Just curious what causes the aioe free newsserver to add 2 anti-virus header lines

[Marc Bissonnette]

Just curious what causes the aioe free newsserver to add 2 anti-virus
header lines

Sometimes aioe adds header lines to my posts such as these:
Organization: Aioe.org NNTP Server
X-Complaints-To: ab...@aioe.org
X-Notice: Filtered by postfilter v. 0.8.2
X-Antivirus: Avast (VPS 170414-0, 2017/04/14), Outbound message
X-Antivirus-Status: Clean

Other times, often just moments before or after, aioe doesn't add those 2
anti-virus headers:
Organization: Aioe.org NNTP Server
X-Complaints-To: ab...@aioe.org
X-Notice: Filtered by postfilter v. 0.8.2

I'm just curious if anyone knows what specific action on my part causes
aioe to act seemingly capriciously on their part?

--
Please note that I only respond to on-topic intentionally helpful replies.

[Sir Gregory Hall, Esq.]

On Wed, 19 Apr 2017 19:44:37 +0200, Marc Bissonnette <carMBis...@kos.net> wrote:

>Just curious what causes the aioe free newsserver to add 2 anti-virus
>header lines
>
>Sometimes aioe adds header lines to my posts such as these:
> Organization: Aioe.org NNTP Server
> X-Complaints-To: ab...@aioe.org
> X-Notice: Filtered by postfilter v. 0.8.2
> X-Antivirus: Avast (VPS 170414-0, 2017/04/14), Outbound message
> X-Antivirus-Status: Clean
>
>Other times, often just moments before or after, aioe doesn't add those 2
>anti-virus headers:
> Organization: Aioe.org NNTP Server
> X-Complaints-To: ab...@aioe.org
> X-Notice: Filtered by postfilter v. 0.8.2
>
>I'm just curious if anyone knows what specific action on my part causes
>aioe to act seemingly capriciously on their part?

You fucking moron! Avast adds the advert. Not Aioe.


--

"Being both astute and erudite, I say a man not
mince words in order to spare the sensibilities
of the thin-skinned and the ignorant."
--Sir Gregory Hall, Esq.

[Marc Bissonnette]

In response to Marc Bissonnette <carMBis...@kos.net>

> Other times, often just moments before or after, aioe doesn't add those 2
> anti-virus headers:
> Organization: Aioe.org NNTP Server
> X-Complaints-To: ab...@aioe.org
> X-Notice: Filtered by postfilter v. 0.8.2

In tests, I've found that sometimes aioe adds as many as 5 separate
anti-virus headers.

X-Antivirus-Status: Clean

X-Notice: Filtered by postfilter v. 0.8.2

X-Antivirus: Avast (VPS 170419-0, 2017/04/19), Outbound message
X-Antivirus: Avast (VPS 170419-0, 2017/04/19), Inbound message
X-Antivirus-Status: Clean

It's not important from a header standpoint in that it doesn't matter to me
how many headers aioe adds (or doesn't add).

I'm just curious if anyone knows what is it that triggers the aioe free
news server to add either 0 or 2 or 5 anti-virus headers?

[Marc Bissonnette]

In response to "Sir Gregory Hall, Esq." <greghall@yecht_master.fake>

> Avast adds the advert. Not Aioe.

Thank you for kindly pointing out that I had accidentally omitted a
critical detail, which is that I'm not running Avast, and that I have never
run Avast, and that Avast has never been installed on my computer, and that
all these posts are from the same computer at a similar time frame.

For example, notice that my posts in this very thread have, seemingly
capriciously, different headers with respect to Avast, which were not added
by me - and yet - all posts were from the same machine at about the same
time.

I'm just curious if anyone knows what specific action on my part causes

aoe to act seemingly capriciously on their part?

[g8dgc]

You momma gimme good head.
LOL

[Fakey's Puppy Whistle Holder Emeritus 🐶笛]

On Wed, 19 Apr 2017 20:11:32 +0200, LO AND BEHOLD; "Marc Bissonnette
<carMBis...@kos.net>" determined that the following was of great
importance and subsequently decided to freely share it with us in
<od897e$13ke$1...@gioia.aioe.org>:

don't mind gerg, he thinks that if he sucks his gut in enough shirtless in public that he becomes "all knowing".

