Cancel Messages: Frequently Asked Questions, Part 3/4 (v1.75)

159 views
Skip to first unread message

Tim Skirvin

unread,
Jul 1, 2009, 3:04:03 AM7/1/09
to
Archive-name: usenet/cancel-faq/part3
Posting-Frequency: monthly
Last-modified: 1999/09/30
Version: 1.75
URL: http://wiki.killfile.org/projects/usenet/faqs/cancel/

Cancel Messages
Frequently Asked Questions
Part 3/4

This document contains information about cancel messages on Usenet, such
as who is allowed to use them, how they operate, what to do if your
message is cancelled, and the like. It does not contain detailed
instructions on how to cancel a third party's posts. It is not intended
to be a fully technical document; its audience is the average Usenet user,
up to a mid-level administrator.

This document is not meant to be a comprehensive explanation of Usenet
protocols, or of Usenet itself, but a basic knowledge of these concepts
is assumed. Please refer to news.announce.newusers, RFC1036, and/or
RFC1036bis if you wish to learn them.

Disclaimers: The information contained within is potentially hazardous;
applying it without the permission of your news administrator may cause
the revocation of your account, civil action against you, and even the
possibility of criminal lawsuits. The author of this document is in no
way liable for misuse of the information contained within, nor is he in
any way responsible for damages related to the use or accuracy of the
information. Proceed at your own risk.


Table of Contents > = In other parts of the FAQ
================= * = Changed since last update
>I. What are cancel messages?
>II. How do cancels work?
>III. So your post was cancelled...
>IV. What does it take to cancel messages?
>V. That idiot forge-cancelled my posts!
>VI. What moral issues are involved with cancel messages?
VII. What's going to happen to cancels in the future?
A. What are authenticated cancels?
B. Are there any other Usenet methods to delete messages?
C. Why are some people turning off cancels altogether?
D. What is NoCeM?
E. What is PGP?
VIII. What about these other things?
A. What is Lazarus?
B. What is Dave the Resurrector?
C. What was the Judges-L mailing list?
D. What is the UDP?
IX. What are the current cancel issues?
A. What are the cancel-on-sight rules?
B. Are HTML postings cancellable?
C. What happened to copyright cancels?
D. What should be done about unaccountable spam cancellers?
E. What should be done about open news servers?
F. How should hierarchies opt out of spam cancels?

Changes
To Do
Contributors
Pointers

>Appendix A: Dave the Resurrector
>Appendix B: Retromoderation


VII. What's going to happen to cancels in the future?
=====================================================
A. What are authenticated cancels?

Usenet was not built with security in mind; the fact that it's
relatively simple to forge a cancel proves this.

As time goes on, though, the need for security is becoming more
and more obvious. One way of making this security would be to change
the software to only accept cancels that include verification of a match
between the poster and the canceller; such verification might take the
form of a PGP-signature or some other similar method.

There have been many methods proposed to accomplish this; at
this point, none are in wide use. If anyone would like to write some
software to accomplish this, please do so, and discuss it on news.admin.
misc; the CancelMoose has a few suggestions for authenticated cancels on
his web page at <URL:http://www.cm.org/>.


B. Are there any other Usenet methods to delete messages?

Of course.

1. How does the Supersedes: header work?

Commonly used for periodic postings and other information
updates, the Supersedes: header replaces an old message with a new one.
It is especially useful for FAQ maintainers, who use it to replace old
versions of the FAQ with more up-to-date ones - this FAQ, for example,
uses it. To replace the message <4b6uce$o...@vixen.cso.uiuc.edu>, you would
want to add the header:

Supersedes: <4b6uce$o...@vixen.cso.uiuc.edu>

The use of Supersedes: is otherwise basically the same as a
cancel message, and third-party superseding should be treated the same
as third-party cancels.

2. How does the Expires: header work?

By adding the Expires: header to your post, you can override the
standard expiration time on most systems and make your message be deleted
from most systems at a time of your choosing. This is especially useful for
time-dated information and FAQs which are meant to be reposted on a regular
basis. If you want your message to expire at 7:50:06pm (PST) on 2/11/96, add
the following header (the format must be followed exactly):

Expires: Sun, 11 Feb 1996 19:50:06 PST

Your message should expire by this date. It may expire earlier,
depending on the system setup and expiry times.

3. What is the Also-Control: header?

The Also-Control: header acts just like a standard Control:
header, except that the post is also filed in whatever groups it was
posted to, as opposed to being filed in control. Otherwise, the two are
interchangeable, though the former is very rarely used.


C. Why are some people turning off cancels altogether?

Until authenticated cancels catch on, there are no options to
avoid forged cancels and allow unforged ones. One option, advocated by
a few, vocal people that don't want to allow such forgery, is to not
accept cancels at all. If you want to do so, you're welcome to, but it
probably isn't the best option, at least in the near future.


