam.  That means the C-R user will never know =
their challenges were rejected (because the C-R service sent the =
challenge, not the user of the C-R account), the senders never get the =
challenge, their e-mails never get delivered to the C-R user's Inbox, =
and the C-R user quietly dies away as his/her good senders figured they =
are sending to the wrong e-mail address, that C-R user doesn't want to =
talk to them, or they died.  Unless the C-R service provides feedback to =
the C-R account user that challenges are getting rejected (or provides =
any status on those challenges), it's a worthless scheme.  E-mail is not =
a guaranteed communications venue, ISPs may be rejecting challenge spam, =
or other problems arise where the challenge is never delivered or cannot =
be responded to.  What if the sender doesn't have a browser, HTTP is =
blocked, or whatever might prevent them from getting to the web site =
where they are supposed to verify they sent their message? =20

Even if C-R ever manages to bother with the going through RFC =
ratification, even if other problems with C-R are addressed, unless the =
C-R user gets status on their challenges, like notifying the C-R user =
after some configurable wait period that a challenge never got answered =
or immediately when it gets rejected, the C-R user is blind to whether =
or not his e-mail scheme is even working.

In article <EamdnQ0Ul7dwAGnd4p2dnA@comcast.com>,
*Vanguard* <lh_vanguard@mailblocks.com> wrote:

>personal information.  They send the user a message which looks for all
>intent and purposes to be a challenge e-mail.  Take any of the C-R

>the challenge).  However, this bogus challenge web site also asks them
>for personal information, like their e-mail address and could even ask
>for a password so the scammer could hijack their accounts.  Are you

Anyone dumb enough to give  any private information to any C-R service
include those that are perfectly legitimate (so to speak) is too dumb
to be allowed to use the Internet without adult supervision.

On the other hand, the phishers don't need to use C-R to hook suckers.
They send messages that seem more understandable than any C-R
challenge and still hook a lot of suckers.

>I sure doesn't look smart to be answering all challenges as a general
>policy.  I don't answer any of them.  Instead I use enough info in their
>supposedly standard formatted challenge (which is only standard within
>that C-R service) to define a rule to auto-delete their challenge from
>my mail server.

If you can't trust yourself to not blab everything to anyone who asks,
no matter how implausibly, then that is the start of the right tactic.
For proper protection you should disable the form handling in your web
browser, because you might be tempted by a phisher's form sent via
ordinary, non-C-R spam.
I would suggest turning off HTML in your mail user agent (MUA), but
you've evidently already rejected that idea.


Vernon Schryver    vjs@rhyolite.com

*** Sam (abcsam@email-scan.com.edo) wrote in comp.mail.misc today:

> Eduardo Chappa writes:
>
>> *** The Open Sourceror's Apprentice 
>> (abcMorelyDotes@spamblocked.com.edo)...:
>> 
>>> Eduardo Chappa <chappa@math.washington.edu> wrote in 
>>> news:Pine.LNX.4.60.9.0407122216120.23919@zeno1.math.washington.edu:
>>> 
>>>> That's a very persuasive argument, except by the fact that I do not 
>>>> think that a particular e-mail address sends spam twice to the same 
>>>> account, even when it's forged.
>>> 
>>> Would you like 3,127 individual pieces of proof that you are mistaken?
>> 
>> Sure, put the in the web. Let me know where I can see them.
>
> Jun 13 14:17:24 headache courieresmtpd: 
> error,relay=::ffff:216.39.87.40,from=<adv@4epurchase.com>,to=<sam@email-scan.com>: 
> 511 Blocked - see 
> http://www.spambag.org/cgi-bin/spambag?mailfrom=sheckmedia
>
> [ … ]
>
> Jun 29 05:54:07 headache courieresmtpd: 
> error,relay=::ffff:64.70.43.83,from=<ADV@REAL-COUPONS.COM>,to=<sam@email-scan.com>: 
> 511 Blocked - see 
> http://www.spambag.org/cgi-bin/spambag?mailfrom=sheckmedia
>
> This is the Sheckmedia spamhaus repeatedly trying to spam the same 
> mailbox.
>
> What you don't see are hundreds of other attempts, in the same time 
> frame.
>
> Despite being told, via SMTP in no uncertain terms, to fuck off, they've 
> been spamming (or trying to spam) the same mailbox for several months. 
> I believe that the only reason they stopped was that they did not renew 
> their hosting contract with their provider, since the spew stopped 
> precisely at the end of the calendar month.
>
> Your belief that no spammer spams the same mailbox twice is very, very 
> naive.

I never said a spammer does not spam a mailbox twice, I said that if your 
address is used to spam people, the amount of C/R that you will get will 
have minimal intersection (see the word marginal), then I said in the 
unlikely case that this will happen use the C/R at your own risk. See the 
difference? (most of you have concentrated on the first sentence of my 
paragraph, which is quite unfair, are you guys politicians? or are trying 
to understand my whole point? or just rebating anything losing the context 
of the conversation?)

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

*** The Open Sourceror's Apprentice (abcMorelyDotes@spamblocked.com.edo)...:

> Eduardo Chappa <chappa@math.washington.edu> wrote in 
> news:Pine.LNX.4.60.9.0407131403441.14919@zeno1.math.washington.edu:
>
>>> Would you like 3,127 individual pieces of proof that you are mistaken?
>>
>> Sure, put the in the web. Let me know where I can see them.
>
> news:news.admin.net-abuse.sightings

This has nothing to do with what I meant in my original post. Reread it 
and then comment on it again. By the way, refute the argument of the 
paragraph, not isolated sentences.(Hint: the paragraph is about spam 
received as a result of C/R systems, not about spam in general).

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Vernon Schryver said in news:cd2ap5$22us$1@calcite.rhyolite.com:
> In article <EamdnQ0Ul7dwAGnd4p2dnA@comcast.com>,
> *Vanguard* <lh_vanguard@mailblocks.com> wrote:
>=20
>> personal information.  They send the user a message which looks for
>> all intent and purposes to be a challenge e-mail.  Take any of the
>> C-R=20
>=20
>> the challenge).  However, this bogus challenge web site also asks
>> them for personal information, like their e-mail address and could
>> even ask for a password so the scammer could hijack their accounts.=20
>> Are you=20
>=20
> Anyone dumb enough to give  any private information to any C-R service
> include those that are perfectly legitimate (so to speak) is too dumb
> to be allowed to use the Internet without adult supervision.

Divulging personal info (to scammers) was just *one* of the problems I =
mentioned of of challenge e-mails.  Just responding to the challenge =
means you divulge your e-mail address is valid and that it is actively =
monitored, something valuable in itself to spammers.  With everything =
you do to keep your e-mail address out of the hands of spammers, are you =
really going to answer every challenge message without any proof that it =
was indeed a challenge sent by a valid C-R user (who is not the spammer =
sending you the challenge) and that those operating the web site you =
visit to respond to the challenge aren't also the spammers?  For =
example, how do you know that a challenge that looks like it came from a =
BlueBottle C-R user really came from a BlueBottle C-R user?  And when =
you visit the web site where you respond the challenge, just exactly how =
to you know who is operating that web site? =20

> On the other hand, the phishers don't need to use C-R to hook suckers.
> They send messages that seem more understandable than any C-R
> challenge and still hook a lot of suckers.

So you are proposing that C-R will never take off, always be relegated =
to just a few users, and be used in such low numbers that challenge =
e-mail will not be anything that e-mail users will not become accustomed =
to?  Well, that suits me, too.  Phishers also try to con recipients by =
pretending to be the recipient's ISP asking for them to verify details =
of their account.  So how many valid e-mails have you seen from your ISP =
asking for such information?  For me, I've never gotten one.  The =
recipient getting lots of the same type of spam or scam can be easily =
recognized.  It's the rare type of spam/scam that dupes users.  It's not =
the common crap that will lull in a user.  It's the legit-looking rare =
crap that gets them.  Just because your challenges are cryptic and hard =
to understand doesn't mean others cannot craft them to present a =
professional and legit looking challenge which is very understandable.

>> I sure doesn't look smart to be answering all challenges as a general
>> policy.  I don't answer any of them.  Instead I use enough info in
>> their supposedly standard formatted challenge (which is only
>> standard within that C-R service) to define a rule to auto-delete
>> their challenge from my mail server.
>=20
> If you can't trust yourself to not blab everything to anyone who asks,
> no matter how implausibly, then that is the start of the right tactic.

That was MY point.  A policy of responding to EVERY challenge DOES have =
you blabbing to anyone who asks.  Such a policy has you blabbing to any =
spammer that composes a challenge that they reached a valid and active =
e-mail account.  It's not like any of these challenges are digitally =
signed with PGP or x.509 certificates will full registrant information =
so you can positively identify who is the sender of a challenge.  Just =
because it looks like a challenge e-mail doesn't mean that it came from =
a C-R user.

> For proper protection you should disable the form handling in your web
> browser, because you might be tempted by a phisher's form sent via
> ordinary, non-C-R spam.
> I would suggest turning off HTML in your mail user agent (MUA), but
> you've evidently already rejected that idea.

Actually I would like the feature of reading e-mails in plain text and =
letting me switch to an HTML view should I choose.  Oh, wait, I already =
have that.  It's called AutoPreview mode in Outlook (and I am NOT =
talking about using the Preview pane which is not a preview at all but a =
full view and gets rendered if HTML).  AutoPreview shows you several =
lines of the message in plain-text.  Then you can decide if you want to =
open the message to see it as the sender intended.  Using an HTML =
modifier also helps to protect when you should decide to view in HTML =
mode, like using SpamPal's HTML-Modify plug-in.  But I don't demand that =
the entire e-mail community takes the same level of protection just to =
use e-mail.  I'm not stupid in thinking everyone has to be as smart or =
smarter than me in using e-mail.  Arguing the evils of HTML is rather =
fruitless, like yelling at the waves lapping up on the shore.  It is =
here, it is pervasive, it is is common use.  But this digression =
regarding HTML, forms, and such was not related to what I posted.  It =
was about how challenges can be misused and forged, so answering ALL of =
them is a dubious policy.

On 13 Jul 2004 The Open Sourceror's Apprentice (MorelyDotes@spamblocked.com...:
> Nancy McGough <nm-reverse-spam-filter@ii.deflexion.com> wrote in
>
>>   <http://spamarrest.com/>
>
> You *are* aware that you have just cited a spammer, are you not?

Yes, I'm very aware of that they are spammers and involved in 
lawsuits and that their founder used to be in the porn business. 
That's why I chose them as an example of why I've decided to 
follow Vernon's suggestion! I have details and lots of links 
about them on my IMAP Service Providers page in this section:

   What to Look OUT For in an IMAP Service Provider
   <http://www.ii.com/internet/messaging/imap/isps/#lookOut>

They are discussed in item #3a.

Nancy
Infinite Ink
www.ii.com

In article <Xns952584A9B6EA5MorelyDotesspamblock@216.99.211.247>, 
MorelyDotes@spamblocked.com says...
 
> What sort of idiot reads email with a mail client that renders HTML by 
> default?

People who run OE with the default settings, I believe... :(

-- 
Contact Address matchstick a t oofg d o t com
"The wages of sin are death... but the hours are good and the perks are 
fantastic."

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-857-1089803637-0013
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

Eduardo Chappa writes:

> I never said a spammer does not spam a mailbox twice, I said that if your 
> address is used to spam people, the amount of C/R that you will get will 
> have minimal intersection (see the word marginal),

=E2=80=A6 now.  That's because nobody uses C/R.

In the unlikely even that will ever change, what you will have to take care 
of would be several thousands C/R spams every day.

The notion that somehow the spew of bogus C/Rs will ever cease is naive.  
There's already an existing case study.  Already people are getting 
bouncebacks from forged spam.  Which can be logically equated to C/R spam, 
at least as far as the annoyance factor goes.

And the bouncebacks are not stopping.


--=_mimegpg-commodore.email-scan.com-857-1089803637-0013
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBA9RV1x9p3GYHlUOIRAnVtAJ49nX4t77N7MnlJ1MzaLu6R+tPkaQCfbTGZ
7yznzRsutgR4MKnzd7VYpP8=
=f8t8
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-857-1089803637-0013--

In article <Pine.LNX.4.60.9.0407132222440.659@zeno1.math.washington.edu>,
Eduardo Chappa  <chappa@math.washington.edu> wrote:

>I never said a spammer does not spam a mailbox twice, I said that if your 
>address is used to spam people, the amount of C/R that you will get will 
>have minimal intersection (see the word marginal), then I said in the 
>unlikely case that this will happen use the C/R at your own risk. See the 
>difference? (most of you have concentrated on the first sentence of my 
>paragraph, which is quite unfair, are you guys politicians? or are trying 
>to understand my whole point? or just rebating anything losing the context 
>of the conversation?)

Huh?

  - What will have "(a?) minimal intersection" with what?
  - No, I don't see the word "marginal."  Where should it have been?
  - What is the unlikely case?  Is it related to that undefined
     intersection?
  - Of course, you should do everything at your own risk, including
     use C/R systems.  In other words, "caveat emptor."
  - This is netnews, and so I can't care much, but I'd settle for understand
      any of your point.
  - What is the context you mean?  It seems to be something about
      Challenge-Response systems and something spammers would do or
      refrain from doing, but I do not understand what.

An individual or two appearing to misunderstand you can be a mere
rhetorical ploy.  When most people don't understand you, the fault is
always entirely yours. 

I've read more at least two or three of your articles, but I still do
not know whether you think C/R systems are good or bad, whether you
think spammers will somehow exploit them, or whether you think spammers
might exploit people who always or never answer C/R challenges.

Try proofreading your articles.  Avoid run-on sentences such as the
first confusing mess in the quoted text.  Ensure that every string
ending with a period (.) or question mark (?) is a complete sentence
with a subject and a verb.  If you are not familiar with English, ask
a native speaker to proofread your text. 

An address at math.washington.edu suggests a need to write intelligible
English.  Consider treating writing netnews as a valuable exercise.
Formal math proofs often have odd symbols like upside down A's and
backwards E's, but those strings of symbols are usually separated with
simple declarative sentences.  No one unable to write intelligible
English can get a doctorate from a worthwhile U.S. college or university.
A case can be made that no one who hopes to do serious math in the
entire world, with the possible exception of France, can avoid being
able read and write English.


Vernon Schryver    vjs@rhyolite.com

In article <BNudnXPT1N9LQWndRVn-jw@comcast.com>,
*Vanguard* <lh_vanguard@mailblocks.com> wrote:

>                                                      With everything
>you do to keep your e-mail address out of the hands of spammers, 

Excuse me, but what are those things that I do to keep my address out
of the hands of spammers?

>                                                                 are you
>really going to answer every challenge message without any proof that it
>was indeed a challenge sent by a valid C-R user (who is not the spammer
>sending you the challenge) and that those operating the web site you
>visit to respond to the challenge aren't also the spammers?  

The challenges from any given C-R system are substantially identical
and there are a bunch of them.  That makes them bulk mail.  I don't
want or ask for them, and that makes them unsolicited.  Unsolicited
bulk mail is spam, and so as I have been saying since C-R systems were
first proposed, C-R users are spammers, whether not they send any other
unsolicited bulk email.

>                                                             For
>example, how do you know that a challenge that looks like it came from a
>BlueBottle C-R user really came from a BlueBottle C-R user?  

I can't think of a reason to care.  It's true that responding to a
mail message leaks information in theory, but that information about
me is so readily available that "leak" is misleading.


>                                                             And when
>you visit the web site where you respond the challenge, just exactly how
>to you know who is operating that web site?  

My goals in dealing with C-R challenges are that same as my goals
in dealing with other unsolicited bulk mail:
   - minimize the waste of my time, effort, bandwidth, etc.
   - keep my incoming and outgoing mail as reliable as possible.
Thus, I generally do not respond to C-R challenges that require me to
visit web sites.  I use a 20 year old MUA in a text X window that requires
that I cut and past from it to a browser to do any web site visiting.


>So you are proposing that C-R will never take off, always be relegated
>to just a few users, and be used in such low numbers that challenge
>e-mail will not be anything that e-mail users will not become accustomed
>to? 

That is practically certain.

>crap that gets them.  Just because your challenges are cryptic and hard
>to understand doesn't mean others cannot craft them to present a
>professional and legit looking challenge which is very understandable.

Challenges that I send?  Given of my long and frequently (but perhaps
not frequently enough) stated view that C-R challenges are spam, are
you calling me a spammer?


>That was MY point.  A policy of responding to EVERY challenge DOES have
>you blabbing to anyone who asks.  Such a policy has you blabbing to any
>spammer that composes a challenge that they reached a valid and active
>e-mail account. 

Getting a response is one of the least used and least useful tactics
for verifying spam target addresses.  For example, anyone running an
SMTP server on a known domain name sees at least hundreds of dictionary
attacks per hour.  Those attacks are checking the validity of target
addresses with SMTP Rcpt_To commands.


Vernon Schryver    vjs@rhyolite.com

*** Sam (abcsam@email-scan.com.edo) wrote in comp.mail.misc today:

> Eduardo Chappa writes:
>
>> I never said a spammer does not spam a mailbox twice, I said that if 
>> your address is used to spam people, the amount of C/R that you will 
>> get will have minimal intersection (see the word marginal),
>
> … now.  That's because nobody uses C/R.

is nobody 0% of users?, 1% of users? 10% of users?. I don't think you mean 
nobody, really. My point was never the amount of users who use C/R, if 
your point is that this would only be a problem when too many people use 
C/R, I can tell you that the problem will not be that, but it will be 
people using C/R systems, and use will be discouraged, maybe forbidden.

> In the unlikely even that will ever change, what you will have to take 
> care of would be several thousands C/R spams every day.
>
> The notion that somehow the spew of bogus C/Rs will ever cease is naive.

I agree, but I never claimed that.

> There's already an existing case study.  Already people are getting 
> bouncebacks from forged spam.  Which can be logically equated to C/R 
> spam, at least as far as the annoyance factor goes.

As far as annoyance, well, that depends on who you are. I am glad I ignore 
all bouncebacks, so this is pretty much 0 annoyance to me.

> And the bouncebacks are not stopping.

Agree on that one.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Richard Johnson wrote:
> 
> In article
> <Pine.LNX.4.60.9.0407122207150.23919@zeno1.math.washington.edu>,
>  Eduardo Chappa <chappa@math.washington.edu> wrote:
> 
> > *** Richard Johnson (abcrnews@whirlpool.river.com.edo) wrote in...:
> > :) However, at the present time, how do you know whether the challenge you
> > :) received was because you sent mail to someone, or because a spammer
> > :) forged your address?  If you send responses to usenet posts, send to
> > :) people who forward mail, or send to mailing lists, you generall
> > :) -cannot- know.
> >
> > Which is exactly a good reason why you should not answer the challenge.
> > Confirming good addresses to a spammer is similar to shooting yourself on
> > the foot.
> 
> How is answering a challenge confirming a good address to a spammer?
> The spammer does not receive the response.

I have a question.  I note the subject lime and ask, who cares what a
famous hacker does or does not do?  Do the actions of others dictate
what we do?

I truly do not care what some hacker does to not get spam.  Instead of
writing filters to help others he takes the easy way out and I am glad I
won't ever be sending him an email.

On another note:

I have had emails from others that did use challange and response. 
These folks have emailed me and then challanged my email response to
them.  I of course promptly ignored their challange and went on about my
day.  They think that I never answered their email, that is their
problem and not mine.

> > :) Therefore, it behooves you to answer all challenges you receive.  Only
> > :) by doing that can you have a chance of seeing your legitimate email go
> > :) through.
> >
> > I will sound presumptious, but in my opinion, I do not loose by the
> > receiver not receiving my message. I lost a couple of minutes, my
> > recipient lost my message. It's up to you to decide who lost more.
> 
> I'm more interested in providing back-pressure against those who bother
> me with challenges based on forged mail.  I lose time and bandwidth
> regardless because of such spam challenges, so I might as well push
> back.
> 
> Richard
> 
> --
> To reply via email, make sure you don't enter the whirlpool on river left.
> 
> My mailbox. My property. My personal space. My rules. Deal with it.
>                         http://www.river.com/users/share/cluetrain/

--
Mark Ferguson

*** Vernon Schryver (abcvjs@calcite.rhyolite.com.edo) wrote in...:

> In article 
> <Pine.LNX.4.60.9.0407132222440.659@zeno1.math.washington.edu>, Eduardo 
> Chappa <chappa@math.washington.edu> wrote:
>
>> I never said a spammer does not spam a mailbox twice, I said that if 
>> your address is used to spam people, the amount of C/R that you will 
>> get will have minimal intersection (see the word marginal), then I said 
>> in the unlikely case that this will happen use the C/R at your own 
>> risk. See the difference? (most of you have concentrated on the first 
>> sentence of my paragraph, which is quite unfair, are you guys 
>> politicians? or are trying to understand my whole point? or just 
>> rebating anything losing the context of the conversation?)
>
> Huh?
>
  I guess you tried to understand my message without reading the one I was 
referring to.

>  - What will have "(a?) minimal intersection" with what?

among themselves, meaning not two C/R messages will come from the same 
person. Again I refer you to my earlier message for a complete statement, 
that's false as stated, but true in generic sense. We, mathematicians, 
have a notion of "set of measure zero", which is ignored for practical 
purposes, this is one case. Again read my earlier message for a complete 
explanation.

>  - No, I don't see the word "marginal."  Where should it have been?

I quote: "but in general the error should be marginal with respect to the 
real amount of spam that is not generated in the way described here."

>  - What is the unlikely case?  Is it related to that undefined
>     intersection?

explained above.

>  - Of course, you should do everything at your own risk, including
>     use C/R systems.  In other words, "caveat emptor."

We happen to agree here, but in this case the C/R system is being used by 
the person who did not set it up, where you probably don't even know the 
sender. My common sense tells me "don't use it".

>  - This is netnews, and so I can't care much, but I'd settle for 
>    understand any of your point.

hopefully you will now.

>  - What is the context you mean?  It seems to be something about 
>    Challenge-Response systems and something spammers would do or refrain 
>    from doing, but I do not understand what.

I meant to say that the argument that I referred before (which you need to 
read) was only about C/R systems. Somehow, some people made it look like 
it was about spam in general, which was not.

> An individual or two appearing to misunderstand you can be a mere 
> rhetorical ploy.  When most people don't understand you, the fault is 
> always entirely yours.

Huh? No it's not that, it's taking words out of context. Reread the 
thread, you will see how it was done (hint: quote a part of the message, 
remove the rest, reply to the part quoted as if it was never attached to 
the part removed and make it look in the reply like something different 
was said).

Since I don't know the people that followed that procedure I can not claim 
inoccence of guilt in their intentions, but it strikes me as supicious, 
like someone who can't win a debate so just makes a correct statement that 
has nothing to do with the debate, but gets the feeling of winning because 
the other person did not refute that point. I am claiming that

> I've read more at least two or three of your articles, but I still do 
> not know whether you think C/R systems are good or bad, whether you 
> think spammers will somehow exploit them, or whether you think spammers 
> might exploit people who always or never answer C/R challenges.

Huh? This subthread started by me saying "stop using C/R systems, they are 
bad!" (paraphrased). You will need to return to the top of this subthread.

> Try proofreading your articles.  Avoid run-on sentences such as the 
> first confusing mess in the quoted text.  Ensure that every string 
> ending with a period (.) or question mark (?) is a complete sentence 
> with a subject and a verb.  If you are not familiar with English, ask a 
> native speaker to proofread your text.

It helps if you can point out sentences that I've said that fall in that 
category. I do not see any.

By the way, would you be willing to proofread my messages? Somehow I feel 
the answer is NO, and somehow I feel the answer I will get from everyone 
in the world is NO, so I don't think this will happen.

> An address at math.washington.edu suggests a need to write intelligible 
> English.  Consider treating writing netnews as a valuable exercise. 
> Formal math proofs often have odd symbols like upside down A's and 
> backwards E's, but those strings of symbols are usually separated with 
> simple declarative sentences.  No one unable to write intelligible 
> English can get a doctorate from a worthwhile U.S. college or 
> university. A case can be made that no one who hopes to do serious math 
> in the entire world, with the possible exception of France, can avoid 
> being able read and write English.

Well I am more that happy to read my unintelligible english if you show me 
why it was unintelligible and show me how to make it intelligible, but 
since this thread is not about that, feel free to do it by e-mail.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

*** Nancy McGough (abcnm-reverse-spam-filter@ii.deflexion.com.edo) wrote in...:

> On 13 Jul 2004 Tim Smith (reply_in_group@mouse-potato.com) wrote:
>> 
>>> By responding to ALL challenges, you ensure that: (a) your mail gets 
>>> through, (b) future spam forging your address doesn't result in 
>>> another challenge, and (c) the person who has the C/R system has to 
>>> deal with the spam.
>> 
>> (d) your email address gets passed among spammers as one that is good 
>> to forge, because it gets through C/R systems, and (e) people learn 
>> that blocking on your email address reduces their spam.
>
> And if it is one of your spam-trap email addresses, that's OK. My new 
> plan is to follow Vernon's advice only for challenges that come to my 
> spam-trap addresses. Challenges that come to my real addresses, I 
> ignore.

Nancy,

What about entering those people which sent you an "unsolicited" C/R 
message into your "block messages from this person" list?, wouldn't that 
work for you too?, if not, why not?

To me confirming an e-mail address to an unknown sender is similar to 
returning a call from a person who left a message in your answering 
machine telling you to call back, a person who never even used your name 
to start with. That sounds like a telemarketer to me, and I do not return 
calls from people I don't know either.

I would say, about C/R, either ignore them or block them, but don't answer 
them.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

*** The Open Sourceror's Apprentice (abcMorelyDotes@spamblocked.com.edo)...:

> Nancy McGough <nm-reverse-spam-filter@ii.deflexion.com> wrote in 
> news:Pine.LNX.4.60.9.0407130653440.7367@zebes.dreamhost.com:
>
>>   <http://spamarrest.com/>
>
> You *are* aware that you have just cited a spammer, are you not?

I am *very* interested to see the proof of this. Do you know where I can 
find such proof? (my post is genuine, I do not mean to bother you, I'd 
really like to see such proof).

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Eduardo Chappa <chappa@math.washington.edu> writes:
>among themselves, meaning not two C/R messages will come from the same 
>person.

NOT TRUE. I've gotten more than a dozen from Dan Bernstein alone, wingnut.

>that's false as stated, but true in generic sense. We, mathematicians, 
>have a notion of "set of measure zero", which is ignored for practical 

We, usenet readers, have a notion of "bullshit". *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

In article <Pine.LNX.4.60.9.0407140703180.6250@zeno1.math.washington.edu>,
Eduardo Chappa  <chappa@math.washington.edu> wrote:

>  I guess you tried to understand my message without reading the one I was 
>referring to.

I've tried to understand several of your messages.  Like most people,
I have trouble remembering things that make no sense to me even when
I want to.  I generally don't want to waste synapses remembering netnews.

Because this is netnews, you cannot assume that your readers will have
seen all of your messages.  Propagaion vagaries ensure that at least
some of your readers will not have seen at least some of the preceding
articles when any given example reaches them.  That is why people
familiar with usenet try to make each of their articles stand alone.



>>  - What will have "(a?) minimal intersection" with what?
>
>among themselves, meaning not two C/R messages will come from the same 
>person. Again I refer you to my earlier message for a complete statement, 
>that's false as stated, but true in generic sense. We, mathematicians, 
>have a notion of "set of measure zero", which is ignored for practical 
>purposes, this is one case. Again read my earlier message for a complete 
>explanation.

I have only a vauge notion what you mean.

Given the finite cardinality of all email that will have ever been
sent by all creatures in the universe from the big bang until all
protons have decayed, what sort of measure are you thinking about?
It's been decades since I studied measure theory as taught by the
real analysts, I seem to recall the need for at least countably
infinite sets to be able to talk about sets of zero (Lebesgue?)
measure.  I think there are some games you could play with model
theory, such as those Cohen invented to prove the second half of
the independence of AC, but that sort of mathematical sophistication
doesn't seem relevant here.

Never mind that the claim that sets of zero measure are "ignored for
practical purposes" by mathematicians sets my hackles.  All of the
sets that we can ever know are not only of measure zero, but countable.
Last winter I read and enjoyed Penelope Maddy's exploration of that
issue in her "Naturalism in Mathematics."  I found the first half
plodding, but the second half is fun.  I see the full text is online at
http://www.oxfordscholarship.com/oso/public/content/philosophy/0198250754/toc.html


>>  - This is netnews, and so I can't care much, but I'd settle for 
>>    understand any of your point.
>
>hopefully you will now.

Sorry, but I've inferred only that you are a student in a math
department, probably recently acquainted with real analysis, and
probably in the applied side of the department.


>>  - What is the context you mean?  It seems to be something about 
>>    Challenge-Response systems and something spammers would do or refrain 
>>    from doing, but I do not understand what.
>
>I meant to say that the argument that I referred before (which you need to 
>read) was only about C/R systems. Somehow, some people made it look like 
>it was about spam in general, which was not.

Since this is netnews, I don't *need* to read anything.


>> An individual or two appearing to misunderstand you can be a mere 
>> rhetorical ploy.  When most people don't understand you, the fault is 
>> always entirely yours.
>
>Huh? No it's not that, it's taking words out of context. Reread the 
>thread, you will see how it was done (hint: quote a part of the message, 
>remove the rest, reply to the part quoted as if it was never attached to 
>the part removed and make it look in the reply like something different 
>was said).

On the contrary, your articles have been mostly unintelligible.  We
have all been grabbing phrases that seem to make some sense and ignoring
the rest.  That's how humans read and listen.  Things that don't make
sense are practically invisible.   You really learn this as a computer
programmer; bug reports invariably omit vital facts that were meaningless
to the person reporting the bug.

Besides, this is netnews.  By decades of tradition, you should only
quote and respond to points that you care about.


>> I've read more at least two or three of your articles, but I still do 
>> not know whether you think C/R systems are good or bad, whether you 
>> think spammers will somehow exploit them, or whether you think spammers 
>> might exploit people who always or never answer C/R challenges.
>
>Huh? This subthread started by me saying "stop using C/R systems, they are 
>bad!" (paraphrased). You will need to return to the top of this subthread.

Again, this is netnews so I don't *need* to do anything.


>> Try proofreading your articles.  Avoid run-on sentences such as the 
>> first confusing mess in the quoted text.  Ensure that every string 
>> ending with a period (.) or question mark (?) is a complete sentence 
>> with a subject and a verb.  If you are not familiar with English, ask a 
>> native speaker to proofread your text.
>
>It helps if you can point out sentences that I've said that fall in that 
>category. I do not see any.

You "need" to look your words that I quoted in my previous article.
The first string with its several commas and ending with the first
period was such a terrible long, convoluted, confusing mess that "run
on sentence" is a polite fiction.


>By the way, would you be willing to proofread my messages? Somehow I feel 
>the answer is NO, and somehow I feel the answer I will get from everyone 
>in the world is NO, so I don't think this will happen.

True, my answer is "no."  If you have no friends who would answer "yes,"
then you should immediately stop worrying about netnews, C-R systems,
and even math, and fix that problem.


>Well I am more that happy to read my unintelligible english if you show me 
>why it was unintelligible and show me how to make it intelligible, but 
>since this thread is not about that, feel free to do it by e-mail.

That's a problem that only you can address.

In a sense, each of us is at most inversely as smart as we think we
are.  People who think they are very smart never are.  At best they
are academic equivalents of autistic musical prodigies, but usually
they are merely poseurs and four-flushers.


Vernon Schryver    vjs@rhyolite.com

*** Paul Vader (abcpv+usenet@pobox.com.edo) wrote in comp.mail.misc today:

> Eduardo Chappa <chappa@math.washington.edu> writes:
>> among themselves, meaning not two C/R messages will come from the same 
>> person.
>
> NOT TRUE. I've gotten more than a dozen from Dan Bernstein alone, 
> wingnut.

Ok, I'm convinced that it's intentional. You failed to quote my whole 
paragraph (just a sentence of it) just to make a point that I had already 
made.

>> that's false as stated, but true in generic sense. We, mathematicians, 
>> have a notion of "set of measure zero", which is ignored for practical
>
> We, usenet readers, have a notion of "bullshit". *

Oh, now you quote the rest of the paragraph and is so separated from the 
other sentence that it doesn't even make sense (then someone will claim 
that I write unintelligible English). Shameful. I think you need a new 
thread.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Eduardo Chappa <chappa@math.washington.edu> wrote:

> I am *very* interested to see the proof of this. Do you know where I can
> find such proof? (my post is genuine, I do not mean to bother you, I'd
> really like to see such proof).

I don't know about "proof", but you might want to classify the following
as "evidence":

<http://groups.google.com/groups?threadm=v4ndhn5o0s641e%40corp.supernews
..com>
<http://groups.google.com/groups?threadm=slrnb4m6bl.4hk.you%40jazz.hq.ne
wdream.net>
-- 
Daniel W. Johnson
panoptes@iquest.net
http://members.iquest.net/~panoptes/
039 53 36 N / 086 11 55 W

On 14 Jul 2004 Eduardo Chappa (chappa@math.washington.edu) wrote:
>>> 
>>>> By responding to ALL challenges, you ensure that: (a) your mail gets 
>>>> through, (b) future spam forging your address doesn't result in another 
>>>> challenge, and (c) the person who has the C/R system has to deal with the 
>>>> spam.
>>> 
>>> (d) your email address gets passed among spammers as one that is good to 
>>> forge, because it gets through C/R systems, and (e) people learn that 
>>> blocking on your email address reduces their spam.
>> 
>> And if it is one of your spam-trap email addresses, that's OK. My new plan 
>> is to follow Vernon's advice only for challenges that come to my spam-trap 
>> addresses. Challenges that come to my real addresses, I ignore.
>
> What about entering those people which sent you an "unsolicited" C/R message 
> into your "block messages from this person" list?, wouldn't that work for you 
> too?, if not, why not?
>
> To me confirming an e-mail address to an unknown sender is similar to 
> returning a call from a person who left a message in your answering machine 
> telling you to call back, a person who never even used your name to start 
> with. That sounds like a telemarketer to me, and I do not return calls from 
> people I don't know either.


That's why I said I'd do it only with challenges sent to my spam 
trap addresses:

1) I want the spammers to spam those addresses (that's what they 
are for!)

2) I do not mind making life difficult for (the non spamming) 
people who are using (or selling) C/R systems that send 
challenges to forged From: headers.

I hope this makes sense. I realize that I'm being a bit of an 
anarchist here, but maybe it will help to get the C/R folks to 
clean up their systems and quit sending challenges to forged 
From: headers.

BTW, for challenges that come to my real addresses, those people 
can wait and wait and maybe eventually they will read the "Email 
Deflexion for Infinite Ink" web page.

Nancy
Infinite Ink
www.ii.com

On Thu, 24 Jun 2004 10:58:36 GMT, "D. Stussy" <kd6lvw@bde-arc.ampr.org>
wrote:

>> It does not matter if there is a "purpose" for that header line.  RFCs do not
>> require "purpose".  The fact that you do not perceive a purpose does not mean
>> that nobody else perceives one.
>
>If there is no purpose, then why do it?  The RFC text directly contradicts you
>on this - as "Received:" is defined in a section called "trace headers."
>Obviously, there is a purpose as described....

The purpose seems to be to increase the number of Received: headers to
reach anti-loop limits earlier.

-- 
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente,  Postbus 217,  7500 AE  Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/itbe

On Mon, 12 Jul 2004 11:34:08 -0500, jdoherty@nowhere.null.not (John
Doherty) wrote:

>If legitimate senders could easily automate handling the challenges,
>then so could spammers, and the whole idea would be even more useless
>than it is now.

The can try to send a response but the reponse will not contain the
neccessary password(s).

And yes, I mean passwords. I have had more than one challenge for a
single message I sent (this was genuin). Some previous (the owner booted
him) member of a list I'm on has a few accounts at a provider offering
C/R. And he bounces messages coming in on one mailbox to another. And in
both instances the C/R system (probl. because it keeps sender/recipient
pairs) send out a challenge.

-- 
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente,  Postbus 217,  7500 AE  Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/itbe

In article <Pine.LNX.4.60.9.0407140743520.6250@zeno1.math.washington.edu>,
Eduardo Chappa  <chappa@math.washington.edu> wrote:

> >>   <http://spamarrest.com/>
> >
> > You *are* aware that you have just cited a spammer, are you not?
> 
> I am *very* interested to see the proof of this. Do you know where I can 
> find such proof? (my post is genuine, I do not mean to bother you, I'd 
> really like to see such proof).

<http://static.samspade.org/spamarrest.html>

bisky 

On Mon, 12 Jul 2004 22:25:34 -0700, Eduardo Chappa
<chappa@math.washington.edu> wrote:

>That's a very persuasive argument, except by the fact that I do not think 
>that a particular e-mail address sends spam twice to the same account, 
>even when it's forged.

I could start counting. I have a large collection of bounces where the
recipient was the same and where my address was forged every time. I
still get 1 to 5 of those each day.

-- 
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente,  Postbus 217,  7500 AE  Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/itbe

*Vanguard* <lh_vanguard@mailblocks.com> wrote:
> [some very long single-line paragraphs]

You have already been asked once by another poster to limit the length
of your lines to a sane value.  Please do so.  I'm not using a terminal
with a width of over a thousand characters, and I don't know anyone
else who is.

My newsreader wrapped your text at 80 characters, often midword, so I
saw all of your text, though it was less legible than it could have
been.  Your last line was broken into two somewhere along the way--
again midword--at the 1024th character.

Perhaps you don't care if people read your posts or not.  They won't if
you continue to make it difficult to do so.

-- 
John Wingate                        Mathematics is the art which teaches
johnww@worldpath.net                one how not to make calculations.
                                                         --Oscar Chisini

On Wed, 14 Jul 2004 06:13:59 -0500, Sam <sam@email-scan.com> wrote:

>Eduardo Chappa writes:
>
>> I never said a spammer does not spam a mailbox twice, I said that if your 
>> address is used to spam people, the amount of C/R that you will get will 
>> have minimal intersection (see the word marginal),
>
>� now.  That's because nobody uses C/R.
>
>In the unlikely even that will ever change, what you will have to take care 
>of would be several thousands C/R spams every day.
>
>The notion that somehow the spew of bogus C/Rs will ever cease is naive.  
>There's already an existing case study.  Already people are getting 
>bouncebacks from forged spam.  Which can be logically equated to C/R spam, 
>at least as far as the annoyance factor goes.
>
>And the bouncebacks are not stopping.


