In response to VanguardLH <V...@nguard.LH>
> AIOE does not scan submissions for malware. They only use NoCeM to
> block spam and floods.
That is in interesting observation because _something_ is adding the
headers, and it's not my system since I have never had Avast installed (and
just to double check, I looked at Ccleaner and the Windows control panel
and Avast is not there and I would know it if it was there).
> Those non-standard (X) headers for Avast are not added by AIOE. They
> are added by Avast that you installed on [one of] YOUR computer[s].
I still think Aioe is adding those Avast headers but if it's not Aioe
adding them, then it must be the VPN that is adding the headers but usually
that happens as a _signature_ and not as a header.
But for a VPN to add them means the VPN is dabbling in nntpspeak, which is
not likely, really.
> Avast's e-mail scanner will interrogate and modify both e-mails and NNTP
> messages. That you disabled Avast's e-mail scanner from annotating your
> posts with their appended fake sig with spam does not negate that your
> outbound NNTP traffic is still passing through their transparent proxy.
I must reiterate what I didn't make obvious in the first post which is that
Avast is not installed and never has been installed on _any_ of my
computers.
If Aioe isn't adding those headers, then the VPN must be adding those
headers, so if the VPN is adding those headers, then just changing the VPN
should change what headers are being added by the VPN. But it seems that
changing newsreaders also changes what headers are being added by the VPN.
> Perhaps you are posting to AIOE from different hosts, and one of them
> has Avast (with its e-mail scan module installed and active) and the
> other host(s) does(do) not have Avast. Showing only the relevant
> differing headers in your posts ...
I think this is closer to what is happening but there's a twist in that
when I post from a different (VPN) hosts, and when I use a certain
newsgreader, then it seems to put the Avast headers in.
So, if I put that together, the leap of faith is that the VPN server is
adding the headers but only under circumstances of certain news readers.
That's strange but it fits the facts at least.
> Headers from your opening/starter post:
>
> Organization: Absolutely none
> Headers from your reply to yourself:
Yes. I was running a bunch of tests to "alt.test" and changing the headers
to see which headers seemed to cause the Avast headers to appear.
In this case, there was no effect from adding an "Organization:" header on
the Avast headers but I did notice that if I added an "Organization:"
header, then Aioe didn't add one - but if I didn't add the "Organization:"
header, then Aioe added theirs.
> Organization: Aioe.org NNTP Server
> X-Newsreader: Forte Agent 5.00/32.1171
> X-Antivirus: avast! (VPS 170216-1, 02/16/2017), Outbound message
> X-Antivirus-Status: Clean
In my tests in alt.test today the Organization didn't matter so much as the
newsreader header.
> The first does not identify which NNTP client you used to submit that
> post but the second identifies you using Forte Agent. They have
> different values for the Organization header. The Avast headers show up
> in your second post but not in your first one. This indicates that you
> are using two different NNTP clients: one for your first post and a
> different one for your second post.
When I use Forte, with certain VPNs, then the Avast headers show up.
When I use a different header, with the same VPN, then the Avast headers
don't show up (I think).
So I think it's really something that is happening at the VPN.
I first thought it was happening at Aioe.
If it's actually happening at the VPN, then this question can die right now
because there's nothing on topic for this newsgroup if it's happening at
the VPN server.
> That also indicates you are using
> two different hosts with different NNTP clients. Well, you don't have
> the same software config on those two hosts. One has Avast installed
> and the other does not. The difference is on your end, not at AIOE.
I think you solved the problem in that the difference is NOT at Aioe.
The difference is what headers I present to the VPN.
Depending on those headers, the VPN decides to add Avast headers, or not.
> Disable the e-mail scanning feature in Avast or uninstall that module.
> That scanning is superfluous as it uses the same scan engine as for the
> on-access (real-time) scanner. It is bloat AV authors add to up the
> feature count in their products. It affords no additional pest
> detection coverage.
I think you answered the question in that it's not Aioe who is adding the
headers. You would have no way of knowing that it's not me who is adding
the headers. But that leaves only the VPN.
So it _must_ be the VPN who is adding those headers.
That means this question is no longer related to alt.free.newsservers.
Thanks you for your help.
I think the problem is at the VPN, which is out of my control.