D. What is NoCeM?

NoCeM, pronounced "No See-Umm", is a piece of news software
written to mostly replace cancel messages. Instead of deleting the
messages automatically, NoCeM works by allowing anyone to send out a
message that basically states "you don't want to read this". Indiviual
news systems or users may then act on these messages as they see fit,
from deleting the messages or marking them as read, to merely ignoring
the advice altogether, to even marking those messages to be read as soon
as possible. The idea is being hailed as a worthy replacement for
third-party cancels by many news administrators, and it is slowly gaining
support.

CancelMoose (mo...@cm.org) authored the client software, which is
currently available for most Unix clients that can use PGP (VII.E).
news.lists.nocem has been created for the distribution of NoCeM
messages; discussion of the protocol belongs in news.software.misc. For
more information on NoCeM, refer to the Moose's homepage at
<URL:http://www.cm.org/>.


E. What is PGP?

PGP stands for "Pretty Good Privacy", and is a greatly heralded
encryption program made for everyday use. It is at the heart of most
authenticated cancel schemes, NoCeM, and much other Usenet software.
Unfortunately, the import and export laws regarding the software vary,
making its availibility questionable in countries other than the USA.

PGP is a topic on its own, and as such has several FAQs of its
own, as well as several newsgroups. For more information, I recommend you
read one of these FAQs, such as the comp.security.pgp FAQ (availible at
<URL:http://www.pgp.net/pgpnet/pgp-faq/>).

VIII. What about these other things?
====================================
A. What is Lazarus?

Lazarus is a program written for use on alt.religion.scientology
by Homer Wilson Smith (ho...@light.lightlink.com). It monitors control
and posts a message to a.r.s whenever it finds a message relating to the
group. The basic effect of this is that all cancels are *very* visible.

For more information on why this was necessary, refer to Ron
Newman's "The Church of Scientology vs the Net" page, at <URL:http://www2.
thecia.net/users/rnewman/scientology/home.html>.


B. What is Dave the Resurrector?

Dave the Resurrector is a program run in news.admin.* and several
other newsgroups that reposts cancelled articles. See Appendix A for
details on its creation and operation.


C. What was the Judges-L mailing list?

A while back, a guy named David Stodolsky decided that he was
going to be in charge of cancels on Usenet. He set up a mailing list to
this effect, Judges-L, and expected to start working.

The rest of the world didn't exactly want him to be Emperor of
Usenet.

After a short flamewar, an early FAQ on Cancel Messages was
written as a result of the Judges-L list; while technically accurate, it
had little influence on the creation of this FAQ. In the mean time, the
Judges-L list was dissolved; David Stodolsky is rarely seen on Usenet
anymore.


D. What is the UDP?

UDP stands for the "Usenet Death Penalty", the final weapon
against those that attempt to abuse Usenet. It is never entered into
lightly.

Originally, the UDP referred to auto-cancellation of all
messages from a certain site as a final solution to too much abuse. As
Usenet terms tend to change over time, the meaning mutated into meaning
to refer to the aliasing out of a certain site by many major sites, thus
"shunning" them off of Usenet. This latter method is now more commonly
called a "passive UDP", and is widely accepted as being only the decision
of the sites involved; the former has been renamed to "active UDP", and is
much more controversial.

Active UDPs are saved for those sites that absolutely refuse to
stop abuse from their systems. Sites which allow abuse of their system
for weeks straight are given warnings, culminating in a public discussion
of whether a UDP is warranted. If a consensus is reached that it is
necessary, the offending site is given a week to fix the problem - after
that, all articles from the site are automatically cancelled until the
abuse stops. All in all, this tactic is more politically than technically
effective, but that doesn't stop the mere threat of an active UDP from
being enough to make most ISPs clean up their act.

The ethics and morals of active UDPs are, of course, still in
debate.

IX. What are the current cancel issues?
=======================================
A. What are the cancel-on-sight rules?

If a message is guaranteed to be spam beyond the cancel thresholds,
anybody may issue a cancel for it - the problem comes with confirming that
the post is, indeed, beyond the cancel thresholds. Usually, this is done
automatically with scanning software by the major spam cancellers; they
are not perfect, however, and sometimes the software misses a few messages.
Individuals, however, must check the thresholds by hand - which takes a
great deal of time and effort.

To solve this problem, a certain class of spam has been declared -
cancel-on-sight. If a particular spam has stayed above a certain threshold
daily, and shows no signs of stopping in the immediate future, the spam is
declared cancel-on-sight - from then on, any instances of the spam may be
cancelled on sight, without requiring checking by the canceller, on the
theory that the spam must have passed the thresholds long ago.

