very interesting how 20-50 posts were back timed to flood betwwenthe 30 secondes between my two posts

Don't tell me no CIA and NSA fools rule the Web

On Thu, 21 Jul 2005 20:40:17 -0400, Rick Nelson
wrote:

Don't tell me no CIA and NSA fools rule the Web

Can you give me a couple of examples. That happens occasionally.
Probably the result of a newsserver refeeding or backfilling a group
to get some missed posts and some other server down the chain of peers
having very short retention and seeing them as new posts.

Usenet is a collection of thousands of servers, each passing on posts
to 1 - 150+ of it's peers. Except for the big companies that
intentionally sync a few servers in a server farm, all of the servers
have different mixes of groups carried (from less than 10 groups to
about 150000 groups), usenet post retention times (from a couple days
to over half a year), configuration parameters (max path entries, max
post size, max crossposts, expressions defining which groups to
send/not send/poison), and such. By poison, I mean that if it's
crossposted to a group matching the poison definition, it doesn't get
sent. For example, * would poison any message cross posted
to any groupname containing ".erotic".

If one server had something missing from it's index and accepted an
old post because of it, then somewhere along the chain of peers and
their peers and their peers, another server with short retention might
have picked up the post as well. That's why usenet server
configuration files usually have an entry for how old a post can be
before it's automatically rejected.

Many big server farms use special feeder machines whose only purpose
is to take every post a news peer sends it and offer it to every other
peer (based on that peers newsfeed definition) that they have,
regardless of whether their server farm even carries the group. These
feeder machines might have very short memories (possibly only hours)
of the posts they've seen before and pass along any old posts. They're
also on multiple gig-e links so sending thousands of posts a second is
trivial for them.

For your server to take the old posts, the following most likely
happened.

1. The post had expired from your servers data spool.

2. The post had expired from your servers index files. The index files
usually remember a post for a few days after they have expired from
the server data spool.

3. Your server wasn't configured to reject posts until they were older
than these were.

The other possibility is that someone intentionally did it, but those
usually are posts taken from unrelated groups (often binary or warez
groups) and re-posted to a different group where they're completely
off-topic. This is done in an attempt to make that group unusable.
This usually happens in groups like alt.config and anti-spam groups
and the number of off-topic posts number in the thousands (sometimes
ten thousand+) each day. Since I'm not seeing thousands of off-topic
posts, it's probably not intentional.

BTW, based on your headers, I notice you're using "Mozilla Thunderbird
1.0.2 (Macintosh/20050317)" to post usenet messages. I use Forte Agent
for usenet and I don't use a mac, but the latest build I see on the
mozilla site for the mac appears to be 1.0.6. You'll also want to read
the warning and instructions about not running it on MacOS X from a
disk image. You can find the thunderbird mac info at
http://www.mozilla.org/products/thun...ase-notes.html

I think there are several security fixes in the 1.0.x versions.

BTW, I do use Thunderbird for email and really like it, but that's on
WinXP.

-- David

So now we know who you are. Except that mail to you goes through
several stage of delivery. And I can't get you as any kind of user on
the servers these various routes contain. Kind of reminds me of the
"claim" for responsibility of the 7-7 attacks that were traced back to
Langley.

David Ball wrote:
On Thu, 21 Jul 2005 20:40:17 -0400, Rick Nelson
wrote:


Don't tell me no CIA and NSA fools rule the Web


Can you give me a couple of examples. That happens occasionally.
Probably the result of a newsserver refeeding or backfilling a group
to get some missed posts and some other server down the chain of peers
having very short retention and seeing them as new posts.

Usenet is a collection of thousands of servers, each passing on posts
to 1 - 150+ of it's peers. Except for the big companies that
intentionally sync a few servers in a server farm, all of the servers
have different mixes of groups carried (from less than 10 groups to
about 150000 groups), usenet post retention times (from a couple days
to over half a year), configuration parameters (max path entries, max
post size, max crossposts, expressions defining which groups to
send/not send/poison), and such. By poison, I mean that if it's
crossposted to a group matching the poison definition, it doesn't get
sent. For example, * would poison any message cross posted
to any groupname containing ".erotic".

If one server had something missing from it's index and accepted an
old post because of it, then somewhere along the chain of peers and
their peers and their peers, another server with short retention might
have picked up the post as well. That's why usenet server
configuration files usually have an entry for how old a post can be
before it's automatically rejected.

Many big server farms use special feeder machines whose only purpose
is to take every post a news peer sends it and offer it to every other
peer (based on that peers newsfeed definition) that they have,
regardless of whether their server farm even carries the group. These
feeder machines might have very short memories (possibly only hours)
of the posts they've seen before and pass along any old posts. They're
also on multiple gig-e links so sending thousands of posts a second is
trivial for them.

For your server to take the old posts, the following most likely
happened.

1. The post had expired from your servers data spool.

2. The post had expired from your servers index files. The index files
usually remember a post for a few days after they have expired from
the server data spool.

3. Your server wasn't configured to reject posts until they were older
than these were.

The other possibility is that someone intentionally did it, but those
usually are posts taken from unrelated groups (often binary or warez
groups) and re-posted to a different group where they're completely
off-topic. This is done in an attempt to make that group unusable.
This usually happens in groups like alt.config and anti-spam groups
and the number of off-topic posts number in the thousands (sometimes
ten thousand+) each day. Since I'm not seeing thousands of off-topic
posts, it's probably not intentional.

BTW, based on your headers, I notice you're using "Mozilla Thunderbird
1.0.2 (Macintosh/20050317)" to post usenet messages. I use Forte Agent
for usenet and I don't use a mac, but the latest build I see on the
mozilla site for the mac appears to be 1.0.6. You'll also want to read
the warning and instructions about not running it on MacOS X from a
disk image. You can find the thunderbird mac info at
http://www.mozilla.org/products/thun...ase-notes.html

I think there are several security fixes in the 1.0.x versions.

BTW, I do use Thunderbird for email and really like it, but that's on
WinXP.

-- David

On Fri, 22 Jul 2005 21:43:25 -0400, Rick Nelson
wrote:

So now we know who you are. Except that mail to you goes through
several stage of delivery. And I can't get you as any kind of user on
the servers these various routes contain. Kind of reminds me of the
"claim" for responsibility of the 7-7 attacks that were traced back to
Langley.

Actually, it's a paid Yahoo Plus account. You get some good spam
protection and can create multiple throwaway aliases for the real
account name. That way you can create an alias for joining a mailing
list or subscribing to a newsletter or purchasing a product and if the
alias starts getting spam, you know who is responsible. It also lets
you create an alias to use for a while on something like usenet and
when the alias starts to get too much spam, just delete it and create
another for use on usenet. I also stick ".nospam" on the end of the
email address to help avoid email address harvesters.

I still get about 300 - 500 spams a day on my older accounts and I
can't just delete the old accounts because they were used for software
registrations and such since the 90's, but I have added multiple
layers of spam protection to them. I get very little spam on my yahoo
account and it goes into a separate mailbox and probably expires, as
seldom as I remember to check it (you have to go through the web
interface afaik) and I usually use pop3.

As for my politics, I like straight answers to questions and you
rarely get that from a politician. Also, to get into the white house
or congress, you have to raise so much money that you owe too much to
special interests, IMO.

I doubt the NSA or CIA would even accept me for a job, and I also
doubt I could do all that paperwork for a security clearance. Who
remembers all those details anyway.

Besides, I like working for myself. Corporate politics are a pain.
I've never worked for the government unless being a student assistant
in college during the 70's counts.

-- David