Do what I do - configure SpamAssassin to discard C/R challenges.  

I have to say that I haven't actually received a spam message or a
virus in a week.  At that time, I received a (1) spam message.  Why
fool around with C/R when you can set up a spam filter system that
WORKS?

Postfix, Amavisd-new, SpamAssassin (using surbls, backhair, weeds,
chickenpox, ratware, evilnumbers, Razor2, and bayes), F-Prot and
Clamav.  Everything appropriate is on daily automatic update.

Yes, it took me a week to set it all up - at the mail server, so the
whole family is blocked - but it was a week well spent.  I simply
don't receive spam anymore.  Period.  According to my postfix logs, I
get something on the order of 10-20 attempts per second...  but I
don't care.

Tell me how C/R is supposed to be so great?

Mike-
--
If you're not confused, you're not trying hard enough.
--
Please note - Due to the intense volume of spam, we have installed 
site-wide spam filters at catherders.com.  If email from you bounces,
try non-HTML, non-encoded, non-attachments,

Eduardo Chappa <chappa@math.washington.edu> writes:
>Ok, I'm convinced that it's intentional. You failed to quote my whole 
>paragraph (just a sentence of it) just to make a point that I had already 
>made.

"Failed to quote". Are you dumb? If someone wants to read the whole post
for context, their reader will do that for them. You are a wingnut, aren't
you?

>Oh, now you quote the rest of the paragraph and is so separated from the 
>other sentence that it doesn't even make sense (then someone will claim 
>that I write unintelligible English). Shameful. I think you need a new 
>thread.

I think you need to get over yourself. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

*** biskybabe@hotmail.com.nspm wrote in comp.mail.misc today:

>
> In article 
> <Pine.LNX.4.60.9.0407140743520.6250@zeno1.math.washington.edu>, Eduardo 
> Chappa <chappa@math.washington.edu> wrote:
>
>>>>   <http://spamarrest.com/>
>>>
>>> You *are* aware that you have just cited a spammer, are you not?
>>
>> I am *very* interested to see the proof of this. Do you know where I 
>> can find such proof? (my post is genuine, I do not mean to bother you, 
>> I'd really like to see such proof).
>
> <http://static.samspade.org/spamarrest.html>

Thank you for the link, Quite interesting.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

*** Paul Vader (abcpv+usenet@pobox.com.edo) wrote in comp.mail.misc today:

> Eduardo Chappa <chappa@math.washington.edu> writes:
>> Ok, I'm convinced that it's intentional. You failed to quote my whole 
>> paragraph (just a sentence of it) just to make a point that I had 
>> already made.
>
> "Failed to quote". Are you dumb? If someone wants to read the whole post 
> for context, their reader will do that for them. You are a wingnut, 
> aren't you?

Failed to quote properly. When you quote only part of the text and omit 
something essential you are not quoting properly.

According to my dictionary a Wing Nut is a threaded nut with two flat 
projections which allow it to be turned by the thumb and forefinger.
It seems like you meant to insult me. I don't feel insulted. I'm smiling 
at your attempt to insult me.

>> Oh, now you quote the rest of the paragraph and is so separated from 
>> the other sentence that it doesn't even make sense (then someone will 
>> claim that I write unintelligible English). Shameful. I think you need 
>> a new thread.
>
> I think you need to get over yourself. *

Huh? irrelevant to the point of the thread. Personal attacks have nothing 
to do with C/R systems. Please stop posting in this thread unless you have 
something new to say about C/R sysytems. You need to move to a new one.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Eduardo Chappa <chappa@math.washington.edu> wrote in 
news:Pine.LNX.4.60.9.0407140810030.7402@zeno1.math.washington.edu:

> I write unintelligible English

Now, this I find quite accurate.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

*** The Open Sourceror's Apprentice (abcMorelyDotes@spamblocked.com.edo)...:

> Eduardo Chappa <chappa@math.washington.edu> wrote in
> news:Pine.LNX.4.60.9.0407140810030.7402@zeno1.math.washington.edu:
>
>> I write unintelligible English
>
> Now, this I find quite accurate.

Stay on topic or do not post this, is inaccurate and does not reflect what 
I claimed. Anything to say about C/R systems that has not been said 
already?

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

Eduardo Chappa <chappa@math.washington.edu> wrote in
news:Pine.LNX.4.60.9.0407140735560.6250@zeno1.math.washington.edu: 

> I would say, about C/R, either ignore them or block them, but don't
> answer them.

You are, presumably, an authority on mathematics.

Vernon Schryver is an authority on anti-spam tactics, and Internet
technology in general. 

He disagrees with you.

Now, on a social basis I would probably prefer your company to that of
Vernon; however, when he says it's better to respond to all challenges,
adn you say (with fear and trembling, and spouting obvious
mis/disinformation) that it's better to "just hit delete," I'll go with
Vernon's advice over yours every time. 

On this topic, Vernon knows what he's talking about; you talk like a man
with a paper asshole. 

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Eduardo Chappa <chappa@math.washington.edu> wrote in
news:Pine.LNX.4.60.9.0407140743520.6250@zeno1.math.washington.edu: 

> *** The Open Sourceror's Apprentice
> (abcMorelyDotes@spamblocked.com.edo)...: 
> 
>> Nancy McGough <nm-reverse-spam-filter@ii.deflexion.com> wrote in 
>> news:Pine.LNX.4.60.9.0407130653440.7367@zebes.dreamhost.com:
>>
>>>   <http://spamarrest.com/>
>>
>> You *are* aware that you have just cited a spammer, are you not?
> 
> I am *very* interested to see the proof of this. Do you know where I can
> find such proof? (my post is genuine, I do not mean to bother you, I'd 
> really like to see such proof).

Eighty-seven sightings in English, dating back to Oct 26, 2002:

<http://www.google.com/groups?q=spamarrest+group:news.admin.net-
abuse.sightings&hl=en&lr=lang_en&ie=UTF-8&newwindow=1&c2coff=1
&scoring=d&start=80&sa=N&filter=0> 



-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Eduardo Chappa <chappa@math.washington.edu> wrote in 
news:Pine.LNX.4.60.9.0407141022520.10089@zeno1.math.washington.edu:

> Stay on topic or do not post this,

Allow me to state for the record that you are *NOT* in charge of anything.

Your attempt to order me about like one of your poor, abused undergrads is an 
excellent way to ensure that you get my undivided attenttion for whatever 
period of time it takes to get the washington.edu sysadmins involved.

I can guarantee that you do not want my undivided attention.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Michael W Cocke <cocke@catherders.com> writes:
>don't receive spam anymore.  Period.  According to my postfix logs, I
>get something on the order of 10-20 attempts per second...  but I
>don't care.

It is sort of entertaining to look in the logs at all the dummies banging
on the deny table again and again and again.

>Tell me how C/R is supposed to be so great?

It isn't. This is the second time I've used this quote today - "Every
problem has a simple, understandable, easily explained WRONG answer." *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

Eduardo Chappa <chappa@math.washington.edu> writes:
>Failed to quote properly. When you quote only part of the text and omit 
>something essential you are not quoting properly.

You need to see all your words parroted back at you to understand the
answer? What a shame for you.

>According to my dictionary a Wing Nut is a threaded nut with two flat 
>projections which allow it to be turned by the thumb and forefinger.
>It seems like you meant to insult me. I don't feel insulted. I'm smiling 
>at your attempt to insult me.

Full of yourself much?

>to do with C/R systems. Please stop posting in this thread unless you have 
>something new to say about C/R sysytems. You need to move to a new one.

Please bite me. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

"The Open Sourceror's Apprentice" <MorelyDotes@spamblocked.com> writes:
>On this topic, Vernon knows what he's talking about; you talk like a man
>with a paper asshole. 

What?! I can't say I've seen that particular idiom before. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

*** Paul Vader (abcpv+usenet@pobox.com.edo) wrote in comp.mail.misc today:

> Eduardo Chappa <chappa@math.washington.edu> writes:
>> Failed to quote properly. When you quote only part of the text and omit 
>> something essential you are not quoting properly.
>
> You need to see all your words parroted back at you to understand the 
> answer? What a shame for you.

Ok, you don't get it. You quote in order to give a context for your reply. 
By misquoting you give a wrong context, the conversation changes direction 
and we both waste out time arguing stupid things like this, when all that 
can be avoided if you (and everyone) quoted properly.

>> According to my dictionary a Wing Nut is a threaded nut with two flat 
>> projections which allow it to be turned by the thumb and forefinger. It 
>> seems like you meant to insult me. I don't feel insulted. I'm smiling 
>> at your attempt to insult me.
>
> Full of yourself much?
>
>> to do with C/R systems. Please stop posting in this thread unless you 
>> have something new to say about C/R sysytems. You need to move to a new 
>> one.
>
> Please bite me. *

No, I don't want to get sick.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

*** The Open Sourceror's Apprentice (abcMorelyDotes@spamblocked.com.edo)...:

> Eduardo Chappa <chappa@math.washington.edu> wrote in 
> news:Pine.LNX.4.60.9.0407141022520.10089@zeno1.math.washington.edu:
>
>> Stay on topic or do not post this,
>
> Allow me to state for the record that you are *NOT* in charge of 
> anything.

Depends on what you mean by "anything". You keep going stray from the 
thread. Go back to it, it was really productive when we were talking about 
C/R systems.

> Your attempt to order me about like one of your poor, abused undergrads 
> is an excellent way to ensure that you get my undivided attenttion for 
> whatever period of time it takes to get the washington.edu sysadmins 
> involved.
>
> I can guarantee that you do not want my undivided attention.

Get better informed before making threats like this, they serve no 
purpose.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

pv+usenet@pobox.com (Paul Vader) wrote in 
news:10fat3g6iguv2d@news.supernews.com:

> "The Open Sourceror's Apprentice" <MorelyDotes@spamblocked.com> writes:
>>On this topic, Vernon knows what he's talking about; you talk like a man
>>with a paper asshole. 
> 
> What?! I can't say I've seen that particular idiom before.

The full explanation: "Any movement at all will rip you wide open and leave 
you bleeding, with your guts hanging out.  Plus which it will become obvious 
(even to you) that you're full of shit."

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

On 2004-07-14, Vernon Schryver <vjs@calcite.rhyolite.com> wrote:
> The challenges from any given C-R system are substantially identical
> and there are a bunch of them.  That makes them bulk mail.  I don't
> want or ask for them, and that makes them unsolicited.  Unsolicited
> bulk mail is spam, and so as I have been saying since C-R systems were
> first proposed, C-R users are spammers, whether not they send any other
> unsolicited bulk email.

By that argument, wouldn't verification requests sent by mailing lists to
verify sign-up requests be spam?

Similarly, what about bounce messages?

-- 
--Tim Smith

On 2004-07-14, *Vanguard* <lh_vanguard@mailblocks.com> wrote: [broken
message deleted]

Your posting software is violating RFC2822:

    2.1.1. Line Length Limits

       There are two limits that this standard places on the number of
       characters in a line. Each line of characters MUST be no more than
       998 characters, and SHOULD be no more than 78 characters, excluding
       the CRLF.

You should fix this, or your posts might run into problems, ranging from
servers dropping them, to people cancelling them (which, as far as I can
tell, would not violate any rules against cancelling other people's usenet
messages, since they *aren't* usenet messages).

-- 
--Tim Smith

"The Open Sourceror's Apprentice" <MorelyDotes@spamblocked.com> writes:
>>>with a paper asshole. 
>> 
>The full explanation: "Any movement at all will rip you wide open and leave 
>you bleeding, with your guts hanging out.  Plus which it will become obvious 
>(even to you) that you're full of shit."

Oooh, shiny! *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

Eduardo Chappa <chappa@math.washington.edu> wrote in 
news:Pine.LNX.4.60.9.0407141129280.17623@zeno1.math.washington.edu:

> Ok, you don't get it. You quote in order to give a context for your reply. 
> By misquoting you give a wrong context, the conversation changes direction 
> and we both waste out time arguing stupid things like this, when all that 
> can be avoided if you (and everyone) quoted properly.

Or perhaps you don't get it; people quote the parts to which they are 
responding, and if you have failed to communicate that which you intended to 
communicate, they will be responding to what it seems *to them* that you are 
saying.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Tim Smith <reply_in_group@mouse-potato.com> wrote in news:wqfJc.2497$mL5.35
@newsread1.news.pas.earthlink.net:

> By that argument, wouldn't verification requests sent by mailing lists to
> verify sign-up requests be spam?

They're solicited by design (albeit, not always by the recipient; they do 
serve a purpose in preventing future UBE from the mailing list, however; the 
exact opposite intent of C/R challenges).

> Similarly, what about bounce messages?

From *your* ISP's MTA to you, no problem; they are solicited by design.

From any third-party MTA to the (usually-forged) "From:" address, they are 
spam.


-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

Eduardo Chappa <chappa@math.washington.edu> wrote in 
news:Pine.LNX.4.60.9.0407141131490.17623@zeno1.math.washington.edu:

> Get better informed before making threats like this, they serve no 
> purpose.

Bite me.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

*** The Open Sourceror's Apprentice (abcMorelyDotes@spamblocked.com.edo)...:

> Eduardo Chappa <chappa@math.washington.edu> wrote in 
> news:Pine.LNX.4.60.9.0407141129280.17623@zeno1.math.washington.edu:
>
>> Ok, you don't get it. You quote in order to give a context for your 
>> reply. By misquoting you give a wrong context, the conversation changes 
>> direction and we both waste out time arguing stupid things like this, 
>> when all that can be avoided if you (and everyone) quoted properly.
>
> Or perhaps you don't get it; people quote the parts to which they are 
> responding, and if you have failed to communicate that which you 
> intended to communicate, they will be responding to what it seems *to 
> them* that you are saying.

I've seen already enough posts in this newsgroup to know that this is not 
true. I was not born yesterday.

-- 
Eduardo
http://www.math.washington.edu/~chappa/pine/

The Open Sourceror's Apprentice wrote:
> 
> Tim Smith <reply_in_group@mouse-potato.com> wrote in news:wqfJc.2497$mL5.35
> @newsread1.news.pas.earthlink.net:
> 
> > By that argument, wouldn't verification requests sent by mailing lists to
> > verify sign-up requests be spam?
> 
> They're solicited by design (albeit, not always by the recipient; they do
> serve a purpose in preventing future UBE from the mailing list, however; the
> exact opposite intent of C/R challenges).

"This is not spam. Our messages are always solicited, albeit not always by
the recipient." Beautiful.

> > Similarly, what about bounce messages?
> 
> From *your* ISP's MTA to you, no problem; they are solicited by design.

ITYM MSA.

> From any third-party MTA to the (usually-forged) "From:" address, they are
> spam.

If that were the case in reality, MTAs could simply refuse to accept DSNs.

Thor

-- 
http://www.anta.net/

Eduardo Chappa <chappa@math.washington.edu> writes:
>I've seen already enough posts in this newsgroup to know that this is not 
>true. I was not born yesterday.

So says the man born yesterday. Buh bye now. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

"The Open Sourceror's Apprentice" <MorelyDotes@spamblocked.com> writes:
>> Get better informed before making threats like this, they serve no 
>> purpose.
>
>Bite me.

Me first! Me first! *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

In message <10fasvc8p26um00@news.supernews.com> pv+usenet@pobox.com
(Paul Vader) wrote:

>>Failed to quote properly. When you quote only part of the text and omit 
>>something essential you are not quoting properly.
>
>You need to see all your words parroted back at you to understand the
>answer? What a shame for you.

How much mail and/or news do you read on an average day?

Personally, I probably write 200 message a day, or more.  I also read
several times that.  Proper quoting is a huge time saver.


-- 
All generalizations are bad!

In article <wqfJc.2497$mL5.35@newsread1.news.pas.earthlink.net>,
Tim Smith  <reply_in_group@mouse-potato.com> wrote:

>> The challenges from any given C-R system are substantially identical
>> and there are a bunch of them.  That makes them bulk mail.  I don't
>> want or ask for them, and that makes them unsolicited.  Unsolicited
>> bulk mail is spam, and so as I have been saying since C-R systems were
>> first proposed, C-R users are spammers, whether not they send any other
>> unsolicited bulk email.
>
>By that argument, wouldn't verification requests sent by mailing lists to
>verify sign-up requests be spam?
>
>Similarly, what about bounce messages?

Maybe so and maybe not.
There never will be a simple, 100% accurate spam filter, other than
disabling all mail from strangers, and there can ever be a purely
mechanical test to determine whether a given mail message is spam.

Burglary is defined as being someplace without permission and with bad
intentions.  Whether you have permission and or bad intentions is
determined by the law's notion of a "reasonable" person instanticated
in police, prosecutors, judges, and juries.  In most cases you won't
go to jail for burlary if you are caught on the wrong side of a store's
door 30 seconds after closing.  However, if you are carrying "burlary
tools" like a knife and a screwdriver and you you were not simply
inside the store but hiding under a desk, you could be in serious trouble.

Mailing list subscription confirmation requests and SMTP DSNs are often
bulk, so the critical question is whether a reasonable person would
say they are unsolicited.  If a stream of either is large, significantly
bogus, and consists appears to be intended to advertise stuff like the
C-R challenges reportedly bounced off Dan Burnstein's system, then a
reasonable person will vote "guilty."   On the other hand, if bogus
stuff is rare and the STMP client sending them has protections against
repetitions, then a reasonable person will vote "innocent."  Intermediate
cases will depend on the details and, to some extent, caprice.

From another angle, every legitimate sender of email or subscriber to
mailing lists solicits some DSNs and subscription confirmations.  No
system is perfect, so that solicitation must include a few messages
that are truly innocently misdirected.  As long as bogus DSNs and
subscription confirmations are relatively rare, there are in this sense
solicited.

Neither of those lines of reasoning can excuse Richter's spam or C-R
challenges.  Richter's spam and C-R challenges are not accidentally
sent to people who didn't ask for them.  A major, central, designed
in aspect of C-R systems and Richter's machinery is sending to people
who don't want the stuff.  Good mailing list systems have human and
mechanical safeguards against abuse including blacklisting repeated
subscription requests.  Good SMTP servers avoid sending DSNs by rejecting
mail during the original SMTP transaction.

Bogus subscription confirmation requests are rare.  DSNs are becoming
a major problem, which is why whenever possible, they are being disabled.


Vernon Schryver    vjs@rhyolite.com

bond-jamesbond@crazyhat.net writes:
>Personally, I probably write 200 message a day, or more.  I also read
>several times that.  Proper quoting is a huge time saver.

Only bozo was saying I wasn't using "proper quoting". And saying that
someone is taking words out of context, in one of the most context-rich
discussion mediums ever invented, is just dumb. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

Tim Smith said in
news:xwfJc.2503$mL5.2367@newsread1.news.pas.earthlink.net:=20
> On 2004-07-14, *Vanguard* <lh_vanguard@mailblocks.com> wrote: [broken
> message deleted]
>=20
> Your posting software is violating RFC2822:
>=20
>     2.1.1. Line Length Limits
>=20
>        There are two limits that this standard places on the number of
>        characters in a line. Each line of characters MUST be no more
>        than 998 characters, and SHOULD be no more than 78 characters,
>        excluding the CRLF.
>=20
> You should fix this, or your posts might run into problems, ranging
> from servers dropping them, to people cancelling them (which, as far
> as I can tell, would not violate any rules against cancelling other
> people's usenet messages, since they *aren't* usenet messages).

My line lengths are not over 76 characters.  That's because I am using =
MIME Quoted-Printable.  The physical length of the line is 76 characters =
(including the trailing "=3D " for a soft-return).  Your client is (or =
should be) rendering the paragraphs as paragraphs rather than truncating =
them at a fix line length (i.e., it wraps the lines logically instead of =
physically due to the soft-return).  Because the physical line length is =
restricted to under 76 characters, it does not violate the RFCs nor =
should it get mangled by servers (who should be handling just the raw =
code rather than trying to render it and then chop it up).  The raw data =
is still complying to the RFC-standardized line lengths =
(ftp://ftp.rfc-editor.org/in-notes/rfc2045.txt, section 6.7, item 5) but =
uses a soft-return to limit the physical line length which is not =
presented so logically you see a paragraph that wraps at whatever is the =
width of your window.

If you are using OE, highlight my message and hit Ctrl-F3.  You will see =
the lines are physically obeying the RFCs regarding a max line length of =
76 characters.  Note the header directive "Content-Transfer-Encoding: =
quoted-printable". =20

I'm still deciding whether to continue using a 30-year old line =
truncation scheme that was based on teletype machines, or for =
DOS/command-line based clients too stupid to utilitize a buffer and know =
the current line length for the window in which that line paints to know =
where to wrap a long line, or any newsreader that doesn't know how to =
handle a near 8-year old RFC standard.  Quoted-Printable MIME was =
ratified nearly 8 years ago so should I really care about someone that =
can't manage to find a newsreader in all that time that can handle it? =20

I see you (Tim Smith) use slrn.  That newsreader cannot understand MIME =
Quoted-Printable?  When did you get this newsreader?  It hasn't been =
updated in over 7 years to obey RFC standards?  If it is a =
DOS/command-line only newsreader, it can't figure out how to convert =
"=3D " to hard returns so it effectively truncates the lines at the raw =
line length of 74 characters so the displayed lines would remain within =
your 80-column wide shell window?

*Vanguard* wrote:


> 
> My line lengths are not over 76 characters.  That's because I am using MIME Quoted-Printable.  The physical length of the line is 76 characters (including the trailing "= " for a soft-return).  Your client is (or should be) rendering the paragraphs as paragraphs rather than truncating them at a fix line length (i.e., it wraps the lines logically instead of physically due to the soft-return).  Because the physical line length is restricted to under 76 characters, it does not violate the RFCs nor should it get mangled by servers (who should be handling just the raw code rather than trying to render it and then chop it up).  The raw data is still complying to the RFC-standardized line lengths (ftp://ftp.rfc-editor.org/in-notes/rfc2045.txt, section 6.7, item 5) but uses a soft-return to limit the physical line length which is not presented so logically you see a paragraph that wraps at whatever is the width of your window.
> 
> If you are using OE, highlight my message and hit Ctrl-F3.  You will see the lines are physically obeying the RFCs regarding a max line length of 76 characters.  Note the header directive "Content-Transfer-Encoding: quoted-printable".  
> 
> I'm still deciding whether to continue using a 30-year old line truncation scheme that was based on teletype machines, or for DOS/command-line based clients too stupid to utilitize a buffer and know the current line length for the window in which that line paints to know where to wrap a long line, or any newsreader that doesn't know how to handle a near 8-year old RFC standard.  Quoted-Printable MIME was ratified nearly 8 years ago so should I really care about someone that can't manage to find a newsreader in all that time that can handle it?  
> 
> I see you (Tim Smith) use slrn.  That newsreader cannot understand MIME Quoted-Printable?  When did you get this newsreader?  It hasn't been updated in over 7 years to obey RFC standards?  If it is a DOS/command-line only newsreader, it can't figure out how to convert "= " to hard returns so it effectively truncates the lines at the raw line length of 74 characters so the displayed lines would remain within your 80-column wide shell window?

In article <Xns952684596C740MorelyDotesspamblock@216.99.211.247>, Wed, 14
Jul 2004 13:15:30 -0700, "The Open Sourceror's Apprentice"
<MorelyDotes@spamblocked.com> wrote:

> Eduardo Chappa <chappa@math.washington.edu> wrote in
> news:Pine.LNX.4.60.9.0407141131490.17623@zeno1.math.washington.edu:
> 
>> Get better informed before making threats like this, they serve no
>> purpose.
> 
> Bite me.


Cool off Brad, I mean Morely.  Ed Chappa is one of the gurus for the
Pine mailer.  Just cool off little buddy.  Do you want to flame
Nancy McGough too?


-- 

Felix Tilley
Rank: MAJ
Fanatic Lartvocate
FL# 555-LART

In article <auCdnaeqLobdkWvdRVn-jg@comcast.com>,
   *Vanguard* <lh_vanguard@mailblocks.com> wrote:

> My line lengths are not over 76 characters.  That's because I
> am using MIME Quoted-Printable.  The physical length of the
> line is 76 characters (including the trailing "= " for a
> soft-return).

[snip rest]

I've just looked at your raw message in a text editor -
ie as plain text.

Your lines are definitely over 76 characters - each
paragraph is one line. The only occurences of "= " are
where you've quoted them in the text.

HTH

VinceH

-- 
http://www.vinceh.com/jenna/ 14/5/94-16/5/04 - Rest in peace

In <auCdnaeqLobdkWvdRVn-jg@comcast.com>, *Vanguard*:

> X-Newsreader: Microsoft Outlook Express 6.00.2800.1409
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409

[Snip...]

> I see you (Tim Smith) use slrn.

....and I, and a wonderful feature (scorefile) for attenuating megalomania.

<PLONK>

-- 
Regards, Weird (Harold Stevens) * IMPORTANT EMAIL INFO FOLLOWS *
Pardon any bogus email addresses (wookie) in place for spambots.
Really, it's (wyrd) at airmail, dotted with net. DO NOT SPAM IT.
Kids jumping ship? Looking to hire an old-school type? Email me.

On Wed, 14 Jul 2004 23:46:55 -0500, "*Vanguard*"
<lh_vanguard@mailblocks.com> wrote:

>My line lengths are not over 76 characters.  That's because I am using MIME Quoted-Printable.

  MIME=Multipurpose Internet MAIL Extensions

Steve Baker

"*Vanguard*" <lh_vanguard@mailblocks.com> wrote:
>Tim Smith said in
>news:xwfJc.2503$mL5.2367@newsread1.news.pas.earthlink.net:
>> On 2004-07-14, *Vanguard* <lh_vanguard@mailblocks.com>
>> wrote: [broken message deleted]
>>
>> Your posting software is violating RFC2822:
>>
>>     2.1.1. Line Length Limits
>>
>>        There are two limits that this standard places on
>> the number of characters in a line. Each line of
>> characters MUST be no more than 998 characters, and SHOULD
>> be no more than 78 characters, excluding the CRLF.
>>
>> You should fix this, or your posts might run into
>> problems, ranging from servers dropping them, to people
>> cancelling them (which, as far as I can tell, would not
>> violate any rules against cancelling other people's usenet
>> messages, since they *aren't* usenet messages).
>
>My line lengths are not over 76 characters.  That's because

That is in fact true.  However, the significance is not what you
appear to think it is.  First, does the limit set in RFC-2822
apply only to the transport, storage and server portions of
Usenet?  Or was it intended to equally apply to what a news
reader is expected to encounter?

>I am using MIME Quoted-Printable.  The physical length of
>the line is 76 characters (including the trailing "= " for a
>soft-return).  Your client is (or should be) rendering the

Perhaps in the world of Microsoft, as exemplified by the most
notoriously bug ridden, worst case example of a news reader
known to the Net, the most awe inspiring security hole ever
written, Outlook Express.

However, in the real world most of us do the right thing and
configure newsreaders to wrap only on hard returns, for very
good reasons.  The result is that your text is presented as one
long line per paragraph, and of course that is either truncated
at the screen's right edge or hard wrapped at that point.  And
that is well known to be a foolish way to format text for
reading...

You notice though (even though you cannot tell that I am viewing
this in a window that is 100 columns wide) that I've managed to
reformat your absurd "paragraphs" by wrapping them all at 64
columns.  The means of doing that is simply that I use
XEmacs/Gnus to read News, and it is fairly easy to make it do
virtually anything...  which in my case includes binding one
function key to a function that reformats paragraphs written by
people who cannot figure out how to do it properly in the first
place.

Now, why you expect *your* text to be formatted by *my* software
is beyond me.  I certainly do not want your horrible software to
be choosing how *my* text is formatted.  I'm just as particular
about the format my message is presented in as I am about the
words used to convey the message!

>paragraphs as paragraphs rather than truncating them at a
>fix line length (i.e., it wraps the lines logically instead
>of physically due to the soft-return).  Because the physical
>line length is restricted to under 76 characters, it does
>not violate the RFCs nor should it get mangled by servers

That is correct.  Of course it is now *necessary* to mangle it
with a news reader.  Isn't that a little on the foolish side?

>(who should be handling just the raw code rather than trying
>to render it and then chop it up).  The raw data is still
>complying to the RFC-standardized line lengths
>(ftp://ftp.rfc-editor.org/in-notes/rfc2045.txt, section 6.7,
>item 5) but uses a soft-return to limit the physical line
>length which is not presented so logically you see a
>paragraph that wraps at whatever is the width of your
>window.

Pardon me, but I just looked at rfc-2045, rfc-2822 *and* at
rfc-1036 (another task made easy by the newsreader software that
I have).  I didn't see anywhere that it hints that MIME encoding
should *ever* be used on Usenet for text messages...

>If you are using OE, highlight my message and hit Ctrl-F3.

Since *you* are using OE...  the rest of us *must* put
up with your ignorance and arrogance?

I don't think we should stoop to being ruled by the same
Microsoft disaster story that you are...

>You will see the lines are physically obeying the RFCs
>regarding a max line length of 76 characters.  Note the
>header directive "Content-Transfer-Encoding:
>quoted-printable".

A non-standard header in a Usenet message, eh?  Regardless, it
doesn't mean what you seem to think it does.

>I'm still deciding whether to continue using a 30-year old
>line truncation scheme that was based on teletype machines,
>or for DOS/command-line based clients too stupid to
>utilitize a buffer and know the current line length for the
>window in which that line paints to know where to wrap a
>long line, or any newsreader that doesn't know how to handle
>a near 8-year old RFC standard.  Quoted-Printable MIME was
>ratified nearly 8 years ago so should I really care about
>someone that can't manage to find a newsreader in all that
>time that can handle it?

Why would anyone want the lines to wrap according to the size of
the window???  It is well known that lines longer than about 65
columns are more difficult to read, and therefore it would seem
about half smart to format your text accordingly.  By the same
token, I like using a window that is 100 columns wide (for a
variety of reasons, but certainly not to cause *any* line of
text that I want to read to be formatted for that length!  What
a horrible idea!

>I see you (Tim Smith) use slrn.  That newsreader cannot
>understand MIME Quoted-Printable?  When did you get this
>newsreader?  It hasn't been updated in over 7 years to obey
>RFC standards?  If it is a DOS/command-line only newsreader,
>it can't figure out how to convert "= " to hard returns so
>it effectively truncates the lines at the raw line length of
>74 characters so the displayed lines would remain within
>your 80-column wide shell window?

One of the things that should have been obvious from the fact
that he (nor any of us, including me) did not notice that you
are using MIME encoding is simply because slrn (like Gnus) does
the right thing quite silently.  It removes the embedded
formatting and presents what is left, and that is one, stupid,
long line per paragraph in your case.

You may or may not be violating RFC-2822, but that doesn't mean
that such formatting is anything other than just plain dumb.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

In article <87k6x5idz7.fld@barrow.com>,
Floyd L. Davidson <floyd@barrow.com> wrote:

>You may or may not be violating RFC-2822, but that doesn't mean
>that such formatting is anything other than just plain dumb.

Anyone aware that Usenet and STMP are very different protocols
should be forgiven for perceiving a certain amount of dumbness in
any application of RFC 2822 to netnews.

If you want to invoke the IETF, see
http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt
Notice that section 3.1.2.2 on "Usage of MIME" says

]   When the Content-Type is "text/plain", the recommendations and limits
]   on line lengths set out above SHOULD be observed.

and

]    and therefore the physical length of all lines SHOULD be restricted
]    to the default preferred length of 72 characters


Vernon Schryver    vjs@rhyolite.com

floyd@barrow.com (Floyd L. Davidson) writes:
>Pardon me, but I just looked at rfc-2045, rfc-2822 *and* at
>rfc-1036 (another task made easy by the newsreader software that
>I have).  I didn't see anywhere that it hints that MIME encoding
>should *ever* be used on Usenet for text messages...

Because it shouldn't, of course. Usenet isn't mail, regardless of what
brain-dead microsoft programmers think. 

Usenet is, and should stay, a text-only medium. You only would need MIME
encodings if you need to differentiate between other formats for the data,
and you don't. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

Steve Baker said in news:cmrcf0p30083stvfb5hg6qcoplpuc73b3v@4ax.com:
> On Wed, 14 Jul 2004 23:46:55 -0500, "*Vanguard*"
> <lh_vanguard@mailblocks.com> wrote:
>=20
>> My line lengths are not over 76 characters.  That's because I am
>> using MIME Quoted-Printable.=20
>=20
>   MIME=3DMultipurpose Internet MAIL Extensions
>=20
> Steve Baker

So is that why your client, Forte, is also using MIME.  Go look at your =
headers of your post, which show:

Mime-Version: 1.0
Content-Type: text/plain; charset=3Dus-ascii
Content-Transfer-Encoding: 7bit

Tim Smith's headers don't show MIME headers so obviously (as you =
assumed) are not required for usenet posts, but they can be used (as is =
evidenced by your own headers and most other posters).  You're using =
MIME and declaring your content as plain text.  I'm also using MIME and =
declaring it as quoted printable (and also as plain text).

This is a multi-part message in MIME format.

------=_NextPart_000_0083_01C46A55.8D0843B0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

VinceH (real address) said in news:4ccecaf72cspam@softrock.co.uk:
> In article <auCdnaeqLobdkWvdRVn-jg@comcast.com>,
>    *Vanguard* <lh_vanguard@mailblocks.com> wrote:
>=20
>> My line lengths are not over 76 characters.  That's because I
>> am using MIME Quoted-Printable.  The physical length of the
>> line is 76 characters (including the trailing "=3D " for a
>> soft-return).
>=20
> [snip rest]
>=20
> I've just looked at your raw message in a text editor -
> ie as plain text.
>=20
> Your lines are definitely over 76 characters - each
> paragraph is one line. The only occurences of "=3D " are
> where you've quoted them in the text.
>=20
> HTH
>=20
> VinceH

The attached file is a save of the raw content of my post.  If you read =
it using Notepad, edit.exe, or any text editor (and NOT in an =
application that knows how to handle quote-printable, like OE, which =
would provide the appropriate wrapping and mask out the soft-returns and =
real line lengths), which lines are over 76 characters long?  When I =
view the raw text of the message using Ctrl-F3 in OE, the lines are =
shown ending with "=3D " and are NOT longer than 76 characters.  When I =
save the message for a .nws file (which is plain text) and look at it, =
no lines are longer than 76 characters.  
------=_NextPart_000_0083_01C46A55.8D0843B0
Content-Type: message/rfc822;
	name="Re_ Famous Hacker Uses Challenge-Responses.nws"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename="Re_ Famous Hacker Uses Challenge-Responses.nws"

Path: internal1.nntp.dca.giganews.com!border2.nntp.dca.giganews.com!border1.nntp.dca.giganews.com!nntp.giganews.com!local1.nntp.dca.giganews.com!nntp.comcast.com!news.comcast.com.POSTED!not-for-mail
NNTP-Posting-Date: Wed, 14 Jul 2004 23:46:55 -0500
From: "*Vanguard*" <lh_vanguard@mailblocks.com>
Newsgroups: news.admin.net-abuse.email,comp.mail.misc,comp.os.linux.misc
References: <i7UAc.10084$Wr.7693@newsread1.news.pas.earthlink.net> <Pine.LNX.4.60.9.0407121437230.11484@zeno1.math.washington.edu> <ccvoqq$6kg$1@blue.rahul.net> <EamdnQ0Ul7dwAGnd4p2dnA@comcast.com> <cd2ap5$22us$1@calcite.rhyolite.com> <BNudnXPT1N9LQWndRVn-jw@comcast.com> <xwfJc.2503$mL5.2367@newsread1.news.pas.earthlink.net>
Subject: Re: Famous Hacker Uses Challenge-Responses
Date: Wed, 14 Jul 2004 23:46:55 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1409
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
Message-ID: <auCdnaeqLobdkWvdRVn-jg@comcast.com>
Lines: 55
NNTP-Posting-Host: 66.41.115.111
X-Trace: sv3-umNs4CtSg1ERpwzu2dppxI/jLzHAEU3xfJAAWipBYVp81uZv9S4jNnUNYwy/fqoYSHpjRSwpf1WO2BO!VYDnnpZaeIPGaH8kMMP+TxdHxV1a2z2gKU62iuRqopqaDwK/AF4iOC49mp3B5Q==
X-Complaints-To: abuse@comcast.net
X-DMCA-Complaints-To: dmca@comcast.net
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.1
Xref: number1.nntp.dca.giganews.com news.admin.net-abuse.email:1596067 comp.mail.misc:57684 comp.os.linux.misc:570689

Tim Smith said in
news:xwfJc.2503$mL5.2367@newsread1.news.pas.earthlink.net:=20
> On 2004-07-14, *Vanguard* <lh_vanguard@mailblocks.com> wrote: [broken
> message deleted]
>=20
> Your posting software is violating RFC2822:
>=20
>     2.1.1. Line Length Limits
>=20
>        There are two limits that this standard places on the number of
>        characters in a line. Each line of characters MUST be no more
>        than 998 characters, and SHOULD be no more than 78 characters,
>        excluding the CRLF.
>=20
> You should fix this, or your posts might run into problems, ranging
> from servers dropping them, to people cancelling them (which, as far
> as I can tell, would not violate any rules against cancelling other
> people's usenet messages, since they *aren't* usenet messages).

My line lengths are not over 76 characters.  That's because I am using =
MIME Quoted-Printable.  The physical length of the line is 76 characters =
(including the trailing "=3D " for a soft-return).  Your client is (or =
should be) rendering the paragraphs as paragraphs rather than truncating =
them at a fix line length (i.e., it wraps the lines logically instead of =
physically due to the soft-return).  Because the physical line length is =
restricted to under 76 characters, it does not violate the RFCs nor =
should it get mangled by servers (who should be handling just the raw =
code rather than trying to render it and then chop it up).  The raw data =
is still complying to the RFC-standardized line lengths =
(ftp://ftp.rfc-editor.org/in-notes/rfc2045.txt, section 6.7, item 5) but =
uses a soft-return to limit the physical line length which is not =
presented so logically you see a paragraph that wraps at whatever is the =
width of your window.

