Russ Allbery wrote:
> So I believe
aioe.org is in there because the
mixmin.net server put it
> there.
I didn't mess with the PATH: header, and, anyway, it can be tested easily
by others given only two newsservers were involved (as far as I am aware).
1. I posted to
news.mixmin.net:563 (no username/password is needed)
2. I read using
news.dizum.net:119 (no username/password is needed)
Given no username or password is needed, anyone should be able to reproduce
this by posting a test message to this newsgroup using those free servers.
> Obviously that prompts the question why. I don't know why, but one common
> reason to insert other people's Path identities in your Path header is
> because the Path is used by most servers to deduplicate feeds, so they
> won't send an article to a server whose path identity already appears in
> the Path. Therefore, a long-standing tactic for preventing your post from
> showing up at some server (for whatever reason) is to add its path
> identity to your Path header before posting, or during posting.
Thanks for hazarding an answer which I appreciate since I know every post
to Usenet extracts its pound of flesh no matter how heartfelt the response.
> Could the
mixmin.net server operator want to prevent messages posted
> through that server from propagating to
aioe.org? I have no idea, and
> have negative interest in peering drama (and this sounds like peering
> drama), but it's one reasonably obvious possible explanation.
Interesting... (I should probably check the headers from Steve's mixmin
server from _before_ Paolo's aioe server went down to see if maybe this
is just Steve's reaction to Paolo's server going down)....
> There are other possible explanations. For example, notice that sewer is
> in there twice, and appears to be the server you read the message from.
I did notice that "sewer" was there twice so thank you for pointing it out.
As a quick test, I just ran this command which anyone else can test too:
C:\> telnet
news.dizum.net 119
200 sewer InterNetNews NNRP server INN 2.6.3 ready (no posting)
So that's a confirmation that "sewer" is a Dizum thing.
I couldn't test mixmin the same way as I don't know how to add encryption.
C:\> telnet
news.mixmin.net 119
400 Interrupted system call writing creating overview file -- throttling
Connection to host lost.
Looking up how to test to see the PATH: in mixmin I found this:
C:\> openssl s_client -showcerts -connect
news.mixmin.net:563
Which spit out a lot of stuff but I didn't know what to do with it.
But at least it showed the mixmin server was alive.
> In that case, sewer is presumably part of the
mixmin.net server network,
> and preloading that entry is presumably some optimization to avoid making
> duplicate article offers. Maybe the same thing is true for
aioe.org;
> maybe
mixmin.net and
aioe.org have a special peering relationship and
>
mixmin.net preloads the
aioe.org path entry to prevent the messages from
> propagating via normal channels because they'll be sent via some other
> channel that's configured to ignore Path entries. I have done things like
> that before to solve complex peering configuration issues.
> I don't think there's any way of knowing for sure why it's there without
> the
mixmin.net server operator telling you. Without that, we can only
> speculate based on reasons why people have done such things in the past.
It's strange that "sewer" would be used both by Steve Crook at Mixmin
and by Alex deJoode at Dizum, but maybe "sewer" is some kind of nntp keyword?
>> Two questions for those who know more about this than I do and who are
>> purposefully helpful people, are the following data driven queries:
>
>> A. How can I tell when this arrived in any given news feed?
>
> You can't. The netnews protocols do not track that information in any way
> that is available to you. You'd have to ask each individual server
> operator to check their logs, or ask someone who has read access to that
> server to try to put a time bound around when it showed up.
Thanks for explaining that the date that mixmin used is all that we've got.
I did find some of these commands below that others may make use of
but I don't know enough about them to say whether they're useful or not.
C:\> echo q | openssl s_client -connect
news.mixmin.net:563 | openssl x509 -noout -enddate | findstr "notAfter"
C:\> echo q | openssl s_client -connect
news.eternal-september.org:563 | openssl x509 -noout -enddate | findstr "notAfter"
C:\> echo q | openssl s_client -connect
news.dizum.net:563 | openssl x509 -noout -enddate | findstr "notAfter"
etc.
What I was hoping was to find a way to see what the "PATH:" injected
by the nntp server would be; but none of those commands told me that.
They were just shots in the dark, but I included them in case someone
who knows how to make them report the injected PATH: could do so.