Re: Eternal-Sept and "Excessive Nymshifting"

7 views
Skip to first unread message

Paul

unread,
Aug 3, 2022, 9:39:31 PMAug 3
to
On 8/3/2022 8:05 PM, ha...@invalid.com wrote:
> On Wed, 03 Aug 2022 19:45:13 -0400, gfre...@aol.com wrote:
>
>> On Wed, 03 Aug 2022 16:36:19 -0500, ha...@invalid.com wrote:
>>
>>> I use a different nym for a few groups using Eternal-Sept.
>>>
>>> After all these years of doing so, ES is now accusing me of
>>> "excessive nymshifting" and blocking me from posting to usenet.
>>>
>>> Has something changed with ES?
>>
>> It is about time. They have been ignoring "abuse" claims for years.
>
> As far as abuse complaints go, I have found from years of experience that
> almost no provider any longer gives a damn. Complaining is a waste of time.
>
> I agree with your basic premise. But my opinion is they should wait until
> they get abuse complaints about an account - with headers for proof.
>
> But, then, I still don't really know what is going on.
>

I think Ray fixed his nymshift counter.

He's always had the rule in the TOS, it just
was not enforced properly.

Just like the AIOE rule for posting limits may
claim 40 messages per day, but could only count to 20.

These are little scripting errors of one sort of another.

Generally speaking, of late he's been examining CleanFeed
and fixing the odd issue with it. For example, the Injection
field has been faked by some buffoonery and he may have
added something for that. And also contacted other admins
to do likewise (clean up what users post, in headers).
While many vanity header lines can be ignored during
a post, finding posts with multiple Injection clauses may
cause the wrong account to be blamed.

Paul

gfre...@aol.com

unread,
Aug 4, 2022, 12:12:13 AMAug 4
to
Tell Ray to pay more attention to the abuse email. We had a guy
spoofing names in another group I am in and saying reprehensible
things about other members and their families. Ray didn't do anything
about it even after complaints.

Paul

unread,
Aug 4, 2022, 4:14:45 AMAug 4
to
On 8/4/2022 12:11 AM, gfre...@aol.com wrote:

>
> Tell Ray to pay more attention to the abuse email. We had a guy
> spoofing names in another group I am in and saying reprehensible
> things about other members and their families. Ray didn't do anything
> about it even after complaints.
>

There are specific rules about what "spoofing" is.

It is the email field which is protected. And not just any value is protected.
Addresses in the .invalid domain are not protected.

http://www.eternal-september.org/index.php?showpage=terms

"The e-mail addresses given in "From:", "Reply-To:", and "Sender:" SHOULD be yours
(i.e. you should be entitled to use it) and SHOULD be valid (should not bounce
because of invalidity). Using addresses and namespace of other people without
their consent is prohibited."

http://www.eternal-september.org/index.php?showpage=abuse

"If a user is posting with your email address in their From: line we will terminate the account."

****

"Q: Will we terminate an account for excessive morphing to evade kill files?

A: We will first warn them and if they do not stop, we will terminate the account.
Please note that morphing involves changing the email address. Simply changing the
from name is not morphing. You should be kill filing on email address, not name."

*******

If I send a USENET post with the addy set to <gfre...@aol.com> ,
then that is prohibited. and could lead to instant account termination
of my account if I did it.

If I posted the message from netfront, then it is the abuse address
at netfront that enforces the netfront TOS, whatever that is. There
are a number of servers that have no effective abuse address at
all (Google Groups being a PRIME example).

Paul

gfre...@aol.com

unread,
Aug 4, 2022, 1:02:38 PMAug 4
to
It is a great policy if they actually did it. We reported this user
many times and it didn't stop. The guy is easy to spot in the headers
because he always used "Noisy patient spider" in the organization
field.

Paul

unread,
Aug 4, 2022, 3:08:33 PMAug 4
to
On 8/4/2022 1:02 PM, gfre...@aol.com wrote:

>
> It is a great policy if they actually did it. We reported this user
> many times and it didn't stop. The guy is easy to spot in the headers
> because he always used "Noisy patient spider" in the organization
> field.

Always include sample <MID> values so the administrator
can examine them. Complete with the greater/lessthan symbols.

For example, the message you just sent, the MID is:

<8munehp7b3i870hv1...@4ax.com>

and anyone can see that on Howard if they don't have
a newsreader that can index by <MID> directly.

http://al.howardknight.net/?STYPE=msgid&MSGI=%3C8munehp7b3i870hv17qc0quuuv7s5s9cnf%404ax.com%3E

If you have not compacted a newsreader like Thunderbird, the headers
from the offensive messages may still be present (even if the message
bodies are no longer accessible), so you can look them up on Howard
and verify before sending off past samples. Howard has access to a deeper
spool than the average free server.

http://al.howardknight.net/

Paul

gfre...@aol.com

unread,
Aug 4, 2022, 5:28:06 PMAug 4
to
We sent the full message with complete headers.

VanguardLH

unread,
Aug 18, 2022, 4:36:54 AMAug 18
to
<ha...@invalid.com> wrote:

> I use a different nym for a few groups using Eternal-Sept.
>
> After all these years of doing so, ES is now accusing me of
> "excessive nymshifting" and blocking me from posting to usenet.
>
> Has something changed with ES?

What nyms have you used?

https://www.eternal-september.org/index.php?showpage=terms

I use a nym that cannot bounce simply because the domain can never be
registered, so there can never be a mail server there to bounce
messages. When the sending mail server cannot find the receiving mail
server, the sending server will dump an NDR (Non-Delivery Report) back
to the sender's account. That is not a bounce since it is generated at
the sender's mail server. It is not backscatter. Bounces and
backscatter come from the mail server to which the sending server
connects. The example mentions using .invalid as the TLD (top-level
domain) because no domain can have .invalid as its TLD hence no bouncing
or backscatter. The sending server errors on trying to reach a
non-existent server at an undefined domain.