If you are using OE, highlight my message and hit Ctrl-F3.  You will see =
the lines are physically obeying the RFCs regarding a max line length of =
76 characters.  Note the header directive "Content-Transfer-Encoding: =
quoted-printable". =20

I'm still deciding whether to continue using a 30-year old line =
truncation scheme that was based on teletype machines, or for =
DOS/command-line based clients too stupid to utilitize a buffer and know =
the current line length for the window in which that line paints to know =
where to wrap a long line, or any newsreader that doesn't know how to =
handle a near 8-year old RFC standard.  Quoted-Printable MIME was =
ratified nearly 8 years ago so should I really care about someone that =
can't manage to find a newsreader in all that time that can handle it? =20

I see you (Tim Smith) use slrn.  That newsreader cannot understand MIME =
Quoted-Printable?  When did you get this newsreader?  It hasn't been =
updated in over 7 years to obey RFC standards?  If it is a =
DOS/command-line only newsreader, it can't figure out how to convert =
"=3D " to hard returns so it effectively truncates the lines at the raw =
line length of 74 characters so the displayed lines would remain within =
your 80-column wide shell window?
------=_NextPart_000_0083_01C46A55.8D0843B0--

Steve Baker said in news:cmrcf0p30083stvfb5hg6qcoplpuc73b3v@4ax.com:
> On Wed, 14 Jul 2004 23:46:55 -0500, "*Vanguard*"
> <lh_vanguard@mailblocks.com> wrote:
>=20
>> My line lengths are not over 76 characters.  That's because I am
>> using MIME Quoted-Printable.=20
>=20
>   MIME=3DMultipurpose Internet MAIL Extensions
>=20
> Steve Baker

Oh, and another poster in this mentioned =
http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt, =
note that this discusess using MIME in usenet messages.  It mentions =
using MIME content of text/plain (which is what I used).  It does not =
address using quoted-printable formatting.  In fact, what it does say =
is:

"Moreover, for full compliance with [RFC 2046] it would be necessary to =
use the "quoted-printable" encoding to ensure the material was =
7bit-safe.  In any case, breaking such long texts into several parts is =
usually unnecessary, since modern transport agents should have no =
difficulty in handling articles of arbitrary length."

So it certainly appears to me that quoted-printable format is not =
disallowed in usenet posts and in fact provides a formatting that does =
remain RFC compliant.  Where do YOU see an RFC that bans the use of MIME =
in usenet posts?  And if there are any, why are YOU using MIME in YOUR =
posts?

In article <5NmdnYfRT6KOPGvdRVn-tw@comcast.com>,
*Vanguard* <lh_vanguard@mailblocks.com> wrote:

>The attached file is a save of the raw content of my post.  If you read
>it using Notepad, edit.exe, or any text editor (and NOT in an
>application that knows how to handle quote-printable, like OE, which
>would provide the appropriate wrapping and mask out the soft-returns and
>real line lengths), which lines are over 76 characters long?  When I
>view the raw text of the message using Ctrl-F3 in OE, the lines are
>shown ending with "= " and are NOT longer than 76 characters.  When I
>save the message for a .nws file (which is plain text) and look at it,
>no lines are longer than 76 characters.  

That's all very nice.  It's also irrelevant and suggests a fundamental
misunderstand of network protocols.  What your application claims to
be "saving" as "the raw content" is not authoritiative and is often a
gross fiction.  All that matters is what gets on the wire.  To see
that you should look at a news spool directory.


>My line lengths are not over 76 characters.  That's because I am using
>MIME Quoted-Printable.  The physical length of the line is 76 characters
>(including the trailing "= " for a soft-return).  Your client is (or
>should be) rendering the paragraphs as paragraphs rather than truncating
>them at a fix line length (i.e., it wraps the lines logically instead of

That suggests a misunderstandings of MIME.  Your physical line
lengths may be 76, although I see only 75 including the '=' in my spool
directory.  Since your Microstupid posting software is saying that
your messages are "text/plain" and not doing as section 3.1.2.2 of
http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt
requires and adding "format=flowed" to your Content-Type headers,
your logical line lengths are enormous and a conformant user agent
can reasonably render your paragraphs as single, ridiculously long lines.

MIME quoted-printable is merely an encoding.  A user agent should
render your text the same whether the quoted-printable encoded
version has "=<CR><LF>" after every 74 bytes or after every 7 bytes
or no with '=' characters at all.  MIME is irrelevant.   You are
making a Microsoft assumption that all usenet user agents will
render text with bogus line lenths in the same way as your Microsoft
virus and spam distribution system.


Vernon Schryver    vjs@rhyolite.com

In article <hPqdnQujMrzKPmvdRVn_iw@comcast.com>,
*Vanguard* <lh_vanguard@mailblocks.com> wrote:

>http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt,

>"Moreover, for full compliance with [RFC 2046] it would be necessary to
>use the "quoted-printable" encoding to ensure the material was
>7bit-safe.  In any case, breaking such long texts into several parts is
>usually unnecessary, since modern transport agents should have no
>difficulty in handling articles of arbitrary length."

That is irrelevant to long line lengths.  It is talking binary payloads
and total body lengths instead of line lengths.

In fact, that I-D clearly prohibits your line lengths.  It clearly
requires that if you want your "text/plain" to be flowed, that you add
"format=flowed" to your "Content-Type" header.


>So it certainly appears to me that quoted-printable format is not
>disallowed in usenet posts and in fact provides a formatting that does
>remain RFC compliant.  Where do YOU see an RFC that bans the use of MIME
>in usenet posts?  And if there are any, why are YOU using MIME in YOUR
>posts?

That suggests a fundamental misunderstanding of network protocols.
That which is not explicitly prohibited is not necessary compliant.

Besides, the fundmental rule of Internet standards is "Be conservative
in what you send and liberal in what you accept."


Vernon Schryver    vjs@rhyolite.com

vjs@calcite.rhyolite.com (Vernon Schryver) wrote:
>In article <87k6x5idz7.fld@barrow.com>,
>Floyd L. Davidson <floyd@barrow.com> wrote:
>
>>You may or may not be violating RFC-2822, but that doesn't mean
>>that such formatting is anything other than just plain dumb.
>
>Anyone aware that Usenet and STMP are very different protocols
>should be forgiven for perceiving a certain amount of dumbness in
>any application of RFC 2822 to netnews.

That doesn't make sense Vernon.  RFC-1036 *specifically* references
RFC-0822, and of course RFC-2822 supercedes RFC-0822 making it the
effect reference from RFC-1036.

The fact that NNTP and SMTP are two different protocols is totally
insignificant.  None of RFC-0822, RFC-1036, nor RFC-2822 reference
NNTP or SMTP protocols if I remember right...

(I didn't check to make sure though.  But why would they?)

>If you want to invoke the IETF, see
>
>http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt
>
>Notice that section 3.1.2.2 on "Usage of MIME" says
>
>
>]   When the Content-Type is "text/plain", the recommendations and limits
>]   on line lengths set out above SHOULD be observed.
>
>and
>
>]    and therefore the physical length of all lines SHOULD be restricted
>]    to the default preferred length of 72 characters

Well yes... and *I* certainly agree that is a valid!
Unfortunately our friend isn't using a Content-Type of
"text/plain"; hence, he thinks such sanity doesn't apply to him.
Sigh...

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

pv+usenet@pobox.com (Paul Vader) wrote:
>floyd@barrow.com (Floyd L. Davidson) writes:
>>Pardon me, but I just looked at rfc-2045, rfc-2822 *and* at
>>rfc-1036 (another task made easy by the newsreader software that
>>I have).  I didn't see anywhere that it hints that MIME encoding
>>should *ever* be used on Usenet for text messages...
>
>Because it shouldn't, of course. Usenet isn't mail, regardless of what
>brain-dead microsoft programmers think.
>
>Usenet is, and should stay, a text-only medium. You only would need MIME
>encodings if you need to differentiate between other formats for the data,
>and you don't. *

Dead on!

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

"*Vanguard*" <lh_vanguard@mailblocks.com> wrote:
>Steve Baker said in news:cmrcf0p30083stvfb5hg6qcoplpuc73b3v@4ax.com:
>> On Wed, 14 Jul 2004 23:46:55 -0500, "*Vanguard*"
>> <lh_vanguard@mailblocks.com> wrote:
>>
>>> My line lengths are not over 76 characters.  That's because I am
>>> using MIME Quoted-Printable.
>>
>>   MIME=Multipurpose Internet MAIL Extensions
>>
>> Steve Baker
>
>So is that why your client, Forte, is also using MIME.  Go look at your headers of your post, which show:
>
>Mime-Version: 1.0
>Content-Type: text/plain; charset=us-ascii
>Content-Transfer-Encoding: 7bit

Which you apparently don't understand.  What that says is that no
MIME encoding is being done.  None.

>Tim Smith's headers don't show MIME headers so obviously (as you assumed) are not required for usenet posts, but they can be used (as is evidenced by your own headers and most other posters).  You're using MIME and declaring your content as plain text.  I'm also using MIME and declaring it as quoted printable (and also as plain text).

You are encoding it as quoted printable.  Not smart.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

"*Vanguard*" <lh_vanguard@mailblocks.com> wrote:
>Steve Baker said in
>news:cmrcf0p30083stvfb5hg6qcoplpuc73b3v@4ax.com:
>> On Wed, 14 Jul 2004 23:46:55 -0500, "*Vanguard*"
>> <lh_vanguard@mailblocks.com> wrote:
>>
>>> My line lengths are not over 76 characters.  That's
>>> because I am using MIME Quoted-Printable.
>>  MIME=Multipurpose Internet MAIL Extensions
>>
>> Steve Baker
>
>Oh, and another poster in this mentioned
>http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt,
>note that this discusess using MIME in usenet messages.  It

You didn't read it for effect either.  Did you see this,

   "Headers that merely state defaults explicitly (e.g., a
   Followup-To- header with the same content as the
   Newsgroups-header, or a MIME Content-Type-header with
   contents "text/plain; charset=us-ascii"), or state
   information that reading agents can typically determine
   easily themselves (e.g. the length of the body in octets) are
   redundant and posting agents SHOULD NOT include them."

Virtually *all* of your commentary regarding "text/plain; ..."
equated that to MIME encoding, which it is not.  It is merely
the *default*, acceptable, content type for the text body of a
message.

>mentions using MIME content of text/plain (which is what I

But "content" was never claimed to be the problem.

  Content-Type: text/plain; charset="iso-8859-1"
  Content-Transfer-Encoding: quoted-printable

It's the *encoding* that is a problem.

>used).  It does not address using quoted-printable
>formatting.  In fact, what it does say is:
>
>"Moreover, for full compliance with [RFC 2046] it would be
>necessary to use the "quoted-printable" encoding to ensure
>the material was 7bit-safe.  In any case, breaking such long
>texts into several parts is usually unnecessary, since
>modern transport agents should have no difficulty in
>handling articles of arbitrary length."
>
>So it certainly appears to me that quoted-printable format
>is not disallowed in usenet posts and in fact provides a
>formatting that does remain RFC compliant.  Where do YOU see
>an RFC that bans the use of MIME in usenet posts?  And if
>there are any, why are YOU using MIME in YOUR posts?

You again have not read the document well enough, because it
*does* address quoted-printable formatting, just not by name
because what it says applies to other possible combinations:

   In plain-text articles (those with no MIME headers, or those
   with a MIME Content-Type of "text/plain") posting agents
   SHOULD endeavour to keep the length of body lines within some
   reasonable limit. The size of this limit is a matter of
   policy, the default being to keep within 79 characters at
   most, and preferably within 72 characters (to allow room for
   quoting in followups).

And, in case you aren't quite getting the picture, what I
mentioned previously about whether the 78 character limit stated
in the RFC applies to only the transport and storage, or also
might apply to the newsreader is clearly being applied to the
newsreader in that statement.

Further it continues with even more discussion to emphasize
that *exactly what you are doing is*  /*not*/ *appropriate*.

   NOTE: That policy limit (e.g. 72 or 79) should be expressed
   as a number of characters (as they will be displayed by a
   reading agent) rather than as the number of octets used to
   encode them.  For use on occasions where established policy
   prescribes different line lengths (this usually arises in
   groups where the charset for the language used is best
   represented using double width characters) the preferred line
   length SHOULD be a configurable option. In addition, posting
   agents MUST permit the poster to create individual lines
   longer than the default or configured length if he so insists
   (which may require the cessation of any automatic generation
   of flowed lines [RFC 3676] on a temporary basis).

It also rather nicely explains why I want a 100 column wide
screen, yet under no circumstances want lines automatically
displayed at 100 columns per line.

And now, having seen that, perhaps another part that you missed
will make even more sense,


   3.1.2.2.  Usage of MIME

   When the Content-Type is "text/plain", the recommendations
   and limits on line lengths set out above SHOULD be observed.

That's *you*!

   Posting agents MAY use the "format=flowed" parameter of
   "text/plain" (and also the "DelSp=yes" if appropriate)
   defined in [RFC 3676] so as to allow suitably equipped
   reading agents to reformat flowed paragraphs to suit the
   width of their display areas. However, it must be understood
   that many reading agents do not support that feature, and
   therefore the physical length of all lines SHOULD be
   restricted to the default preferred length of 72 characters,
   rather than the 78 recommended in [RFC 3676].  However,
   single words longer than that length (and this specifically
   applies to URIs [RFC 2396]) MUST NEVER be split across more
   than one physical line.

   Other forms of text, such as "text/html" SHOULD NOT be used

And another of those "other forms of text" is quoted-printable!

   except in groups where established policy or custom so allows
   (7.3).  However, where they are so used then, for the benefit
   of readers who see it only in its transmitted form, the
   material SHOULD be "pretty-printed" (for example by
   restricting its line length as above and by keeping sequences
   which control its layout or style separate from the
   meaningful text).

And then, as it says, line lengths should be limited.

Here is your header again,

  Content-Transfer-Encoding: quoted-printable

And here is another specific comment on that:

   3.1.2.  Construction of Bodies
   ...
   3.1.2.3.  Content-Transfer-Encoding

   The normal expectation ([USEFOR] 6.21.3) is that the Content-
   Transfer-Encoding will be "8bit (or maybe "7bit" if the
   charset allows it). Other Content-Transfer-Encodings SHOULD
   NOT be used unless there are pressing reasons to do so.

You have a "pressing reason"???  There are a couple of good
reasons listed.  I won't quote that here as you can look it up
easily enough.  The point is that your normal articles do not
fit into the listed catagories.

BTW, if you read all of that really carefully you'll also
understand why most of our newsreaders are *not* reformatting
your long lines.  That is *not* the recommended approach, which
is to present something to the user indicating what the text is,
and allow the user to manually adjust it if necessary.  The rest
of us, quite naturally, are annoyed that you continue to force
us to do that every time we read one of your articles when it
would be so much easier if you followed the common set of rules
and formatted your own text.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

This is for people who read the subject of this thread and then
the current posts and can't figure out why they don't match.

Here's the original post:

http://groups.google.com/groups?selm=i7UAc.10084$Wr.7693@newsread1.news.pas.earthlink.net

<quote>

http://spamarrest.com/pressoffice/news/index.jsp


Toronto Star - August 4, 2003
So what does [Kevin] Mitnick, former
hacker supremo, use to guard against
spam? "I use Spam Arrest," he told
The Guardian. "Any legitimate person
who wants to send me a message has to
jump through hoops before they can be
added to my opt-in list." Read
more...

</quote>


And my follow-up shortly thereafter:

http://groups.google.com/groups?selm=ve8Bc.11608$Wr.2697@newsread1.news.pas.earthlink.net

<quote>


Kevin Mitnick is also one of the world's foremost
computer security experts, which is one of the
reasons he uses challenge-responses:

People that send viruses and worms and such around
the internet, deliberately or unwittingly, do
not use their real email address or would not know
what mail the challenge-response was referring to if
the did receive one as the result of their address
being forged or used by a malicious program they did
not even know they were running.

They certainly would not have a copy to re-send to
the person whose challenge-response they recieved.

Therefore, his program just dumps the virus/worms
and they are never opened or even saved in memory.

This is very good protection against email-born
malicious programs.

</quote>


AC

--
Pass-List -----> Block-List ----> Challenge-Response
The key to taking control of your mailbox.  Design Parameters:
http://tinyurl.com/2t5kp ||   http://tinyurl.com/3c3ag
Challenge-Response links -- http://tinyurl.com/yrfjb

"Felix Tilley" <ftilley@localhost.localdomain> wrote in 
news:10fc56fdh3va556@news.supernews.com:

> In article <Xns952684596C740MorelyDotesspamblock@216.99.211.247>, Wed, 14
> Jul 2004 13:15:30 -0700, "The Open Sourceror's Apprentice"
> <MorelyDotes@spamblocked.com> wrote:
> 
>> Eduardo Chappa <chappa@math.washington.edu> wrote in
>> news:Pine.LNX.4.60.9.0407141131490.17623@zeno1.math.washington.edu:
>> 
>>> Get better informed before making threats like this, they serve no
>>> purpose.
>> 
>> Bite me.
> 
> 
> Cool off Brad, I mean Morely.  Ed Chappa is one of the gurus for the
> Pine mailer.

I don't care if he's the Pope. He's wrong on this topic, *and* he's an 
arrogant twit.

> Just cool off little buddy.  Do you want to flame
> Nancy McGough too?

Nancy isn't an arrogant twit.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

"*Vanguard*" <lh_vanguard@mailblocks.com> wrote in
news:auCdnaeqLobdkWvdRVn-jg@comcast.com: 

> My line lengths are not over 76 characters.  That's because I am using
> MIME Quoted-Printable.  

Your lines contain on CR or LF charactersm, and run over 900 characters.

*PLONK*

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

"VinceH (real address)" <spam@softrock.co.uk> wrote:
> In article <auCdnaeqLobdkWvdRVn-jg@comcast.com>,
>    *Vanguard* <lh_vanguard@mailblocks.com> wrote:
>> My line lengths are not over 76 characters.  That's because I
>> am using MIME Quoted-Printable.  The physical length of the
>> line is 76 characters (including the trailing "= " for a
>> soft-return).

> I've just looked at your raw message in a text editor -
> ie as plain text.

> Your lines are definitely over 76 characters - each
> paragraph is one line. The only occurences of "= " are
> where you've quoted them in the text.

I saved the article and also looked at it with a text editor, and saw
the same thing.  But I then connected to the news server in a terminal
window and retrieved the article by hand.  It is, as *Vanguard* claims,
quoted-printable.

Your newsreader and mine (tin) are reconstituting the single-line
paragraphs (tin by using metamail) from the quoted-printable message
body.  In my case the resulting lines are character-wrapped, rather
than word-wrapped, so are a little annoying to read.  The long lines
also look strange when quoted--only one ">" at the beginning of the
paragraph, er, line.

-- 
John Wingate                        Mathematics is the art which teaches
johnww@worldpath.net                one how not to make calculations.
                                                         --Oscar Chisini

(found here, following up here)

On 2004-07-15, *Vanguard* <lh_vanguard@mailblocks.com> wrote:
>
> My line lengths are not over 76 characters.  ...

As many others have commented, yes they are.

At least you're courteous enough to use the same handle for
your postings, which makes it easier for me to ...

As others have said in reference to your insistence on
making a mess of your own postings,

PLONK

Robert Riches
spamtrap42@verizon.net
(Yes, that is one of my email addresses.)

In article <10fdfdrnglpb555@corp.supernews.com>,
John Wingate  <johnww@worldpath.net> wrote:

>I saved the article and also looked at it with a text editor, and saw
>the same thing.  But I then connected to the news server in a terminal
>window and retrieved the article by hand.  It is, as *Vanguard* claims,
>quoted-printable.
>
>Your newsreader and mine (tin) are reconstituting the single-line
>paragraphs (tin by using metamail) from the quoted-printable message
>body.  In my case the resulting lines are character-wrapped, rather
>than word-wrapped, so are a little annoying to read.  The long lines
> ...

Again, as others have said, 
    Content-Transfer-Encoding: quoted-printable
is about the encoding of the message, while
    Content-Type: text/plain; charset="iso-8859-1"
is about it contents and ultimate presentation.

The number of "=\r\n" strings is irrelevant to the lengths of lines
the author wants.  By one of the microstupid assumptions that try to
rationalize the mess, you could add or remove as many '=' characters
as you want without changing what readers will see.

The main microstupid assumption is that all newsreaders word wrap
regardless and despite whatever any Content-Type headers might say.

Outlook is doing the same Microsoft lunacy as ignoring mail Content-Type
headers mail and executing messages as virus or worm programs based
on file names because that is more "user friendly."  The worst part
of that embrace and extend idiocy is that Outlook is not only 
improperly presenting (including executing) mail and news, but sending
it wrong.

If I were brave, I'd wonder what Outlook does with a MIME USENET message
a "Content-Type: application/x-msdownload" header that specifies a
"name" ending with "vbs", "pif", etc.   We already know what Microsoft
thinks is the right thing to do with such viruses and worms delivered
via mail.
(Yes, of course, I assume that "network security settings" will
save the day at many microstupid installations.)


Vernon Schryver    vjs@rhyolite.com

On 2004-07-15, *Vanguard* <lh_vanguard@mailblocks.com> wrote:
> My line lengths are not over 76 characters.  That's because I am using
> MIME Quoted-Printable.  The physical length of the line is 76 characters
....
> I see you (Tim Smith) use slrn.  That newsreader cannot understand MIME
> Quoted-Printable?  When did you get this newsreader?  It hasn't been

Actually, it does understand it, and so decoded your lines, which is what
threw me off--I thought that it did NOT process that encoding.  Checking
on the server, I see your lines are indeed encoded to 76 wide.

-- 
--Tim Smith

vjs@calcite.rhyolite.com (Vernon Schryver) writes:
>If I were brave, I'd wonder what Outlook does with a MIME USENET message
>a "Content-Type: application/x-msdownload" header that specifies a
>"name" ending with "vbs", "pif", etc.   We already know what Microsoft
>thinks is the right thing to do with such viruses and worms delivered
>via mail.

The only thing stopping exactly what you think will happen from happening
is the no-binaries-in-text-groups rule. I bet this would actually work in a
binaries group, if someone was so nutty as to use outlook to read binaries
groups.

>(Yes, of course, I assume that "network security settings" will
>save the day at many microstupid installations.)

Or not! *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

pv+usenet@pobox.com (Paul Vader) wrote in
news:10fdk45m36ot216@news.supernews.com: 

> vjs@calcite.rhyolite.com (Vernon Schryver) writes:
>>If I were brave, I'd wonder what Outlook does with a MIME USENET message
>>a "Content-Type: application/x-msdownload" header that specifies a
>>"name" ending with "vbs", "pif", etc.   We already know what Microsoft
>>thinks is the right thing to do with such viruses and worms delivered
>>via mail.
> 
> The only thing stopping exactly what you think will happen from
> happening is the no-binaries-in-text-groups rule. I bet this would
> actually work in a binaries group, if someone was so nutty as to use
> outlook to read binaries groups.

What could possibly happen?

Well, let's find out.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

On Thu, 15 Jul 2004 10:15:02 -0500, "*Vanguard*"
<lh_vanguard@mailblocks.com> wrote:

>>> My line lengths are not over 76 characters.  That's because I am
>>> using MIME Quoted-Printable. 
>> 
>>   MIME=Multipurpose Internet MAIL Extensions
>> 
>> Steve Baker
>
>So is that why your client, Forte, is also using MIME.

  Dunno.
  My understanding is that quoted-printable is meant to be used when
8-bit characters need to be sent. Would you think that enclosing your
text in a base 64 file attachment would be appropriate?

Steve Baker

In article <10fdfdrnglpb555@corp.supernews.com>,
   John Wingate <johnww@worldpath.net> wrote:
> "VinceH (real address)" <spam@softrock.co.uk> wrote:
> > In article <auCdnaeqLobdkWvdRVn-jg@comcast.com>,
> >    *Vanguard* <lh_vanguard@mailblocks.com> wrote:
> >> My line lengths are not over 76 characters.  That's because I
> >> am using MIME Quoted-Printable.  The physical length of the
> >> line is 76 characters (including the trailing "= " for a
> >> soft-return).

> > I've just looked at your raw message in a text editor -
> > ie as plain text.

> > Your lines are definitely over 76 characters - each
> > paragraph is one line. The only occurences of "= " are
> > where you've quoted them in the text.

> I saved the article and also looked at it with a text editor,
> and saw the same thing.

I didn't save it - I forced my newsreader to open the
article into my text editor. The way this works in this
app (AFAIK) is that it /should/ cause me to see the
article in its original/raw format.

Repeating the exercise now gets the same result if I
use the same article. However, if I look at Vanguard's
subsequent reply to me, in exactly the same way, then
I see the soft-returns in that article.

Saving the articles (and in doing so, explicitly
telling my newsreader to save them in their original
format) gives matching results.

> But I then connected to the news server in a terminal window
> and retrieved the article by hand. It is, as *Vanguard*
> claims, quoted-printable.

Hmmm.

<clicks this & that>

I've now extracted the original from my backup spool,
which agrees with what you see on the server.

> Your newsreader and mine (tin) are reconstituting the
> single-line paragraphs (tin by using metamail) from the
> quoted-printable message body.

Yes, but this has highlighted a bug in mine, which is
always nice. I guess the difference between the two
articles is the attachment; for whatever reason, its
presence has caused my newsreader to remember what
"original format" means.

[...]

VinceH

-- 
http://www.vinceh.com/jenna/ 14/5/94-16/5/04 - Rest in peace

ObApologyType[Self-FUP]

"The Open Sourceror's Apprentice" <MorelyDotes@spamblocked.com> wrote in 
news:Xns95277C3296114MorelyDotesspamblock@216.99.211.247:

> What could possibly happen?
> 
> Well, let's find out.

Oops.  Sorry.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

On Wed, 14 Jul 2004 23:46:55 -0500, [*Vanguard*] mentioned :-

>Tim Smith said in
>news:xwfJc.2503$mL5.2367@newsread1.news.pas.earthlink.net: 
>> On 2004-07-14, *Vanguard* <lh_vanguard@mailblocks.com> wrote: [broken
>> message deleted]
>> 
>> Your posting software is violating RFC2822:
>> 
>>     2.1.1. Line Length Limits
>> 
>>        There are two limits that this standard places on the number of
>>        characters in a line. Each line of characters MUST be no more
>>        than 998 characters, and SHOULD be no more than 78 characters,
>>        excluding the CRLF.
>> 
>> You should fix this, or your posts might run into problems, ranging
>> from servers dropping them, to people cancelling them (which, as far
>> as I can tell, would not violate any rules against cancelling other
>> people's usenet messages, since they *aren't* usenet messages).
>
>My line lengths are not over 76 characters.  That's because I am using MIME Quoted-Printable.  The physical length of the line is 76 characters (including the trailing "= " for a soft-return).  Your client is (or should be) rendering the paragraphs as paragraphs rather than truncating them at a fix line length (i.e., it wraps the lines logically instead of physically due to the soft-return).  Because the physical line length is restricted to under 76 characters, it does not violate the RFCs nor should it get mangled by servers (who should be handling just the raw code rather than trying to render it and then chop it up).  The raw data is still complying to the RFC-standardized line lengths (ftp://ftp.rfc-editor.org/in-notes/rfc2045.txt, section 6.7, item 5) but uses a soft-return to limit the physical line length which is not presented so logically you see a paragraph that wraps at whatever is the width of your window.
>
>If you are using OE, highlight my message and hit Ctrl-F3.  You will see the lines are physically obeying the RFCs regarding a max line length of 76 characters.  Note the header directive "Content-Transfer-Encoding: quoted-printable".  
>
>I'm still deciding whether to continue using a 30-year old line truncation scheme that was based on teletype machines, or for DOS/command-line based clients too stupid to utilitize a buffer and know the current line length for the window in which that line paints to know where to wrap a long line, or any newsreader that doesn't know how to handle a near 8-year old RFC standard.  Quoted-Printable MIME was ratified nearly 8 years ago so should I really care about someone that can't manage to find a newsreader in all that time that can handle it?  
>
>I see you (Tim Smith) use slrn.  That newsreader cannot understand MIME Quoted-Printable?  When did you get this newsreader?  It hasn't been updated in over 7 years to obey RFC standards?  If it is a DOS/command-line only newsreader, it can't figure out how to convert "= " to hard returns so it effectively truncates the lines at the raw line length of 74 characters so the displayed lines would remain within your 80-column wide shell window?

Oi - matey-boy, your line lengths *are* over 76 in length.

What do you have set in :-

Tools/Options/Send

and press the "Plain Text Settings" button on the "news sending
format"

What does the box "Automatically wrap text at" have in it ?

The Open Sourceror's Apprentice wrote:

> Content-Type: application/x-msdownload; name="this_will_format_your_hard_drive_you_moron.pif"



Well, that was certainly entertaining :-)

In <cd6gc6$pu7$1@calcite.rhyolite.com>, Vernon Schryver:

[Snip...]

> Outlook is doing the same Microsoft lunacy as ignoring mail Content-Type
> headers mail and executing messages as virus or worm programs based
> on file names because that is more "user friendly."

It isn't even machine friendly; worse, it is outright network toxic. It
should be universally contraband on the basis of security alone.

The only reason I don't killfile OE mail/news on sight is the very high
likelihood it's a newbie trying to escape Redmond's rancid clutches.

OTOH, anybody purporting to justify this OE atrocity is toast on sight.

-- 
Regards, Weird (Harold Stevens) * IMPORTANT EMAIL INFO FOLLOWS *
Pardon any bogus email addresses (wookie) in place for spambots.
Really, it's (wyrd) at airmail, dotted with net. DO NOT SPAM IT.
Kids jumping ship? Looking to hire an old-school type? Email me.

Spoon <me1@privacy.net> writes:
>Oi - matey-boy, your line lengths *are* over 76 in length.

Actually, they're not. In the raw text (if you look at it by telnetting into
your NNTP server and asking for the article), what you see are lines
hard-broken at 76 characters, each ending with an = sign, wich in the
encoding he's using indicates a soft line wrap. So, our newsreaders,
interpreting text/plain and quoted/printable, is rewrapping them into one
giganto line per paragraph. What we're seeing is our newsreaders trying their
darndest to do the stupid things that bozo's newsreader is asking it to do.

The irony is that the message, if it wasn't for the MIME header lines,
would be perfectly readable as a properly-formatted USENET message (with
the possible exception of the ' =' at the end of each line and the mime
wrappers).

Friends don't let friends use outlook for news. Or anything else except for
dumb employer's mail servers where you have no choice. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

*Vanguard* wrote:
> My line lengths are not over 76 characters.  That's because I am using MIME Quoted-Printable.  The physical length of the line is 76 characters (including the trailing "= " for a soft-return).  Your client is (or should be) rendering the paragraphs as paragraphs rather than truncating them at a fix line length (i.e., it wraps the lines logically instead of physically due to the soft-return).  Because the physical line length is restricted to under 76 characters, it does not violate the RFCs nor should it get mangled by servers (who should be handling just the raw code rather than trying to render it and then chop it up).  The raw data is still complying to the RFC-standardized line lengths (ftp://ftp.rfc-editor.org/in-notes/rfc2045.txt, section 6.7, item 5) but uses a soft-return to limit the physical line length which is not presented so logically you see a paragraph that wraps at whatever is the width of your window.

1. They are displayed that way.
2. The attachment copy you left shows up in my editor as having lines
ended with "=<newline>" at the point YOU PERCEIVE as being an end-of-line.
The rule for converting text to quoted-printable says that

        Local newlines MUST be converted to hard newlines (newlines not
        preceded by an equals sign; those are soft newlines).

So whatever you're using to generate quoted-printable is fooling you into
believing your lines are short, while presenting paragraph-per-line text
to the rest of the compliant world.


P.S. I added this after sending the message but before leafnode got to send
it to the server. My client warned me that the part of your message I quoted
was over 80 characters.

-- 
WASHINGTON, July 13 (Reuters) - The U.S. government posted a larger-than-
expected budget surplus in June, propped up by higher quarterly business tax
receipts, a government report released on Tuesday showed.

glgxg <glgxg@mfire.com.invalid> wrote in
news:2lo8taFeudtrU1@uni-berlin.de: 

> The Open Sourceror's Apprentice wrote:
> 
>> Content-Type: application/x-msdownload;
>> name="this_will_format_your_hard_drive_you_moron.pif" 
> 
> Well, that was certainly entertaining :-)

Yahbut, what did it *do*?

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

VinceH (real address) said in news:4ccf066a22spam@softrock.co.uk:
>=20
> I didn't save it - I forced my newsreader to open the
> article into my text editor. The way this works in this
> app (AFAIK) is that it /should/ cause me to see the
> article in its original/raw format.
>=20
> Repeating the exercise now gets the same result if I
> use the same article. However, if I look at Vanguard's
> subsequent reply to me, in exactly the same way, then
> I see the soft-returns in that article.
<snip>

Okay, now you got me licking my chops.  WHAT was it that you saw?  Where =
the lines actually physically limited to 76 max characters?  And was =
there hard return (CF/LF) after the soft return ("=3D ") to ensure the =
lines were actually a max of 76 characters, or did the next line run on =
after the soft return so the physical length did exceed 76 characters?  =
Otherwise the arguments pend until I get Ethereal or something more =
NNTP-specific that can let me see the raw data stream to ensure the are =
CR/LFs after every soft return.

Paul Vader wrote:
> Actually, they're not. In the raw text (if you look at it by telnetting into
> your NNTP server and asking for the article), what you see are lines
> hard-broken at 76 characters, each ending with an = sign, wich in the
> encoding he's using indicates a soft line wrap. So, our newsreaders,

or news servers,

> interpreting text/plain and quoted/printable, is rewrapping them into one
> giganto line per paragraph.

Either the server I get his articles from, or leafnode, is removing the
soft newlines and appropriately replacing them with nothing. Whatever
he's using should have converted them to hard newlines during the text-
to-quoted-printable conversion. Accordingly, there shouldn't be any
soft newlines in quoted-printable text.

-- 
WASHINGTON, July 13 (Reuters) - The U.S. government posted a larger-than-
expected budget surplus in June, propped up by higher quarterly business tax
receipts, a government report released on Tuesday showed.

Vernon Schryver said in news:cd6877$2kks$1@calcite.rhyolite.com:
> In article <5NmdnYfRT6KOPGvdRVn-tw@comcast.com>,
> *Vanguard* <lh_vanguard@mailblocks.com> wrote:
>=20
> That's all very nice.  It's also irrelevant and suggests a fundamental
> misunderstand of network protocols.  What your application claims to
> be "saving" as "the raw content" is not authoritiative and is often a
> gross fiction.  All that matters is what gets on the wire.  To see
> that you should look at a news spool directory.

Please elaborate on viewing a news spool directory (since I don't run a =
news server host).  What tool might I use to sniff the NNTP traffic to =
determine if there are hard returns (CR/LF) after the "=3D " character =
sequence at the end of the lines?  I really don't want to get into =
installing Ethereal or another network sniffer but rather something =
simple that can simply be loaded to monitor my traffic from OE but which =
shows the raw traffic being transmitted.

>=20
>=20
>> My line lengths are not over 76 characters.  That's because I am
>> using MIME Quoted-Printable.  The physical length of the line is 76
>> characters (including the trailing "=3D " for a soft-return).  Your
>> client is (or should be) rendering the paragraphs as paragraphs
>> rather than truncating them at a fix line length (i.e., it wraps the
>> lines logically instead of=20
>=20
> That suggests a misunderstandings of MIME.  Your physical line
> lengths may be 76, although I see only 75 including the '=3D' in my
> spool directory.  Since your Microstupid posting software is saying
> that=20
> your messages are "text/plain" and not doing as section 3.1.2.2 of
> http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt
> requires and adding "format=3Dflowed" to your Content-Type headers,
> your logical line lengths are enormous and a conformant user agent
> can reasonably render your paragraphs as single, ridiculously long
> lines.=20

Existing NNTP client are expected to implement RFCs, especially when =
they are just drafts, before they exist?  SPF is also still a draft, =
getting some introduction into a few mail server programs, but I've yet =
to hear about an SPF-enabled client that can determine if SPF was used =
to protect the envelope so the end user can decide whether to filter out =
non-SPF messages or not.  Obviously clients cannot implement =
"format=3Dflowed" as a requirement until it is actually a requirement =
(but way too many specs are RECOMMENDEDs and SHOULDs instead of MUSTs) =
except as a *beta* feature of that client because the spec on which it =
is based is still just a draft.  But then you took the "format=3Dflowed" =
out of context and also lied is saying this directive is "required".  =
No, what it said was, "Posting agents MAY use the "format=3Dflowed" =
parameter of "text/plain" (and also the "DelSp=3Dyes" if appropriate) =
defined in [RFC 3676] so as to allow suitably equipped reading agents to =
reformat flowed paragraphs to suit the width of their display areas. "  =
Notice the use of "MAY".  There are LOTS of RFCs with RECOMMENDED, =
SHOULD, and MAY statements that do *not* need to be obeyed for a client =
to remain RFC compliant.  The only reason I see the need for this =
directive is that there exist some stupid clients that cannot figure out =
how to wrap a logical representation according to the current window =
width for a physical body that is compliant to the RFCs.  The next =
sentence says, "However, it must be understood that many reading agents =
do not support that feature, and therefore the physical length of all =
lines SHOULD be restricted to the default preferred length of 72 =
characters, rather than the 78 recommended in [RFC 3676]."  Note that =
"many reading agents" does not equate to "most reading agents" either by =
the number of available reading agent programs or by the numbers of =
users of each.  And, again, quoted-printable still complies with the =
physical line length recommendation.

I used this draft as a reference because another poster did, it doesn't =
ban the use of MIME but actually infers its use, and I asked if someone =
knew of a [ratified and released] RFC that specifically bans MIME from =
usenet posts (or specifially quoted-printable encoding).  Other than =
some deficient command-line or console mode newsreaders, it sure looks =
like lots of newsreaders implement MIME.  If MIME were banned in usenet =
posts then why do newsreaders *other* than OE also implement a MIME =
header when obviously it would not be required for a plain text message =
that used hard returns before the 76-character line length (i.e., =
hailing back to 30-year old teletype constraints for max line length)?

> MIME quoted-printable is merely an encoding.  A user agent should
> render your text the same whether the quoted-printable encoded
> version has "=3D<CR><LF>" after every 74 bytes or after every 7 bytes
> or no with '=3D' characters at all.  MIME is irrelevant.  =20

So if the user agent can render text and sees the CR/LF at the end of =
the line (I'm assuming they are there until I get proof via sniffing the =
raw traffic to prove OE is lying to me) then it sounds like you agree =
with me that the text-only agents should be slicing up the lines at 74 =
characters, or less (i.e., before the "=3D " sequence which appears to =
me to be followed by a CR/LF).