--
THIS SPACE FOR RENT
https://www.youtube.com/watch?v=iB6B8jGSdLA

-

"You just made puppy whistle's sig line longer." - Janithor

-

"If I have a complaint about the (Southern Poverty) Law Center's description (of the alt-right movement), it is the phrase "heavy use of social media," which implies the alt-right is a real-world movement which uses a lot of social media. This is backwards: it is an online movement which occasionally appears in the real world. Where it gets punched." - Jason Rhode

-

"I think we should destroy every last fucking mosque in America." - "Checkmate, DoW #1" <Lunatic...@The.Edge> proves for us that white males are violent in Message-ID: <MPG.32c5bfef...@news.altopia.com>

-

Golden Killfile, June 2005
KOTM, November 2006
Bob Allisat Memorial Hook, Line & Sinker, November 2006
Special Ops Cody Memorial Purple Heart, November 2006
Special Ops Cody Memorial Purple Heart, September 2007
Tony Sidaway Memorial "Drama Queen" Award, November 2006
Busted Urinal Award, April 2007
Order of the Holey Sockpuppet, September 2007
Barbara Woodhouse Memorial Dog Whistle, September 2006
Barbara Woodhouse Memorial Dog Whistle, April 2008
Tinfoil Sombrero, February 2007
AUK Mascot, September 2007
Putting the Awards Out of Order to Screw With the OCD Fuckheads, March 2016

[VanguardLH]

Marc Bissonnette <carMBis...@kos.net> wrote:

> Just curious what causes the aioe free newsserver to add 2 anti-virus
> header lines
>
> Sometimes aioe adds header lines to my posts such as these:
> Organization: Aioe.org NNTP Server
> X-Complaints-To: ab...@aioe.org
> X-Notice: Filtered by postfilter v. 0.8.2
> X-Antivirus: Avast (VPS 170414-0, 2017/04/14), Outbound message
> X-Antivirus-Status: Clean
>
> Other times, often just moments before or after, aioe doesn't add those 2
> anti-virus headers:
> Organization: Aioe.org NNTP Server
> X-Complaints-To: ab...@aioe.org
> X-Notice: Filtered by postfilter v. 0.8.2
>
> I'm just curious if anyone knows what specific action on my part causes
> aioe to act seemingly capriciously on their part?

AIOE does not scan submissions for malware. They only use NoCeM to
block spam and floods.

Those non-standard (X) headers for Avast are not added by AIOE. They
are added by Avast that you installed on [one of] YOUR computer[s].
Avast's e-mail scanner will interrogate and modify both e-mails and NNTP
messages. That you disabled Avast's e-mail scanner from annotating your
posts with their appended fake sig with spam does not negate that your
outbound NNTP traffic is still passing through their transparent proxy.

Perhaps you are posting to AIOE from different hosts, and one of them
has Avast (with its e-mail scan module installed and active) and the
other host(s) does(do) not have Avast. Showing only the relevant
differing headers in your posts ...

Headers from your opening/starter post:

Organization: Absolutely none

Headers from your reply to yourself:

Organization: Aioe.org NNTP Server
X-Newsreader: Forte Agent 5.00/32.1171
X-Antivirus: avast! (VPS 170216-1, 02/16/2017), Outbound message
X-Antivirus-Status: Clean

The first does not identify which NNTP client you used to submit that
post but the second identifies you using Forte Agent. They have
different values for the Organization header. The Avast headers show up
in your second post but not in your first one. This indicates that you
are using two different NNTP clients: one for your first post and a
different one for your second post. That also indicates you are using
two different hosts with different NNTP clients. Well, you don't have
the same software config on those two hosts. One has Avast installed
and the other does not. The difference is on your end, not at AIOE.

Disable the e-mail scanning feature in Avast or uninstall that module.
That scanning is superfluous as it uses the same scan engine as for the
on-access (real-time) scanner. It is bloat AV authors add to up the
feature count in their products. It affords no additional pest
detection coverage.

[Marc Bissonnette]

In response to VanguardLH <V...@nguard.LH>

> AIOE does not scan submissions for malware. They only use NoCeM to
> block spam and floods.

