> One advantage is using a Secure Server is No Spam! in the entire 3-4
> ran there were maybe two pieces a spam. Where periodically here we my
> see batches of spam. All news servers should be either Secure or
> Authenticated.
There's no evidence that SSL was a factor in the lack of spam at
secnews. The major factor here at n.m.o. is that spammers can use
Google Groups to post.
Followup set to mozilla.general
--
»Q« /"\
ASCII Ribbon Campaign \ /
against html e-mail X
<http://asciiribbon.org/> / \
--
Phillip M. Jones, C.E.T. "If it's Fixed, Don't Break it"
http://www.phillipmjones.net http://www.vpea.org
mailto:pjo...@kimbanet.com
> »Q« wrote:
> > In<news:Pb6dnU6wyYwy9Y3W...@mozilla.org>,
> > Phillip Jones<pjo...@kimbanet.com> wrote:
> >
> >> One advantage is using a Secure Server is No Spam! in the entire
> >> 3-4 ran there were maybe two pieces a spam. Where periodically
> >> here we my see batches of spam. All news servers should be either
> >> Secure or Authenticated.
> >
> > There's no evidence that SSL was a factor in the lack of spam at
> > secnews. The major factor here at n.m.o. is that spammers can use
> > Google Groups to post.
> >
> > Followup set to mozilla.general
> >
> The secnews.netscape.com server started well before AOL bought it.
> and was back in day when there really wasn't any controls amount to
> any to control spam. Back before Spamcop and spam assassin and the
> like. as I've said before we may have had 2 - 3 pieces of spam for an
> entire year. and at the time it was quite active server. I believe
> the secure server was a deterrent.
I know you believe that (since you said so already) -- I was just
pointing out that there's no evidence to support that idea. FWIW,
non-SSL servers enjoyed the same lack of spam and still do.
The main impact of using SSL on the Netscape server was to place an
annoying hurdle in the way of users trying to get support.
--- Original Message ---
> In <news:Pb6dnU6wyYwy9Y3W...@mozilla.org>,
> Phillip Jones <pjo...@kimbanet.com> wrote:
>
>> One advantage is using a Secure Server is No Spam! in the entire 3-4
>> ran there were maybe two pieces a spam. Where periodically here we my
>> see batches of spam. All news servers should be either Secure or
>> Authenticated.
>
> There's no evidence that SSL was a factor in the lack of spam at
> secnews. The major factor here at n.m.o. is that spammers can use
> Google Groups to post.
>
> Followup set to mozilla.general
>
Back in the "days" of secnews on port 563 there were not harvester
applications capable of using that port to gather addresses. And it was
not feasible to grab one-at-a-time. Still is a waste of time today for
that matter.
--
Jay Garcia - Netscape/Flock Champion
www.ufaq.org
Netscape - Flock - Firefox - Thunderbird - Seamonkey Support
--- Original Message ---
> The main impact of using SSL on the Netscape server was to place an
> annoying hurdle in the way of users trying to get support.
Secnews port 563 was not there for the weekend user's access but rather
for two (only) purposes:
1. A test base for the Corporate Enterprise clients of Netscape
2. Netscape Gold and DevEdge members most of which were
programmers/developers on the Netscape payroll and non-employee devs who
paid an annual subscription for access which was user/pass protected.
The original intent to form the NS Champions was to participate in the
dev threads so that we could test the alpha and beta private releases
along with the Enterprise clients prior to public release of the 90-day
Navigator releases. Does anyone remember that after 90 days, Navigator
was rendered useless unless you had a paid $49 annual subscription?
Somewhere along the line Netscape made the decision to isolate public
user support to port 563 so that there was no public feed to usenet like
there was for the port 119 groups. We had quite a few NS Devs posting in
the 563 groups, another reason for isolation.
FYI, there were actually three servers inovolved - Secnews, Secnews II
and Secnews III (used only as an archiving server).
When JWZ (Jamie Zawinski) formed Mozilla.org he wanted his own news
server, hence the formation of news.mozilla.org which was hosted on the
same physical server as secnews and originally was developers-only. The
server admin was Markus Bauer at the time as well as myself (secnews
only) but since I was outside the firewall I didn't have direct access,
so I either emailed or IM'd Markus to make the needed changes,
configurations,etc. Markus unfortunately was layed off in the first
round after AOL purchased Netscape.