If MIME were irrelevant then why even bother adding the headers to =
define the encoding?  Because there *is* encoding, even if all ASCII =
7-bit characters are used, and the MIME header defines what it is so the =
client knows how to handle it.  So some clients don't know how to handle =
MIME (or specifically quoted-printable).  Any statistics showing how =
many of those users there are compared to the entire usenet community?  =
Not really interested in the needs of the few.

> You are
>> making a Microsoft assumption that all usenet user agents will
> render text with bogus line lenths in the same way as your Microsoft
> virus and spam distribution system.

Please define "bogus line lengths".  Please explain why other NNTP =
clients have problems reading plain text, and why they are unable to =
comply with MIME for those which purport to support it.  While the new =
draft makes some interesting proposals, how about complying with the =
RFCs that already exist?  Please refrain from the insults and instead =
provide some RFC references that dictate that MIME quoted-printable - in =
its currently ratified definition - is prohibited from usenet posts.

Spoon said in news:23rdf0lp45shjb8p4k93ejrutiju4o4gf5@4ax.com:
>=20
> Oi - matey-boy, your line lengths *are* over 76 in length.
>=20
> What do you have set in :-
>=20
> Tools/Options/Send
>=20
> and press the "Plain Text Settings" button on the "news sending
> format"
>=20
> What does the box "Automatically wrap text at" have in it ?

Once MIME Quoted-Printable encoding is selected, the spinbox to select =
the max line length is disabled.  Microsoft will break the lines at word =
boundaries so the physical line length doesn't exceed 76 characters =
(including the trailing "=3D" for the soft return).  Line lengths may be =
less than 76 characters since the break is at word boundaries rather =
than at character boundaries.

*Vanguard* wrote:

> VinceH (real address) said in news:4ccf066a22spam@softrock.co.uk:
>> 
>> I didn't save it - I forced my newsreader to open the
>> article into my text editor. The way this works in this
>> app (AFAIK) is that it /should/ cause me to see the
>> article in its original/raw format.
>> 
>> Repeating the exercise now gets the same result if I
>> use the same article. However, if I look at Vanguard's
>> subsequent reply to me, in exactly the same way, then
>> I see the soft-returns in that article.
> <snip>
> 
> Okay, now you got me licking my chops.  WHAT was it that you saw?  Where the lines actually physically limited to 76 max characters?  And was there hard return (CF/LF) after the soft return ("= ") to ensure the lines were actually a max of 76 characters, or did the next line run on after the soft return so the physical length did exceed 76 characters?  Otherwise the arguments pend until I get Ethereal or something more NNTP-specific that can let me see the raw data stream to ensure the are CR/LFs after every soft return.

====
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

VinceH (real address) said in news:4ccf066a22spam@softrock.co.uk:
>=20
> I didn't save it - I forced my newsreader to open the
> article into my text editor. The way this works in this
> app (AFAIK) is that it /should/ cause me to see the
> article in its original/raw format.
>=20
> Repeating the exercise now gets the same result if I
> use the same article. However, if I look at Vanguard's
> subsequent reply to me, in exactly the same way, then
> I see the soft-returns in that article.
<snip>

Okay, now you got me licking my chops.  WHAT was it that you saw?  Where =
the lines actually physically limited to 76 max characters?  And was =
there hard return (CF/LF) after the soft return ("=3D ") to ensure the =
lines were actually a max of 76 characters, or did the next line run on =
after the soft return so the physical length did exceed 76 characters?  =
Otherwise the arguments pend until I get Ethereal or something more =
NNTP-specific that can let me see the raw data stream to ensure the are =
CR/LFs after every soft return.
====

Notice the '=' marks above? That is where my newsreader determined your
soft carriage returns.

The following is exactly 56 characters, 72 characters with spaces:

Okay, now you got me licking my chops.  WHAT was it that you saw?  Where

Your actual post sentence was/is 427 characters (526 with spaces) and no
hard line breaks.

In that you are running OE, I'll assume that you have MS Word on your
computer.  You can easily check the line length by copy & pasting your
line(s) into MSW, then click on "File" | Properties | Statistics.

FWIW Netscape/Mozilla has similar problems in default, but can be
changed in the user pref file:

http://www.mozilla.org/unix/customizing.html
// Format=flowed prefs, RFC 2646
user_pref("mailnews.send_plaintext_flowed", true); (I set mine to false)
user_pref("mailnews.display.disable_format_flowed_support", true);
user_pref("mail.display_struct", true);
user_pref("mail.send_struct", false);

In article <yrWdnbOeuIyylWrd4p2dnA@comcast.com>,
*Vanguard* <lh_vanguard@mailblocks.com> wrote:

>> gross fiction.  All that matters is what gets on the wire.  To see
>> that you should look at a news spool directory.
>
>Please elaborate on viewing a news spool directory (since I don't run a
>news server host). 

In your position, I would read the NNTP RFC and use `telnet nntpserver 119`
to ask my ISP's NNTP server for the articles I wanted.

Well, actually, I'd run an NNTP server even if I were limited to using
one of the "slurp" implementations.  An NNTP server is far too useful
for filtering, `grep`, and other things.


>> your messages are "text/plain" and not doing as section 3.1.2.2 of
>> http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt
>> requires and adding "format=flowed" to your Content-Type headers,
>> your logical line lengths are enormous and a conformant user agent
>> can reasonably render your paragraphs as single, ridiculously long
>> lines. 
>
>Existing NNTP client are expected to implement RFCs, especially when
>they are just drafts, before they exist? 

Yes, especially when the I-Ds document defacto standard behavior.

>                                          SPF is also still a draft,
>getting some introduction into a few mail server programs, but I've yet
>to hear about an SPF-enabled client that can determine if SPF was used
>to protect the envelope so the end user can decide whether to filter out
>non-SPF messages or not.

SPF is a classic example of marketing technology.  
(See http://groups.google.com/groups?as_q=technology%20bovine&as_uauthors=vjs%40calcite.rhyolite.com
for my view of the current definition of the T-word.)

SPF is eyewash for the credulous that will have no significant effect
on spam.  It was no better than other, earlier DNS-based sender domain
verifying schemes.  That SPF was mostly marketing is demonstrated by
how it has evolved in the IETF MARID WG.  SPF would have made Microsoft
proud, except that Microsoft floated its own blarney to obscure its
culpability for most current spam.

>                          Obviously clients cannot implement
>Eformat=flowed" as a requirement until it is actually a requirement (but
>way too many specs are RECOMMENDEDs and SHOULDs instead of MUSTs) except
>as a *beta* feature of that client because the spec on which it is based
>is still just a draft.  

That's nonsense, particularly given your own position that MIME in
Usenet is valid.  "Format=flowed" is a MIME thing, not an NNTP or
USENET thing.  It's also what your Microstupid virus installation
program (a.k.a. Outlook) does with your articles.

Besides, throughout the history of the Internet starting long before
the IETF existed, RFCs have been about maximizing interoperability
instead of imposing standards.  Since I-Ds existed, the best RFCs have
been implemented and significantly deployed as I-Ds and before getting
RFC numbers.

>                        But then you took the "format=flowed" out of
>context and also lied is saying this directive is "required".  

Please point to my words that you found intentionally misleading.

I don't think you've been lying, except to yourself to try to save
face as usenet espurt.


>                                                               No, what
>it said was, "Posting agents MAY use the "format=flowed" parameter of
>"text/plain" (and also the "DelSp=yes" if appropriate) defined in [RFC
>3676] so as to allow suitably equipped reading agents to reformat flowed
>paragraphs to suit the width of their display areas. "  

Instead of just "noticing" those words, you ought read them.


>                                    Note that "many reading agents" does
>not equate to "most reading agents" either by the number of available
>reading agent programs or by the numbers of users of each. 

There are a lot of microstupid lusers, but the weight of history ensures
that most implementations either truncate or character-wrap instead
of word-wrap.  VT100s and so xterm windows either truncate or character
wrap.


I'm using a brand new, objectionablly newfangled (as I see things,
having met Usenet in 1985) version of trn that word-wraps instead of
character-wraps.  If I had noticed that you were using microstupid
line lengths I would not have responded to your earlier articles.  Some
of your other statements were dubious and seeing microsupid line lengths
would have reversed my judgement about the worth of responding to your
words about email abuse.


>                                                            And, again,
>quoted-printable still complies with the physical line length
>recommendation.

And again, whether you send using quoted-printable is completely irrelevant.


>I used this draft as a reference because another poster did, it doesn't
>ban the use of MIME but actually infers its use, and I asked if someone
>knew of a [ratified and released] RFC that specifically bans MIME from
>usenet posts (or specifially quoted-printable encoding). 

That's a red herring of the sort that people with experience in standards
committees have learned to expect from Redmond.  Your use of MIME is
irrelevant, because your articles are the simple "text/plain" that is
the default for articles with no MIME headers at all.  Are you sure
you're not a Microsoft employee?.


>So if the user agent can render text and sees the CR/LF at the end of
>the line (I'm assuming they are there until I get proof via sniffing the
>raw traffic to prove OE is lying to me) then it sounds like you agree
>with me that the text-only agents should be slicing up the lines at 74
>characters, or less (i.e., before the "= " sequence which appears to me
>to be followed by a CR/LF).

I cannot parse that statement.

I am saying that newsreaders "MUST" either completely ignore your silly
"Content-Transfer-Encoding: quoted-printable" header and display your
text with '=' at the ends of your raw lines or they "MUST" reassemble
your "paragraphs" into single, ridiculously long lines as the standard
MIME quoted-printable encoding requires.  In either case, they must
then render those lines as they see fit, perhaps by paying attention
to a Content-Type header (that you don't include) that would specify
flowing text or by truncating or word or character wrapping as they
wish to fit the local display.


>If MIME were irrelevant then why even bother adding the headers to
>define the encoding?  Because there *is* encoding, even if all ASCII
>7-bit characters are used, and the MIME header defines what it is so the
>client knows how to handle it.  So some clients don't know how to handle
>MIME (or specifically quoted-printable).  Any statistics showing how
>many of those users there are compared to the entire usenet community? 
>Not really interested in the needs of the few.

Are you sure you're not a Microsoft employee?
That continued confounding of MIME Content-Type with MIME
Content-Transfer-Encoding and the silliness about majorities sounds
painfully familiar.  You might instead be a deacon of the Church of
the FSF, because they blather similar nonsense.


>> You are
>>> making a Microsoft assumption that all usenet user agents will
>> render text with bogus line lenths in the same way as your Microsoft
>> virus and spam distribution system.
>
>Please define "bogus line lengths". 

Any line length that you know will be rendered confusingly for a
significant part of your audience is bogus.  Complying with the
20+ year old defacto standard would do you no harm and only increase
the audience for your words.  Logical line lengths of several 100
characters like yours are silly as well as bogus.

>                                     Please explain why other NNTP
>clients have problems reading plain text, and why they are unable to
>comply with MIME for those which purport to support it. 

The MIME standards violations are yours.  You are sending text with
logical line lengths far wider than any display.

>                                                         While the new
>draft makes some interesting proposals, how about complying with the
>RFCs that already exist?  Please refrain from the insults and instead
>provide some RFC references that dictate that MIME quoted-printable - in
>its currently ratified definition - is prohibited from usenet posts.

Most of that's good advice, except for the utter silliness of confounding
transfer encodings with content type.  If you took your advice, you'd
not hold forth as you have been.  You'd find out before pontificating
that internet-draft is not making significant changes in this area.
You'd read the MIME RFCs and understand them before instructing us
about sucking the round hard white things with tasty centers that you
invented or at least discovered.  See
http://www.google.com/search?q="teach%20your%20grandmother%20to%20suck%20eggs"


Vernon Schryver    vjs@rhyolite.com

"glgxg" <glgxg@mfire.com.invalid> wrote in message =
news:2logatFbrtsaU1@uni-berlin.de...
<snip>
>=20
> Okay, now you got me licking my chops.  WHAT was it that you saw?  =
Where =3D
> the lines actually physically limited to 76 max characters?  And was =
=3D
> there hard return (CF/LF) after the soft return ("=3D3D ") to ensure =
the =3D
> lines were actually a max of 76 characters, or did the next line run =
on =3D
> after the soft return so the physical length did exceed 76 characters? =
 =3D
> Otherwise the arguments pend until I get Ethereal or something more =
=3D
> NNTP-specific that can let me see the raw data stream to ensure the =
are =3D
> CR/LFs after every soft return.
> =3D=3D=3D=3D
>=20
> Notice the '=3D' marks above? That is where my newsreader determined =
your
> soft carriage returns.

Those aren't soft "carriage returns".  Those are soft returns.  They are =
still followed by CRLF for the line breaks.  RFC 2045 defines a hard =
line break as the CRLF sequence, a soft line break as a trailing "=3D" =
on a line at the 76th character position, or earlier, and that a soft =
line break MUST be followed by a hard line break so the maximum =
*physical* line length is 78 characters (with the line, trailing "=3D", =
and CR & LF characters).  "An "=3D" followed by a character that is =
neither a hexadecimal digit (including "abcdef") nor the CR character of =
a CRLF pair is illegal."  So the hard line break DOES occur immediately =
after the trailing equals sign for the soft break and limits the =
PHYSICAL length of the line.  If your client has a problem with its =
logical representation of quoted-printable encoded content then it =
appears your client is not MIME compliant (regarding quoted-printable) =
for the 7+ year-old RFC 2045.

>=20
> The following is exactly 56 characters, 72 characters with spaces:
>=20
> Okay, now you got me licking my chops.  WHAT was it that you saw?  =
Where
>=20
> Your actual post sentence was/is 427 characters (526 with spaces) and =
no
> hard line breaks.
>=20
> In that you are running OE, I'll assume that you have MS Word on your
> computer.  You can easily check the line length by copy & pasting your
> line(s) into MSW, then click on "File" | Properties | Statistics.

Copying and pasting will end up transferring the *logical* =
representation of what is *displayed*, not the code used to construct =
it.  I can also highlight a bunch of text in a web page and paste it =
into Word but it won't show all the HTML coding or formatting.  =
Something coded in HTML like:

this is the first line<CRLF>
   with several blanks before the next line<CFLF>
and this<CRLF>
is the                 <CRLF>
third line<CRLF>

which would render as "this is the first line with several blanks before =
the next line and this is the third line" (since multiple contiguous =
spaces get rendered as just 1 space).  The "<CRLF>" were added so you =
can see where are the physical line breaks.  What you copy is the =
logical version or rendered copy of the coding and Word would say this =
is 90 characters long and on all in 1 line.  However, you can do your =
own counting of the *physical* representation and see that there are 106 =
characters (not including the CRLF line breaks), not 90, and span 5 =
lines, not just 1 line, and that none of the lines exceeded a *physical* =
line length of 43 characters although the *logical* representation has a =
line length of 90 characters.  You are seeing on-screen the LOGICAL =
representation *after* the encoding has been applied.  Same for MIME =
Quoted-Printable (by a client that supports it).

> FWIW Netscape/Mozilla has similar problems in default, but can be
> changed in the user pref file:
>=20
> http://www.mozilla.org/unix/customizing.html
> // Format=3Dflowed prefs, RFC 2646
> user_pref("mailnews.send_plaintext_flowed", true); (I set mine to =
false)
> user_pref("mailnews.display.disable_format_flowed_support", true);
> user_pref("mail.display_struct", true);
> user_pref("mail.send_struct", false);
>=20
> 

"Floyd L. Davidson" <floyd@barrow.com> wrote in message =
news:87d62xi7pp.fld@barrow.com...
>=20
> Well yes... and *I* certainly agree that is a valid!
> Unfortunately our friend isn't using a Content-Type of
> "text/plain"; hence, he thinks such sanity doesn't apply to him.
> Sigh...

Yes, I am.  See my headers, which are:

MIME-Version: 1.0
Content-Type: text/plain;
 charset=3D"iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Content type is "text/plain". =20
**Encoding** is quoted-printable.  

*Vanguard* wrote:
> "glgxg" <glgxg@mfire.com.invalid> wrote in message news:2logatFbrtsaU1@uni-berlin.de...
> <snip>
>> 
>> Okay, now you got me licking my chops.  WHAT was it that you saw?  Where =
>> the lines actually physically limited to 76 max characters?  And was =
>> there hard return (CF/LF) after the soft return ("=3D ") to ensure the =
>> lines were actually a max of 76 characters, or did the next line run on =
>> after the soft return so the physical length did exceed 76 characters?  =
>> Otherwise the arguments pend until I get Ethereal or something more =
>> NNTP-specific that can let me see the raw data stream to ensure the are =
>> CR/LFs after every soft return.
>> ====
>> 
>> Notice the '=' marks above? That is where my newsreader determined your
>> soft carriage returns.

rewrapped for readability:

> 
> Those aren't soft "carriage returns". Those are soft returns. They
> are
still followed by CRLF for the line breaks. RFC 2045 defines a hard line
break as the CRLF sequence, a soft line break as a trailing "=" on a
line at the 76th character position, or earlier, and that a soft line
break MUST be followed by a hard line break so the maximum *physical*
line length is 78 characters (with the line, trailing "=", and CR & LF
characters). "An "=" followed by a character that is neither a
hexadecimal digit (including "abcdef") nor the CR character of a CRLF
pair is illegal." So the hard line break DOES occur immediately after
the trailing equals sign for the soft break and limits the PHYSICAL
length of the line. If your client has a problem with its logical
representation of quoted-printable encoded content then it appears your
client is not MIME compliant (regarding quoted-printable) for the 7+
year-old RFC 2045.

Actually it is. But you just go ahead and keep posting like you are... I
don't mind a bit.

http://www.faqs.org/rfcs/rfc2646.html

"Floyd L. Davidson" <floyd@barrow.com> wrote in message =
news:878ydli7nc.fld@barrow.com...
> pv+usenet@pobox.com (Paul Vader) wrote:
> >floyd@barrow.com (Floyd L. Davidson) writes:
> >>Pardon me, but I just looked at rfc-2045, rfc-2822 *and* at
> >>rfc-1036 (another task made easy by the newsreader software that
> >>I have).  I didn't see anywhere that it hints that MIME encoding
> >>should *ever* be used on Usenet for text messages...
> >
> >Because it shouldn't, of course. Usenet isn't mail, regardless of =
what
> >brain-dead microsoft programmers think.

I guess it must be those brain-dead Microsoft programmers that are =
writing and ratifying =
http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt =
which addresses the use of MIME within usenet posts.

> >Usenet is, and should stay, a text-only medium. You only would need =
MIME
> >encodings if you need to differentiate between other formats for the =
data,
> >and you don't. *
>=20
> Dead on!

Rather than accept user's preferences as the gospel regarding what MIME =
types are allowed under what conditions and in which type of newsgroups, =
I'd prefer some world-wide communal standardization that isn't based on =
the limitations of the particular posting agent used by a respondent in =
the newsgroup.  That's why I'm asking what RFCs or I-Ds are applicable.  =
Do you know of any that delineate the applicable MIME types per newgroup =
[type]?  Or does the "reference" post (forget what it's really called) =
in a newsgroup that dictates the use of that newsgroup and which =
actually specifies the use of MIME and bans quoted-printable encoding?

I'm not defending OE.  I use OE-QuoteFix to overcome some of its faults. =
 Doesn't Forte Agent also support MIME Quoted-Printable?  Sure it does =
(see =
http://www.forteinc.com/agent/faq.php#FAF604ADBD36555D88256C1E005A25E1). =
 If I posted using something other than OE then all the OE bashing would =
have never erupted and we would've focused on arguing about the valid =
[physical versus logical] message content rather than waste words =
arguing about the client that created it (or maybe those folks switch =
from bashing OE and then bash Agent).  I'm trying to discern what are =
the real standards regardless of the limitations of the specific posting =
agent used by a particular respondent.  So far, I've gotten lots of good =
information (and a lot that's, well, overly "colored" or slanted).  As =
per one poster's advice (that I've seen elswhere before), "Be =
conservative in what you send and liberal in what you accept."  So we =
all get to drive to work in Geo Metros while the Porsche sits in the =
garage collecting dust and we use old 14-inch monochrome monitors on our =
computers in order to degenerate to the lowest common denominator.  At =
some point, move on!  So when will the break occur that we finally =
discard usage that is based on antiquated hardware or deficient posting =
agents?  In another 30 years, maybe?  I don't think so, especially when =
you see I-D drafts that address using quoted-printable in usenet posts.

You don't learn a lot by agreeing.  You learn more by disagreeing (even =
if you have to take the Devil's Advocate position).  If you check my =
prior posts (of which there are many more in other newsgroups), I didn't =
use MIME or it was MIME None.  Only lately have I started using =
Quoted-Printable.  This was deliberate to invoke discussions like this.  =
I figured eventually someone would pounce on me (although this indeed =
has been a severe hijack of the original thread).  Come on, admit it, it =
has been ego-stroking fun pouncing on the OE user, hasn't it?  >;->

*Vanguard* <lh_vanguard@mailblocks.com> wrote:

> "Floyd L. Davidson" <floyd@barrow.com> wrote in message news:87d62xi7pp.fld@barrow.com...
>> 
>> Well yes... and *I* certainly agree that is a valid!
>> Unfortunately our friend isn't using a Content-Type of
>> "text/plain"; hence, he thinks such sanity doesn't apply to him.
>> Sigh...

> Yes, I am.  See my headers, which are:

> MIME-Version: 1.0
> Content-Type: text/plain;
>  charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable

> Content type is "text/plain".  
> **Encoding** is quoted-printable.

What you don't seem to be getting is that the content (described as
Content-Type: text/plain; charset="iso-8859-1") that you are sending
and we are seeing consists of lines of text that are many hundreds of
characters long.

The Content-Transfer-Encoding, whether it is quoted-printable or base64
or 8bit--though some of your lines are too long for 8bit--is
irrelevant.  The encoding is only to ensure that the content survives
the transport from you to us intact.  It does.  What we are complaining
about is the format of that content.

If you want to indicate that the lines in your text should be
word-wrapped, you need an additional parameter in the Content-Type
field, as Vernon has told you: format="flowed".

Not that I would recommend that.  It would be better all around if
you posted with short lines of readable length right from the start.

-- 
John Wingate                        Mathematics is the art which teaches
johnww@worldpath.net                one how not to make calculations.
                                                         --Oscar Chisini

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-25519-1089942945-0002
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

*Vanguard* writes:

> Those aren't soft "carriage returns".  Those are soft returns.  They are
> still followed by CRLF for the line breaks.  RFC 2045 defines a hard line
> break as the CRLF sequence, a soft line break as a trailing "=3D" on a lin=
e
> at the 76th character position, or earlier, and that a soft line break
> MUST be followed by a hard line break so the maximum *physical* line
> length is 78 characters (with the line, trailing "=3D", and CR & LF
> characters).  "An "=3D" followed by a character that is neither a
> hexadecimal digit (including "abcdef") nor the CR character of a CRLF pair
> is illegal."  So the hard line break DOES occur immediately after the
> trailing equals sign for the soft break and limits the PHYSICAL length of
> the line.  If your client has a problem with its logical representation of
> quoted-printable encoded content then it appears your client is not MIME
> compliant (regarding quoted-printable) for the 7+ year-old RFC 2045.

Before you start to lecture someone about MIME, it helps if you actually try=
 
to understand what MIME is.  Obviously, you don't.

MIME defines how to format arbitrary media data within the confines of a 
plain text E-mail message format.  It does not redefine the format of an 
E-mail message, it specifies how arbitrary data can be encoded into the 
plain text format.  Originally, an E-mail message was plain, unadulterated 
text using the 7 bit US-ASCII character set, eighty or so characters per 
line.  Most original mail writers wrapped text at the 76th or 78th character=
 
position.

Plain text, E-mail messages had a carriage return/line feed pair at the end 
of every physical line.  And paragraph breaks were completely empty lines.

Did you get that part? Did you let that sink through your head? Carriage 
return/linefeed at the end of every line. Empty line to delimit paragraphs. 
Before going any further, wrap your brain around that simple concept.

Before long it became obvious that this was not very useful, and everyone 
wanted E-mail to do a little bit more.  Thus came MIME.

MIME specifies two distinct, orthogonal things:

1) How to specify what your E-mail contains: a picture, a PDF document, or 
something else.

2) How to take the raw binary goop that comprises said picture, PDF 
document, or something else, and turn it into something that fits the 
ordinary definition of an E-mail message: plain lines of text, each line 
terminated by a carriage return/linefeed.

MIME does not change the definition of what an E-mail message is.  An E-mail=
 
message still consists of a bunch of lines of text, and each line is still 
followed by CRLF, with empty lines separating paragraphs, where appropriate.=
 
What MIME does is specify how to convert other kinds of things into this 
format, for maximum compatibility with existing E-mail transport software.

Item #2 above is specified by the "Content-Transfer-Encoding" header. 
Setting aside "7bit" and "8bit", RFC 2045 defines two alternative 
mechanisms: one suitable for arbitrary binary data - base64; and one that's 
suitable for stuff that's closely related to text: "quoted-printable". 
Quoted-printable mostly consists of two hacks: hexadecimal encoding of 8-bit=
 
characters, and chopping up long sequences of texts into smaller lines. Some=
 
kinds of text-based formats, like HTML or Postscript, can contain long 
sequences of characters without an intervening line break.  Since E-mail 
messages preferrably, by tradition, should not exceed 80 characters per 
line, quoted-printable specifies how long sequences of characters can be 
chopped up into small lines.

A properly-written MIME processor, takes the output of the Microsoft 
shitware you're running, and removes those "soft returns".  What it ends up 
is a huge, single line, over a thousand characters long.  Each individual 
paragraph in your message decodes to a single line of text, a thousand 
characters (or so) each.

Your messages do not logically consist of individual lines of text, 80-or-so=
 
characters each, with a blank line between paragraph breaks.  In every one 
of your horribly broken E-mail messages each paragraph is a single, huge, 
line of text.  This is how the output of your Microsoft shitware looks to 
every MIME processor.

Now, some mail clients may choose to simply cut off all text that exceeds 
their display width.  Other mail clients may choose to wrap these humongous 
lines within the alloted display width, without concern for word breaks. 
Still other, more sophisticated clients, will try to compensate for your 
shitware's brain damage by trying to word-wrap these huge lines of text 
within their alloted display.  However, each one of these alternatives is 
technically valid.  If, as a result, your messages look like shit, it is not=
 
their fault.  Your messages were broken to begin with.

The proper way to specify =E2=80=9Csoft=E2=80=9D line breaks, and =E2=80=9Ch=
ard=E2=80=9D paragraph breaks, 
is specified by RFC 2646.  My messages, for example, follow that 
specification, and any MIME-aware processor that implements RFC 2646 will be=
 
able to re-wrap my messages within whatever line width it uses, preserving 
paragraph breaks.

But -- and this is the crucial part that you need to absorb -- my 
quoted-printable messages, still decode to ordinary plain text, each line no=
 
more than 80 characters long.  Still, any RFC 2646-aware client can do the 
right thing and adjust this text to any logical line width.

This is the proper way to format text, and not end up with thousand+ 
characters of garbage.



--=_mimegpg-commodore.email-scan.com-25519-1089942945-0002
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBA9zWhx9p3GYHlUOIRAqJPAJ9Iu9LtoqR+y7QkJRfrKO1svlJaewCeOlxl
rKf919A67btm5u/G9lQKpjA=
=et6D
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-25519-1089942945-0002--

*Vanguard* wrote:

> Once MIME Quoted-Printable encoding is selected, the spinbox to select =
> the max line length is disabled.

After the feedback you have received, why don't you just deselect it? Lots
of other Microsoft Outlook Express users manage to post (in this respect)
perfectly Usenet-compatible articles.

Thor

-- 
http://www.anta.net/

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[ugh, where to Followup-To?  leaving Newsgroups: as-is]

On 2004-07-16, *Vanguard* <lh_vanguard@mailblocks.com> wrote:

[dipshit ''quoted-printable'' long lines fixed]

> I guess it must be those brain-dead Microsoft programmers that are
> writing and ratifying
> http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt
> which addresses the use of MIME within usenet posts.

I specifically direct your attention to section 3.1.2, 3.1.2.2, and
3.1.2.3, which in summary state:

* when Content-Type is text/plain, lines should be fewer than 72 or 79
  characters

* other Content-Types should not be used unless the group explicitly
  accepts other Types

* other Content-Transfer-Encodings (like dipshit ''quoted-printable'',
  for example) should not be used "unless there are pressing reasons to
  do so."  PGP signatures are mentioned, but your post doesn't seem
  to be PGP signed.

> Rather than accept user's preferences as the gospel regarding what MIME
> types are allowed under what conditions and in which type of newsgroups,
> I'd prefer some world-wide communal standardization that isn't based on
> the limitations of the particular posting agent used by a respondent in
> the newsgroup.  That's why I'm asking what RFCs or I-Ds are applicable.
> Do you know of any that delineate the applicable MIME types per newgroup
> [type]?  Or does the "reference" post (forget what it's really called)
> in a newsgroup that dictates the use of that newsgroup and which actually
> specifies the use of MIME and bans quoted-printable encoding?

Ah, I see that you didn't even read your own URL.  It basically says to
assume Content-Type: text/plain and Content-Transfer-Encodings: 8bit
(or 7bit) unless you see a reason to believe otherwise in the newsgroup.
So, you see, the standards are not agent-based, but newsgroup-based.
- From what I know of the Newsgroups: of this thread, none of them have
agreed to accept other types.

> I'm not defending OE.  I use OE-QuoteFix to overcome some of its faults.
> Doesn't Forte Agent also support MIME Quoted-Printable?  Sure it does
> (see http://www.forteinc.com/agent/faq.php#FAF604ADBD36555D88256C1E005A25E1).
> If I posted using something other than OE then all the OE bashing would
> have never erupted and we would've focused on arguing about the valid
> [physical versus logical] message content rather than waste words arguing
> about the client that created it (or maybe those folks switch from bashing
> OE and then bash Agent).

Well, really they'd bash the idiot who posted 1000+ character lines.
It's not OE's fault the user doesn't know how to configure OE.

[snip]

> In another 30 years, maybe?  I don't think so, especially when
> you see I-D drafts that address using quoted-printable in usenet posts.

If by ''address'' you mean ''advise against it'', maybe 30 years is
too short a time.  I hope it means ''never'', since there must be better
ways than using quoted-printable to get a news agent to wrap lines.

> You don't learn a lot by agreeing.  You learn more by disagreeing

Perhaps you're an exception, since you don't seem to be learning.  Or
even reading your own references.

> (even if you have to take the Devil's Advocate position).  If you check
> my prior posts (of which there are many more in other newsgroups), I
> didn't use MIME or it was MIME None.  Only lately have I started using
> Quoted-Printable.  This was deliberate to invoke discussions like this.

Well, your posts that I've seen have not come close to meeting the
standards described in the document you believe justifies using
quoted-printable.  So when do you plan on stopping using quoted-printable?

> I figured eventually someone would pounce on me (although this indeed
> has been a severe hijack of the original thread).  Come on, admit it,
> it has been ego-stroking fun pouncing on the OE user, hasn't it?  >;->

Not really, just annoying.

In conclusion: Please read the draft (it's still a draft, even!) again
(or perhaps for the first time), reviewing in particular the sections
I mentioned above, and fix your news agent accordingly.  Or continue
to be flamed for using an inappropriate Content-Type--it's your
choice.

- --keith

- -- 
kkeller-usenet@wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA90jdhVcNCxZ5ID8RApD0AJwK31klIFsCsdiw5mLlVGzbSdHWwwCeLBOt
e3+F/1J/k8T2C0PVqRL7lYY=
=RCMO
-----END PGP SIGNATURE-----

"*Vanguard*" <lh_vanguard@mailblocks.com> wrote:
>"Floyd L. Davidson" <floyd@barrow.com> wrote in message news:87d62xi7pp.fld@barrow.com...
>>
>> Well yes... and *I* certainly agree that is a valid!
>> Unfortunately our friend isn't using a Content-Type of
>> "text/plain"; hence, he thinks such sanity doesn't apply to him.
>> Sigh...
>
>Yes, I am.  See my headers, which are:

Yes.  That was a typo, and left out the word "just" right before
"using".  My apologies for further confusing you.

You are not *just* using text/plain, you are encoding it with
quoted-printable.  And you are *not* following very clear Usenet
conventions because you insist on sending excessively long lines
of text in your messages.


>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="iso-8859-1"
>Content-Transfer-Encoding: quoted-printable
>
>Content type is "text/plain".
>**Encoding** is quoted-printable.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

"*Vanguard*" <lh_vanguard@mailblocks.com> wrote:
>"Floyd L. Davidson" <floyd@barrow.com> wrote in message
>news:878ydli7nc.fld@barrow.com...
>> pv+usenet@pobox.com (Paul Vader) wrote:
>> >floyd@barrow.com (Floyd L. Davidson) writes:
>> >>Pardon me, but I just looked at rfc-2045, rfc-2822 *and*
>> >> at
>> >>rfc-1036 (another task made easy by the newsreader
>> >> software that
>> >>I have).  I didn't see anywhere that it hints that MIME
>> >> encoding
>> >>should *ever* be used on Usenet for text messages...
>> >
>> >Because it shouldn't, of course. Usenet isn't mail,
>> > regardless of what
>> >brain-dead microsoft programmers think.
>
>I guess it must be those brain-dead Microsoft programmers
>that are writing and ratifying
>http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt
>which addresses the use of MIME within usenet posts.

There is *nothing* in that document which says that
what you are doing in the right way to send Usenet messages.

In fact, it specifically says you are doing it wrong.

>you send and liberal in what you accept."  So we all get to
>drive to work in Geo Metros while the Porsche sits in the

Don't be an idiot.  You don't have a Porsche.   It's a
tracked vehicle with steel cleats that is chewing up the
road and making it difficult for others...

>Only lately have I started using
>Quoted-Printable.  This was deliberate to invoke discussions
>like this.

I suspected you to be deliberately asinine.  You ignore whole
sections of referenced documents and pick on easily distorted
single lines.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

On Thu, 15 Jul 2004 20:17:58 -0700, Keith Keller
<kkeller-usenet@wombat.san-francisco.ca.us> wrote:

>[dipshit ''quoted-printable'' long lines fixed]

  Actually, if you look at his posts as pure text, all his lines are
less than 80 characters. There is a CRLF at the end of every line. The
problem arises when newsreaders are aware of quoted-printable and do
whatever it is they do with quoted-printable. Kinda ironic that if you
*were* using an ancient newsreader that knew nothing about any
new-fangled stuff his posts would look fine to you. Except for the "="
at the end of every line.

Steve Baker

"Sam" <sam@email-scan.com>
wrote in news:cone.1089942945.272161.25519.500@commodore.email-scan.com:

> Before you start to lecture someone about MIME, it helps if you =
actually try=20
> to understand what MIME is.  Obviously, you don't.
<snippy>
> Plain text, E-mail messages had a carriage return/line feed pair at =
the end=20
> of every physical line.  And paragraph breaks were completely empty =
lines.

Yep, so far your description matches Quoted-Printable which DOES have =
the CR-LF sequence at the end of the line to provide a line break.

> Did you get that part? Did you let that sink through your head? =
Carriage=20
> return/linefeed at the end of every line. Empty line to delimit =
paragraphs.=20
> Before going any further, wrap your brain around that simple concept.

Yup, yup, uh huh, which way did he go, George, which way did he go?  Uh =
huh, uh huh.  Guess that'll make you happy.  Just because I won't shut =
up or roll over simply because someone declares they know better doesn't =
mean I'm dumb.  It means I require them to prove their point.  I'm still =
trying to accumulate enough through the numerous posts to feel that =
their arguments are then my arguments, too.  I'm not a lemming that just =
agrees with anyone but need some convincing which means I have to know, =
too.  That's the learning process that I'm in now.  The nose thumbing =
does wear thin after awhile, though, and detracts from the credence of =
the argument.

<snip>
> A properly-written MIME processor, takes the output of the Microsoft=20
> shitware you're running, and removes those "soft returns".  What it =
ends up=20
> is a huge, single line, over a thousand characters long.  Each =
individual=20
> paragraph in your message decodes to a single line of text, a thousand =

> characters (or so) each.

So this "properly-written MIME processor" mangles the MIME formatted =
content so it is no longer RFC compliant by converting is physical =
representation to what should only be its logical representation as =
rendered by the client.  So after it gets mangled by removing the =
trailing "=3D<CRLF>" how can it still be considered in Quoted-Printable =
format as delivered to the client?  It has been converted to a different =
format.

> Your messages do not logically consist of individual lines of text, =
80-or-so=20
> characters each, with a blank line between paragraph breaks.  In every =
one=20
> of your horribly broken E-mail messages each paragraph is a single, =
huge,=20
> line of text.  This is how the output of your Microsoft shitware looks =
to=20
> every MIME processor.

So every MIME processor alters the raw data to alter its encoding by =
stripping out the "=3D<CRLF>"?

> Now, some mail clients may choose to simply cut off all text that =
exceeds=20
> their display width.  Other mail clients may choose to wrap these =
humongous=20
> lines within the alloted display width, without concern for word =
breaks.=20
> Still other, more sophisticated clients, will try to compensate for =
your=20
> shitware's brain damage by trying to word-wrap these huge lines of =
text=20
> within their alloted display.  However, each one of these alternatives =
is=20
> technically valid.  If, as a result, your messages look like shit, it =
is not=20
> their fault.  Your messages were broken to begin with.

But you just said my messages were one big long humongous line rather =
than being broken by line breaks.  Apparently sending in =
Quoted-Printable format means, according to you, that every MIME =
processor will mangle the encoding format and converting my paragraph =
that is composed of lines physically limited to under 76 characters and =
ending with CR-LF into one long line equated to its logical =
representation.  Well, then I can understand why some clients will =
truncate at their window width.  For those that wrap at the window width =
on a character rather than parsing on a word means they may be =
technically correct (i.e., simply the "code behaves as written") but =
neglects that the content is intended for human consumption and humans =
read by words, not characters.

> The proper way to specify =E2=80=9Csoft=E2=80=9D line breaks, and =
=E2=80=9Chard=E2=80=9D paragraph breaks,=20
> is specified by RFC 2646.  My messages, for example, follow that=20
> specification, and any MIME-aware processor that implements RFC 2646 =
will be=20
> able to re-wrap my messages within whatever line width it uses, =
preserving=20
> paragraph breaks.

