Cancel Messages: Frequently Asked Questions, Part 4/4 (v1.75)

67 views
Skip to first unread message

Tim Skirvin

unread,
Jun 1, 2009, 3:04:03 AM6/1/09
to
Archive-name: usenet/cancel-faq/appendix
Posting-Frequency: monthly
Last-modified: 1999/09/30
Version: 1.75
URL: http://wiki.killfile.org/projects/usenet/faqs/cancel/

Cancel Messages
Frequently Asked Questions
Part 4/4

This document contains information about cancel messages on Usenet, such
as who is allowed to use them, how they operate, what to do if your
message is cancelled, and the like. It does not contain detailed
instructions on how to cancel a third party's posts. It is not intended
to be a fully technical document; its audience is the average Usenet user,
up to a mid-level administrator.

This document is not meant to be a comprehensive explanation of Usenet
protocols, or of Usenet itself, but a basic knowledge of these concepts
is assumed. Please refer to news.announce.newusers, RFC1036, and/or
RFC1036bis if you wish to learn them.

Disclaimers: The information contained within is potentially hazardous;
applying it without the permission of your news administrator may cause
the revocation of your account, civil action against you, and even the
possibility of criminal lawsuits. The author of this document is in no
way liable for misuse of the information contained within, nor is he in
any way responsible for damages related to the use or accuracy of the
information. Proceed at your own risk.


Table of Contents > = In other parts of the FAQ
================= * = Changed since last update
>I. What are cancel messages?
>II. How do cancels work?
>III. So your post was cancelled...
>IV. What does it take to cancel messages?
>V. That idiot forge-cancelled my posts!
>VI. What moral issues are involved with cancel messages?
>VII. What's going to happen to cancels in the future?
>VIII. What about these other things?
>IX. What are the current cancel issues?

>Changes
>To Do
>Contributors
>Pointers

Appendix A: Dave the Resurrector
1. What is Dave the Resurrector?
2. Why is Dave necessary?
3. What cancels are authorized?
4. What messages are reposted?
5. What is the format of the reposts?
6. So how do I cancel my own posts when Dave is around?
7. What about other Resurrector bots?

Appendix B: Retromoderation
1. What is retromoderation?
2. Why is retromoderation so popular?
3. What's wrong with retromoderation?
4. When is retromoderation alright?


Appendix A: Dave the Resurrector
================================

1. What is Dave the Resurrector?

Dave the Resurrector is a program written and run by Chris Lewis
(cle...@ferret.ocunix.on.ca) that reports on and reposts messages cancelled
in the news.admin.net-abuse.* hierarchy. Dave's code was written after a
particularly obnoxious run of cancels in news.admin.net-abuse.misc sent
by Kevin Lipsitz (since charged with fraud and other offenses); the name
was suggested by Tim Skirvin, and Chris accepted the name in honor of
Dave Hayes, of news.admin.* fame.

Dave's reposting activities are occasionally extended to include
the rest of news.* and other hierarchies, to resurrect messages removed by
large-scale rogue cancellers. From time to time Dave's presence has also
been requested in other newsgroups.


2. Why is Dave necessary?

The news.admin.* hierarchy has always been the target of massive
forged cancel attacks, (see section V.D. for details). Dave neutralizes
these attacks, though at the cost of allowing people to cancel their own
posts effectively.


3. What cancels are authorized?

In the context of Dave, an "unauthorized cancel" is a cancel by
someone other than the originator, the originator's system administration,
the moderator of the group, or an accepted spam canceller. Of necessity,
given the ease in which cancels can be forged, Dave cannot determine the
authenticity of cancels per-se, so will resurrect all cancelled articles
except those which:

o are cancelled by an accepted spam canceller, or
o contain a "X-No-Repost: yes" header, or
o are deemed by Dave to be unsafe to resurrect - where "unsafe"
is determined at the discretion of Dave's operator.

Dave's operator routinely scans Dave's normal haunts, and will
manually recancel articles that appear to have been resurrected in
error. Other spam cancellers who've been introduced to Dave can do this
as well.