A lot has changed since those good old days!!
Great post Jay, I archived it for future reference.
Lee
> On 28.11.2009 20:03, »Q« wrote:
>
> --- Original Message ---
>
>> In<news:Pb6dnU6wyYwy9Y3W...@mozilla.org>,
>> Phillip Jones<pjo...@kimbanet.com> wrote:
>>
>>> One advantage is using a Secure Server is No Spam! in the entire 3-4
>>> ran there were maybe two pieces a spam. Where periodically here we my
>>> see batches of spam. All news servers should be either Secure or
>>> Authenticated.
>> There's no evidence that SSL was a factor in the lack of spam at
>> secnews. The major factor here at n.m.o. is that spammers can use
>> Google Groups to post.
>>
>> Followup set to mozilla.general
>>
>
> Back in the "days" of secnews on port 563 there were not harvester
> applications capable of using that port to gather addresses. And it was
> not feasible to grab one-at-a-time. Still is a waste of time today for
> that matter.
>
Hence the explanation that most of us never received any spam from
posting there, regardless of whatever that other one stated.
Terry R.
--
Anti-spam measures are included in my email address.
Delete NOSPAM from the email address after clicking Reply.
I don't remember that but I remember having to pay $35.00 a pop for each
new version of netscape up to 3.0.1a Gold. If I dig hard enough I might
still have the CD and even the paperback manual that came with it. Its
only after the Communicator series that we didn't have to pay. (Quite a
Big sum of money back in that day.
> Somewhere along the line Netscape made the decision to isolate public
> user support to port 563 so that there was no public feed to usenet like
> there was for the port 119 groups. We had quite a few NS Devs posting in
> the 563 groups, another reason for isolation.
>
> FYI, there were actually three servers inovolved - Secnews, Secnews II
> and Secnews III (used only as an archiving server).
>
> When JWZ (Jamie Zawinski) formed Mozilla.org he wanted his own news
> server, hence the formation of news.mozilla.org which was hosted on the
> same physical server as secnews and originally was developers-only. The
> server admin was Markus Bauer at the time as well as myself (secnews
> only) but since I was outside the firewall I didn't have direct access,
> so I either emailed or IM'd Markus to make the needed changes,
> configurations,etc. Markus unfortunately was layed off in the first
> round after AOL purchased Netscape.
>
> A lot has changed since those good old days!!
>
I never was a developer bug I did post about bugs I found. Or RFE's I
would like.
Not recent months though. Its a wonder though it not more since Google
groups and yahoo groups are plagued constantly with spam.
--- Original Message ---
> On 11/28/2009 10:11 PM On a whim, Jay Garcia pounded out on the keyboard
>
>> On 28.11.2009 20:03, »Q« wrote:
>>
>> --- Original Message ---
>>
>>> In<news:Pb6dnU6wyYwy9Y3W...@mozilla.org>,
>>> Phillip Jones<pjo...@kimbanet.com> wrote:
>>>
>>>> One advantage is using a Secure Server is No Spam! in the entire 3-4
>>>> ran there were maybe two pieces a spam. Where periodically here we my
>>>> see batches of spam. All news servers should be either Secure or
>>>> Authenticated.
>>> There's no evidence that SSL was a factor in the lack of spam at
>>> secnews. The major factor here at n.m.o. is that spammers can use
>>> Google Groups to post.
>>>
>>> Followup set to mozilla.general
>>>
>>
>> Back in the "days" of secnews on port 563 there were not harvester
>> applications capable of using that port to gather addresses. And it was
>> not feasible to grab one-at-a-time. Still is a waste of time today for
>> that matter.
>>
>
> Hence the explanation that most of us never received any spam from
> posting there, regardless of whatever that other one stated.
>
>
> Terry R.
Correct to some degree. We ALL posted with our correct addresses and
didn't receive any spam that I remember. Every now and then a spammer
manually posted something in the 563 groups but very very rarely. But
since the 563 groups didn't propagate to usenet, posting spam was useless.