I've got a link to RFC 2646 and that's the next one I'll read.  But then =
other claimed wizards also noted =
http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt =
which does address using Quoted-Printable within usenet posts.  Does =
this RFC and I-D conflict with each other?  *If* so then which am I =
supposed to believe?  RFC 2646 ratified in 1999 or the draft (which I'm =
told is based on de facto standards) dated May 2004?  Since both mention =
"format=3Dflowed" and other posters have mentioned this, then this =
appears the key to compatibility (to clue the clients to wrapping but =
which seems obviously from the encoding which I didn't know got =
mangled).

> But -- and this is the crucial part that you need to absorb -- my=20
> quoted-printable messages, still decode to ordinary plain text, each =
line no=20
> more than 80 characters long.  Still, any RFC 2646-aware client can do =
the=20
> right thing and adjust this text to any logical line width.

Could you post another message but WITHOUT the PGP signing?  You and I =
already discussed this before that OE has a defect in that your =
PGP-signed posts get treated as attachments (I had to copy and paste to =
this post from the .txt attachment that OE displays for your post).  I =
think it's a result of OE not obeying the "Content-Disposition: inline" =
directive maybe from Microsoft being overly protective.  So I cannot see =
the raw format of your message to see how yours differs from what is =
described by RFC 2045 and what appears to be generated by OE.  Can you =
issue a single post without PGP or disable it temporarily to post =
without PGP so I could see what I get from the news server for the raw =
format of your non-PGP signed post?  I can see the raw content but would =
like to see it without the PGP overhead to focus on just what you are =
talking about.  Thanks.

"Keith Keller" <kkeller-usenet@wombat.san-francisco.ca.us>
wrote in news:60ujs1xi3s.ln2@goaway.wombat.san-francisco.ca.us:
> I specifically direct your attention to section 3.1.2, 3.1.2.2, and
> 3.1.2.3, which in summary state:
>
> * when Content-Type is text/plain, lines should be fewer than 72 or 79
>   characters

Yep, 76 characters max per line followed by "=" (soft line break)
followed by CR-LF (hard line break) for a total of 78 characters.

> * other Content-Types should not be used unless the group explicitly
>   accepts other Types

Where do I find that info?  Is the a central repository where the policy
for each group is defined?  I've seen mention of such policy articles
but they seemed scattered all over the place are are copies or
personalized versions of a copy.  Note that my content-type is
text/plain.  It seems the encoding that others are complain about.  The
key may be in using the "format=flowed" directive as per RFC 2646
(obsoleted by RFC 3646) which doesn't look to be implemented by OE.

> * other Content-Transfer-Encodings (like dipshit ''quoted-printable'',
>   for example) should not be used "unless there are pressing reasons
>   to do so."  PGP signatures are mentioned, but your post doesn't seem
>   to be PGP signed.

I don't use PGP.  Just MIME (Quoted-Printable or None) or no MIME.
Right now I'm instigating this discussion because I want to find out how
to use Quoted-Printable which appears valid by RFC and I-D for usenet
posts (but the problem may lie in the absense of the "format=flowed"
directive).

> Ah, I see that you didn't even read your own URL.  It basically says
> to assume Content-Type: text/plain and Content-Transfer-Encodings:
> 8bit (or 7bit) unless you see a reason to believe otherwise in the
> newsgroup. So, you see, the standards are not agent-based, but
> newsgroup-based. - From what I know of the Newsgroups: of this
> thread, none of them have agreed to accept other types.

Back to "where do I find those policies per newsgroup posted."  As a
side issue, where is the procedure described on establishing the policy?

<snip - it's getting late - but, yeah, I've got links to all RFCs
mentioned and will read them again>

"John Wingate" <johnww@worldpath.net>
wrote in news:10fed5cplvnoc47@corp.supernews.com:
> What you don't seem to be getting is that the content (described as
> Content-Type: text/plain; charset="iso-8859-1") that you are sending
> and we are seeing consists of lines of text that are many hundreds of
> characters long.
>
> The Content-Transfer-Encoding, whether it is quoted-printable or
> base64 or 8bit--though some of your lines are too long for 8bit--is
> irrelevant.  The encoding is only to ensure that the content survives
> the transport from you to us intact.  It does.  What we are
> complaining about is the format of that content.

There is no line break (CR-LF) at or before the 78th character position
preceded by a "=" character in what gets delivered to you?  Not in what
your client renders it but it what it actually received (i.e., the raw
data)?

>
> If you want to indicate that the lines in your text should be
> word-wrapped, you need an additional parameter in the Content-Type
> field, as Vernon has told you: format="flowed".

Yep, looking at that next.  I missed the "requires and adding
"format=flowed" in his post (news:cd6877$2kks$1@calcite.rhyolite.com).
Odd that RFC 2045 and 2046 don't mention it.  Which RFC *defines* the
additional directive "format=flowed" rather than just mentions it?  I
found RFC 3646 and maybe that's what I'll read next, but then it's dated
Feb 2004 so it wasn't around when I last addressed this topic, and no
one back then mentioned RFC 2646 (which 3646 obsoletes).  More reading.

>
> Not that I would recommend that.  It would be better all around if
> you posted with short lines of readable length right from the start.

"Floyd L. Davidson" <floyd@barrow.com>
wrote in news:87u0w8h5wm.fld@barrow.com:
> Yes.  That was a typo, and left out the word "just" right before
> "using".  My apologies for further confusing you.
>
> You are not *just* using text/plain, you are encoding it with
> quoted-printable.  And you are *not* following very clear Usenet
> conventions because you insist on sending excessively long lines
> of text in your messages.

I think the clue that others have mentioned (and I missed the first
time) is the used of "format=flowed" (defined in RFC 2646 and 3646).  If
that is what is causing the real problem then I'll check out what other
NNTP clients do regarding use of Quoted-Printable and if they use this
parameter to the text/plain content-type.  Looks like OE is not using
it.

On 2004-07-16, *Vanguard* <lh_vanguard@mailblocks.com> wrote:
> "John Wingate" <johnww@worldpath.net>
> wrote in news:10fed5cplvnoc47@corp.supernews.com:
>> What you don't seem to be getting is that the content (described as
>> Content-Type: text/plain; charset="iso-8859-1") that you are sending
>> and we are seeing consists of lines of text that are many hundreds of
>> characters long.
>>
>> The Content-Transfer-Encoding, whether it is quoted-printable or
>> base64 or 8bit--though some of your lines are too long for 8bit--is
>> irrelevant.  The encoding is only to ensure that the content survives
>> the transport from you to us intact.  It does.  What we are
>> complaining about is the format of that content.
>
> There is no line break (CR-LF) at or before the 78th character position
> preceded by a "=" character in what gets delivered to you?  Not in what
> your client renders it but it what it actually received (i.e., the raw
> data)?

The raw data is irrelevent. A MIME-aware client undoes the transfer encoding
to obtain the canonical form of the entity, and renders that to the user.
The canonical form of your posts consists of hugely long lines, so it's
not surprising that the client renders it that way. Note that text/plain
by default is fixed-format, i.e. the client should _not_ be trying to wrap
lines or reflow paragraphs. The RFC explicitly states:

    It should not be necessary to add any line breaks to display
    "text/plain" correctly,

(RFC 2046, 4.1.1)

The line breaks inserted by the quoted-printable encoding _do not count_
in this respect because a compliant client _must remove them_ before
attempting to render the data.

The paragraph-on-one-line thing is a known implementation error by Microsoft,
who have an amazing ability to misinterpret RFCs and then refuse to correct
their interpretation (even, in some cases, when the error is pointed out by
the original RFC authors).

-- 
Andrew, Supernews
http://www.supernews.com - individual and corporate NNTP services

On Thu, 15 Jul 2004 10:15:02 -0500, "*Vanguard*"
<lh_vanguard@mailblocks.com> wrote:

>Steve Baker said in news:cmrcf0p30083stvfb5hg6qcoplpuc73b3v@4ax.com:
>> On Wed, 14 Jul 2004 23:46:55 -0500, "*Vanguard*"
>> <lh_vanguard@mailblocks.com> wrote:
>> 
>>> My line lengths are not over 76 characters.  That's because I am
>>> using MIME Quoted-Printable. 
>> 
>>   MIME=Multipurpose Internet MAIL Extensions
>> 
>> Steve Baker
>
>So is that why your client, Forte, is also using MIME.  Go look at your headers of your post, which show:
>
>Mime-Version: 1.0
>Content-Type: text/plain; charset=us-ascii
>Content-Transfer-Encoding: 7bit
>
>Tim Smith's headers don't show MIME headers so obviously (as you assumed) are not required for usenet posts, but they can be used (as is evidenced by your own headers and most other posters).  You're using MIME and declaring your content as plain text.  I'm also using MIME and declaring it as quoted printable (and also as plain text).

No you are declaring it as text/plain but with a different charset.
Your header:
|>Content-Type: text/plain;
|>	charset="iso-8859-1"

But you tell the transfer encoding is quoted printable
|>Content-Transfer-Encoding: quoted-printable

Transfer Encoding is used to transfer non-ASCII over a 7-bit channel. At
the end of that channel the Transfer Encoding information could be used
to convert the text (/plain) back to its non-ASCII format. But you will
have to keep in mind that not all recipients can fully understand your
charset and give a different result than you expect.

-- 
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente,  Postbus 217,  7500 AE  Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/itbe

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2004-07-16, *Vanguard* <lh_vanguard@mailblocks.com> wrote:
> "Keith Keller" <kkeller-usenet@wombat.san-francisco.ca.us>

>> * other Content-Types should not be used unless the group explicitly
>>   accepts other Types
>
> Where do I find that info?  Is the a central repository where the policy
> for each group is defined?

Not that I know of.  So, you have to either read the group's FAQ, if
it exists, lurk for a time to see what others do, or ask explicitly
what the posting guidelines are.  What's so difficult about that?

>> * other Content-Transfer-Encodings (like dipshit ''quoted-printable'',
>>   for example) should not be used "unless there are pressing reasons
>>   to do so."  PGP signatures are mentioned, but your post doesn't seem
>>   to be PGP signed.
>
> I don't use PGP.  Just MIME (Quoted-Printable or None) or no MIME.
> Right now I'm instigating this discussion because I want to find out how
> to use Quoted-Printable which appears valid by RFC and I-D for usenet
> posts (but the problem may lie in the absense of the "format=flowed"
> directive).

RTFRFCD (Read The Fine RFC Draft) that you posted, or which i paraphrased
for you:

>> Ah, I see that you didn't even read your own URL.  It basically says
>> to assume Content-Type: text/plain and Content-Transfer-Encodings:
>> 8bit (or 7bit) unless you see a reason to believe otherwise in the
>> newsgroup. So, you see, the standards are not agent-based, but
>> newsgroup-based. - From what I know of the Newsgroups: of this
>> thread, none of them have agreed to accept other types.

So, here's how to use quoted-printable: don't, unless you *know* it's
okay.

> Back to "where do I find those policies per newsgroup posted."  As a
> side issue, where is the procedure described on establishing the policy?

There is no prodedure.  Is there a procedure for establishing a nude
beach?  Not usually, it just happens; so it is with usenet.

- --keith

- -- 
kkeller-usenet@wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA94N3hVcNCxZ5ID8RAtcIAJ4lA7jlqwHn99MK7ZYFrEZwi382ZQCcDzX6
rENlfFVsK5UuqIFsnhWAT4U=
=QCTU
-----END PGP SIGNATURE-----

In article <jqmdnVC7V9SemGrdRVn-tw@comcast.com>,
   *Vanguard* <lh_vanguard@mailblocks.com> wrote:
> VinceH (real address) said in news:4ccf066a22spam@softrock.co.uk:
> > 
> > I didn't save it - I forced my newsreader to open the
> > article into my text editor. The way this works in this
> > app (AFAIK) is that it /should/ cause me to see the
> > article in its original/raw format.
> > 
> > Repeating the exercise now gets the same result if I
> > use the same article. However, if I look at Vanguard's
> > subsequent reply to me, in exactly the same way, then
> > I see the soft-returns in that article.
> <snip>

> Okay, now you got me licking my chops.

It's not that exciting, I can assure you! :-)

>  WHAT was it that you saw?  Where the lines actually
> physically limited to 76 max characters?

Yes.

> And was there hard return (CF/LF) after the soft return ("= ")
> to ensure the lines were actually a max of 76 characters,

Well, once downloaded onto my system the CR/LF
actually becomes just a LF, but yes.

> or did the next line run on after the soft return so the
> physical length did exceed 76 characters?

No - the only article which partially matches that
description was the one I originally followed-up
(<auCdnaeqLobdkWvdRVn-jg@comcast.com>). Partially in
that it lacks the "= " soft returns - but only when
extracted from my newsreader, even if it's told to
show the article in its original format, as I said.

> Otherwise the arguments pend until I get Ethereal or something
> more NNTP-specific that can let me see the raw data stream to
> ensure the are CR/LFs after every soft return.

Doesn't Windows include a simple telnet client?

VinceH

-- 
http://www.vinceh.com/jenna/ 14/5/94-16/5/04 - Rest in peace

*Vanguard* <lh_vanguard@mailblocks.com> wrote:
> Spoon said in news:23rdf0lp45shjb8p4k93ejrutiju4o4gf5@4ax.com:
> > 
> > Oi - matey-boy, your line lengths *are* over 76 in length.
> > 
> > What do you have set in :-
> > 
> > Tools/Options/Send
> > 
> > and press the "Plain Text Settings" button on the "news sending
> > format"
> > 
> > What does the box "Automatically wrap text at" have in it ?
> 
> Once MIME Quoted-Printable encoding is selected, the spinbox to select
> the max line length is disabled.  Microsoft will break the lines at
> word boundaries so the physical line length doesn't exceed 76
> characters (including the trailing "=" for the soft return).  Line
> lengths may be less than 76 characters since the break is at word
> boundaries rather than at character boundaries.

  Yes, that seems to be the problem. So as Thor suggested, just do not
set any MIME encoding in OE, at least not for News. (And set/keep News
Sending Format to Plain Text with "Automatically wrap text at ..
characters, when sending." set to 72 or so.)

  To the rest of the audience: Anyone wants me to test that this is
indeed the problem, i.e. YABIOE (Yet Another Bug In OE)? I normally use
tin, which shows the long line problem and can show the raw format, so
it is not too hard for me to test this.

  It is indeed funny that (except for the trailing " ="'s) a non
MIME-aware reader does not show this problem (i.e. for example tin's
Ctrl-H display), but diplays the *quoted* text as crap! :-)

  Personal note: Some time ago, I was, rightfully, criticized in this
group for my use of "quoted-unreadable". I assume that in *this* case
such use *is* permitted? :-)

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-30527-1089976800-0002
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

*Vanguard* writes:

> "Sam" <sam@email-scan.com>
> wrote in news:cone.1089942945.272161.25519.500@commodore.email-scan.com:
> 
>> Before you start to lecture someone about MIME, it helps if you actually =
try 
>> to understand what MIME is.  Obviously, you don't.
> <snippy>
>> Plain text, E-mail messages had a carriage return/line feed pair at the e=
nd 
>> of every physical line.  And paragraph breaks were completely empty lines=
..
> 
> Yep, so far your description matches Quoted-Printable which DOES have the =
CR-LF sequence at the end of the line to provide a line break.

You are confusing encoded MIME entity, versus its contents.

> 
>> Did you get that part? Did you let that sink through your head? Carriage 
>> return/linefeed at the end of every line. Empty line to delimit paragraph=
s. 
>> Before going any further, wrap your brain around that simple concept.
> 
> Yup, yup, uh huh, which way did he go, George, which way did he go?  Uh
> huh, uh huh.  Guess that'll make you happy.  Just because I won't shut up
> or roll over simply because someone declares they know better doesn't mean
> I'm dumb.

In this case, everyone except you declares that you're wrong.

> <snip>
>> A properly-written MIME processor, takes the output of the Microsoft 
>> shitware you're running, and removes those "soft returns".  What it ends =
up 
>> is a huge, single line, over a thousand characters long.  Each individual=
 
>> paragraph in your message decodes to a single line of text, a thousand 
>> characters (or so) each.
> 
> So this "properly-written MIME processor" mangles the MIME formatted
> content

=E2=80=9CMangling MIME formatted content=E2=80=9D is not the same thing as =E2=
=80=9Cdecoding MIME 
formatted content=E2=80=9D.

>         so it is no longer RFC compliant by converting is physical
> representation to what should only be its logical representation as
> rendered by the client.

MIME does not specify how the content is to be =E2=80=9Crendered=E2=80=9D by=
 the client.  
MIME specifies how to convert arbitrary data into a format that can be 
transported via E-mail.

>                         So after it gets mangled by removing the trailing
> "=3D<CRLF>" how can it still be considered in Quoted-Printable format as
> delivered to the client?

It is no longer quoted-printable, it is the actual data that was originally 
encoded into an E-mail-able format.

>                          It has been converted to a different format.

No, it hasn't.

> 
>> Your messages do not logically consist of individual lines of text, 80-or=
-so 
>> characters each, with a blank line between paragraph breaks.  In every on=
e 
>> of your horribly broken E-mail messages each paragraph is a single, huge,=
 
>> line of text.  This is how the output of your Microsoft shitware looks to=
 
>> every MIME processor.
> 
> So every MIME processor alters the raw data to alter its encoding by strip=
ping out the "=3D<CRLF>"?

No.  Every MIME processor examines the Content-Transfer-Encoding: header, 
and decodes the MIME section accordingly to retrieve the actual data encoded=
 
into the MIME section.  A text message may use "7bit", or "8bit", or 
"quoted-printable", and even a "base64" encoding.  After decoding the MIME 
section accordingly, the MIME processor ends up with the original text 
message.  Think of MIME encoding as equivalent of ZIP compression.  A zipped=
 
file may be compressed using one of several algorithms: "deflate", 
"compress", whatever.  After uncompressing, using whatever mechanisms was 
used, you end up with the original file.

>> Now, some mail clients may choose to simply cut off all text that exceeds=
 
>> their display width.  Other mail clients may choose to wrap these humongo=
us 
>> lines within the alloted display width, without concern for word breaks. 
>> Still other, more sophisticated clients, will try to compensate for your 
>> shitware's brain damage by trying to word-wrap these huge lines of text 
>> within their alloted display.  However, each one of these alternatives is=
 
>> technically valid.  If, as a result, your messages look like shit, it is =
not 
>> their fault.  Your messages were broken to begin with.
> 
> But you just said my messages were one big long humongous line rather than
> being broken by line breaks.

They are, after they are decoded according to the specified MIME encoding.

>                               Apparently sending in Quoted-Printable
> format means, according to you, that every MIME processor will mangle the

Replace "mangle" with "decode".

> encoding format and converting my paragraph that is composed of lines
> physically limited to under 76 characters and ending with CR-LF into one
> long line equated to its logical representation.

That's because this is how your Microsoft shitware encoded your text 
messages.

>> The proper way to specify =E2=80=9Csoft=E2=80=9D line breaks, and =E2=80=9C=
hard=E2=80=9D paragraph breaks, 
>> is specified by RFC 2646.  My messages, for example, follow that 
>> specification, and any MIME-aware processor that implements RFC 2646 will=
 be 
>> able to re-wrap my messages within whatever line width it uses, preservin=
g 
>> paragraph breaks.
> 
> I've got a link to RFC 2646 and that's the next one I'll read.  But then
> other claimed wizards also noted
> http://www.ietf.org/internet-drafts/draft-ietf-usefor-useage-00.txt which
> does address using Quoted-Printable within usenet posts.  Does this RFC
> and I-D conflict with each other?

No.  MIME and RFC 2646 are orthogonal.

>                                  *If* so then which am I supposed to
> believe?  RFC 2646 ratified in 1999 or the draft (which I'm told is based
> on de facto standards) dated May 2004?  Since both mention "format=3Dflowe=
d"
> and other posters have mentioned this, then this appears the key to
> compatibility (to clue the clients to wrapping but which seems obviously
> from the encoding which I didn't know got mangled).

The draft refers to the flowed format text RFC.


>> But -- and this is the crucial part that you need to absorb -- my 
>> quoted-printable messages, still decode to ordinary plain text, each line=
 no 
>> more than 80 characters long.  Still, any RFC 2646-aware client can do th=
e 
>> right thing and adjust this text to any logical line width.
> 
> Could you post another message but WITHOUT the PGP signing?  You and I
> already discussed this before that OE has a defect in that your PGP-signed

I don't believe that I'm obligated to accomodate Microsoft's bugs.

> posts get treated as attachments (I had to copy and paste to this post
> from the .txt attachment that OE displays for your post).  I think it's a
> result of OE not obeying the "Content-Disposition: inline" directive maybe
> from Microsoft being overly protective.

Replace "protective" with "embrace and extend".

>                                         So I cannot see the raw format of
> your message to see how yours differs from what is described by RFC 2045
> and what appears to be generated by OE.

After decoding my messages according to RFC 2045 you will end up with a 
plain text file, where each line is less than 80 characters long, and 
paragraphs are delimited by a single blank line.

After decoding your messages according to RFC 2045, every paragraph comes 
out as a single, huge line, thousands of characters long.  That's the 
difference.

>                                         Can you issue a single post
> without PGP or disable it temporarily to post without PGP so I could see
> what I get from the news server for the raw format of your non-PGP signed
> post?  I can see the raw content but would like to see it without the PGP
> overhead to focus on just what you are talking about.  Thanks.

Without PGP my messages will use Content-Transfer-Encoding: 8bit.  The 7bit 
encoding is mandated by MIME PGP.


--=_mimegpg-commodore.email-scan.com-30527-1089976800-0002
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBA97ngx9p3GYHlUOIRAlJhAJwKVxWhDGJsmnULMKfz49yeLsFZoACfUZYm
acHsXt5Zh8davrZ9pRr8+xg=
=Dc2F
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-30527-1089976800-0002--

Steve Baker wrote:
>   Actually, if you look at his posts as pure text, all his lines are
> less than 80 characters. There is a CRLF at the end of every line.

When I look at his post as pure text *as it arrives here*, his lines are
really really long. When I looked at the attachment he supplied showing
his post as pure text *as it was on his system*, it had reasonable-sized
lines with soft-newlines ("=", <CR>, <LF>).

Something in between is removing the soft-newlines because they don't
belong in quoted-printable. They were never supposed to be there in the
first place, because whatever converted his text to quoted-printable
is supposed to have removed them; therefore there is no good rule as to
what to do with the soft-newlines that appear in the quoted-printable.
Something is dropping them on the floor, and dropping invalid characters
on the floor can't really be called incorrect behavior.

-- 
WASHINGTON, July 13 (Reuters) - The U.S. government posted a larger-than-
expected budget surplus in June, propped up by higher quarterly business tax
receipts, a government report released on Tuesday showed.

VinceH (real address) wrote:
> Repeating the exercise now gets the same result if I
> use the same article. However, if I look at Vanguard's
> subsequent reply to me, in exactly the same way, then
> I see the soft-returns in that article.

That's the problem. If his article is marked quoted-printable, then
whatever converted it to that form from plain text should already have
removed the soft-returns.

-- 
WASHINGTON, July 13 (Reuters) - The U.S. government posted a larger-than-
expected budget surplus in June, propped up by higher quarterly business tax
receipts, a government report released on Tuesday showed.

In article <87pt6wh5j4.fld@barrow.com>,
Floyd L. Davidson <floyd@barrow.com> wrote:

>>Only lately have I started using
>>Quoted-Printable.  This was deliberate to invoke discussions
>>like this.

That is a declaration of trolldom.

>I suspected you to be deliberately asinine.  You ignore whole
>sections of referenced documents and pick on easily distorted
>single lines.

Isn't it past time to deal appropriately with a troll?

I appologize for feeding it.  I thought it was merely an unusually clue
resistant but earnest example of an otherwise typical microstupid user.


Vernon Schryver    vjs@rhyolite.com

Frank Slootweg wrote:
>   To the rest of the audience: Anyone wants me to test that this is
> indeed the problem, i.e. YABIOE (Yet Another Bug In OE)?

It's Not A Bug, It's A Feature.

-- 
WASHINGTON, July 13 (Reuters) - The U.S. government posted a larger-than-
expected budget surplus in June, propped up by higher quarterly business tax
receipts, a government report released on Tuesday showed.

In article <auCdnaeqLobdkWvdRVn-jg@comcast.com>,
 "*Vanguard*" <lh_vanguard@mailblocks.com> wrote:

> My line lengths are not over 76 characters...
[snip deliberately unwrapped junk message sent to 'make a point']


So, you deliberately violate standards (the USENET is not MIME, etc.) 
to make your messages unreadable.  Clearly then, you must not have 
anything useful to say.

That fact has been noted for future reference.  HAND.


Richard

-- 
To reply via email, make sure you don't enter the whirlpool on river left.

My mailbox. My property. My personal space. My rules. Deal with it.
                        http://www.river.com/users/share/cluetrain/

vjs@calcite.rhyolite.com (Vernon Schryver) wrote:
>In article <87pt6wh5j4.fld@barrow.com>,
>Floyd L. Davidson <floyd@barrow.com> wrote:
>
>>>Only lately have I started using
>>>Quoted-Printable.  This was deliberate to invoke discussions
>>>like this.
>
>That is a declaration of trolldom.
>
>>I suspected you to be deliberately asinine.  You ignore whole
>>sections of referenced documents and pick on easily distorted
>>single lines.
>
>Isn't it past time to deal appropriately with a troll?
>
>I appologize for feeding it.  I thought it was merely an unusually clue
>resistant but earnest example of an otherwise typical microstupid user.

Actually, I don't think he was trolling to start with.  I think
he really thought he'd done the right thing, and is just a hard
headed asshole with an ego when it comes to discussion; and when
it became *obvious* that everyone knew he was wrong, his way of
massaging his ego is to claim he knew it all along and was just
trolling...

However...  it is indeed "past time to deal appropriately" with
it!  And regardless of whether he's a troll or just an ego
problem, the same appropriate applies. :-)

I'll join you.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

Abandoning the right to remain silent, VinceH (real address) at Thu, 15
Jul 2004 09:33:50 +0100 said:

> In article <auCdnaeqLobdkWvdRVn-jg@comcast.com>,
>    *Vanguard* <lh_vanguard@mailblocks.com> wrote:
> 
>> My line lengths are not over 76 characters.  That's because I am using
>> MIME Quoted-Printable.  The physical length of the line is 76 characters
>> (including the trailing "= " for a soft-return).
> 
> [snip rest]
> 
> I've just looked at your raw message in a text editor - ie as plain text.
> 
> Your lines are definitely over 76 characters - each paragraph is one line.
> The only occurences of "= " are where you've quoted them in the text.
> 

I have examined <auCdnaeqLobdkWvdRVn-jg@comcast.com.msg> in my PAN cache
and it is "Content-Transfer-Encoding: quoted-printable".

No body text line exceeds 80 characters.

If I tell PAN not to wrap the body text it displays each paragraph as one
line. Will slrn let you select text wrap?

-- 
Avoid reality at all costs.
$email =~ s/n(.)a(.)n(.)a(.)e(.+)invalid/$1$2$3$4$5au/;

"*Vanguard*" <lh_vanguard@mailblocks.com> writes:
>Yes, I am.  See my headers, which are:
>
>Content type is "text/plain".  
>**Encoding** is quoted-printable.  

TURN OFF THE ENCODING, and you'll make everybody happy. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

*Vanguard* <lh_vanguard@mailblocks.com> wrote:
> "John Wingate" <johnww@worldpath.net>
> wrote in news:10fed5cplvnoc47@corp.supernews.com:
>> What you don't seem to be getting is that the content (described as
>> Content-Type: text/plain; charset="iso-8859-1") that you are sending
>> and we are seeing consists of lines of text that are many hundreds of
>> characters long.
>>
>> The Content-Transfer-Encoding, whether it is quoted-printable or
>> base64 or 8bit--though some of your lines are too long for 8bit--is
>> irrelevant.  The encoding is only to ensure that the content survives
>> the transport from you to us intact.  It does.  What we are
>> complaining about is the format of that content.

> There is no line break (CR-LF) at or before the 78th character position
> preceded by a "=" character in what gets delivered to you?  Not in what
> your client renders it but it what it actually received (i.e., the raw
> data)?

Yes, there is.  You keep asking that, as if it had something to do with
the way the message is displayed.  Look for yourself:

$ telnet news.worldpath.net 119
Trying 216.168.3.44...
Connected to news.worldpath.net.
Escape character is '^]'.
200 Supernews NNRP server ready - http://www.supernews.com (posting ok)
article <BNudnXPT1N9LQWndRVn-jw@comcast.com>
220 0 <BNudnXPT1N9LQWndRVn-jw@comcast.com> article retrieved - head and body follow
 ...
Divulging personal info (to scammers) was just *one* of the problems I =
mentioned of of challenge e-mails.  Just responding to the challenge =
 ...

Quoted-printable is the Content-TRANSFER-Encoding not the
X-Content-DISPLAY-Method.  Newsreaders and mail clients undo the
Content-Transfer-Encoding upon receipt.  Your messages have been, as
described in RFC 3646 (and 2646), Content-Type: text/plain;
charset="iso-8859-1"; format="fixed", and have had extremely long
lines.

> Which RFC *defines* the
> additional directive "format=flowed" rather than just mentions it?  I
> found RFC 3646 and maybe that's what I'll read next, but then it's dated
> Feb 2004 so it wasn't around when I last addressed this topic, and no
> one back then mentioned RFC 2646 (which 3646 obsoletes).  More reading.

I've just looked at those.  the title of RFC 2646 is "The Text/Plain
Format Parameter", so I would assume "format=flowed" was first defined
there.  Note that both RFCs recommend against using quoted-printable
with "format=flowed".

>> It would be better all around if
>> you posted with short lines of readable length right from the start.

I see you have done that with the post I am responding to, which was
much easier to read, thank you.  But you now have:

   Content-Type: text/plain; charset="iso-8859-1"
   Content-Transfer-Encoding: 7bit

which would be incorrect should you ever actually use any non-US-ASCII
ISO-8859-1 characters in your posts.

-- 
John Wingate                        Mathematics is the art which teaches
johnww@worldpath.net                one how not to make calculations.
                                                         --Oscar Chisini

On 2004-07-16, You have no need to know <anjahnoaoed@fl.net.invalid> wrote:

<snip>
> If I tell PAN not to wrap the body text it displays each paragraph as one
> line. Will slrn let you select text wrap?

Yep.  An uppercase doubleyou: 'W'.

This guy with the single line paragraphs is a troll.  Entertain yourself by
responding to him, but don't expect to educate him.
-- 
Email is wtallman at olypen dot com

*Vanguard* wrote:


> 
> Yep, looking at that next.  I missed the "requires and adding
> "format=flowed" in his post (news:cd6877$2kks$1@calcite.rhyolite.com).
> Odd that RFC 2045 and 2046 don't mention it.  Which RFC *defines* the
> additional directive "format=flowed" rather than just mentions it?  I
> found RFC 3646 and maybe that's what I'll read next, but then it's dated
> Feb 2004 so it wasn't around when I last addressed this topic, and no
> one back then mentioned RFC 2646 (which 3646 obsoletes).  More reading.
> 

If you are going to quote which RFC obsoletes RFC 2646 at least quote
the correct one, unless of course you're now into: RFC 3646 DNS
Configuration options for Dynamic Host Configuration Protocol for IPv6
(DHCPv6).


RFC 2646 - The Text/Plain Format Parameter
Authors: R. Gellens, Ed.
Date: August 1999
Updates: RFC2046
Obsoleted by: RFC3676 <==== NOTE
Format: TXT=29175 bytes

RFC 3676 - The Text/Plain Format and DelSp Parameters
Network Working Group                                         R. Gellens
Request for Comments: 3676                                      Qualcomm
Obsoletes: 2646                                            February 2004
Category: Standards Track

Yesterday, I wrote:
> *Vanguard* <lh_vanguard@mailblocks.com> wrote:
> > Spoon said in news:23rdf0lp45shjb8p4k93ejrutiju4o4gf5@4ax.com:
> > > 
> > > Oi - matey-boy, your line lengths *are* over 76 in length.
> > > 
> > > What do you have set in :-
> > > 
> > > Tools/Options/Send
> > > 
> > > and press the "Plain Text Settings" button on the "news sending
> > > format"
> > > 
> > > What does the box "Automatically wrap text at" have in it ?
> > 
> > Once MIME Quoted-Printable encoding is selected, the spinbox to select
> > the max line length is disabled.  Microsoft will break the lines at
> > word boundaries so the physical line length doesn't exceed 76
> > characters (including the trailing "=" for the soft return).  Line
> > lengths may be less than 76 characters since the break is at word
> > boundaries rather than at character boundaries.
> 
>   Yes, that seems to be the problem. So as Thor suggested, just do not
> set any MIME encoding in OE, at least not for News. (And set/keep News
> Sending Format to Plain Text with "Automatically wrap text at ..
> characters, when sending." set to 72 or so.)
> 
>   To the rest of the audience: Anyone wants me to test that this is
> indeed the problem, i.e. YABIOE (Yet Another Bug In OE)? I normally use
> tin, which shows the long line problem and can show the raw format, so
> it is not too hard for me to test this.

  Nobody asked me, but I tested this anyway. If you want to see for
yourself: <news:40f8de98$0$66800$a344fe98@news.wanadoo.nl> of today in
alt.test.

  I could indeed reproduce the Outlook Express long-line bug, i.e.
Vanguard's problem, by setting "News Sending Format" to "Plain Text" and
"Plain Text Settings" -> "Message format" to "MIME" and "Encode text
using:" to "Quoted Printable".

  The (relevant) headers are then indeed:

> MIME-Version: 1.0
> Content-Type: text/plain;
>         charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable

  And the text lines are then indeed:

<line_of_about_72_characters><space><equal_sign><end_of_line>
<line_of_about_72_characters><space><equal_sign><end_of_line>
.....
<line_of_upto__72_characters><end_of_line>

where <end_of_line> is a normal line-terminator, i.e. LF for 'UNIX' and
CRLF for 'DOS'.

  Perhaps the MIME gurus in this group can tell if my/our MIME
decoder(s) are indeed correctly decoding this into very long lines.

  FWIW, OE displays this 'correctly', i.e. it just wraps at word-
boundaries to whatever width the window is set.

  Sadly enough, also Google Groups displays this 'correctly' both in
their normal display, as in their "Original Format" (I only checked
Google Groups for one of Vanguard's articles [1], not for my alt.test
article, because Google Groups does not carry alt.test, only subgroups.
Sigh!).

  I hope this helps.

[1] http://groups.google.com/groups?selm=auCdnaeqLobdkWvdRVn-jg@comcast.com

On Sun, 18 Jul 2004, Jonathan de Boyne Pollard wrote:
> PV> Usenet is, and should stay, a text-only medium.  You only
> PV> would need MIME encodings if you need to differentiate
> PV> between other formats for the data, and you don't.
>
> <sigh>  How soon the lessons of history are forgotten!  Usenet, even a
> hypothetical "text-only" Usenet, needs MIME because, at the very least, text
> needs to be labelled with the character set that applies to it.  Put another
> way:  Usenet needs MIME, even for text, for the same disambiguation reasons
> that the "Date:" header needs a timezone field.

No, it doesn't - at least not historically:  US-ASCII was the only one
available at the creation of "usenet."  Today, if not labelled, it should
default to that or something compatible with it (like ISO-8859-1) in its lower
7 bits.

MF> I have a question.  I note the subject lime and ask, who 
MF> cares what a famous hacker does or does not do?  

The only evidence that we have readily to hand in order to determine the
answer to that question comprises the postings to this thread.  According to
that evidence, at least, only the resident spammer here in this newsgroup
actually cares.

V> Content type is "text/plain".
V> **Encoding** is quoted-printable.

PV> TURN OFF THE ENCODING, and you'll make everybody happy. 

No he won't.  Most people aren't complaining about the encoding.  Indeed,
several have explicitly pointed out that the transfer encoding is irrelevant. 
The fact that the body part, *unencoded*, contains lines that are hundreds of
characters long is what people are actually unhappy about.

PV> Usenet is, and should stay, a text-only medium.  You only 
PV> would need MIME encodings if you need to differentiate 
PV> between other formats for the data, and you don't. 

<sigh>  How soon the lessons of history are forgotten!  Usenet, even a
hypothetical "text-only" Usenet, needs MIME because, at the very least, text
needs to be labelled with the character set that applies to it.  Put another
way:  Usenet needs MIME, even for text, for the same disambiguation reasons
that the "Date:" header needs a timezone field.

FLD> Now, why [he] expects *[his]* text to be formatted by *my* 
FLD> software is beyond me.  

It shouldn't be.  The notion of the user agent displaying body parts in a form
determined, to greater or lesser extent, by the reader is _exactly_ the notion
embodied both in RFC 3676 and in most of the "text/*" body part types in
general.

FLD> I certainly do not want [his] horrible software to be choosing 
FLD> how *my* text is formatted.  I'm just as particular about the
FLD> format my message is presented in as I am about the words 
FLD> used to convey the message!

Then you should be using a body part type other than "text/plain".  As anyone
who has been through the learning experiences of posting relying upon
monospacing or particular default character sets at the reader's end will
attest, the "text/plain" default simply does not give authors the degree of
control over what others see which you here claim to want.  This fact, and the
experiences of the many people in years past who went through the process of
discovering that relying upon the mis-named "plain text" for
what-you-write-is-what-they-read simply doesn't work, is exactly why we have
text-with-markup body part types like "text/enriched" and "text/html" in the
first place.

I suspect, however, that your claim is inaccurate, and that you are not in
fact as "particular about the format my message is presented in" as you say
you are.  For example: I suspect that, for starters, you don't mind whether
people view your text in a monospaced or a proportional font, which is one of
the basic things that someone as particular about what readers see as that
_would_ mind about.

KK> * when Content-Type is text/plain, lines should be fewer than 
KK> 72 or 79 characters

V> Yep, 76 characters max per line followed by "=" (soft line break)
V> followed by CR-LF (hard line break) for a total of 78 characters.

You are conflating line length limits on content transfer encodings with line
length limits on the actual, unencoded, body parts themselves. 
Quoted-printable encoding embodies a line length limit in order to avoid
transport issues with rare (and, some assert, outdated and even broken)
transport softwares.  However, the separate and additional line length limit
on *unencoded* "text/plain" body parts is recommended in order to allow them
to be widely readable.