When Dave is armed to cope with a rogue canceller cancelling in
other groups, a best-effort attempt will be made to avoid reposting spam
and other postings that are undesirable to resurrect.


4. What messages are reposted?

According to the news.admin.net-abuse.* charters, "All messages
removed by unauthorized cancels in the hierarchy will be automatically
reposted by Dave the Resurrector or a similar program, at the discretion
of the group moderator or, for the unmoderated groups, the operator of
the resurrector program."

Every cancel message in the news.admin.* hierarchy prompts Dave to
create a repost of the original message; however, not every repost is
injected into the news system. Before Dave submits an article to be
reposted, the bot runs a few extra checks:

o If there have been more than n reposts this "run" (the amount of
time since Dave was started, which is usually several days), do not
submit the repost. As of the the time this section was written,
"n" was 30; this number is, of course, subject to change.
o If the original is more than n days old, do not submit the repost.
"n" was 4 as of the time this section was written, and is again
subject to change.
o If the cancel was from an authorized spam canceller, as determined
by Dave's operator, do not submit the repost.
o If the article is unsafe to resurrect (for technical or other
reasons), do not submit the repost.

If the circumstances warrant it, some or all of these heuristics
may be turned off - for instance, the maximum reposts per run section may
be taken out to stop a massive forged-cancel bomb. Also, all articles not
submitted by Dave are still subject to later perusal (and possible
posting) by Dave's operator, as he sees fit.


5. What is the format of the reposts?

In the past, Dave modified the body and headers of the message to
allow for easy notice of rogue cancels. It was eventually pointed out,
however, that this policy broke PGP signatures (VII.E.) and the pseudo-
headers used by FAQ maintainers; to solve this, Dave's policy has been
changed to 'least-disturbance'. As such, reposts of cancelled messages
are as similar to the original message as possible:

o The original Path and Message-ID are renamed to X-Path and X-
Message-ID (respectively).
o A series of X-Comment headers, including 'X-Comment: DtR repost:"
are added, to explain that the message is a repost.
o The Message-ID of the repost consists of the original Message-ID
with a prepended "REPOST.<random number>". It should be noted
that this change, while necessary, does break PGP-signed control
messages and is not compatible with PGPMoose.
o The Path of the article is set to 'ferret.ocunix.on.ca!resurrector'
(at injection). The Path may also include the site responsible
for the cancel, which helps break cancel-repost loops if a rogue
canceller tries to cancel the reposts and allows other sites to
alias out the cancelling site and ignore the reposts if they wish.
o At present, 'REPOST: ' is prepended to the Subject line of all
reposted articles; this is likely to change in the near future.
o The Newsgroups header is trimmed to only include news.admin.*
groups, so as to prevent cancel-repost wars with policy-enforcement
bots in other groups (ie groups such as foo.general will be removed
from the Newsgroups: header, even if it was present in the original
article). This has the side benefit of stopping people from using
Dave to "protect" their cross-posted flamewars by including a news.
admin.* group.
o The body is posted intact, with the cancel message that trigged Dave
appended at the end of the message.
o All other headers are left intact.


6. So how do I cancel my own posts when Dave is around?

If it were possible, Dave would let you cancel any article that
you wrote without a repost; however, due to the practical problem of
cancels being trivially easy to forge, this can't happen without removing
Dave's use. As such, Dave errs on the side of caution, and reposts most
articles it sees cancels for. However, there are ways around Dave, if you
really want to cancel your posts.

o The presence of an 'X-No-Archive: yes' header will prevent Dave
from reposting your article (excepting attacks by targeted rogue
cancellers); see your newsreader's manual for instructions on how
to automatically add this header to your messages.

o If you cancel or supersede your article soon enough after the
original posting, you _may_ be able to remove the message before
a copy is saved by Dave. Of course, it should be noted that
cancel messare are rarely going to be fast enough to keep anybody
from reading the message anyway.

Mail to Dave's operator is not encouraged when a cancel is
required; even in the case of forgeries in your name, a post to the proper
news.admin.* group indicating that the messages are forged will do more
good.