There was a time when Google fed "from" port 563 with permission but
that didn't last very long.
> On 11/28/2009 10:11 PM On a whim, Jay Garcia pounded out on the
> keyboard
>
> > Back in the "days" of secnews on port 563 there were not harvester
> > applications capable of using that port to gather addresses. And it
> > was not feasible to grab one-at-a-time. Still is a waste of time
> > today for that matter.
>
> Hence the explanation that most of us never received any spam from
> posting there, regardless of whatever that other one stated.
Neither did people posting to non-SSL servers. The SSL explanation
just doesn't hold water.
The part about it not being worth the time makes sense, though either
way they'd be gotten with XOVER, not one at a time. There were so many
addresses available on Usenet, and so many open servers, so that was a
much more effective way for harvesters to go.
That's true, and again, nothing to do with SSL or lack of it.
--- Original Message ---
Bottom line is that the Netscape server wasn't a very good target no
matter the port.
--- Original Message ---
Again .. the primary factor is the amount of traffic on the server which
makes it a non-prime harvest medium. SSL is a minor factor but is a
consideration insofar as there wasn't, at the time, any auto-bot
software capable of harvesting an SSL empowered server.
This server could be considered dead compared to many others, yet the
spam received here would have to be considered high. But it appears
there are two different observations going on here. One for email
addresses being harvested, and the other for spam being posted to the
groups.
I never received any spam on secnews, and for years I used my real
address. Only moving to this server did I make it bot proof. But I
never saw any spam posted there either, except for those who cannot be
named. ;-)
> This server could be considered dead compared to many others, yet the
> spam received here would have to be considered high. But it appears
> there are two different observations going on here. One for email
> addresses being harvested, and the other for spam being posted to the
> groups.
Hmmmm.....are you talking about lots of spam being present on
news.mozilla.org? If you are, then I ain't seeing any of it in the 5
newsgroups I've subscribed too.....even with no spam filters set. :-)
There hasn't been an onslaught for a while. Which is a good thing.
No private server on any port is a good target. The spammers don't
connect to n.m.o any more than they did to secnews. This one's hooked
up to Google, though, so the Google spammers hit it the same way they
hit Usenet.
Phillip and I were talking about the posting of spam to the groups, not
harvesting from them.
> SSL is a minor factor but is a consideration insofar as there wasn't,
> at the time, any auto-bot software capable of harvesting an SSL
> empowered server.
I never evaluated all the harvesting tools available, so I don't know
if any had SSL built-in. It's very doubtful that any did, but that's
irrelevant because it's so trivial to connect any network app via SSL,
whether there's native SSL support or not.
--- Original Message ---
Part of the same subject, anything goes once f'uped. :-)
>> SSL is a minor factor but is a consideration insofar as there wasn't,
>> at the time, any auto-bot software capable of harvesting an SSL
>> empowered server.
>
> I never evaluated all the harvesting tools available, so I don't know
> if any had SSL built-in. It's very doubtful that any did, but that's
> irrelevant because it's so trivial to connect any network app via SSL,
> whether there's native SSL support or not.
>
Netscape devs at the time made that observation along with Markus Bauer,
the server(s) admin.
--- Original Message ---
Netscape.general on port 119 was fed to/from usenet, 'nuff said. ;-)
And Netscape at the time would like very much to sell shiny new
SSL-capable servers.
--- Original Message ---
> In <news:j72dnR6imaMe4InW...@mozilla.org>,
> Jay Garcia <J...@JayNOSPAMGarcia.com> wrote:
>
>> On 30.11.2009 19:48, »Q« wrote:
>>
>> > I never evaluated all the harvesting tools available, so I don't
>> > know if any had SSL built-in. It's very doubtful that any did, but
>> > that's irrelevant because it's so trivial to connect any network
>> > app via SSL, whether there's native SSL support or not.
>>
>> Netscape devs at the time made that observation along with Markus
>> Bauer, the server(s) admin.
>
> And Netscape at the time would like very much to sell shiny new
> SSL-capable servers.
>
And they did .. many of 'em. I still have the package of 6 Enterprise
Server software bundle that sold retail for $4500. NS sold many.