Currently, the only spam declared cancel-on-sight is the ongoing
"Make Money Fast!" spam/scam in all its forms. Details for declaring
other spams cancel-on-sight are still being worked out in news.admin.
net-abuse.policy.


B. Are HTML postings cancellable?

Most modern web browsers allow for posting to Usenet; they also
generally offer an option to post messages in HTML, for easier viewing by
other browsers - at the expense of significantly larger post sizes and
much-increased difficulty of viewing by the rest of the Usenet community.
This poor mixing of HTML and Usenet has been fought tooth-and-nail by
Usenet readers, moderators, and administrators, but the postings continue.

One suggestion to stop HTML posting is to declare HTML posts to be
binary messages, and thus cancellable under the bincancel rules. This
idea has not been implemented, simply because HTML messages are *not* binary
messages, under current definitions, and if the definitions were changed
the consensus would probably disappear.

In short: no, postings are not cancellable merely for being in
HTML.


C. What happened to copyright cancels?

Copyright cancels were a rarely-used type of third-party cancel
where messages are cancelled for being copyright violations. The idea
behind the cancels was to stop the violations from spreading; cancels are
fairly ineffective in this respect, however, because not all sites honor
cancels. This ineffectiveness, combined with a desire by most news
administrators to stay out of legal matters, was enough to declare the
consensus regarding copyright cancels void. The only remedy for copyright
violations on Usenet has again become the real-world legal system.


D. What should be done about unaccountable spam cancellers?

The current winner of the "most cancels issued" award is Cosmo
Roadkill, a 'bot operated by "Uncle Roadkill" that single-handedly cancels
most of Usenet's spam. This was, for a time, considered a good thing;
still, the 'bot isn't perfect, and over time people have found more and
more problems with Cosmo. This too would be okay, except for one thing -
Uncle Roadkill never responds to complaints.

There still isn't really a true response to this issue, but at
least people are outraged.


E. Whae should be done about open news servers?

Most rogue cancel attacks on Usenet are performed using news
servers that allow public reading and posting. This was originally done
to allow an "open" Usenet, where people could read and post from other
servers to help guarantee better propagation and a nice atmosphere; now,
though, the potential for abuse is too great, and so most open news
servers are being shut down. This is generally considered a good thing.

There are, though, a few that will miss the old open system; as
such, there are still ideas floating around for how to allow those servers
to remain open and still not allow any significant abuse.


F. How should hierarchies opt out of spam cancels?

On July 18, 1998, the free.* hierarchy was recreated under the
theory of "no control, no cancels, no rmgroups". One of the unexpected
shocks caused by this creation was from the spam cancellers - they didn't
necessarily want to exclude free.* from their filters, and were outraged
that somebody would tell them what to do on the matter without even
discussing it ahead of time. Others responded that it was the cancellers'
responsibility to follow the wishes of the hierarchy, and that if they
wouldn't do so how were they better than the rogue cancellers?

While this particular flamewar finally burned out, the underlying
embers of the issue are still burning - how should hierarchies opt out
from spam cancels? Is it the responsibility of the cancellers to ask
permission to cancel the posts? Or must hierarchies request such things,
and work with the cancellers to ensure that it works?