7. What about other Resurrector bots?

As previously noted, DtR can be extended to other newsgroups and
hierarchies by request. Astute observes might note that the
news.admin.net-abuse.* charters allow for other Resurrector bots if the
situation warrants it. This was done on purpose, to allow for a
replacement for Dave if necessary. At this time, however, no other
Resurrector bots seem to be necessary.


Appendix B: Retromoderation
===========================
1. What is retromoderation?

Technically, retromoderation is moderation that takes place after
the messages are posted. All posts are initially distributed normally,
either through standard Usenet channels or through a simple mail-to-news
gateway; the moderator later checks the group, and deletes those messages
that were inappropriate.


2. Why is retromoderation so popular?

In a normally moderated newsgroup, the combination of a simple
moderator-bot and retromoderation allows for focused and on-topic discussions
and keeps the group (mostly) spam-free, all while not requiring large
workloads for a moderator and allowing message distribution to be kept
high. In an otherwise unmoderated newsgroup, retromoderation allows for
some level of topic and spam control, while not forcing the centralization
required by standard moderation and not requiring a formal moderation
process.

In short, retromoderation is a quick and easy way of accomplishing
most of the benefits of standard moderation, and people appreciate this.


3. What's wrong with retromoderation?

Though it may be tempting, retromoderation should never be entered
into lightly. It is plagued with problems, affecting everything from its
effectiveness to the long-term future of Usenet.


o Retromoderation does allow for messages deemed inappropriate by
the moderator to be displayed for a time. This defeats the purpose
of the moderation in many cases, such as high-speed 'announce' news-
groups or groups for school-aged children.

o Retromoderation is not 100% effective. Not all sites honor cancel
messages, and even less honor NoCeMs; as a result, it may not be
possible to delete a message after it has been posted.

o While all news software recognizes the difference between a moderated
and an unmoderated newsgroup, there is no way to tell from software
whether a group is retromoderated; as such, there is no official way
to indicate whether a group is retromoderated or not, nor to tell
who is the moderator or moderators. Similarly, there is no official
way to make an otherwise unmoderated newsgroup retromoderated.

o Most reasonable people will understand if their messages are never
posted; the concept is fairly apparently to most of the population
due to past experiences with newspaper and magazine editors and
their ilk, and few consider it censorship. This is less true when
an article is posted and subsequently deleted.

o News administrators rarely want to deal with the specifics of Usenet
news, especially in regards to cancel messages. As such, many news
admins will delete a retromoderated newsgroup and/or disable cancel
messages on their servers, rather than worry about the issues
involved with the retromoderation.

o Retromoderation in an otherwise unmoderated newsgroup gives credence
to those that would like to cancel messages that they merely don't
like on Usenet as a whole.


4. When is retromoderation alright?

Even though retromoderation has its problems, it is still widely
accepted and used in several circumstances.

o Retromoderation is not questioned in already moderated newsgroups if
performed by the group moderator or those who they designate. Mod-
erated Big-8 newsgroups, alt.* groups accepted as moderated by 80%+
of Usenet sites, and private hierarchies may all be retro-moderated
by their respective moderators or controllers.

o Spam-trap groups, such as alt.sex.cancel, are specifically chartered
so that any message crossposted to them is considered fair game for
cancellation. This form of retromoderation is considered mostly
legitimate, so long as the newsgroup name makes clear that the group
is moderated.

o As only those sites that explicitly want to follow the moderation will
have to do so, any individual can retromoderate any newsgroup that
they choose using NoCeM rather than cancel messages.

o Although still hotly contested, there is a movement to allow robot
keyword retromoderation of alt.* groups, in which any post not
containing a key word or phrase, decided upon by the group, is
automatically cancelled. Keyword retromod was invented by Dick
Depew (r...@redpoll.mrfs.oh.us) and is currently being used on
several newsgroups, such as alt.sex.cthulhu. This form of retromod
is considered radical, and (in the opinion of this author) shouldn't
be done; standard moderation is probably a better answer.
--
Copyright 1999, Tim Skirvin. All rights reserved.

Reply all
Reply to author
Forward
0 new messages