On Sun, 18 Jul 2004 04:43:22 GMT, Jonathan de Boyne Pollard
<J.deBoynePollard@Tesco.NET> wrote:

>V> Content type is "text/plain".
>V> **Encoding** is quoted-printable.
>
>PV> TURN OFF THE ENCODING, and you'll make everybody happy. 
>
>No he won't.  Most people aren't complaining about the encoding.  Indeed,
>several have explicitly pointed out that the transfer encoding is irrelevant. 
>The fact that the body part, *unencoded*, contains lines that are hundreds of
>characters long is what people are actually unhappy about.

  But they're wrong. His lines are less than 80 characters if a CRLF
indicates the end of a line. His lines get looking long when
newsreaders get to fooling around with the quoted-printable aspect of
things.

Steve Baker

Jonathan de Boyne Pollard <J.deBoynePollard@Tesco.NET> wrote:
>FLD> Now, why [he] expects *[his]* text to be formatted by *my*
>FLD> software is beyond me.
>
>It shouldn't be.  The notion of the user agent displaying body parts in a form
>determined, to greater or lesser extent, by the reader is _exactly_ the notion
>embodied both in RFC 3676 and in most of the "text/*" body part types in
>general.

The fact that it can be done is not in dispute.  *Why* he would
want to do it is beyond me.  For the typical text article posted
to Usenet (as opposed to binaries, etc.), it is simply a poor
practice on the part of a writer to leave any part of the format
to the reader.  In essence, I don't want the reader changing the
words that I use, the white space that I use, or the
*formatting* that I use because /all/ of that contributes to the
message which I wish to communicate.

It is also very poor practice on the part of a reader to force
reformatting.

>FLD> I certainly do not want [his] horrible software to be choosing
>FLD> how *my* text is formatted.  I'm just as particular about the
>FLD> format my message is presented in as I am about the words
>FLD> used to convey the message!
>
>Then you should be using a body part type other than "text/plain".

That is not true.  You appear to be confusing "flowed" with
"text/plain", and do not appear to have understood what RFC-3676
(or its predecessor, RFC-2646) is proposing, or why.

>As anyone
>who has been through the learning experiences of posting relying upon
>monospacing or particular default character sets at the reader's end will
>attest, the "text/plain" default simply does not give authors the degree of
>control over what others see which you here claim to want.  This fact, and the
>experiences of the many people in years past who went through the process of
>discovering that relying upon the mis-named "plain text" for
>what-you-write-is-what-they-read simply doesn't work, is exactly why we have
>text-with-markup body part types like "text/enriched" and "text/html" in the
>first place.

Those are reader-side formatting options, or exactly the opposite of what
I want.

>I suspect, however, that your claim is inaccurate, and that you are not in
>fact as "particular about the format my message is presented in" as you say
>you are.  For example: I suspect that, for starters, you don't mind whether
>people view your text in a monospaced or a proportional font, which is one of
>the basic things that someone as particular about what readers see as that
>_would_ mind about.

It isn't something I have control over, beyond the fact that my
articles *do* specify fixed font with no space replacement
(because I do not specify either flowed or delsp formatting).  I
am, however, assuming that people are in fact improperly using
proportional fonts when they should not.  I can't prevent that.

Once again, you are confusing "flowed" with "text/plain".  Read
the RFC you referenced.

   What is required is a format which is in all significant ways
   Text/Plain, and therefore is quite suitable for display as
   Text/Plain, and yet allows the sender to express to the
   receiver which lines can be considered a logical paragraph,
   and thus flowed (wrapped and joined) as appropriate.
      RFC-2646 and RFC-3676

You are saying that Text/Plain *is* that format, and the RFC clearly
says that it is not.

   If Format is not specified, or if the value is not
   recognized, a value of Fixed is assumed.
   ...
   If DelSp is not specified, or if its value is not
   recognized, a value of No is assumed.


-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

Jonathan de Boyne Pollard <J.deBoynePollard@tesco.net> wrote:
> V> Content type is "text/plain".
> V> **Encoding** is quoted-printable.
> 
> PV> TURN OFF THE ENCODING, and you'll make everybody happy. 
> 
> No he won't.  Most people aren't complaining about the encoding.  Indeed,
> several have explicitly pointed out that the transfer encoding is irrelevant. 
> The fact that the body part, *unencoded*, contains lines that are hundreds of
> characters long is what people are actually unhappy about.

  True, but the point is that, as Vanguard mentioned and I confirmed in
my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>, Outlook
Express *turns off* the hard-wrapping of the unencoded lines as soon as
he/one sets quoted-printable ("Message format" set to "MIME" and "Encode
text using:" set to "Quoted Printable"). OE shouldn't do that, but it
does.

  So while you are *technically* correct, what Paul Vader 'asked'
*actually works*! :-)

	Jonathan, apropos

X-ORIGINAL-NEWSGROUPS: news.admin.net-abuse.email,comp.mail.misc,comp.os.linux.misc
Newsgroups: comp.mail.misc

	please don't *silently* redirect the follow-ups!
	(at least state that you are doing it...)

	...in particular, I don't understand why you'd redirected
	to comp.mail.misc -- the topic seems to have drifted to
	talk-talk about, exclusively, USEnet now, right ?!?
  (none of the cross-posted to groups seems "right" -- agreed! <sigh>)


>> Usenet is, and should stay, a text-only medium.
>> You only would need MIME encodings if you need to differentiate 
>> between other formats for the data, and you don't. 
> <sigh>  How soon the lessons of history are forgotten!  Usenet, even a
> hypothetical "text-only" Usenet, needs MIME because, at the very least,
> text needs to be labelled with the character set that applies to it.
> Put another way:  Usenet needs MIME, even for text, for the same
> disambiguation reasons that the "Date:" header needs a timezone field.


	ah, the old problem: properly differentiating the transport
	mechanism/software/infra-structure and "content"...  ;-)

	...one wished that "Usenet" had been defined (and accepted) as
	just a few hierarchies of English-only, plain-ASCII newsgroups
	(thus explicitly opening up the rest of the 'universe' of possible
	newsgroup hierarchy names --and headaches-- to be called *something
	else* ...and Good Riddance! (tm)...    :-)

-- 
  /"\      ASCII...       ._.    ||--> EscapeCellHell.org (Consumers Union) <--
  \ /     on Usenet       /v\    || If you're not pissed off at the world yet
   X    ANYTHING ELSE   /(   )\  ||    then you're just not paying attention.
  / \    IS BLOAT !!     ^^ ^^   ||                          --Kasey Chambers

Re: Followup-To: comp.mail.misc

	I don't care to get *seduced* thus to post to a froup I'm not even
	subscribed to -- so cut it out already, Jonathan, please... !


>> Content type is "text/plain".
>> **Encoding** is quoted-printable.
>> TURN OFF THE ENCODING, and you'll make everybody happy. 
> No he won't.  Most people aren't complaining about the encoding.

	kinda funny how we all make claims about what *most* people
	think and do...  ain't it ?!?


> several have explicitly pointed out that the transfer encoding is irrelevant. 
> The fact that the body part, *unencoded*, contains lines that are hundreds
> of characters long is what people are actually unhappy about.

	the KILLfile is your friend: ignore all HTML and QUOTED-PRINTABLE
	articles...  (and live happily ever after...  ;-)

-- 
  /"\      ASCII...       ._.    ||--> EscapeCellHell.org (Consumers Union) <--
  \ /     on Usenet       /v\    || If you're not pissed off at the world yet
   X    ANYTHING ELSE   /(   )\  ||    then you're just not paying attention.
  / \    IS BLOAT !!     ^^ ^^   ||                          --Kasey Chambers

On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
news.admin.net-abuse.email and left this in
<yrWdnbOeuIyylWrd4p2dnA@comcast.com>:

> Please elaborate on viewing a news spool directory.....
> [snip a further 6 screens of text on one line]

*PLONK*

You can't be bothered to post in a standards-compliant fashion, so I 
can't be bothered to read your ridiculously-formatted messages.

-- 
Steve

Steven Maesslein <nobody@nowhere.invalid> wrote:
> On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
> news.admin.net-abuse.email and left this in
> <yrWdnbOeuIyylWrd4p2dnA@comcast.com>:
> 
> > Please elaborate on viewing a news spool directory.....
> > [snip a further 6 screens of text on one line]
> 
> *PLONK*
> 
> You can't be bothered to post in a standards-compliant fashion, so I 
> can't be bothered to read your ridiculously-formatted messages.

  No offense, but if you had bothered to read all responses, you would
have found that not he is at fault, but his broken newsreader (which
turns off hard line-wrapping as soon as quoted-printable is turned on).
See my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>) and its
(two) parents for details.

  I fully agree that he was (is?) rather unwilling to accept that the
problem is on his side, but I can understand that, because 1) this is a
complex matter (i.e. even the 'specialists' in this thread quibble with
eachother about it) and 2) his software hides its brokeness from him
(i.e. automatically word-wraps too long lines).

  I came late in this thread and wonder why it took so long to *show*
him what was wrong. I.e. why didn't somebody show him what his *raw*
format (i.e. as 'transmitted over the wire' c.q. 'stored in the spool')
*did* look like and what it *should* look like? IMO that would have
saved a lot of time, effort, frustration, etc..

Floyd L. Davidson wrote:

> The fact that it can be done is not in dispute.  *Why* he would
> want to do it is beyond me.  For the typical text article posted
> to Usenet (as opposed to binaries, etc.), it is simply a poor
> practice on the part of a writer to leave any part of the format
> to the reader.  In essence, I don't want the reader changing the
> words that I use, the white space that I use, or the
> *formatting* that I use because /all/ of that contributes to the
> message which I wish to communicate.
>
> It is also very poor practice on the part of a reader to force
> reformatting.

Oh dear.  My reader converted all your *emphasized* text to bold, your
/slashed/ text to italic and used a proportional font.  I hope this doesn't
offend you _too_ much.  I could get my terminal out of the basement, but the
text would be green on black and you'd have to live with that, sorry.  (Or
would black on green be better?)

-- 
Ron Sharp.

"Android Cat" <androidcat98@hotmail.com> wrote:
>Floyd L. Davidson wrote:
>
>> The fact that it can be done is not in dispute.  *Why* he would
>> want to do it is beyond me.  For the typical text article posted
>> to Usenet (as opposed to binaries, etc.), it is simply a poor
>> practice on the part of a writer to leave any part of the format
>> to the reader.  In essence, I don't want the reader changing the
>> words that I use, the white space that I use, or the
>> *formatting* that I use because /all/ of that contributes to the
>> message which I wish to communicate.
>>
>> It is also very poor practice on the part of a reader to force
>> reformatting.
>
>Oh dear.  My reader converted all your *emphasized* text to bold, your
>/slashed/ text to italic

You did good then, because that is indeed exactly what is
supposed to happen.

>... and used a proportional font.

As I noted, it is impossible for me to prevent a reader from
using foolish configuration options or poorly designed software.
(I see you use Outhouse Express...)


>I hope this doesn't
>offend you _too_ much.  I could get my terminal out of the basement, but the
>text would be green on black and you'd have to live with that, sorry.  (Or
>would black on green be better?)

You do realize that if text is formatted into columns, for
example to present a table of useful information in a readable
manner, *you* are going to have a mess rather than anything
useful.

In that case, you might actually be better suited if you stick
with old technology that you can't misconfigure.  The rest of us
won't have that problem, since we make better choices for both
software and configuration.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

Since these folks don't have the sense or manners to change the subject
line when they change the subject, here's  the original post:


<quote>

http://spamarrest.com/pressoffice/news/index.jsp


Toronto Star - August 4, 2003
So what does [Kevin] Mitnick, former
hacker supremo, use to guard against
spam? "I use Spam Arrest," he told
The Guardian. "Any legitimate person
who wants to send me a message has to
jump through hoops before they can be
added to my opt-in list." Read
more...

</quote>

http://groups.google.com/groups?selm=i7UAc.10084$Wr.7693@newsread1.news.pas.earthlink.net


This is a little more information about him that I
added shortly after the original post.


<quote>


Kevin Mitnick is also one of the world's foremost
computer security experts, which is one of the
reasons he uses challenge-responses:

People that send viruses and worms and such around
the internet, deliberately or unwittingly, do
not use their real email address or would not know
what mail the challenge-response was referring to if
the did receive one as the result of their address
being forged or used by a malicious program they did
not even know they were running.

They certainly would not have a copy to re-send to
the person whose challenge-response they recieved.

Therefore, his program just dumps the virus/worms
and they are never opened or even saved in memory.

This is very good protection against email-born
malicious programs.

</quote>

http://groups.google.com/groups?selm=ve8Bc.11608$Wr.2697@newsread1.news.pas.earthlink.net

AC

--
Pass-List -----> Block-List ----> Challenge-Response
The key to taking control of your mailbox.  Design Parameters:
http://tinyurl.com/2t5kp ||   http://tinyurl.com/3c3ag
Challenge-Response links -- http://tinyurl.com/yrfjb

Hello

Floyd L. Davidson (<floyd@barrow.com>) wrote:

> As I noted, it is impossible for me to prevent a reader from 
> using foolish configuration options or poorly designed software. 
> [...]
> You do realize that if text is formatted into columns, for
> example to present a table of useful information in a readable
> manner, *you* are going to have a mess rather than anything
> useful.

If a user feels the need to do it, he or she can switch to monospaced
fonts anytime. With knode all I have to do is to press "x", and your
message (especially diagrams, tables and all kind of ASCII art) will be
displayed the way you wrote it. Yet I definitely don't prefer to read
large amounts of text that way. I prefer some sans-serif font like
Arial, Verdana or Helvetica, no matter what /you/ think is good for me.

The really foolish thing is that you think it would be good if you could
dictate the way others see your messages. One of the big advantages of
emails, usenet posts and web pages is that the /reader/ can decide how
the content is displayed to him - by choosing the fonts for his
applications, by setting up user defined style sheets for his web
browser, and by using the other means he has to make his applications
display everything to /his/ needs, not to yours. If you think
differently, maybe you should start sending your posts as PDF files.

best regards
        Andreas Janssen

-- 
Andreas Janssen <andreas.janssen@bigfoot.com>
PGP-Key-ID: 0xDC801674 ICQ #17079270
Registered Linux User #267976
http://www.andreas-janssen.de/debian-tipps.html

Andreas Janssen <andreas.janssen@bigfoot.com> wrote:
>Floyd L. Davidson (<floyd@barrow.com>) wrote:
>
>> As I noted, it is impossible for me to prevent a reader from
>> using foolish configuration options or poorly designed software.
>> [...]
>> You do realize that if text is formatted into columns, for
>> example to present a table of useful information in a readable
>> manner, *you* are going to have a mess rather than anything
>> useful.
>
>If a user feels the need to do it, he or she can switch to monospaced
>fonts anytime. With knode all I have to do is to press "x", and your
>message (especially diagrams, tables and all kind of ASCII art) will be
>displayed the way you wrote it. Yet I definitely don't prefer to read
>large amounts of text that way. I prefer some sans-serif font like
>Arial, Verdana or Helvetica, no matter what /you/ think is good for me.

However, I'm *not* selecting your font (heh heh, but if I could,
I would).  For example, I don't care if you prefer serif or
san-serif.  I'm not really all that upset if you insist on using
proportional fonts either, as long as you are indeed able to
switch easily to something that corrects the resulting problems.

(Personally, I don't agree with you on the proportional font
part, but do on everything else for personal preferences.  I
also do understand how difficult it is to find suitable font
configurations in X.  I use -misc-fixed-medium-r-semicondensed-*
fonts myself.  It is somewhat similar to Helvetica, except it is
monospaced.  My needs might be more critical in that area than
yours though.  I do a *lot* of text formatting which requires a
fixed pitch font.  Perhaps you needs are different, which is
just fine.)

>The really foolish thing is that you think it would be good if you could
>dictate the way others see your messages.

It's *my* message, of course I am concerned about how it is
presented!

Indeed, I've always been just amazed at how little attention
most people give to good communications skills when they post
to Usenet.  But then, I'm a retired communications technician,
so it is hardly surprising that I am both very aware and very
critical in that area.

>One of the big advantages of

Not an "advantage", but rather just one way that a fool can make
a mess out of something that was carefully configured by someone
who actually did know what the difference is.

Of course, if the fool is the one who formatted it to begin
with...!  Then you have a very good point.  My position is that
poorly formatted messages probably aren't worth reading anyway,
so I don't want to remove the clue that it comes from someone
who can't tell the difference...  ;-)

>emails, usenet posts and web pages is that the /reader/ can decide how
>the content is displayed to him - by choosing the fonts for his
>applications, by setting up user defined style sheets for his web
>browser, and by using the other means he has to make his applications
>display everything to /his/ needs, not to yours. If you think
>differently, maybe you should start sending your posts as PDF files.

Like I said though, I cannot prevent a reader from
misconfiguration or poor software selection.  You are
entitled to do as you please.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

In article <40fa7693$0$66812$a344fe98@news.wanadoo.nl>,
 Frank Slootweg <this@ddress.is.invalid> wrote:

> Steven Maesslein <nobody@nowhere.invalid> wrote:
> > On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
> > news.admin.net-abuse.email and left this in
> > <yrWdnbOeuIyylWrd4p2dnA@comcast.com>:
> > 
> > > Please elaborate on viewing a news spool directory.....
> > > [snip a further 6 screens of text on one line]
> > 
> > *PLONK*
> > 
> > You can't be bothered to post in a standards-compliant fashion, so I 
> > can't be bothered to read your ridiculously-formatted messages.
> 
>   No offense, but if you had bothered to read all responses, you would
> have found that not he is at fault, but his broken newsreader (which
> turns off hard line-wrapping as soon as quoted-printable is turned on).
> See my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>) and its
> (two) parents for details.


No, you're wrong.

He actively refused to stop his long line posting, telling us that we 
should adjust to his new way.  It wasn't a matter of his newsreader 
being borked -- that was merely the excuse for his rants.

That *Vanguard* creature was just trying to stir things up.  In other 
words, it's a troll, and as such shouldn't be fed, even by you.


Richard

-- 
To reply via email, make sure you don't enter the whirlpool on river left.

My mailbox. My property. My personal space. My rules. Deal with it.
                        http://www.river.com/users/share/cluetrain/

On 2004-07-18, Frank Slootweg <this@ddress.is.invalid> wrote:
> No offense, but if you had bothered to read all responses, you would have
> found that not he is at fault, but his broken newsreader (which turns off
> hard line-wrapping as soon as quoted-printable is turned on).  See my test
> (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>) and its (two) parents
> for details.

Yet thousands of people manage to post every day with that newsreader
without problems.  PEBCAK.

-- 
--Tim Smith

On Sun, 18 Jul 2004 11:53:15 -0600, Richard Johnson <rnews@whirlpool.river.com> wrote:
> 
> 
> In article <40fa7693$0$66812$a344fe98@news.wanadoo.nl>,
>  Frank Slootweg <this@ddress.is.invalid> wrote:
> 
>> Steven Maesslein <nobody@nowhere.invalid> wrote:
>> > On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
>> > news.admin.net-abuse.email and left this in
>> > <yrWdnbOeuIyylWrd4p2dnA@comcast.com>:
>> > 
>> > > Please elaborate on viewing a news spool directory.....
>> > > [snip a further 6 screens of text on one line]
>> > 
>> > *PLONK*
>> > 
>> > You can't be bothered to post in a standards-compliant fashion, so I 
>> > can't be bothered to read your ridiculously-formatted messages.
>> 
>>   No offense, but if you had bothered to read all responses, you would
>> have found that not he is at fault, but his broken newsreader (which
>> turns off hard line-wrapping as soon as quoted-printable is turned on).
>> See my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>) and its
>> (two) parents for details.
> 
> 
> No, you're wrong.
> 
> He actively refused to stop his long line posting, telling us that we 
> should adjust to his new way.  It wasn't a matter of his newsreader 
> being borked -- that was merely the excuse for his rants.
> 

So? Why have you refused to change the subject line of this thread
when you have changed the subject of this thread?

Both are equal violations of the Netiquette.

Hypocrites are just as bad as trolls in my book.

I will now change the subject line of this post to reflect its contents.

AC


-- 
Pass-List -----> Block-List ----> Challenge-Response
The key to taking control of your mailbox.  Design Parameters:
http://tinyurl.com/2t5kp ||   http://tinyurl.com/3c3ag
Challenge-Response links -- http://tinyurl.com/yrfjb

In <zQvKc.4577$wo7.1425@nntp-post.primus.ca>, Android Cat:

> X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441

Like shooting fish in a barrel...

<PLONK>

-- 
Regards, Weird (Harold Stevens) * IMPORTANT EMAIL INFO FOLLOWS *
Pardon any bogus email addresses (wookie) in place for spambots.
Really, it's (wyrd) at airmail, dotted with net. DO NOT SPAM IT.
Kids jumping ship? Looking to hire an old-school type? Email me.

Alan Connor wrote:

> On Sun, 18 Jul 2004 11:53:15 -0600, Richard Johnson
> <rnews@whirlpool.river.com> wrote:
>> 
>> 
>> In article <40fa7693$0$66812$a344fe98@news.wanadoo.nl>,
>>  Frank Slootweg <this@ddress.is.invalid> wrote:
>> 
>>> Steven Maesslein <nobody@nowhere.invalid> wrote:
>>> > On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
>>> > news.admin.net-abuse.email and left this in
>>> > <yrWdnbOeuIyylWrd4p2dnA@comcast.com>:
>>> > 
>>> > > Please elaborate on viewing a news spool directory.....
>>> > > [snip a further 6 screens of text on one line]
>>> > 
>>> > *PLONK*
>>> > 
>>> > You can't be bothered to post in a standards-compliant fashion, so I
>>> > can't be bothered to read your ridiculously-formatted messages.
>>> 
>>>   No offense, but if you had bothered to read all responses, you would
>>> have found that not he is at fault, but his broken newsreader (which
>>> turns off hard line-wrapping as soon as quoted-printable is turned on).
>>> See my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>) and its
>>> (two) parents for details.
>> 
>> 
>> No, you're wrong.
>> 
>> He actively refused to stop his long line posting, telling us that we
>> should adjust to his new way.  It wasn't a matter of his newsreader
>> being borked -- that was merely the excuse for his rants.
>> 
> 
> So? Why have you refused to change the subject line of this thread
> when you have changed the subject of this thread?
> 
> Both are equal violations of the Netiquette.
> 
> Hypocrites are just as bad as trolls in my book.
> 
> I will now change the subject line of this post to reflect its contents.
> 

So did I
-- 
Tact, n.:
        The unsaid part of what you're thinking.

Meanwhile, as our hero sinks slowly in the West, on 18 Jul 2004, Frank
Slootweg <this@ddress.is.invalid> wrote in
news:40fa7693$0$66812$a344fe98@news.wanadoo.nl: 

>   No offense, but if you had bothered to read all responses, you would
> have found that not he is at fault, but his broken newsreader 

And he has been repeatedly *TOLD* that his newsreader is broken, and
where to get a free replacement which is *not* broken.  And he's
arrogantly claimed that *he* is right and everyone else is wrong. 

Short verion: He's a fsckhead MS minion.

-- 
Solid Web hosting, responsive support, effective spam-blocking.
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
Brad Jesness, net K00k: http://www.wilhelp.com/bj_faq/

Meanwhile, as our hero sinks slowly in the West, on 17 Jul 2004, Jonathan 
de Boyne Pollard <J.deBoynePollard@Tesco.NET> wrote in 
news:40F97585.E9149595@Tesco.NET:

> The notion of the user agent displaying body parts

....is almsot enough to make me want to read this froup wearing Peril-
Sensitive Sunglasses(tm).

-- 
Solid Web hosting, responsive support, effective spam-blocking.
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
Brad Jesness, net K00k: http://www.wilhelp.com/bj_faq/

Peter K�hlmann <Peter.Koehlmann@t-online.de> wrote:
>
>So did I

And *you* got it right.

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

On Mon, 19 Jul 2004 00:48:42 +0200, Peter K�hlmann <Peter.Koehlmann@t-online.de> wrote:
> 
> 
> Alan Connor wrote:
> 
>> On Sun, 18 Jul 2004 11:53:15 -0600, Richard Johnson
>> <rnews@whirlpool.river.com> wrote:
>>> 
>>> 
>>> In article <40fa7693$0$66812$a344fe98@news.wanadoo.nl>,
>>>  Frank Slootweg <this@ddress.is.invalid> wrote:
>>> 
>>>> Steven Maesslein <nobody@nowhere.invalid> wrote:
>>>> > On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
>>>> > news.admin.net-abuse.email and left this in
>>>> > <yrWdnbOeuIyylWrd4p2dnA@comcast.com>:
>>>> > 
>>>> > > Please elaborate on viewing a news spool directory.....
>>>> > > [snip a further 6 screens of text on one line]
>>>> > 
>>>> > *PLONK*
>>>> > 
>>>> > You can't be bothered to post in a standards-compliant fashion, so I
>>>> > can't be bothered to read your ridiculously-formatted messages.
>>>> 
>>>>   No offense, but if you had bothered to read all responses, you would
>>>> have found that not he is at fault, but his broken newsreader (which
>>>> turns off hard line-wrapping as soon as quoted-printable is turned on).
>>>> See my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>) and its
>>>> (two) parents for details.
>>> 
>>> 
>>> No, you're wrong.
>>> 
>>> He actively refused to stop his long line posting, telling us that we
>>> should adjust to his new way.  It wasn't a matter of his newsreader
>>> being borked -- that was merely the excuse for his rants.
>>> 
>> 
>> So? Why have you refused to change the subject line of this thread
>> when you have changed the subject of this thread?
>> 
>> Both are equal violations of the Netiquette.
>> 
>> Hypocrites are just as bad as trolls in my book.
>> 
>> I will now change the subject line of this post to reflect its contents.
>> 
> 
> So did I
> -- 
> Tact, n.:
>         The unsaid part of what you're thinking.
> 

Hey Peter. Anytime you'd like to meet me in person and say the things
to my face that you say on the Usenet, you just let me know.

Until then, you are just another punk loser hiding behind the
Internet and slinging shit like a monkey in a cage.


AC


-- 
Official Net Kook (says a viscious troll):
http://angel.1jh.com./nanae/kooks/alanconnor.html
Banned by some neurotic twit with hitleresque delusions:
http://www.killfile.org./dungeon/why/connor.html

Alan Connor wrote:

> On Mon, 19 Jul 2004 00:48:42 +0200, Peter K�hlmann
> <Peter.Koehlmann@t-online.de> wrote:
>> 
>> 
>> Alan Connor wrote:
>> 
>>> On Sun, 18 Jul 2004 11:53:15 -0600, Richard Johnson
>>> <rnews@whirlpool.river.com> wrote:
>>>> 
>>>> 
>>>> In article <40fa7693$0$66812$a344fe98@news.wanadoo.nl>,
>>>>  Frank Slootweg <this@ddress.is.invalid> wrote:
>>>> 
>>>>> Steven Maesslein <nobody@nowhere.invalid> wrote:
>>>>> > On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
>>>>> > news.admin.net-abuse.email and left this in
>>>>> > <yrWdnbOeuIyylWrd4p2dnA@comcast.com>:
>>>>> > 
>>>>> > > Please elaborate on viewing a news spool directory.....
>>>>> > > [snip a further 6 screens of text on one line]
>>>>> > 
>>>>> > *PLONK*
>>>>> > 
>>>>> > You can't be bothered to post in a standards-compliant fashion, so I
>>>>> > can't be bothered to read your ridiculously-formatted messages.
>>>>> 
>>>>>   No offense, but if you had bothered to read all responses, you would
>>>>> have found that not he is at fault, but his broken newsreader (which
>>>>> turns off hard line-wrapping as soon as quoted-printable is turned
>>>>> on). See my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>)
>>>>> and its (two) parents for details.
>>>> 
>>>> 
>>>> No, you're wrong.
>>>> 
>>>> He actively refused to stop his long line posting, telling us that we
>>>> should adjust to his new way.  It wasn't a matter of his newsreader
>>>> being borked -- that was merely the excuse for his rants.
>>>> 
>>> 
>>> So? Why have you refused to change the subject line of this thread
>>> when you have changed the subject of this thread?
>>> 
>>> Both are equal violations of the Netiquette.
>>> 
>>> Hypocrites are just as bad as trolls in my book.
>>> 
>>> I will now change the subject line of this post to reflect its contents.
>>> 
>> 
>> So did I
>> --
>> Tact, n.:
>>         The unsaid part of what you're thinking.
>> 
> 
> Hey Peter. Anytime you'd like to meet me in person and say the things
> to my face that you say on the Usenet, you just let me know.
> 

No problem. Come on, meet me.
Post here that you would like to have my address and telephone number,
and I will give it to you. Openly, for everyone else to see
Then you can come to my home address and tell me what you feel you can't on
usenet

Alan, why do you have to prove time and again that bacteria are a much more
evolved species than you are?

> Until then, you are just another punk loser hiding behind the
> Internet and slinging shit like a monkey in a cage.
> 

Idiot (and apologies to the real idiots for comparing them to this piece of
garbage named Alan Connor)

-- 
You're not my type.  For that matter, you're not even my species

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 18 Jul 2004 23:30:19 GMT,
 Alan Connor <zzzzzz@xxx.yyy> wrote:
> 
>
> Hey Peter. Anytime you'd like to meet me in person and say the things
> to my face that you say on the Usenet, you just let me know.
>
> Until then, you are just another punk loser hiding behind the
> Internet and slinging shit like a monkey in a cage.
>
>

You post with an invalid email address (despite your "confidence" in
your email protection scam) and *he's* the one "hiding behind the
internet"? 

This just gets funnier by the day. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA+qHQd90bcYOAWPYRAuiuAJkB0087yRW4iBzNZY6tyTyPCA0jMACgtHa+
XBZuSQGv+XhoyLfE2J1YICA=
=ivSh
-----END PGP SIGNATURE-----

-- 
Jim Richardson     http://www.eskimo.com/~warlock
If the government doesn't trust us with our guns, 
why should we trust them with theirs?

Jim Richardson <warlock@eskimo.com> wrote:
>On Sun, 18 Jul 2004 23:30:19 GMT,
> Alan Connor <zzzzzz@xxx.yyy> wrote:
>>
>>
>> Hey Peter. Anytime you'd like to meet me in person and say the things
>> to my face that you say on the Usenet, you just let me know.
>>
>> Until then, you are just another punk loser hiding behind the
>> Internet and slinging shit like a monkey in a cage.
>>
>>
>
>You post with an invalid email address (despite your "confidence" in
>your email protection scam) and *he's* the one "hiding behind the
>internet"?
>
>This just gets funnier by the day.

The "Alan Connor" has posted under several different "names" in
the not too distant past.  Besides being a nutcase, it is very
unlikely that he signs his tax returns with "Alan Connor".

Whatever, for those who use a killfile, he belongs there.  For
those who are good at just ignoring nutcases... just ignore him.
Most people are.  (Not that he isn't a bit of fun to tweak.  Some
of the rants and some of the flights of fantasy that can result
are indeed good for comic relief on an otherwise boring day.)

-- 
FloydL. Davidson           <http://web.newsguy.com/floyd_davidson>
Ukpeagvik (Barrow, Alaska)                         floyd@barrow.com

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-3977-1090200592-0002
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

Peter K=C3=B6hlmann writes:

> Alan Connor wrote:
> 
>> On Sun, 18 Jul 2004 11:53:15 -0600, Richard Johnson
>> <rnews@whirlpool.river.com> wrote:
>>> 
>>> 
>>> In article <40fa7693$0$66812$a344fe98@news.wanadoo.nl>,
>>>  Frank Slootweg <this@ddress.is.invalid> wrote:
>>> 
>>>> Steven Maesslein <nobody@nowhere.invalid> wrote:
>>>> > On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
>>>> > news.admin.net-abuse.email and left this in
>>>> > <yrWdnbOeuIyylWrd4p2dnA@comcast.com>:
>>>> > 
>>>> > > Please elaborate on viewing a news spool directory.....
>>>> > > [snip a further 6 screens of text on one line]
>>>> > 
>>>> > *PLONK*
>>>> > 
>>>> > You can't be bothered to post in a standards-compliant fashion, so I
>>>> > can't be bothered to read your ridiculously-formatted messages.
>>>> 
>>>>   No offense, but if you had bothered to read all responses, you would
>>>> have found that not he is at fault, but his broken newsreader (which
>>>> turns off hard line-wrapping as soon as quoted-printable is turned on).
>>>> See my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>) and its
>>>> (two) parents for details.
>>> 
>>> 
>>> No, you're wrong.
>>> 
>>> He actively refused to stop his long line posting, telling us that we
>>> should adjust to his new way.  It wasn't a matter of his newsreader
>>> being borked -- that was merely the excuse for his rants.
>>> 
>> 
>> So? Why have you refused to change the subject line of this thread
>> when you have changed the subject of this thread?
>> 
>> Both are equal violations of the Netiquette.
>> 
>> Hypocrites are just as bad as trolls in my book.
>> 
>> I will now change the subject line of this post to reflect its contents.
>> 
> 
> So did I

Me too.



--=_mimegpg-commodore.email-scan.com-3977-1090200592-0002
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBA+yQQx9p3GYHlUOIRAmmbAJ9syNkjqQxhvqmyyc/JY/WL9oUPMgCdGvOn
KqfpFgkOMpF0nMoUzYNbR4g=
=HS91
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-3977-1090200592-0002--

On Sun, 18 Jul 2004, Frank Slootweg wrote:
>   True, but the point is that, as Vanguard mentioned and I confirmed in
> my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>, Outlook
> Express *turns off* the hard-wrapping of the unencoded lines as soon as
> he/one sets quoted-printable ("Message format" set to "MIME" and "Encode
> text using:" set to "Quoted Printable"). OE shouldn't do that, but it
> does.

Why should we care?  OE is known to be broken software....

On Sun, 18 Jul 2004, Alan Connor wrote:
> ...
> Hey Peter. Anytime you'd like to meet me in person and say the things
> to my face that you say on the Usenet, you just let me know.

He'll need your hospital room number.....

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 18 Jul 2004 16:53:28 -0800,
 Floyd L. Davidson <floyd@barrow.com> wrote:
> Jim Richardson <warlock@eskimo.com> wrote:
>>On Sun, 18 Jul 2004 23:30:19 GMT,
>> Alan Connor <zzzzzz@xxx.yyy> wrote:
>>>
>>>
>>> Hey Peter. Anytime you'd like to meet me in person and say the things
>>> to my face that you say on the Usenet, you just let me know.
>>>
>>> Until then, you are just another punk loser hiding behind the
>>> Internet and slinging shit like a monkey in a cage.
>>>
>>>
>>
>>You post with an invalid email address (despite your "confidence" in
>>your email protection scam) and *he's* the one "hiding behind the
>>internet"?
>>
>>This just gets funnier by the day.
>
> The "Alan Connor" has posted under several different "names" in
> the not too distant past.  Besides being a nutcase, it is very
> unlikely that he signs his tax returns with "Alan Connor".
>
> Whatever, for those who use a killfile, he belongs there.  For
> those who are good at just ignoring nutcases... just ignore him.
> Most people are.  (Not that he isn't a bit of fun to tweak.  Some
> of the rants and some of the flights of fantasy that can result
> are indeed good for comic relief on an otherwise boring day.)
>


That's the only reason I usually reply to his drivel now. At first, I
replied with corrections, questions, and an honest attempt to understand
his point of view. As so many others before me, I found that to be a
total waste of my time and energy. Now, for the rare time I don't just
ignore him, I just tweak him. It's all he's good for. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA+v1Md90bcYOAWPYRAuSQAJ42UP4cO8bQhbToh0Z7pFf/ozoADQCg4/UO
ADbdeE1HFcVppZT6RPgS0zk=
=yaHW
-----END PGP SIGNATURE-----

-- 
Jim Richardson     http://www.eskimo.com/~warlock
To believe in gun control, one has to believe that guns are not an
effective means of self-defense, which is why police carry them.

hmm.


--
raqueeb hassan

Richard Johnson <rnews@whirlpool.river.com> wrote:
> In article <40fa7693$0$66812$a344fe98@news.wanadoo.nl>,
>  Frank Slootweg <this@ddress.is.invalid> wrote:
> 
> > Steven Maesslein <nobody@nowhere.invalid> wrote:
> > > On Thu, 15 Jul 2004 17:41:50 -0500, *Vanguard* coughed into
> > > news.admin.net-abuse.email and left this in
> > > <yrWdnbOeuIyylWrd4p2dnA@comcast.com>:
> > > 
> > > > Please elaborate on viewing a news spool directory.....
> > > > [snip a further 6 screens of text on one line]
> > > 
> > > *PLONK*
> > > 
> > > You can't be bothered to post in a standards-compliant fashion, so I 
> > > can't be bothered to read your ridiculously-formatted messages.
> > 
> >   No offense, but if you had bothered to read all responses, you would
> > have found that not he is at fault, but his broken newsreader (which
> > turns off hard line-wrapping as soon as quoted-printable is turned on).
> > See my test (<news:40f8e790$0$62712$ee9da40f@news.wanadoo.nl>) and its
> > (two) parents for details.
> 
> No, you're wrong.

  No, I'm not.

> He actively refused to stop his long line posting, telling us that we 
> should adjust to his new way.  It wasn't a matter of his newsreader 
> being borked -- that was merely the excuse for his rants.

  He *did* stop:

> Date: Fri, 16 Jul 2004 01:26:51 -0500
> Message-ID: <euGdnWJ55_yw6GrdRVn_iw@comcast.com>

  After that, he posted twice, in this thread/cmm, and still with
correct line-wrapping:

> Date: Fri, 16 Jul 2004 01:27:07 -0500
> Message-ID: <Jt2dnW0SQMSh6GrdRVn-gg@comcast.com>

> Date: Fri, 16 Jul 2004 01:34:23 -0500
> Message-ID: <UrqdnUPExftt62rdRVn-iQ@comcast.com>

> That *Vanguard* creature was just trying to stir things up.  In other 
> words, it's a troll, and as such shouldn't be fed, even by you.

  I think he was severely misguided for the reasons I gave (which you,
silently, snipped).

Frank Slootweg <this@ddress.is.invalid> wrote in news:40fbb305$0$140$18b6e80
@news.wanadoo.nl:

>   I think he was severely misguided for the reasons I gave (which you,
> silently, snipped).

Irrelevant. He sailed into a biker bar slagging Harleys, and he got pounded 
to pulp.

Action, reaction, end of story.