That is in interesting observation because _something_ is adding the
headers, and it's not my system since I have never had Avast installed (and
just to double check, I looked at Ccleaner and the Windows control panel
and Avast is not there and I would know it if it was there).

> Those non-standard (X) headers for Avast are not added by AIOE. They
> are added by Avast that you installed on [one of] YOUR computer[s].

I still think Aioe is adding those Avast headers but if it's not Aioe
adding them, then it must be the VPN that is adding the headers but usually
that happens as a _signature_ and not as a header.

But for a VPN to add them means the VPN is dabbling in nntpspeak, which is
not likely, really.

> Avast's e-mail scanner will interrogate and modify both e-mails and NNTP
> messages. That you disabled Avast's e-mail scanner from annotating your
> posts with their appended fake sig with spam does not negate that your
> outbound NNTP traffic is still passing through their transparent proxy.

I must reiterate what I didn't make obvious in the first post which is that
Avast is not installed and never has been installed on _any_ of my
computers.

If Aioe isn't adding those headers, then the VPN must be adding those
headers, so if the VPN is adding those headers, then just changing the VPN
should change what headers are being added by the VPN. But it seems that
changing newsreaders also changes what headers are being added by the VPN.

> Perhaps you are posting to AIOE from different hosts, and one of them
> has Avast (with its e-mail scan module installed and active) and the
> other host(s) does(do) not have Avast. Showing only the relevant
> differing headers in your posts ...

I think this is closer to what is happening but there's a twist in that
when I post from a different (VPN) hosts, and when I use a certain
newsgreader, then it seems to put the Avast headers in.

So, if I put that together, the leap of faith is that the VPN server is
adding the headers but only under circumstances of certain news readers.

That's strange but it fits the facts at least.

> Headers from your opening/starter post:
>
> Organization: Absolutely none
> Headers from your reply to yourself:

Yes. I was running a bunch of tests to "alt.test" and changing the headers
to see which headers seemed to cause the Avast headers to appear.

In this case, there was no effect from adding an "Organization:" header on
the Avast headers but I did notice that if I added an "Organization:"
header, then Aioe didn't add one - but if I didn't add the "Organization:"
header, then Aioe added theirs.

> Organization: Aioe.org NNTP Server
> X-Newsreader: Forte Agent 5.00/32.1171
> X-Antivirus: avast! (VPS 170216-1, 02/16/2017), Outbound message
> X-Antivirus-Status: Clean

In my tests in alt.test today the Organization didn't matter so much as the
newsreader header.

> The first does not identify which NNTP client you used to submit that
> post but the second identifies you using Forte Agent. They have
> different values for the Organization header. The Avast headers show up
> in your second post but not in your first one. This indicates that you
> are using two different NNTP clients: one for your first post and a
> different one for your second post.

When I use Forte, with certain VPNs, then the Avast headers show up.
When I use a different header, with the same VPN, then the Avast headers
don't show up (I think).

So I think it's really something that is happening at the VPN.
I first thought it was happening at Aioe.
If it's actually happening at the VPN, then this question can die right now
because there's nothing on topic for this newsgroup if it's happening at
the VPN server.

> That also indicates you are using
> two different hosts with different NNTP clients. Well, you don't have
> the same software config on those two hosts. One has Avast installed
> and the other does not. The difference is on your end, not at AIOE.

I think you solved the problem in that the difference is NOT at Aioe.
The difference is what headers I present to the VPN.
Depending on those headers, the VPN decides to add Avast headers, or not.

> Disable the e-mail scanning feature in Avast or uninstall that module.
> That scanning is superfluous as it uses the same scan engine as for the
> on-access (real-time) scanner. It is bloat AV authors add to up the
> feature count in their products. It affords no additional pest
> detection coverage.

I think you answered the question in that it's not Aioe who is adding the
headers. You would have no way of knowing that it's not me who is adding
the headers. But that leaves only the VPN.

So it _must_ be the VPN who is adding those headers.
That means this question is no longer related to alt.free.newsservers.

Thanks you for your help.
I think the problem is at the VPN, which is out of my control.

[Marc Bissonnette]

In response to Marc Bissonnette <carMBis...@kos.net>

> I think the problem is at the VPN, which is out of my control.

Test from the same VPN but with different newsreader headers.
I suspect that the Avast headers will not be in this post's headers.