You don't give examples of your other nyms to know if you are abusing
someone else's valid e-mail address, using valid domains that run mail
servers that will generate bounces when spambots harvest your e-mail
address from Usenet. We're suppose to guess what are your other nyms?

invalid.com is NOT the same as using .invalid as the TLD. invalid.com
is defined. Someone registered it. It is NOT your domain. Stop
energizing spambots to target someone else's domain, especially one that
you are not authorized to use.

https://www.whois.com/whois/invalid.com

ha...@invalid.com is attempting to use a valid and registered domain.
Instead use something like ha...@hairycoconuts.invalid. Use "invalid"
as the TLD, not as the domain.

You are also using invalid syntax in your From header. Syntax is
"comment <address>". The comment token is optional, but not the angle
brackets around the address token. By using "From: ha...@invalid.com",
you are specifying only the comment token, and the address token is
missing. I would suggest you add a comment token, but, at least, make
the address token legitimately delineated within angle brackets.
Currently your From header only has a comment token, no address token.
Clients can make guesses, but servers can be more strict, especially
when they have TOS policies on the construct of the From header.

Also, the use of the "WARN --> X-No-Archive: yes" is only honored at
Google Groups, and nowhere else. Every client will still have a copy of
your post(s) as long as your message is still in their message store.
There are archive sites of Usenet, like Howard's. Any web-based forums
that leech from Usenet by using an NNTP-to-HTTP gateway will have your
posts archived forever. You also don't get to set how long before the
other end deletes your message. My rule says to auto-delete immediately
any article using this header. You don't get to set the archive
retention, and mine is zero compared with whatever is Google's (a month
maybe?). Obviously a poster doesn't think their message has any value
to stick around when using this header, so why should anyone else give
it value? It also is an attempt to punch holes in a discussion: the
poster is trying to remove access to their message, but clients already
have a copy except when they sync to their NNTP server to find the
article has been removed from the server. Also, any replies to your
message will cite your message, so the whole point of you trying to
auto-delete your message is a forlorn hope. Under very limited
scenarios, your post might disappear, but it remains forever in Usenet
in every reply to it.

VanguardLH

unread,
Aug 18, 2022, 5:03:46 AMAug 18
to
<gfre...@aol.com> wrote:

> We had a guy spoofing names in another group I am in and saying
> reprehensible things about other members and their families. Ray
> didn't do anything about it even after complaints.

Most NNTP admins will only accept complaints regarding forging when
their NNTP server is involved, not when the forger injects using a
different server. They cannot admin someone else's server, only their
own. You could complain to the Usenet provider used by the forger, but
then the nym they forge is by the user of a different Usenet provider,
and again they cannot admin someone else's server.

A complaint about a forger would have to be from an ES user reporting
another ES users using the same nym (which means BOTH the comment and
address tokens in the From header), and the forging was intentional
instead of someone simply having the same name as you. Without examples
there's no way to see if someone was intentionally forging someone else.

ES is a free /registered/ Usenet provider. That means you get to use
their service for free, but you must have an account there. However,
AIOE is a free /unregistered/ Usenet provider. There are no accounts
there. No matter what policies the AIOE admin claims to enforce, there
are no accounts to suspend or kill to punish the forger. A forger at ES
forging someone at ES would lose their account. I have reported a
forger, and ES killed their account in 3 days. ES can only admin their
own server, not a forger using someone else's NNTP server. Most users
are accustomed to looking at the From header, even incomplete ones, and
using that as the full nym of a poster. The injection node in the Path
header identifies where an article originated, and that is also part of
the poster's identity. "From: jo...@smith.invalid" (just a comment
token, no address token) injecting from Astraweb is not the same poster
as "From: John Smith <jo...@smith.invalid>" (both tokens specified) that
injects via Giganews.

Was the forger in the other group really using a nym that was unique to
whomever he was claimed to have forged? If John Smith posts in Usenet,
there's a good chance that someone else with equal lack of imagination
has the same nym, and even at the same server. How many times have you
seen different posters using the same inv...@invalid.invalid address
token in their posts? They aren't trying to be unique. Yours is a bit
unique; however, your From header only specifies a comment token. The
address token is missing. Your nym is incomplete. Anyone using
gfre...@aol.com as their comment token but a different address token
is NOT forging your identity whether intentional or accidental. Someone
using "From: gfet...@aol.com" (no address token, like you) might be
trying to forge you, but if they're using ES while you're using
Giganews, ES cannot admin Giganews to resolve the forging. You
reporting the forging to Giganews doesn't grant them permission to admin
the ES server to kill the forger's account at ES.

Pretty much both the comment and address tokens of the From header must
be the same, and both you and the forger must be using the same server,
so the admin can do something about the forging. But without any
accounts to punish the forger (e.g., AIOE), the admin cannot enforce
their claimed policies.

From my discussions with a few admins of NNTP servers, the complaints
are either misdirected, or not legitimate. The admin can't do anything
about a forger at a different server. The limitations of equal From
header tokens and both users at the same server severely restricts what
the admins can do assuming the service is registered (has accounts).

Also, no matter what nym you elect, you are not granted unique ownership
of it. Just because you don't want someone using your nym doesn't
mandate they cannot. You don't specify an address token in your From
header. Anyone can specify whatever they want in the comment token.
Reply all
Reply to author
Forward
0 new messages