-- 
Tired of spam in your mailbox?
Come to http://www.spamblocked.com
 . . . 
Who is Brad Jesness? http://www.wilhelp.com/bj_faq/

On Mon, 19 Jul 2004 05:54:50 GMT, D. Stussy <kd6lvw@bde-arc.ampr.org> wrote:

<snip>

I hate to be the one to tell you this, but only kooks run around the Usenet
calling people "kooks". (a troll being a variety of kook)

Just take a deep breath and let it slowly and *will* your brain to 
function properly for just a few short moments. You'll get it. Might
take more than one attempt, though.

Did I tell you that almost 170 people to date have mailed me about how
much they like my program? How many are using it without telling me, I
couldn't begin to guess. It's so very simple to install and configure that
very few people need any help with it at all. 

Every mail and C-R I send has the URL in it, which really helps.

I still don't get any spam or trollmail at all and no one I want to hear 
from has any trouble getting through to me and I haven't had to touch my 
filter in months. 

I don't even know if trolls or spammers *try* to get mail into one of
my inboxes. 

This sort of program REALLY upsets spammers and trolls. Did you know
that?

No one can get mail to me without using their real return address and
reading their mail.

Troll and spammers rarely use their real return addresses.

<snicker>


AC

-- 
Pass-List -----> Block-List ----> Challenge-Response
The key to taking control of your mailbox.  Design Parameters:
http://tinyurl.com/2t5kp ||   http://tinyurl.com/3c3ag
Challenge-Response links -- http://tinyurl.com/yrfjb

On Mon, 19 Jul 2004, D. Stussy <kd6lvw@bde-arc.ampr.org> wrote:-

>On Sun, 18 Jul 2004, Alan Connor wrote:
>> ...
>> Hey Peter. Anytime you'd like to meet me in person and say the things
>> to my face that you say on the Usenet, you just let me know.
>
>He'll need your hospital room number.....

And visiting times.


Regards,
   David Bolt

-- 
Member of Team Acorn checking nodes at 63 Mnodes/s: http://www.distributed.net/
AMD 1800 1Gb WinXP/SuSE 9.1 | AMD 2400 160Mb SuSE 8.1 | AMD 2400 256Mb SuSE 9.0
AMD 1300 512Mb SuSE 9.0     | A3010 4Mb RiscOS 3.11   | A4000 4Mb RiscOS 3.11
Falcon 14Mb TOS 4.02        | STE 4Mb TOS 1.62

        [ body stripped by newsfilter: troll/pgpsig ]

In reponse to: 54:[Jim Richards]    Re: Alan Connor, usenet kook

A lot of trolls have to use pgp sigs, because they piss people off to
the point where they are driven to extreme measures, like impersonating
the troll, to get back at them.

A pgp sig on the Usenet is like having "ASSHOLE" tatooed on one's forehead.

Of course, for serious trolling, they just drop the sig and say: "That
post doesn't have my pgp sig, so it's not me!"

And think we are all stupid enough to believe it.

I love being labelled a "kook" by these losers. It is a badge of honor.

If they *liked* me I would be sincerely worried.

AC



-- 
Official Net Kook (says a viscious troll):
http://angel.1jh.com./nanae/kooks/alanconnor.html
Banned by some neurotic twit with hitleresque delusions:
http://www.killfile.org./dungeon/why/connor.html

On Mon, 19 Jul 2004 00:48:42 +0200, Peter K�hlmann
<Peter.Koehlmann@t-online.de> wrote:

[snippage]

You people are STILL paying attention to that net.nit?  I don't
believe it!  Who remembers Tim Martin (and his cast of dozens - of
psychotic sock puppets) from comp.os.os2.*?  He got good enough so he
could reduce an entire newsgroup to bickering back and forth, trying
to correct him.

Just killfile Connor and move on.

Mike-

--
If you're not confused, you're not trying hard enough.
--
Please note - Due to the intense volume of spam, we have installed 
site-wide spam filters at catherders.com.  If email from you bounces,
try non-HTML, non-encoded, non-attachments,

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2004-07-19, Jim Richardson <warlock@eskimo.com> wrote:
>
> On Sun, 18 Jul 2004 16:53:28 -0800,
>  Floyd L. Davidson <floyd@barrow.com> wrote:
>> Jim Richardson <warlock@eskimo.com> wrote:

[snip Bigfoot's retarded son]

>>>You post with an invalid email address (despite your "confidence" in
>>>your email protection scam) and *he's* the one "hiding behind the
>>>internet"?
>>>
>>>This just gets funnier by the day.

>> Whatever, for those who use a killfile, he belongs there.  For
>> those who are good at just ignoring nutcases... just ignore him.
>> Most people are.  (Not that he isn't a bit of fun to tweak.  Some
>> of the rants and some of the flights of fantasy that can result
>> are indeed good for comic relief on an otherwise boring day.)

> That's the only reason I usually reply to his drivel now. At first, I
> replied with corrections, questions, and an honest attempt to understand
> his point of view. As so many others before me, I found that to be a
> total waste of my time and energy. Now, for the rare time I don't just
> ignore him, I just tweak him. It's all he's good for. 

That isn't entirely fair, I'm sure he'd make pretty good fertiliser as
well, what with him being so full of shit.

I for one hope he tries this new and exciting experience ASAP

- -- 
James					jamesk[at]homeric[dot]co[dot]uk

"One must be a wise reader to quote wisely and well."  Amos Bronson Alcott
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA/BnVqfSmHkD6LvoRAoeyAJ95v1b0lbONqpNj2kl0Wvez0ytWDgCdFBm+
1SnCk5oXscP58SHXjvkw0JY=
=w1jQ
-----END PGP SIGNATURE-----

Alan Connor wrote:
> 
> Since these folks don't have the sense or manners to change the subject
> line when they change the subject, here's  the original post:

I'll type slowly Alan but don't worry if it isn't slow enough.  You can
view the post for as long as you need to read it.

> <quote>
> 
> http://spamarrest.com/pressoffice/news/index.jsp
> 
> Toronto Star - August 4, 2003
> So what does [Kevin] Mitnick, former
> hacker supremo, use to guard against
> spam? "I use Spam Arrest," he told
> The Guardian. "Any legitimate person
> who wants to send me a message has to
> jump through hoops before they can be
> added to my opt-in list." Read
> more...

So you are saying this "well known hacker" uses spamarrest to filter
subscriptions to his opt-in mailing list?

It is a kind of interesting apporach to confirming the opt-in email. 
Consider this.  The address won't be added until you "jump through the
hoops".

It seems the questions are confused or the reporter confused the
answers.

The question was.  So Kevin, may I call you Kevin?

Sure.

What do you use to gaurd against spam.

Well I use spamarrest to confirm my OPT-IN list.  This makes sure those
attempting to email me their subscription are who they claim to be.

> </quote>
> 
> http://groups.google.com/groups?selm=i7UAc.10084$Wr.7693@newsread1.news.pas.earthlink.net
> 
> This is a little more information about him that I
> added shortly after the original post.
> 
> <quote>
> 
> Kevin Mitnick is also one of the world's foremost
> computer security experts, which is one of the
> reasons he uses challenge-responses:

Well, since email is not really related to getting hacked or hacking a
machine --unless it is your machine being hacked to send spam these
things have as much to do with each other as the quote above.

So tell me Alan, or not.  Say a well know anti-spammer, great at
tracking spammers down --better then all the indivuals peers came to you
and recommended Windows XP as their software of choice, they have it on
their computer at home.  Would you take their recommendation as gospel
because you ran XP at home and that validated your stupidity?

Snipped.............>>>

> They certainly would not have a copy to re-send to
> the person whose challenge-response they recieved.

Why would you need a copy to resend?  Oh, you don't.  If you did then a
spammer can use your program to harras others by simply forging the from
in the email address to be from say you.  Then if everybody used this
then we would have millions and millions of unanswered challanges
floating around the net every day.

A clue you missed.  I am sure you will brush this away as unimportant.

> Therefore, his program just dumps the virus/worms
> and they are never opened or even saved in memory.

This line of thought mirriors the one above :-(

> This is very good protection against email-born
> malicious programs.

It does not stop spam.

> </quote>

That is just wrong in so many ways.

If you don't send the virus then you can not answer the email.  That is
dumb.

> http://groups.google.com/groups?selm=ve8Bc.11608$Wr.2697@newsread1.news.pas.earthlink.net
> 
> AC


--
Mark Ferguson

On Mon, 19 Jul 2004 18:58:29 +0000, James Keasley wrote:

[snips]
> 
> That isn't entirely fair, I'm sure he'd make pretty good fertiliser as
> well, what with him being so full of shit.
>
Heh.  Nice one.
AC is killfiled here but I confess, I've nipped onto Google occasionally
to get the full picture of his more amusing outbursts. 

B.
-- 
Microsoft? That's some kind of toilet paper, right?

Takes a bow, revelling in the thunderous applause.


AC

-- 
Official Net Kook (says a viscious troll):
http://angel.1jh.com./nanae/kooks/alanconnor.html
Banned by some neurotic twit with hitleresque delusions:
http://www.killfile.org./dungeon/why/connor.html

On Mon, 19 Jul 2004 14:25:28 -0400, Michael W Cocke hath writ:
> On Mon, 19 Jul 2004 00:48:42 +0200, Peter K�hlmann
><Peter.Koehlmann@t-online.de> wrote:
>
> [snippage]
>
> You people are STILL paying attention to that net.nit?  I don't
> believe it!  Who remembers Tim Martin (and his cast of dozens - of
> psychotic sock puppets) from comp.os.os2.*?  He got good enough so he
> could reduce an entire newsgroup to bickering back and forth, trying
> to correct him.
>
> Just killfile Connor and move on.

sigh...  Now I have to killfile by Subject:, too.

Jonesy

Jonathan de Boyne Pollard <J.deBoynePollard@Tesco.NET> writes:
><sigh>  How soon the lessons of history are forgotten!  Usenet, even a
>hypothetical "text-only" Usenet, needs MIME because, at the very least, text
>needs to be labelled with the character set that applies to it.  Put another
>way:  Usenet needs MIME, even for text, for the same disambiguation reasons
>that the "Date:" header needs a timezone field.

No, it doesn't. There's nothing 'ambiguous' about usenet text, other than
in the minds of the outleak developers. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

Jonathan de Boyne Pollard <J.deBoynePollard@Tesco.NET> writes:
>The fact that the body part, *unencoded*, contains lines that are hundreds of
>characters long is what people are actually unhappy about.

This "fact" is just plain not true. The raw feed has lines that are
properly wrapped. Each ends with an = sign followed by a newline, which,
when the content encoding is invoked, turns the post into one long line on
some newsreaders (incidentally, ancient trn is not one of them).

Plain text is plain text. MIME encodings are for email, and NOT for usenet.
Period. *
-- 
* PV   something like badgers--something like lizards--and something
       like corkscrews.

Paul Vader <pv+usenet@pobox.com> wrote:
> Jonathan de Boyne Pollard <J.deBoynePollard@Tesco.NET> writes:
> >The fact that the body part, *unencoded*, contains lines that are hundreds of
> >characters long is what people are actually unhappy about.
> 
> This "fact" is just plain not true. The raw feed has lines that are
> properly wrapped. Each ends with an = sign followed by a newline, which,
> when the content encoding is invoked, turns the post into one long line on
> some newsreaders (incidentally, ancient trn is not one of them).

  Assuming that you mean "when the content *de*coding is invoked" (if
not, you're talking non-sense! :-), Jonathan and you are actually say
the same thing. Note that Jonathan's "the body part, *unencoded*," is
*not the same as your "raw feed". What you mean is the data as it is
sent 'over the wire' c.q. stored 'in the spool'. What Jonathan mean is
what the body text *was*, *before* it was *en*coded, i.e. what the
poster *typed*.

> Plain text is plain text. MIME encodings are for email, and NOT for usenet.
> Period. *

On Sun, 18 Jul 2004, D. Stussy wrote:
> No, it doesn't - at least not historically:  US-ASCII was the only one
> available at the creation of "usenet."  Today, if not labelled, it should
> default to that or something compatible with it (like ISO-8859-1) in its lower
> 7 bits.

Almost all of the character sets commonly used in email fit that criteria.

Yes, even the East Asian character sets.

-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.

On the actual topic, RFC 3834, Automatic E-Mail Responses, is now available.
It discusses challenges ("which require the sender of a message to
demonstrate some measure of intelligence and/or willingness to agree to some
conditions before the subject message will be delivered to the recipient")
as one type of automatic response.

Thor

-- 
http://www.anta.net/

In article <10d8s2s4pq69cea@corp.supernews.com>,
John Wingate  <johnww@worldpath.net> wrote:

>Dan's qsecretary discourages a response except for legitimate mail:
>
>   If you reply to this notice, you are (1) acknowledging that Professor
>   Bernstein does not want to receive bulk mail; (2) confirming that your
>   message is not part of a bulk mailing; and (3) agreeing to pay Professor
>   Bernstein $250 if your message is part of a bulk mailing.

I'm not a lawyer, but I doubt that kooky contract would survive in court.

My response to papers from his lawyers after I followed my practice
of responding to all C/R challenges would be to have my laywers do two
things.  The first would be to respond formally saying that none of
my mail is part of a bulk mailing that he did not ask for, but that
as far as I can know the message being challenged was one I sent to
some other address such as an IETF mailing list or have otherwise
forgotten.  Some of the legitiate C/R challenges I've received have
involved addresses that I did not send to, but were where my messages
were eventually forwarded.

The second task I'd give my lawyers would be to sue Dan for libel,
slander, body odor, bad hair, and a general history of violations of
IETF standards and other vexatious nonsense in qmail, TAP, and so
forth.  I'd also have my lawyers investigate an action under the
CAN-SPAM Act, since Dan's challenge would be an advertisement of his
system and my response would be the only way to opt-out of additional
advertisements.  Whichever of us ran out of money to pay lawyers first
would sue for peace.


Vernon Schryver    vjs@rhyolite.com

Alan Connor wrote:

> So what does [Kevin] Mitnick, former
> hacker supremo, use to guard against
> spam? "I use Spam Arrest,"

Ah, yes.  Endorsement of C/R by a convicted criminal.  How nice.

--
David.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alan Connor wrote:

> Therefore, his program just dumps the virus/worms
> and they are never opened or even saved in memory.
> 
> This is very good protection against email-born
> malicious programs.
> 
I use mimedefang and clamav.  This also dumps infected messages before the
client sees them, without the need for C/R.

- --Russell

> AC
> 
> 

- -- 
Russell Miller - Le Mars, IA
President, Duskglow Consulting, LLC  712-546-5886 - rmiller@duskglow.com
http://www.duskglow.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA1RFwURTA4VCI9OARAtnAAJ9zWibRGinV/X3tT3g99Oqbro6otgCfatCZ
/1j7e1uiDLYQ1lwMu4tiVWc=
=OlAj
-----END PGP SIGNATURE-----

Alan Connor <zzzzzz@xxx.yyy> wrote:
> On Sat, 19 Jun 2004 16:57:00 -0000, John Wingate <johnww@worldpath.net> wrote:

> The program also learns, and automatically blocklists addresses that fail
> to return a C-R twice, for a configurable length of time, so the number
> of C-Rs sent decreases with time.

I forgot that you allow two chances.

> Here's what anyone can see if they go to my website, which you either
> have not done, or are pretending that you have not done. A copy of
> one of my C-Rs:

I have actually seen this before, and it is partly responsible for
my belief in the dilemma I presented.

> ---------------------------------------------
>     this is a computer-generated response
> ---------------------------------------------
> ...

> My apologies. If you will send this back with a
> string of big XXXXXXXX's in the body, I will
> blocklist your address to make sure it doesn't
> happen again. I have no way to tell whether
> someone is using their real address other than
> this...

> ...
> ----------------------------------------------
>       elrav1 -- http://tinyurl.com/3c3ag
> ----------------------------------------------

> As you can see, I take as much responsibility as I can for
> any possible mis-directions caused by spammers.

> The XXXXXXXX in the body would tell me that a mis-direction
> had occurred and I would then contact you directly, ask you if
> you wanted a copy of the spam for reporting purposes.

This is not what your automated challenge says in the part that I didn't
delete.  Perhaps you should make that clearer.  It seems to indicate
that responding with the string of Xs would get my address blocked, just
as not responding would.

Upon further thought, there is a way out of the dilemma, should it
arise; that is to send a legitimate message and respond to the
challenge to that, while ignoring the one generated by the spam.

>> Dan's qsecretary discourages a response except for legitimate mail:

> I prefer to see that mis-directed C-Rs are not sent by using a
> traditional spam filter preceding the C-R stage of the program, and
> to give people a choice in the un-likely event that someone ever 
> receives a mis-directed C-R from me.

Bernstein also uses spam-filtering before sending challenges for whatever
gets through.

>> --
>> John Wingate                        Mathematics is the art which teaches
>> johnww@worldpath.net                one how not to make calculations.
>>                                                          --Oscar Chisini

> See that address above? This person is either a malicious liar or
> an incompetent boob that runs around mis-representing himself as someone
> who is an expert in subjects he knows nothing about.

Or I am neither.

> (The odds of that being his real name and normal mailbox are zip.

That is my real name and my normal mailbox.  I have never tried to hide
my name or address in over a decade of posting to Usenet.  I am willing
to believe that "Alan Connor" is your real name.  I am not willing to
believe that zzzzzz@xxx.yyy is your mailbox--it's clearly fake.

> Anyone
> can get dozens of free, throwaway mailboxes on the web, and put together a
> sig like that. However, and munge the headers in their newsposts.

True.  What does that have to do with me?

> if you 
> mail him/her/it at that address, any response will have his/her/it's REAL 
> IP address in the headers.)

True again.  That address will be 209.187.114.115 in an address block
worldpath.net has authority for.  (There is no corresponding A record.)
(FYI, it's "his/her/its".)

> Take it to the whois website and see what's what.

At first this puzzled me.  What does whois have to do with any of this?
But then the frothing at the mouth you entered into after quoting my
sig made me realize that you were probably put out because
supernews.com fails to include an NNTP-Posting-Host header field.  My
ISP, worldpath.net contracts with supernews.com instead of providing
its own newsserver:

   news.worldpath.net.     5D IN CNAME     corp.supernews.com.
   corp.supernews.com.     1M IN A         216.168.3.44

That's why the Message-ID indicates corp.supernews.com while my address
is at worldpath.net.

You are welcome to write me, and I will send you an acceptably short
plain text response (I too prefer plain text), and you can then examine
the Received fields in the header to your heart's content.  I would
write you, and put up with the C-R, but I can't because you don't even
provide a munged but human-intelligible address in your posts.

-- 
John Wingate                        Mathematics is the art which teaches
johnww@worldpath.net                one how not to make calculations.
                                                         --Oscar Chisini

In article <ve8Bc.11608$Wr.2697@newsread1.news.pas.earthlink.net>,
Alan Connor  <xxxx@yyy.zzz> wrote:

>Kevin Mitnick is also one of the world's foremost
>computer security experts,

That makes two people who think so.

Using the noun loosely.

Seth

John Wingate wrote:
> Upon further thought, there is a way out of the dilemma, should it
> arise; that is to send a legitimate message and respond to the
> challenge to that, while ignoring the one generated by the spam.

I don't like this, more work for me, more email traffic. Creative idea 
though.

-- 
Merci........Yvan    I did not want to repeat other people's mistakes.
                      So I made new mistakes of my own.
                      Boy did I invent some good ones!

(Alan Connor <zzzzzz@xxx.yyy>) scribbled:

> http


<<<   y a w n   >>>

-- 
<<  http://michaeljtobler.homelinux.com ()  >>
Q:  Where can you buy black lace crotchless panties for sheep?
A:  Fredrick's of Ithaca, New York.

If [Kevin Mitnick] were such a good hacker, he never would have been caught in
the first place.  Being caught only proves that he's an idiot, and only the
idiot we know as AC would worship another idiot.

KM is the only person I am aware of that was expelled from a certain
organization I belong to.

On Mon, May 16 2005, D. Stussy wrote:

> If [Kevin Mitnick] were such a good hacker, he never would have been
> caught in the first place.  Being caught only proves that he's an
> idiot, and only the idiot we know as AC would worship another idiot.
>
> KM is the only person I am aware of that was expelled from a certain
> organization I belong to.

The message you are responding to, although originally posted by Alan,
did not in this case originate directly from him, but is the result of a
flood to NANAE and comp.mail.misc obviously designed to disrupt these
newsgroups. 

Look at the X-Received-Date: and NNTP-Posting-Host: headers.

I thought at first that the NNTP-Posting-Host (82.12.200.25) was the
address of an open proxy. On further investigation, it looks as though
the machine in question in infected with the subseven trojan.

82.12.200.25 resolves to cpc4-warw1-3-1-cust25.brhm.cable.ntl.com, part
of NTL here in the UK. 

-- 
Neil

On Mon, 16 May 2005, Neil Woods wrote:
> On Mon, May 16 2005, D. Stussy wrote:
> > If [Kevin Mitnick] were such a good hacker, he never would have been
> > caught in the first place.  Being caught only proves that he's an
> > idiot, and only the idiot we know as AC would worship another idiot.
> >
> > KM is the only person I am aware of that was expelled from a certain
> > organization I belong to.
>
> The message you are responding to, although originally posted by Alan,
> did not in this case originate directly from him, but is the result of a
> flood to NANAE and comp.mail.misc obviously designed to disrupt these
> newsgroups.
>
> Look at the X-Received-Date: and NNTP-Posting-Host: headers.
>
> I thought at first that the NNTP-Posting-Host (82.12.200.25) was the
> address of an open proxy. On further investigation, it looks as though
> the machine in question in infected with the subseven trojan.
>
> 82.12.200.25 resolves to cpc4-warw1-3-1-cust25.brhm.cable.ntl.com, part
> of NTL here in the UK.

You post this as if I care?  Considering all the assholes, especially the
mindless SPEWS supporters, that inhabit NANAE, they deserve the same harassment
that any innocent person gets when they find that they've been blocked by some
stupid SPEWS-using admin who thinks that everything listed in SPEWS' RBL is a
spam source and doesn't truly know that SPEWS will list a netblock of many
systems (e.g. 8192) just because there is ONE spammer source IP address in that
block.  The idiots and liars in NANAE deserve it.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

["Followup-To:" header set to news.admin.net-abuse.email.]
On 2005-05-22, D. Stussy <kd6lvw@bde-arc.ampr.org> wrote:
> On Mon, 16 May 2005, Neil Woods wrote:
>> On Mon, May 16 2005, D. Stussy wrote:
>> > If [Kevin Mitnick] were such a good hacker, he never would have been
>> > caught in the first place.  Being caught only proves that he's an
>> > idiot, and only the idiot we know as AC would worship another idiot.
>> >
>> > KM is the only person I am aware of that was expelled from a certain
>> > organization I belong to.
>>
>> The message you are responding to, although originally posted by Alan,
>> did not in this case originate directly from him, but is the result of a
>> flood to NANAE and comp.mail.misc obviously designed to disrupt these
>> newsgroups.
>>
>> Look at the X-Received-Date: and NNTP-Posting-Host: headers.
>>
>> I thought at first that the NNTP-Posting-Host (82.12.200.25) was the
>> address of an open proxy. On further investigation, it looks as though
>> the machine in question in infected with the subseven trojan.
>>
>> 82.12.200.25 resolves to cpc4-warw1-3-1-cust25.brhm.cable.ntl.com, part
>> of NTL here in the UK.
>
> You post this as if I care?  Considering all the assholes, especially the
> mindless SPEWS supporters, that inhabit NANAE, they deserve the same harassment
> that any innocent person gets when they find that they've been blocked by some
> stupid SPEWS-using admin who thinks that everything listed in SPEWS' RBL is a
> spam source and doesn't truly know that SPEWS will list a netblock of many
> systems (e.g. 8192) just because there is ONE spammer source IP address in that
> block.  The idiots and liars in NANAE deserve it.

Well, you certainly deserve the *plonk* you are getting right now.  Better
be careful, you're starting to sound an awful lot like one of our resident
kooks.  I really doubt you want to be associated with *that*.

As promised, *plonk*.

--Russell

-- 
rmiller@duskglow.com	- http://www.duskglow.com
See my newbie primer for NANAE: http://www.morningmist.org/nanae
Ladyface Consulting, Inc.  Agoura Hills, CA 818-983-4914
10 years of Linux/UNIX experience at reasonable rates.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCkAGgURTA4VCI9OARAiknAJ9iznEnfvbkLkBv1EOo67rOAXs6oACdFgRa
C4uRq5fTpjqpkIGlQXqbloU=
=7OkA
-----END PGP SIGNATURE-----

On Sun, 22 May 2005 03:47:48 GMT, "D. Stussy"
<kd6lvw@bde-arc.ampr.org> wrote:

>On Mon, 16 May 2005, Neil Woods wrote:
>> On Mon, May 16 2005, D. Stussy wrote:
>> > If [Kevin Mitnick] were such a good hacker, he never would have been
>> > caught in the first place.  Being caught only proves that he's an
>> > idiot, and only the idiot we know as AC would worship another idiot.
>> >
>> > KM is the only person I am aware of that was expelled from a certain
>> > organization I belong to.
>>
>> The message you are responding to, although originally posted by Alan,
>> did not in this case originate directly from him, but is the result of a
>> flood to NANAE and comp.mail.misc obviously designed to disrupt these
>> newsgroups.
>>
>> Look at the X-Received-Date: and NNTP-Posting-Host: headers.
>>
>> I thought at first that the NNTP-Posting-Host (82.12.200.25) was the
>> address of an open proxy. On further investigation, it looks as though
>> the machine in question in infected with the subseven trojan.
>>
>> 82.12.200.25 resolves to cpc4-warw1-3-1-cust25.brhm.cable.ntl.com, part
>> of NTL here in the UK.
>
>You post this as if I care?  Considering all the assholes, especially the
>mindless SPEWS supporters, that inhabit NANAE, they deserve the same harassment
>that any innocent person gets when they find that they've been blocked by some
>stupid SPEWS-using admin who thinks that everything listed in SPEWS' RBL is a
>spam source and doesn't truly know that SPEWS will list a netblock of many
>systems (e.g. 8192) just because there is ONE spammer source IP address in that
>block.  The idiots and liars in NANAE deserve it.

I about pee'd my pants from laughing so hard when I read your post.
admins using SPEWS and not knowing about SPEWS, damn that's funny.

--
Mark

On Sat, 21 May 2005, Mark Ferguson wrote:
> I about pee'd my pants from laughing so hard when I read your post.
> admins using SPEWS and not knowing about SPEWS, damn that's funny.

Your control problems are your personal business.

There are some that think that SPEWS is MERELY "just another RBL listing
spammers" and don't know that such is not what it actually lists.  [Ask
yourself about how admins find out about RBLs.  Unless they visit and
understand the SPEWS FAQ (complete with its contradictions), they will never
learn that it is different.]  SPEWS is a knee-jerk reaction on steroids that
intentionally lists non-spammers as if those customers of the ISPs that the
spammers "inhabit" have any say in the matter (they don't).

A good selection of about 6-8 RBLs, a bayesian filter backend, and an
identification system to identify (and block email from) dynamic IP assignments
works BETTER than using SPEWS because the false-positive rate will [always] be
lower, due to SPEWS flawed target philosophy of including the non-spamming IPs.

On Sun, 22 May 2005 05:41:39 GMT, "D. Stussy"
<kd6lvw@bde-arc.ampr.org> wrote:

>On Sat, 21 May 2005, Mark Ferguson wrote:
>> I about pee'd my pants from laughing so hard when I read your post.
>> admins using SPEWS and not knowing about SPEWS, damn that's funny.
>
>Your control problems are your personal business.

More from you :-)  Let me see if is funny or not.

>There are some that think that SPEWS is MERELY "just another RBL listing
>spammers" and don't know that such is not what it actually lists.

Now that is funny.  Good thing my morning coffee was not that hot or I
would have burned myself.

>  [Ask
>yourself about how admins find out about RBLs.  Unless they visit and
>understand the SPEWS FAQ (complete with its contradictions), they will never
>learn that it is different.] 

Any admin that does not know what a BL list does knows not to use it.
If the admin uses a BL that he has not investigated he most likely
should not be an andmin.

> SPEWS is a knee-jerk reaction on steroids that
>intentionally lists non-spammers as if those customers of the ISPs that the
>spammers "inhabit" have any say in the matter (they don't).

More funnies.  Damn good thing I set my coffee down.  I have a lot to
say to my ISP and they either listen or I instigate an uprising and a
mass exodus.

Customer loyalty only goes as far as company loyalty.  I like my
provider and they _are_ _very__very__very__very_ anti-spam.  If the
were listed in SPEWS I would leave and find another provider.

For them to get listed in SPEWS they would have to have spam eminate
from or for their customers.

They would then have to ignore complaints.

The spam would have to continue.

The complaints would have to continue to be ignored.

Only after this would I be affected by a SPEWS listing and at that
point my provider would be supporting a spammer and not worth my
loyalty so I would pack it in and find a reputable provider.

>A good selection of about 6-8 RBLs, a bayesian filter backend, 

It is called content filtering and is okay if you wish to top spam
from being delivered to your inbox.

>and an
>identification system to identify (and block email from) dynamic IP assignments
>works 

This works to prevent spam from being delivered to your inbox based on
the originating IP address if it is being sent from a Dial Up Pool.

>BETTER than using SPEWS

SPEWS stops spammers from being able to send it by getting providers
to terminate them.

I like the idea of stopping spammers from sending spam better then I
like the idea of stopping spam from being delivered in my inbox.

It is logical to think that if the spam was stopped from being sent
then there would be no need to stop it from being delivered in to your
inbox.

> because the false-positive rate will [always] be
>lower, due to SPEWS flawed target philosophy of including the non-spamming IPs.

SPEWS has had a couple of false positives over the years [lisitng IP
blocks not belonging to who SPEWS thought they belonged to] but they
corrected the information as soon as it was brought to their
attention.  Other then that SPEWS has had no false positives I am
aware of.

Oh, you are talking about the other IP addresses that are
rented/leased to the ISP that spam is not originating from.  That
isn't a false positive because that is the target, the provider.  

Because the customer of the target is affected means what?  They are
false positives?  This means you know the intentions of SPEWS but you
knowingly lie, cheat and deceive thinking you will impugn the
reputation of those you dislike.

This is a common tactic used by the weak minded that truly believe
they are smarter then those around them.  In this fashion you weak
minded prey on the lesser mind to get the end result you desire
instead of forcing those responsible, the provider to actually stop
supporting spammers.

This is the typical tactic of losers that don't have the
where-with-all to actually pull themselves up and rise above the
bullshit around them and do something to stop the abuse of others.

You are just typical scum and are deserving of the treatment you get
because you refuse to accept you are wrong even though you know you
are.

You are a liar, cheat, deceiver and in general a scumbag.

Anything else I can help you to clarify?

--
Mark

"Mark Ferguson" <admin@whew.com> wrote in message
news:bs4191t14q7jbfp8brjrg4pe0oi1r0gul9@4ax.com...

> Any admin that does not know what a BL list does knows not to use it.

Most server admins won't know the negative effects of spews on the Internet.

> If the admin uses a BL that he has not investigated he most likely
> should not be an andmin.

Most admins simply copy down names of BLs (blocklists) they have heard about
and start using them without giving further consideration.

> Customer loyalty only goes as far as company loyalty.  I like my
> provider and they _are_ _very__very__very__very_ anti-spam.

So what? There are thousands of providers who are anti-spam and they don't
use spews, knowing its effect on innocent (read: non-spamming) email users.

> If they were listed in SPEWS I would leave and find another provider.

That's your own problem.

> For them to get listed in SPEWS they would have to have spam eminate
> from or for their customers.

Three-quarters of today's spam emanate from compromised machines. Spews has
no effect on those machines. Other BLs are.

[snipped: kook rants]

> SPEWS stops spammers from being able to send it by getting providers
> to terminate them.

BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

The best bullsh*it of the day... Spews stops nothing. It's soooo easy for a
spammer to find new channels.

You are really a thick-brain kiddo, Ferguson.

> I like the idea of stopping spammers from sending spam better then I
> like the idea of stopping spam from being delivered in my inbox.

Spews is ineffectual on both counts.

> SPEWS has had a couple of false positives over the years [lisitng IP
> blocks not belonging to who SPEWS thought they belonged to] but they
> corrected the information as soon as it was brought to their
> attention.  Other then that SPEWS has had no false positives I am
> aware of.

That's a good one. Ferguson. Pity it's an old trick and you can't kid
anyone.

You are a conman because you should know that even the most reliable BLs can
produce false positives.

But your job as a brain-washed spews supporter is to bullsh*it and lie in
the hope that they may be swallowed by the uninitiated.

Those days are over.

> Oh, you are talking about the other IP addresses that are
> rented/leased to the ISP that spam is not originating from.  That
> isn't a false positive because that is the target, the provider.

BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

You must have sworn to crack jokes today!

The target of spews is to blacklist and blackmail the innocent email users
and hosting providers.

> Because the customer of the target is affected means what?  They are
> false positives?

Indeed, they are.

There are at least two victims in a false positive. One is the sender of the
non-spam email. The second, is the intended recipient of the non-spam email.

When someone sends a non-spam email and that email is blocked by a server
admin using the spews list, it is a false positive.

You should read up more about the Internet and the email system. You seem
pretty ignorant. Could it be that you are too stupid to grasp simple
concepts?

> This means you know the intentions of SPEWS

Which is to blacklist and blackmail the innocent email users and hosting
providers.

The crooks behind spews are abusers of the email system. That's why spews
must be scrutinized until its abuse stops.

You are just a typical spews scum because you refuse to accept you are wrong
even though you know you are.

You are a serial liar and a scumbag.

> Anything else I can help you to clarify?

People would prefer to consult a carpet worm than a dimwit.



FACT: Over 98% of IPs listed in spews are NON-SPAMMING.



THE ULTIMATE GOAL OF SPEWS IS TO BLACKLIST AND DEFAME LAWFUL (A.K.A.
NON-SPAMMING) EMAIL USERS AND SERVICE PROVIDERS.



Learn more about what spews actually is and does from these 37,000 Google
links:

http://www.google.com/search?num=100&hl=en&lr=lang_en&newwindow=1&safe=off&c
2coff=1&q=spews+blocked

[ OR http://tinyurl.com/9ad8x ]

On Sun, 22 May 2005 17:26:33 GMT, "Moris"
<pritanda@REMCAPSyahoo.co.uk> wrote:

>"Mark Ferguson" <admin@whew.com> wrote in message
>news:bs4191t14q7jbfp8brjrg4pe0oi1r0gul9@4ax.com...
>
>> Any admin that does not know what a BL list does knows not to use it.
>
>Most server admins won't know the negative effects of spews on the Internet.
>
>> If the admin uses a BL that he has not investigated he most likely
>> should not be an andmin.
>
>Most admins simply copy down names of BLs (blocklists) they have heard about
>and start using them without giving further consideration.
>
>> Customer loyalty only goes as far as company loyalty.  I like my
>> provider and they _are_ _very__very__very__very_ anti-spam.
>
>So what? There are thousands of providers who are anti-spam and they don't
>use spews, knowing its effect on innocent (read: non-spamming) email users.

Of course you have proof of this, oh what am I saying.... this is just
you pulling another moris :-)

>> If they were listed in SPEWS I would leave and find another provider.
>
>That's your own problem.

How is that a problem?  Oops, I should know better then to put
anything in the form of a question for you.

>> For them to get listed in SPEWS they would have to have spam eminate
>> from or for their customers.
>
>Three-quarters of today's spam emanate from compromised machines. Spews has
>no effect on those machines. Other BLs are.

Of course your proof is nil while my proof is the entire news articles
about how SPEWS listed a major provider that actully is forcing them
to actually take action.

>[snipped: kook rants]

Relevent text magically reappears for Moris to answer or to snip again
when his mental abilities fail him again:

For them to get listed in SPEWS they would have to have spam eminate
from or for their customers.

They would then have to ignore complaints.

The spam would have to continue.

The complaints would have to continue to be ignored.

Only after this would I be affected by a SPEWS listing and at that
point my provider would be supporting a spammer and not worth my
loyalty so I would pack it in and find a reputable provider.


>> SPEWS stops spammers from being able to send it by getting providers
>> to terminate them.
>
>BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

And I too can say BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

>The best bullsh*it of the day... Spews stops nothing. It's soooo easy for a
>spammer to find new channels.

Then why do you worry if nobody is using SPEWS... never mind I forgot
you are just not smart enough to answer a question no matter how
simply it is.

>You are really a thick-brain kiddo, Ferguson.

Oh, I am just so angry at you :-)  Drool becomes you Moris.

>> I like the idea of stopping spammers from sending spam better then I
>> like the idea of stopping spam from being delivered in my inbox.
>
>Spews is ineffectual on both counts.

You are of course correct sincce SPEWS does not block anything.

>> SPEWS has had a couple of false positives over the years [lisitng IP
>> blocks not belonging to who SPEWS thought they belonged to] but they
>> corrected the information as soon as it was brought to their
>> attention.  Other then that SPEWS has had no false positives I am
>> aware of.
>
>That's a good one. Ferguson. Pity it's an old trick and you can't kid
>anyone.

Pity you are not able to post evidence of any of the claims you have
made.

>You are a conman because you should know that even the most reliable BLs can
>produce false positives.

I already stated SPEWS has had false positives.  It is you that are
dishonest in your defining of what a false positive is.

>But your job as a brain-washed spews supporter is to bullsh*it and lie in
>the hope that they may be swallowed by the uninitiated.

My job, as others have claimed is not good enough is to deliver and
install appliances and furniture.

>Those days are over.

You do keep saying that and everybody keeps posting.  How do you mean
those days are over?  Am I going to win the lottery or in some other
way become independantly wealthy?

>> Oh, you are talking about the other IP addresses that are
>> rented/leased to the ISP that spam is not originating from.  That
>> isn't a false positive because that is the target, the provider.
>
>BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

Again I can go BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

>You must have sworn to crack jokes today!

I haven't touched you Moris.

>The target of spews is to blacklist and blackmail the innocent email users
>and hosting providers.

You keep claiming this yet you have never posted proof.  Is it your
intention to just continue to make false claims hoping somebody,
somewhere will believe you or are you going to actually post real
evidence?  I know, a question that will go unanswered.

>> Because the customer of the target is affected means what?  They are
>> false positives?
>
>Indeed, they are.

Nope.  To define a false positive you must ask the lister.  Since the
criterea is quie clear as to how an IP address gets listed and how and
why the list is expanded your claim does not hold water, e.g. an
upturned glass.