[Marc Bissonnette]

Test back with Forte but with a different VPN (a USA VPN).
I suspect this will not have the Avast headers.

There is a chance this will have Avast headers because it seems now to be
related not to Aioe but to the VPN used and the newsreader used where some
unknown combination causes the Avast headers to appear.

[Marc Bissonnette]

In response to Marc Bissonnette <carMBis...@kos.net>

> There is a chance this will have Avast headers because it seems now to be
> related not to Aioe but to the VPN used and the newsreader used where some
> unknown combination causes the Avast headers to appear.

Ugh. My fault. Mea culpa. It was all my mistake.
Please ignore.

I _did_ have Avast!
It was hidden!

CCleaner allows you to hide a program and somehow Avast was hidden.
This post should not have it since I uninstalled Avast!

My mistake!
Please kill this thread!
It was all a misunderstanding on my part!

[catalpa]

"Marc Bissonnette" <carMBis...@kos.net> wrote in message
news:od93ck$hmo$1...@gioia.aioe.org...

Threads live forever on usenet and spread through the cloud.

[Nomen Nescio]

You're chatting with this guy:

Neal is a shill for Caputo.. a corrupt little shit in his own right.

Lloyd is still fucking Neal in the ass.

Gweggie likes dick! Notice how he responds when dildos are
mentioned?

Feel free to get in touch. If you want more information about him,
just let me know!

Neal D. Warren/Wilbur Hubbard/Gregory Hall
PO Box 1015
Tavernier, FL 33070
305 304-7546

[VanguardLH]

I'm not sure what you mean by "CCleaner allows you to hide a program".
CCleaner doesn't hide programs. It's just a cleanup tool. It has a
Startup manager that can disable startup programs (by moving them out of
the standard startup locations) but they remain listed in CCleaner's
Startup manager (same as when using msconfig.exe to manage startup
programs). Even if you disable the Avast startup program, its service
remains running and you can probably still load its GUI to access all
its settings.

I have CCleaner (free version). In its Startup manager, both enabled
and disabled programs are listed. Enabled ones show "Yes" in the
Enabled column while disabled ones show "No". That is the only 'hiding'
that I can think of that CCleaner can do. The AvastSvc and AvastUI
processes can be seen in Task Manager's Processes tab. AvastUI is a
startup program so the only one that CCleaner can disable in its Startup
manager, but disabling it would still list it there as "No" in the
Enabled column. Their payware Pro version adds real-time monitoring (I
trialed that but didn't like the nagging), scheduled cleaning (which I
can do with a scheduled event to run Ccleaner by Task Scheduler with the
/auto command-line parameter), automatic updates (would disable that,
anyway, to have me prompted which the free version does), and premium
support (I use their forums and have contacted them to report defencies
in some cleaning areas). Their payware Pro Plus version further adds
disk defrag (yeah, like I need another one), file recovery (so get their
free Recuva tool), and hardware inventory (use their free Speccy tool).
Nothing about "hiding" programs.

The VPN is just a channel (through hosts) to connect the endpoints.
Either it would be your end adding the headers or the other endpoint
(the NNTP server) adding the headers. If a VPN where interrogating and
modifying the traffic through it then I wouldn't trust that spying VPN.

The Organization header is one of those where if the client does not add
it then the server may add it. Conversely, if the client adds it then
the server should not. The same for the Message-ID header: if present
(client added) then the server should not add it, if absent then the
server must add it. Personally I wish NNTP servers would discard
client-added MID headers and insert their own into submitted articles
but that's how t he RFC stands.

I've seen the Avast headers in NNTP posts to know those were added by
the client end, especially noticeable by those Avast users that leave it
configured to spamify their posts with Avast's fake sig.

[Marc Bissonnette]

In response to VanguardLH <V...@nguard.LH>

> I'm not sure what you mean by "CCleaner allows you to hide a program".

It allows you to rename programs, which I do, based on their functionality.
I had it listed under "junk" and hadn't removed it.
As I tried to remove it, it wouldn't remove. It just stayed there.
As I recall, I just left it, assuming it was gone.
That was so long ago that I didn't remember any of it other than I was
never going to use Avast ever.

When I saw it in my headers, I assumed that it was added elsewhere.
All my fault.
Wasted everyone's time.

Sorry.

Mea culpa.
I hope this thread dies a sudden and prolonged death.

[VanguardLH]

Marc Bissonnette <carMBis...@kos.net> wrote:

> In response to VanguardLH <V...@nguard.LH>
>
>> I'm not sure what you mean by "CCleaner allows you to hide a program".
>
> It allows you to rename programs, which I do, based on their functionality.
> I had it listed under "junk" and hadn't removed it.
> As I tried to remove it, it wouldn't remove. It just stayed there.
> As I recall, I just left it, assuming it was gone.
> That was so long ago that I didn't remember any of it other than I was
> never going to use Avast ever.

After hunting over and over again, I finally think I found what you call
CCleaner's rename feature. A screen snapshot saved to online storage
and a URL to the pic would've cleared this up a lot quicker. This
'rename' is NOT under its Startup manager. Under its Uninstall feature,
yes, you can rename an entry in the programs list (not in the program's
own name). I don't see the point of using CCleaner's Uninstall feature
since all it does is call the same uninstaller that is called when using
the Add/Remove Program wizard in Windows. It is not like Revo
Uninstaller that can go beyond what the product's uninstaller will do.

Renaming an entry shown in CCleaner's Uninstall feature will also alter
the product name shown in the Add/Remove Programs wizard in Windows. My
guess is that CCleaner is changing the DisplayName data item's value for
each product's key under the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

This can be hazardous as the uninstaller may look for a specific string
in the list of Uninstall-able programs in the registry (to find the
value of the "UninstallString" data item), especially for products that
permit concurrent installations of multiple versions of that product.

As you discovered, renaming a program entry in the list of installed
software has its risks, like not knowing what the software is for. To
me, the Rename feature under CCleaner's Uninstall list isn't of much
value (none to me) and can cause problems with uninstallation along with
someone else, even you sometime later, not recognizing an entry in the
Add/Remove Programs applet.

[Nadegda]

On Thu, 20 Apr 2017 06:36:49 -0500, VanguardLH wrote:

> The Organization header is one of those where if the client does not add
> it then the server may add it. Conversely, if the client adds it then
> the server should not. The same for the Message-ID header: if present
> (client added) then the server should not add it, if absent then the
> server must add it. Personally I wish NNTP servers would discard
> client-added MID headers and insert their own into submitted articles
> but that's how t he RFC stands.

People with news clients that support a) scoring on all headers and b)
regex scoring sometimes like to use a custom MID template and a score rule
for References: that matches on a constant section of their MID to up-
score all followups to their articles.

That wouldn't work if you had your way.

(N.B.: I don't do this myself, but I know people who do.)

--
Friendly Neighborhood Vote Wrangler Nadegda

Fakey couldn't teach a monkey to eat a banana, much less answer a direct
question posed to him. -- Fakey's Dogwhistle Holder

[Nadegda]

On Thu, 20 Apr 2017 11:11:16 -0500, VanguardLH wrote:

> Marc Bissonnette <carMBis...@kos.net> wrote:
>
>> In response to VanguardLH <V...@nguard.LH>
>>
>>> I'm not sure what you mean by "CCleaner allows you to hide a program".
>>
>> It allows you to rename programs, which I do, based on their
>> functionality.
>> I had it listed under "junk" and hadn't removed it.
>> As I tried to remove it, it wouldn't remove. It just stayed there.
>> As I recall, I just left it, assuming it was gone.
>> That was so long ago that I didn't remember any of it other than I was
>> never going to use Avast ever.
>
> After hunting over and over again, I finally think I found what you call
> CCleaner's rename feature. A screen snapshot saved to online storage
> and a URL to the pic would've cleared this up a lot quicker. This
> 'rename' is NOT under its Startup manager. Under its Uninstall feature,
> yes, you can rename an entry in the programs list (not in the program's
> own name). I don't see the point of using CCleaner's Uninstall feature
> since all it does is call the same uninstaller that is called when using
> the Add/Remove Program wizard in Windows. It is not like Revo
> Uninstaller that can go beyond what the product's uninstaller will do.

Most likely, it's there to allow people to use CCleaner as a "one-stop
shop" for all their cleaning needs instead of having to juggle several
different windows.