>There are at least two victims in a false positive. One is the sender of the
>non-spam email. The second, is the intended recipient of the non-spam email.

The IP addresses listed are rented/leased by the person listed so it
is not a false positive.  If the IP addresses were leased/rented by
some other provider then it would be a false positive.

>When someone sends a non-spam email and that email is blocked by a server
>admin using the spews list, it is a false positive.

When the IP listed is not leased or rented by the intended listee it
is a false positive.  Since the non-spam email is sent from an IP
leased or rented from the provider that was intended to be listed it
is not a false positive, but since you already know this and are so
dishonest that you cannot conceed this as fact you are simply a liar,
a cheat and a deciever.

>You should read up more about the Internet and the email system. You seem
>pretty ignorant. Could it be that you are too stupid to grasp simple
>concepts?

The email systems have nothing to do with the reasons SPEWS list IP
address.  If the IP address is sending spam or hosting spammers the IP
addy is listed.  If the problem persist then the list is expanded as
per SPEWS' FAQ.

This has nothing to do with email or anything except their rules for
an IP address being listed.  You know this but are so dishonest you
need to lie, cheat and decieve.

>> This means you know the intentions of SPEWS
>
>Which is to blacklist and blackmail the innocent email users and hosting
>providers.

To stop spammers.

>The crooks behind spews are abusers of the email system. That's why spews
>must be scrutinized until its abuse stops.

Proof of course of this would be a good place to start but since I
know you to be a liar, a cheat and a deciever I know I will never see
it.

>You are just a typical spews scum because you refuse to accept you are wrong
>even though you know you are.

For me to accept I am wrong is simply a matter of you showing me I am
in error.  You fail to answer questions, you lie, you cheat, you
intentionally decieve but you have never shown me were I was in error.

If you wish me to accept I am in error then show me where my error(s)
are.

>You are a serial liar and a scumbag.

Of course you can show me were I have lied.

>> Anything else I can help you to clarify?
>
>People would prefer to consult a carpet worm than a dimwit.

You speak for all I see :-)

>FACT: Over 98% of IPs listed in spews are NON-SPAMMING.

That are rented by or leased by the intended target of each and every
listing SPEWS makes.

>THE ULTIMATE GOAL OF SPEWS IS TO BLACKLIST AND DEFAME LAWFUL (A.K.A.
>NON-SPAMMING) EMAIL USERS AND SERVICE PROVIDERS.

Proof is just too much for anybody to ask.

>Learn more about what spews actually is and does from these 37,000 Google
>links:
>
>http://www.google.com/search?num=100&hl=en&lr=lang_en&newwindow=1&safe=off&c
>2coff=1&q=spews+blocked

This means others find SPEWS lists helpful and use them to protect
themselves... it is a good thing.

>[ OR http://tinyurl.com/9ad8x ]
>
>
--
Mark

On comp.mail.misc, in <i7UAc.10084$Wr.7693@newsread1.news.pas.earthlink.net>, "Alan Connor" wrote:

This is the Original Post on this thread, which the
fuckwitted spammer-troll losers are allegedly discussing.

They don't want you to see this.

> 
> 
> http://spamarrest.com/pressoffice/news/index.jsp
> 
> 
> 
> Famed hacker endorses Spam Arrest
> Toronto Star - August 4, 2003
> So what does [Kevin] Mitnick, former
> hacker supremo, use to guard against
> spam? "I use Spam Arrest," he told
> The Guardian. "Any legitimate person
> who wants to send me a message has to
> jump through hoops before they can be
> added to my opt-in list." Read
> more...
> 
> 

Spam Arrest is a Challenge-Response System.

Kevin Mitnick is one of the leading computer
security consultants in the world.

Me thinks that he knows better than a bunch
of spammer/trolls.

Just a hunch.

These petty criminals hate Challenge-Response
Systems because they can't beat them.

Which is why these systems are becoming more and more popular,
with even major ISPs like Earthlink offering them to their
regular customers as a part of their spam-fighting package.

I haven't read a single post on this re-incarnated thread.

I don't read trollshit.

I use a Challenge-Response System. You can mail me, but
if you don't use your real return address, I'll never even
know you tried to mail me.

alanconnor AT earthlink DOT net

AC


-- 
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html

· Alan Connor <zzzzzz@xxx.yyy>:

> I use a Challenge-Response System. You can mail me, but
> if you don't use your real return address, I'll never even
> know you tried to mail me.
> 
> alanconnor@earthlink.net

I'm curious: If your system is so great and powerful,
why do you munge your adress in the From: header of
every posting you send out? 

Further: How do you prevent, that your system is spamming
other people (scenario: idiot with forged adress sends
mail to a "protect" adress, your system then sends out a
probe)?

Alexander Skwar
-- 
we:
        The single most important word in the world.

"Mark Ferguson" <admin@whew.com> wrote in message
news:k5h191h4dqfq54i5l2roegn9ne4c6bh823@4ax.com...

> > On Sun, 22 May 2005 17:26:33 GMT, "Moris"
> > <pritanda@REMCAPSyahoo.co.uk> wrote:
> >
> > There are thousands of providers who are anti-spam and they
> > don't use spews, knowing its effect on innocent (read:
> > non-spamming) email users.

> Of course you have proof of this, oh what am I saying.... this is
> just you pulling another moris :-)

Nice joke, but no jelly for you...

As a brain-washed spews fanatic your job is to defend the fugitive
fuc*khole behind spews. You are part of the fraud that is called
spews.

Server admins are well aware of spews and the dangers of using it.

Heck, even SpamAssassin has removed spews from its blocklist tests
after massive complaints from its users for generating huge amounts of
false positives.

See what the owner of another email blocklist has to say about spews:
"Prior to today, the spews database was included in the
t1.dnsbl.net.au aggregate zone. After suggestions from subscribers, I
have decided to only include 'safe' data in the t1 aggregate zone.
This means that the spews data, is no longer included in the t1
aggregate zone."

Another proof of spews being found unsafe for email spam filtering.

Look at all those tens of thousands of spews victims in the Google
links in my previous post.

And remember how Outblaze.com kicked spews out of its 30 million
mailboxes after it found that spews not only was ineffective in
reducing spam, but it was also causing legitimate emails to disappear.

The case against spews is all around you. You can easily see the
proof, unless you are a blind-folded spews fanatic, that is.

[snipped kook screech from a spews fanatic]

In message <1456211.d84kGAACmt@m-id.message-center.info> Alexander Skwar
<alexander@skwar.name> wrote:

>� Alan Connor <zzzzzz@xxx.yyy>:
>
>> I use a Challenge-Response System. You can mail me, but
>> if you don't use your real return address, I'll never even
>> know you tried to mail me.
>> 
>> alanconnor@earthlink.net
>
>I'm curious: If your system is so great and powerful,
>why do you munge your adress in the From: header of
>every posting you send out? 
>
>Further: How do you prevent, that your system is spamming
>other people (scenario: idiot with forged adress sends
>mail to a "protect" adress, your system then sends out a
>probe)?

He doesn't -- He just pretends it's not a problem.  He even goes as far
as to claim it isn't a problem sometimes.

The 500 odd C/R messages I received last week, mostly in response to the
German crap, would seem to disagree.

Most were from a small set of C/R products, I have already automated
positive responses to two of them and I manually confirmed a bunch of
the rest as I added SpamAssassin rulesets to keep their C/R crap away
from my users.


-- 
Oh well, I guess this is just going to be one of those lifetimes.

This is a MIME GnuPG-signed message.  If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-24916-1116808092-0002
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Beavis writes:

> On comp.mail.misc, in <i7UAc.10084$Wr.7693@newsread1.news.pas.earthlink.net>, Beavis wrote:
>

Beavis, listen to your doctor and stop talking to yourself.

It took -- what, two days? -- for you to get over your latest 
bitch-slapping, and this is the best that you could come back with?

> This is the Original Post on this thread, which the
> fuckwitted spammer-troll losers are allegedly discussing.
> 
> They don't want you to see this.

If you're not taking your meds, Beavis, you better start taking them soon.  
If you are taking some meds, you should stop taking them.

But, speaking of things you don't want others to see:

http://tinyurl.com/ifrt - Beavis hot on the trail of the author of MSBlast.

http://tinyurl.com/ys6z4 - Beavis offering hacking advice.

http://tinyurl.com/5qqb6 - Beavis recommends rsh for remote login access 
over the Internet.

http://tinyurl.com/3swes - Beavis describes his sooper-dooper slrn 
configuration; strangely enough he's silent as to where one might find this 
amazing code.


> Kevin Mitnick is one of the leading computer
> security consultants in the world.
> 
> Me thinks that he knows better than a bunch
> of spammer/trolls.

That's where you went wrong, Beavis.  That's your fatal error: you tried to 
think.  Cut it out.  You can't do that, you should know that by now.

> These petty criminals hate Challenge-Response
> Systems because they can't beat them.
> 
> Which is why these systems are becoming more and more popular,
> with even major ISPs like Earthlink offering them to their
> regular customers as a part of their spam-fighting package.

Beavis FAQ question #8.

> I haven't read a single post on this re-incarnated thread.

FAQ #6

> I don't read trollshit.

FAQ #12

> I use a Challenge-Response System. You can mail me, but
> if you don't use your real return address, I'll never even
> know you tried to mail me.

FAQ #2


FAQ: Canonical list of questions Beavis refuses to answer (V1.20)

This is a canonical list of questions that Beavis never answers. This FAQ is 
posted on a semi-regular schedule, as circumstances warrant.

For more information on Beavis, see:

http://angel.1jh.com/nanae/kooks/alanconnor.shtml

Although Beavis has been posting for a long time, he always remains silent 
on the subjects enumerated below.  His response, if any, usually consists of 
replying to the parent post with a loud proclamation that his Usenet-reading 
software runs a magical filter that automatically identifies anyone who's 
making fun of him, and hides those offensive posts.  For more information 
see question #9 below.

============================================================================

1) If spammers avoid forging real E-mail addresses on spam, then where do 
all these bounces everyone reports getting (for spam with their return 
address was forged onto) come from?

2) If your Challenge-Response filter is so great, why do you still munge 
when posting to Usenet?

3) Do you still believe that rsh is the best solution for remote access? 
(http://tinyurl.com/5qqb6)

4) What is your evidence that everyone who disagrees with you, and thinks 
that you're a moron, is a spammer?

5) How many different individuals do you believe really post to 
comp.mail.misc? What is the evidence for your paranoid belief that everyone, 
except you, who posts here is some unknown arch-nemesis of yours?

6) How many times, or how often, do you believe is necessary to announce 
that you do not read someone's posts?  What is your reason for making these 
regularly-scheduled proclamations?  Who do you believe is so interested in 
keeping track of your Usenet-reading habits?

7) When was the last time you saw Bigfoot (http://tinyurl.com/23r3f)?

8) If your C-R system employs a spam filter so that it won't challenge spam, 
then why does any of the mail that passes the filter, and is thusly presumed 
not to be spam, need to be challenged?

9) You claim that the software you use to read Usenet magically identifies 
any post that makes fun of you.  In http://tinyurl.com/3swes you explain 
that "What I get in my newsreader is a mock post with fake headers and no 
body, except for the first parts of the Subject and From headers."

Since your headers indicate that you use slrn and, as far as anyone knows, 
the stock slrn doesn't work that way, is this interesting patch to slrn 
available for download anywhere?

10) You regularly post alleged logs of your procmail recipe autodeleting a 
bunch of irrelevant mail that you've received.  Why, and who exactly do you 
believe is interested in your mail logs?

11) How exactly do you "enforce" an "order" to stay out of your mailbox,
supposedly (http://tinyurl.com/cs8jt)?  Since you issue this "order" about
every week, or so, apparently nobody wants to follow it.  What are you going
to do about it?

12) What's with your fascination with shit? (also http://tinyurl.com/cs8jt)?


--=_mimegpg-commodore.email-scan.com-24916-1116808092-0002
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBCkSOcx9p3GYHlUOIRAl9EAJsEp5gCWDBV722zX2zbifYPZiC0kACeNtn1
htHLa1hMCCodBHOSyWo93Pg=
=LLIw
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-24916-1116808092-0002--

On Sun, 22 May 2005, Alan Connor wrote:
> On comp.mail.misc, in <i7UAc.10084$Wr.7693@newsread1.news.pas.earthlink.net>, "Alan Connor" wrote:
>
> This is the Original Post on this thread, which the
> fuckwitted spammer-troll losers are allegedly discussing.
>
> They don't want you to see this.
> >
> > http://spamarrest.com/pressoffice/news/index.jsp

Spamarrest itself has been the object of spam - in that whomever has written it
(or someone claiming to have written it) has spammed with spamarrest being the
product they advertised.

AC loses again.

On Sun, 22 May 2005, Mark Ferguson wrote:
> On Sun, 22 May 2005 05:41:39 GMT, "D. Stussy" <kd6lvw@bde-arc.ampr.org> wrote:
> >On Sat, 21 May 2005, Mark Ferguson wrote:
> >> I about pee'd my pants from laughing so hard when I read your post.
> >> admins using SPEWS and not knowing about SPEWS, damn that's funny.
> >
> >Your control problems are your personal business.
>
> More from you :-)  Let me see if is funny or not.
>
> >There are some that think that SPEWS is MERELY "just another RBL listing
> >spammers" and don't know that such is not what it actually lists.
>
> Now that is funny.  Good thing my morning coffee was not that hot or I
> would have burned myself.
>
> >  [Ask
> >yourself about how admins find out about RBLs.  Unless they visit and
> >understand the SPEWS FAQ (complete with its contradictions), they will never
> >learn that it is different.]
>
> Any admin that does not know what a BL list does knows not to use it.
> If the admin uses a BL that he has not investigated he most likely
> should not be an andmin.

I don't disagree with that.  However, I'm willing to bet that there are some
"admins" (term used very loosely) that DO use certain RBLs (including DNSBLs)
without knowing exactly what they list.  All I need is to find ONE such person
to prove my case - while you have to show that no such person exists (or can
exist).

Although SPEWS' operators claim that they don't act on newsgroup posts (from
the SPEWS' FAQ), others have claimed that they nevertheless do read NANAE.
Therefore, I will assume that whoever operates SPEWS may read this.

Why not set up a survey of all SPEWS users?  We can identify them from the IP
addresses of their DNS servers when they query SPEWS.  Therefore, it shouldn't
be too hard to e-mail each-and-every one of them (using the postmaster mailbox
of their domain) and ask them a set of survey questions.  Since they all use
SPEWS, they "do business" with SPEWS so under most anti-spamming laws, the
unsolicited contact would NOT be spam.  Should any of them respond to the
survey with an answer of "no" to the question of "Did you know that SPEWS may
list non-spammers' IP addresses that share a provider with a listed spammer?",
then my statement is precisely validated.


> > SPEWS is a knee-jerk reaction on steroids that
> >intentionally lists non-spammers as if those customers of the ISPs that the
> >spammers "inhabit" have any say in the matter (they don't).
>
> More funnies.  Damn good thing I set my coffee down.  I have a lot to
> say to my ISP and they either listen or I instigate an uprising and a
> mass exodus.

A "mass exodus" also requires that these legitimate, non-spammer customers have
another place to go.  Perhaps you are unaware that in some regions, providers
have insufficient supply for the demand of hosting and that there are waiting
lists.  Such was the case 2 years ago when my friends and I had to find a new
provider when our old one went bankrupt and out of business.  We were lucky in
that we were able to act quickly - but others we knew from that facility are
still wait-listed.

> Customer loyalty only goes as far as company loyalty.  I like my
> provider and they _are_ _very__very__very__very_ anti-spam.  If the
> were listed in SPEWS I would leave and find another provider.

And if there were no other provider in your area?

> For them to get listed in SPEWS they would have to have spam eminate
> from or for their customers.

All it seems to take is exactly ONE spammer customer.  That will never justify
listing the entire netblock - with the other 4,000 non-spammers also being
blocked as a result of using the list.

> They would then have to ignore complaints.
> The spam would have to continue.
> The complaints would have to continue to be ignored.
>
> Only after this would I be affected by a SPEWS listing and at that
> point my provider would be supporting a spammer and not worth my
> loyalty so I would pack it in and find a reputable provider.

Still, only takes one spammer - and causes collateral damage to 2^12
non-spammers.

> >A good selection of about 6-8 RBLs, a bayesian filter backend,
>
> It is called content filtering and is okay if you wish to top spam
> from being delivered to your inbox.
>
> >and an
> >identification system to identify (and block email from) dynamic IP assignments
> >works
>
> This works to prevent spam from being delivered to your inbox based on
> the originating IP address if it is being sent from a Dial Up Pool.
>
> >BETTER than using SPEWS
>
> SPEWS stops spammers from being able to send it by getting providers
> to terminate them.

Obviously, such is INEFFECTIVE.  Otherwise, SPEWS would have existed for a
short time, with all ISPs thereafter canning their spammers, then not need to
exist any longer.  The continued existence of SPEWS demonstrates its
ineffectiveness.  As I have stated previously to NANAE and c.m.m, it is the
flawed philosophy of SPEWS which is the defect.

> I like the idea of stopping spammers from sending spam better then I
> like the idea of stopping spam from being delivered in my inbox.

Then write your government representative to make it illegal AND provide a
source of funding for enforcement costs.  Until it's internationally illegal,
it will continue.

> It is logical to think that if the spam was stopped from being sent
> then there would be no need to stop it from being delivered in to your
> inbox.
>
> > because the false-positive rate will [always] be
> >lower, due to SPEWS flawed target philosophy of including the non-spamming IPs.
>
> SPEWS has had a couple of false positives over the years [lisitng IP
> blocks not belonging to who SPEWS thought they belonged to] but they
> corrected the information as soon as it was brought to their
> attention.  Other then that SPEWS has had no false positives I am
> aware of.

Brought to SPEWS' attention HOW?  Remember that they don't have inbound email
service nor act on newsgroup posts.....

> Oh, you are talking about the other IP addresses that are
> rented/leased to the ISP that spam is not originating from.  That
> isn't a false positive because that is the target, the provider.

Which is clearly different from what the other RBLs list....

> Because the customer of the target is affected means what?  They are
> false positives?  This means you know the intentions of SPEWS but you
> knowingly lie, cheat and deceive thinking you will impugn the
> reputation of those you dislike.

ANY denial of legitimate mail (i.e. not spam) is a false positive.

SPEWS itself knowingly lies, by self-contradiction, in their FAQ (as
demonstrated before), just like spammers themselves do, so your point is?

> This is a common tactic used by the weak minded that truly believe
> they are smarter then those around them.  In this fashion you weak
> minded prey on the lesser mind to get the end result you desire
> instead of forcing those responsible, the provider to actually stop
> supporting spammers.

The ASSumption that a provider's customers can influence that provider into
terminating another customer (the spammer) is a SPEWS fantasy.

> This is the typical tactic of losers that don't have the
> where-with-all to actually pull themselves up and rise above the
> bullshit around them and do something to stop the abuse of others.

No.  Those people are the ones that employ challenge-response systems, by
shifting their spam burden onto others.

> You are just typical scum and are deserving of the treatment you get
> because you refuse to accept you are wrong even though you know you
> are.
>
> You are a liar, cheat, deceiver and in general a scumbag.
> Anything else I can help you to clarify?

No.  It's pretty clear that you're in the collective of SPEWS-pond-scum.

On Sun, 22 May 2005, Mark Ferguson wrote:
> On Sun, 22 May 2005 17:26:33 GMT, "Moris" <pritanda@REMCAPSyahoo.co.uk> wrote:
> >...
> >Spews is ineffectual on both counts.
>
> You are of course correct sincce SPEWS does not block anything.

But use of SPEWS is to cause blocking.  You know very well what he was saying,
semantics aside.

> >You are a conman because you should know that even the most reliable BLs can
> >produce false positives.
>
> I already stated SPEWS has had false positives.  It is you that are
> dishonest in your defining of what a false positive is.

But you ignored the fact that while the use of other anti-spam systems
maximize spam-identification while minimizing the impact on legitimate mail,
SPEWS' design of what they list maximizes both spam source identification and
its inteference with legitimate mail.

Whether an e-mail is spam or legitimate is determined solely by CONTENT, not
its source.  It may be that historically, most spam originates from the same
source collection, but with the "popularity" of compromised machines, such will
soon cease to be true.  It is only the SPEWS-user who wishes to define mail
legitimacy in a way that differs from the usage of everyone else.

> >The target of spews is to blacklist and blackmail the innocent email users
> >and hosting providers.
>
> You keep claiming this yet you have never posted proof.  Is it your
> intention to just continue to make false claims hoping somebody,
> somewhere will believe you or are you going to actually post real
> evidence?  I know, a question that will go unanswered.

SO, all those complaints to NANAE coming from non-spammers aren't proof?

On Mon, 23 May 2005 01:54:28 GMT, "D. Stussy"
<kd6lvw@bde-arc.ampr.org> wrote:

>On Sun, 22 May 2005, Mark Ferguson wrote:
>> On Sun, 22 May 2005 17:26:33 GMT, "Moris" <pritanda@REMCAPSyahoo.co.uk> wrote:
>> >...
>> >Spews is ineffectual on both counts.
>>
>> You are of course correct sincce SPEWS does not block anything.
>
>But use of SPEWS is to cause blocking. 

A clear choice made by informed admins and _not_ the SPEWS admins.
You use circular logic in this.

> You know very well what he was saying,
>semantics aside.

The data you use is flawed, you know this and still you use it.  Is
there any chance your conclusion does not share teh same flaws as your
data, only to a greater degree?

>> >You are a conman because you should know that even the most reliable BLs can
>> >produce false positives.
>>
>> I already stated SPEWS has had false positives.  It is you that are
>> dishonest in your defining of what a false positive is.
>
>But you ignored the fact that while the use of other anti-spam systems
>maximize spam-identification while minimizing the impact on legitimate mail,
>SPEWS' design of what they list maximizes both spam source identification and
>its inteference with legitimate mail.

Other BL simply stop spam from reaching your inbox.  SPEWS might be
looking at the bigger picture and so might the admins and companies
that use SPEWS.  That bigger picture might be to stop spam from being
sent so their is no need for other BL.

>Whether an e-mail is spam or legitimate is determined solely by CONTENT, 

The determining facture of spam in every difintion I have heard with
the exception of spammers and the DMA [the same mentality IMHO] begins
with the word "Unsolicited".

Now I am unsure how you stretched this to mean content instead of
consent is beyond my meager abilities to rationalize.  Maybe it was
simple spelling error on your part or you could elaborate how you
confused the two words.

>not
>its source. 

Every spam/ube/uce/etc... originates from a source IP address and
while the source IP is never the defining requisite for spam it is a
good place to block if you wish to prevent more of it.

> It may be that historically, most spam originates from the same
>source collection, but with the "popularity" of compromised machines, such will
>soon cease to be true.

Thankfully SPEWS listed enough of BLUEYONDER to get their attention
and the attention of the news media to get that mess cleaned up.

>  It is only the SPEWS-user who wishes to define mail
>legitimacy in a way that differs from the usage of everyone else.

Well since it the SPEWS user that is the admin oe owner of the
machines being protected by SPEWS that only seems right and fair.

Thank you for making that clear.

>> >The target of spews is to blacklist and blackmail the innocent email users
>> >and hosting providers.
>>
>> You keep claiming this yet you have never posted proof.  Is it your
>> intention to just continue to make false claims hoping somebody,
>> somewhere will believe you or are you going to actually post real
>> evidence?  I know, a question that will go unanswered.
>
>SO, all those complaints to NANAE coming from non-spammers aren't proof?

You did say "innocent hosting providers" and "innocent email users".  

The provider that allows spam from his network for money or because it
is to expensive to clean up the mess is not innocent.

The end user that knowingly supports spam supporting ISP's is not
innocent either.

You provide circular logic and nothing more.

SPEWS is blocking email when you know SPEWS blocks nothing.

Those admins that use SPEWS don't know what SPEWS is.

The ISP that has spammers and ignore complaints is innocent and not
responsable for their network being listed in blacklists.

Not of your points hold water and if they were an upturned glass.

--
Mark

On Sun, 22 May 2005, Mark Ferguson wrote:
> On Mon, 23 May 2005 01:54:28 GMT, "D. Stussy" <kd6lvw@bde-arc.ampr.org> wrote:
> >On Sun, 22 May 2005, Mark Ferguson wrote:
> >> On Sun, 22 May 2005 17:26:33 GMT, "Moris" <pritanda@REMCAPSyahoo.co.uk> wrote:
> >> >...
> >> >Spews is ineffectual on both counts.
> >>
> >> You are of course correct sincce SPEWS does not block anything.
> >
> >But use of SPEWS is to cause blocking.
>
> A clear choice made by informed admins and _not_ the SPEWS admins.
> You use circular logic in this.

No, I don't.  SPEWS is a blocklist and you know it.

> > You know very well what he was saying,
> >semantics aside.
>
> The data you use is flawed, you know this and still you use it.  Is
> there any chance your conclusion does not share teh same flaws as your
> data, only to a greater degree?

What data were that?

> >> >You are a conman because you should know that even the most reliable BLs can
> >> >produce false positives.
> >>
> >> I already stated SPEWS has had false positives.  It is you that are
> >> dishonest in your defining of what a false positive is.
> >
> >But you ignored the fact that while the use of other anti-spam systems
> >maximize spam-identification while minimizing the impact on legitimate mail,
> >SPEWS' design of what they list maximizes both spam source identification and
> >its inteference with legitimate mail.
>
> Other BL simply stop spam from reaching your inbox.  SPEWS might be
> looking at the bigger picture and so might the admins and companies
> that use SPEWS.  That bigger picture might be to stop spam from being
> sent so their is no need for other BL.

So you wish.  SPEWS does not list compromised machines that are on dynamic
allocations - so it can't cause "no need for other BLs."

> >Whether an e-mail is spam or legitimate is determined solely by CONTENT,
>
> The determining facture of spam in every difintion I have heard with
> the exception of spammers and the DMA [the same mentality IMHO] begins
> with the word "Unsolicited".

There are many types of unsolicited mail.  ANY mail that is not a reply to some
other mail is unsolicited, even those to your friends (assume you have one) or
relatives (assume they haven't disowned you), absent some other form of
communication requesting it.  For it to be spam, it ALSO has to be advertising
something (a web site, a product, etc.) or soliciting something (e.g.
charitable giving, voting for a candidate, identity theft [Yes, I consider
"phishing" a form of spam], etc.) - and that's determined by CONTENT.

Some people DO want to hear from the public at large, or from a distant
relative they didn't know they had (or know the mailbox of), etc.  Those are
unsolicited yet acceptable - NOT ALL unsolicited mail is spam; there's more to
it.

> Now I am unsure how you stretched this to mean content instead of
> consent is beyond my meager abilities to rationalize.  Maybe it was
> simple spelling error on your part or you could elaborate how you
> confused the two words.

No error here.

> >not
> >its source.
>
> Every spam/ube/uce/etc... originates from a source IP address and
> while the source IP is never the defining requisite for spam it is a
> good place to block if you wish to prevent more of it.

Until you find out that your Uncle Joe also uses that same source IP address....

> > It may be that historically, most spam originates from the same
> >source collection, but with the "popularity" of compromised machines, such will
> >soon cease to be true.
>
> Thankfully SPEWS listed enough of BLUEYONDER to get their attention
> and the attention of the news media to get that mess cleaned up.

So, if SPEWS were to list 0.0.0.0/0, then would that clear up the entire
Internet overnight?  :-)

> >  It is only the SPEWS-user who wishes to define mail
> >legitimacy in a way that differs from the usage of everyone else.
>
> Well since it the SPEWS user that is the admin oe owner of the
> machines being protected by SPEWS that only seems right and fair.
>
> Thank you for making that clear.
>
> >> >The target of spews is to blacklist and blackmail the innocent email users
> >> >and hosting providers.
> >>
> >> You keep claiming this yet you have never posted proof.  Is it your
> >> intention to just continue to make false claims hoping somebody,
> >> somewhere will believe you or are you going to actually post real
> >> evidence?  I know, a question that will go unanswered.
> >
> >SO, all those complaints to NANAE coming from non-spammers aren't proof?
>
> You did say "innocent hosting providers" and "innocent email users".
>
> The provider that allows spam from his network for money or because it
> is to expensive to clean up the mess is not innocent.
>
> The end user that knowingly supports spam supporting ISP's is not
> innocent either.

Prove that these other customers of a given ISP KNOW that their ISP is
harboring a spammer.  Have you asked them?  What did they say?  [OH, little
problem, SPEWS-droid:  You can't get their replies because you blocked them.]
So, where is your proof that they KNOWINGLY support a spam-supporting ISP?

You assume that any and all non-spamming clients of a spam-supporting ISP know
that their provider is a spam-supporter, and thus they are not innocent
bystanders collaterally damaged by those who use SPEWS to block their
legitimate mail.  Your proof is?  [Magic 8-balls don't count.]

> You provide circular logic and nothing more.
> SPEWS is blocking email when you know SPEWS blocks nothing.

I know that SPEWS (as with any DNSBL) is used to identify e-mail to be blocked.
I never said that SPEWS itself performs the action.

> Those admins that use SPEWS don't know what SPEWS is.

You said it!  That's the problem:  If at least one admin who configures his
system to use SPEWS doesn't know what SPEWS lists, that proves my original
statement.

> The ISP that has spammers and ignore complaints is innocent and not
> responsable for their network being listed in blacklists.

I didn't say that the ISP itself was innocent.  I stated that its non-spamming
customers were, unless you can prove otherwise (which you can't as
demonstrated above).

> Not of your points hold water and if they were an upturned glass.

And none of your points do.

On comp.mail.misc, in <Pine.LNX.4.62.0505230357580.63@kd6lvw.ampr.org>, "D. Stussy" wrote:

<snip garbage>

>>On comp.mail.misc, in
>><i7UAc.10084$Wr.7693@newsread1.news.pas.ear
>>thlink.net>, "Alan Connor" wrote:
>>> http://spamarrest.com/pressoffice/news/index.jsp
>>>
>>>
>>>
>>> Famed hacker endorses Spam Arrest Toronto Star -
>>> August 4, 2003 So what does [Kevin] Mitnick, former
>>> hacker supremo, use to guard against spam? "I use
>>> Spam Arrest," he told The Guardian. "Any legitimate
>>> person who wants to send me a message has to jump
>>> through hoops before they can be added to my opt-in
>>> list." Read more...
>>>
>>
>>
>

<snip more garbage>

>>The above fails to mention that Kevin Mitnick is one
>>of the world's leading computer security consultants
>>and that Spam Arrest is a Challenge-Response System.
>>
>>These have now been adopted by Earthlink and other
>>ISPs as one of their standard spamfighting tools
>>because spammers and trolls can't beat them and they
>>take almost no maintenance (that which is required is
>>very simple and takes a few minutes a week at most).
>>
>>
>

<snip more garbage>

What you are seeing here is garbage posted by trolls
and spammers (their sockpuppets, because they are
petty criminals who can't use their real names or even
consistent aliases) who HATE Challenge-Response
Systems because they cannot beat them.

I use one, and all of the garbage they send to me
every day goes completely un-noticed by me unless
I have a reason to check my logs.

This bothers the poor cretins a great deal.

They are used to being able to flood the mailboxes
of anyone they choose with spam or abuse or worse.

Mail me: 
alanconnor AT earthlink DOT net

But if you don't Use your real return address
I won't even know you even tried.

http://tinyurl.com/2t5kp 

Go ahead and use a conventional spam filter. These
creeps are the world's foremost experts in their
use, which is why you get spam and lose mail that
you want to get.


AC

-- 
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html

In message <NT7ke.4966$Lc1.1734@newsread3.news.pas.earthlink.net> Alan
Connor <zzzzzz@xxx.yyy> wrote:

>Spam Arrest is a Challenge-Response System.
>
>Kevin Mitnick is one of the leading computer
>security consultants in the world.
>
>Me thinks that he knows better than a bunch
>of spammer/trolls.
>
>Just a hunch.
>
>These petty criminals hate Challenge-Response
>Systems because they can't beat them.
>
>Which is why these systems are becoming more and more popular,
>with even major ISPs like Earthlink offering them to their
>regular customers as a part of their spam-fighting package.
>
>I haven't read a single post on this re-incarnated thread.
>
>I don't read trollshit.
>
>I use a Challenge-Response System. You can mail me, but
>if you don't use your real return address, I'll never even
>know you tried to mail me.
>
>alanconnor AT earthlink DOT net

So why all the munging of your address if your C/R system is so awesome?


-- 
If you can remain calm, you just don't have all the facts.

Alan Connor wrote:

> <snip more garbage>
> 
> What you are seeing here is garbage posted by trolls
> and spammers (their sockpuppets, because they are
> petty criminals who can't use their real names or even
> consistent aliases) who HATE Challenge-Response
> Systems because they cannot beat them.

I'm not a sockpuppet, my real name is at the bottom of these posts, and 
so is my real website, which you can follow to obtain my real email 
address if you need to reach me in that manner.

I don't like challenge response systems because I don't want to put 
barriers in front of people who need to send me email.  On a technical 
level, it's a lousy answer to the spam problem, but that's a secondary 
objection: primarily I don't like it because it hassles legitimate 
inquiries from new customers and therefor is completely unsuitable for 
business use.

As to HATE, well, I do have strong dislike for net-kooks like you who 
think the world is against them because only you have the truth, the 
way, and the answer to all questions.  You need help with your paranoid 
fantasies, but you'll probably never seek that.



-- 
Tony Lawrence
Unix/Linux/Mac OS X  resources: http://aplawrence.com

"Mark Ferguson" <admin@whew.com> wrote in message
news:rie291tu8kle419lba5coj7pcbjd2hcoul@4ax.com...

> Other BL simply stop spam from reaching your inbox.  SPEWS might be
> looking at the bigger picture and so might the admins and companies
> that use SPEWS.  That bigger picture might be to stop spam from
> being sent so their is no need for other BL.

Spews has done NOTHING to abate spam (not even 1 iota) in all 4 years
of its existence. And that's a fact.

If you have proof to the contrary, let us know!

> Well since it the SPEWS user that is the admin oe owner of the
> machines being protected by SPEWS that only seems right and fair.

That is a fallacy perpetuated by the criminal behind spews and its
disciples (like you). Spews does not protect a mail server! To the
contrary, it creates all sorts of problems because of its very high
propensity for false positives.

Let's remember that over 98% of IP addresses blacklisted by spews are
NON-SPAMMING.

And in fact, there isn't a single blocklist that can protect a mail
server 100%.

> You did say "innocent hosting providers" and "innocent email users".
>
> The provider that allows spam from his network for money or because
> it is to expensive to clean up the mess is not innocent.

That is another fallacy from spews... Hundreds of non-spamming HSPs
(hosting service providers) and ISPs are blacklisted in spews for no
reason. And you know it!

Not only that, some of the spews evidence files date back to 2002 and
have never been updated.

> The end user that knowingly supports spam supporting ISP's is not
> innocent either.

Yet another fallacy from a moronic spews fanatic... Do what D. Stussy
has suggested. Hold a survey amongst those innocents and find out how
wrong you are! But wait, you can't! You have those innocent email
users blocked... thanks to spews!

Let's face it, you are one of a few scums left in NANAE spewing bogus
spews propaganda. You have no chances of survival!

On comp.mail.misc, in
<x4jke.9329$iq5.6319@fe1.news.blueyonder.co.uk>, "Moris" wrote:

> "Mark Ferguson" <admin@whew.com> wrote in message
> news:rie291tu8kle419lba5coj7pcbjd2hcoul@4ax.com...
>
>> Other BL simply stop spam from reaching your inbox.  SPEWS
>> might be looking at the bigger picture and so might the admins
>> and companies that use SPEWS.  That bigger picture might be to
>> stop spam from being sent so their is no need for other BL.
>
> Spews has done NOTHING to abate spam (not even 1 iota) in all 4
> years of its existence. And that's a fact.
>
> If you have proof to the contrary, let us know!
>
>> Well since it the SPEWS user that is the admin oe owner of the
>> machines being protected by SPEWS that only seems right and
>> fair.
>
> That is a fallacy perpetuated by the criminal behind spews
> and its disciples (like you). Spews does not protect a mail
> server! To the contrary, it creates all sorts of problems
> because of its very high propensity for false positives.
>
> Let's remember that over 98% of IP addresses blacklisted by
> spews are NON-SPAMMING.
>
> And in fact, there isn't a single blocklist that can protect a
> mail server 100%.
>
>> You did say "innocent hosting providers" and "innocent email
>> users".
>>
>> The provider that allows spam from his network for money
>> or because it is to expensive to clean up the mess is not
>> innocent.
>
> That is another fallacy from spews... Hundreds of non-spamming
> HSPs (hosting service providers) and ISPs are blacklisted in
> spews for no reason. And you know it!
>
> Not only that, some of the spews evidence files date back to
> 2002 and have never been updated.
>
>> The end user that knowingly supports spam supporting ISP's is
>> not innocent either.
>
> Yet another fallacy from a moronic spews fanatic... Do what
> D. Stussy has suggested. Hold a survey amongst those innocents
> and find out how wrong you are! But wait, you can't! You have
> those innocent email users blocked... thanks to spews!
>
> Let's face it, you are one of a few scums left in NANAE spewing
> bogus spews propaganda. You have no chances of survival!
>

They claim to want to end spam, but they do exactly what the
post office does with junk mail: They facilitate it.

They just aren't HONEST about it. Instead of promoting the
use of Challenge-Response Systems, which would truly end
email if only half the people used them (or less), they
promote the use of strategies and software that the spammers
can easily beat.

Another strategy that would be even better than
Challenge-Response Systems would be to re-write the SMTP
protocol, cutting out all the loop-holes that spammers use.

But until that is done, Challenge-Response Systems are
the only type of filters that really eliminate spam, because
they reject anonymous mail. 

Which is what MTA's in the SMTP network should do....

That's why Earthlink and other ISPs are offering them
to their clients now, and why the famous hacker, Kevin
Mitnick (now one of the world's leading computer
security consultants) use them, and all sorts of
interesting software is being produced that utilizes
Challenge-Responses:

http://spamarrest.com/
www.deerfield.com/products/visnetic-mailserver/spam_prevention/
www.tvtechnology.com/features/ Net-soup/f_fb_netsoup-01.07.04.shtml 

And that's just for starters. There are a LOT more.

AC

-- 
Please visit my home page:
http://angel.1jh.com./nanae/kooks/alanconnor.html