[Whiskers]

On 2017-04-20, Nadegda <nad31...@gmail.invalid> wrote:
> On Thu, 20 Apr 2017 06:36:49 -0500, VanguardLH wrote:
>
>> The Organization header is one of those where if the client does not
>> add it then the server may add it. Conversely, if the client adds it
>> then the server should not. The same for the Message-ID header: if
>> present (client added) then the server should not add it, if absent
>> then the server must add it. Personally I wish NNTP servers would
>> discard client-added MID headers and insert their own into submitted
>> articles but that's how t he RFC stands.
>
> People with news clients that support a) scoring on all headers and b)
> regex scoring sometimes like to use a custom MID template and a score
> rule for References: that matches on a constant section of their MID
> to up- score all followups to their articles.
>
> That wouldn't work if you had your way.
>
> (N.B.: I don't do this myself, but I know people who do.)

I am people who do :)) I'd like everyone to do it.

--
-- ^^^^^^^^^^
-- Whiskers
-- ~~~~~~~~~~

[島鉄雄]

島鉄雄です。
Nadegda <nad31...@gmail.invalid> in <odavo4$gms$2...@dont-email.me>
writes:

> On Thu, 20 Apr 2017 06:36:49 -0500, VanguardLH wrote:
>
>> The Organization header is one of those where if the client does not add
>> it then the server may add it. Conversely, if the client adds it then
>> the server should not. The same for the Message-ID header: if present
>> (client added) then the server should not add it, if absent then the
>> server must add it. Personally I wish NNTP servers would discard
>> client-added MID headers and insert their own into submitted articles
>> but that's how t he RFC stands.
>
> People with news clients that support a) scoring on all headers and b)
> regex scoring sometimes like to use a custom MID template and a score rule
> for References: that matches on a constant section of their MID to up-
> score all followups to their articles.
>
> That wouldn't work if you had your way.

Also, Cancel-Lock wouldn't work if client is not able to specify
Message-ID headers.

> (N.B.: I don't do this myself, but I know people who do.)

--

41号

[Just Me]

Marc Bissonnette wrote:
> Just curious what causes the aioe free newsserver to add 2 anti-virus
> header lines
>
> Sometimes aioe adds header lines to my posts such as these:
> Organization: Aioe.org NNTP Server
> X-Complaints-To: ab...@aioe.org
> X-Notice: Filtered by postfilter v. 0.8.2
> X-Antivirus: Avast (VPS 170414-0, 2017/04/14), Outbound message
> X-Antivirus-Status: Clean
>
> Other times, often just moments before or after, aioe doesn't add those 2
> anti-virus headers:
> Organization: Aioe.org NNTP Server
> X-Complaints-To: ab...@aioe.org
> X-Notice: Filtered by postfilter v. 0.8.2
>
> I'm just curious if anyone knows what specific action on my part causes
> aioe to act seemingly capriciously on their part?
>

Hi ya pal! Long time no see, how's the weather in Ottawa?

[Sir Gregory Hall, Esq.]

The answer to that is simple. Aioe is an ill-run,
amateur POS! Life's too short to abide anything
that is a POS.

The best in the world for a pittance:

https://www.altopia.com/


--

Yours Truly,
Gregory "...leap tall buildings in a single bound!" Hall

[Nomen Nescio]

Everyone knows Neal's gay. Don't hold it against him!

He's still shilling for that shithead Caputo. Now, that's a perfect
match!

Relf is Nellie's butt boy, FYI

Here's all of his contact information, so feel free to get in

touch. If you want more information about him, just let me know!

Neal D. Warren/Wilbur Hubbard/Gregory Hall

200 Florida Ave #1065
Tavernier, FL 33070-2641

305-664-1729 Landline
305-304-7546 Wireless

[Carol Shenkenberger]

Nomen Nescio <nob...@dizum.com> wrote in
news:6f5d261367eb100f...@dizum.com:

Nice carriage returns. Kudos!

[Colonel Edmund J. Burke]

On 4/19/2017 10:44 AM, Marc Bissonnette wrote:


Bissonnette?
LOL!

[VanguardLH]

Colonel Edmund J. Burke wrote:

> *On 4/19/2017* 10:44 AM, Marc Bissonnette wrote:
>
> Bissonnette?
> LOL!

Responding 5 months later?
LOL!