Changes
=======
v1.0 -> v1.01 Updated the style slightly
Clarified the meanings of EMP and ECP
Added a section in I, "Where can I find cancel messages?"
Added some newsreaders' cancel buttons
v1.01 -> v1.1 Updated the addresses to have the HTML version
Got some information about CNews
Got approval for posting to news.answers
Fixed a few errors here and there
v1.1 -> v1.2 Added slrn to the newsreaders' cancel buttons list
Updated the section on NoCeM
Added a section on PGP
Made a few slight cosmetic changes
v1.2 -> v1.25 Added references to the Bincancel FAQ
Updated the definition of a spew
Added "unauthorized copyrighted material" to the list of
valid reasons for cancel messages (with disclaimers).
Added Agent's cancel button
Added a disclaimer for the CNews information
v1.25 -> v1.3 Added references to the Spam Thresholds FAQ
Added references to Dave Hayes' "Site of Virtue" page
Changed the definition of a 'spew'
Updated IV.E.
Added a section on the ellisd and pseudosite cancel
incidents
v1.3 -> v1.31 Updated the newsgroups, based on the recent news.admin.
net-abuse.* reorganization
Added a link to the news.admin.net-abuse homepage
Updated the cancelbot section to warn against publicly
distributed ones
Updated the information on the psuedosite cancel attack
v1.31 -> v1.4 Made lots of cosmetic changes
Removed invalid CNews information, updated INews aliasing
information
Virtually re-wrote IV.G.
v1.4 -> v1.5 Added an appendix on Dave the Resurrector
Jun 11, 1997 Added an appendix on Retromoderation
Updated the rogue cancellers section (V.D.)
Clarified the pseudosite section
Updated the 'format of a cancel' section (II.C.)
v1.5 -> v1.6 Updated I.C. and II.A. to reflect changes in finding
Dec 30, 1997 cancel messages
Removed section on copyright cancels in I.E., to follow
current consensus
Added some more readers' cancel buttons
Changed V.E. to not require me to give a full history of
spam cancellers throug the ages
Clarified and updated the UDP definition in VIII.D.
Added Section IX. on current cancel issues
Minor rewordings and updates in I.E., II.B., II.D., IV.B.,
IV.D., IV.E., IV.G., V.C., VII.B., VII.C.
v1.6 -> v1.7 Standardized the HTML tags to the <URL:[url]> standard in
Aug 10, 1998 the headers, I.C., II.D., VII.A., VII.D., VII.E., and
the links section.
Minor rewordings - IV.B., IV.G.2., IV.G.5., IV.G.7.
Added mention of server-side filtering in I.B.
Depreciated the value of RFC1036bis in I.E.
Updated the rules to include administrator preference -
for example, you can't cancel your posts in free.* even
if you want to - in I.E., along with a few other minor
wording changes.
Added another reader's cancel button.
Strengthened the X-Cancelled-By standard to require that
the address given must be read by its owner.
Reworded II.B.'s stuff on pseudosites a bit.
Changed around III.C. to be more clear on what to do with
moderators that are "abusing their authority".
Mentioned how uncustomizable freely available cancelbots
are in IV.E.
Strengthened the importance of responding to email about
your cancelbiot in IV.G.4.
Added "if one may cancel, all may cancel" to the list of
popular reasons to cancel in V.B.
Added "ignore the cancels" and "write and run a resurrection
'bot" to V.F.'s section on "what can I do?".
Mentioned that this FAQ is a good example of Supersedes:
and Expires: headers in VII.B.
Added IX.[D-F].
v1.7 -> v1.75 Reworded the expiration section of I.B.
Sep 30, 1999 Reformatted I.E., IV.G., appendix B, and V.D. to just plain
look nicer.
Changed the wording of I.E.1. to make it more obvious what
a first-person cancel actually is.
Updated the spewcancels section of I.E.3.
Significantly reworded I.H, IV.G.1 - 5
Added a section on NewsAgent to V.D.
Added Appendix C.

To Do
=====
At some point, there needs to be a version 2.0 of this FAQ. While
this will probably happen at some point in the future, it's not going to be
any time soon; as such, most of the real changes for the next while are going
to merely be cosmetic.

Still, for the future:

Fill in the technical sections in general, especially with other
software.
Add a section on things that *shouldn't* be cancelled, and why.
Expand the UDP and NoCeM sections a *lot*. Maybe they even deserve
their own FAQ...
Add a "spew" appendix.


Contributors
============
In creating this FAQ, I discovered one important thing: it's a
*lot* of work. These are the people that have helped me out in doing
it, with suggestions, moral support, or whatever.

Thank you all. I couldn't have done this without you. Literally.
And, if I missed anyone, don't hesitate to speak up...

Johann Beda j-b...@uiuc.edu
CancelMoose mo...@cm.org
Ian Collier i...@comlab.ox.ac.uk
Peter Da Silva pe...@taronga.com
Richard Depew r...@redpoll.mrfs.oh.us
Frans P. de Vries f...@xymph.iaf.nl
Ernie Diaz tre...@slip.net
Arnould Engelfriet gala...@stack.urc.tue.nl
J.D. Falk jdf...@cybernothing.org
Follower of the Clawed Albino edmc...@terra.spd.louisville.edu
The Gentleman gent...@alinc.com
Howard Goldstein h...@n2wx.ampr.org
Dave Hayes da...@jetcafe.org
Jim Hill jth...@netcom.com
Jonathan Kamens j...@mit.edu
Joshua Kramer jkra...@swathmore.edu
Don Juneau dju...@io.com
Tom Lewis thomas...@me.gatech.edu
Chris Lewis cle...@ferret.ocunix.on.ca
Charles H. Lindsey c...@clw.cs.man.ac.uk
Guy Macon guym...@deltanet.com
John Milburn j...@xpat.com
Bernhard Muenzer m...@gsf.de
Ron Newman rne...@thecia.net
Matthew Paden mpa...@emory.edu
Joshua Putnam jo...@wolfenet.com
John Rickard j...@atml.co.uk
Chris Salter ch...@loncps.demon.co.uk
Wolfgang Schelongowski [removed by request]
Bill W Smith Jr bi...@srisoft.com
Keith Thompson k...@thomsoft.com
Jason Untulis unt...@netcom.com
Dimitri Vulis d...@bwalk.dm.com
Matthew P Wiener wee...@sagi.wistar.upenn.edu
Michael Wise mjw...@unixg.ubc.ca
Patricia Wrean wr...@caltech.edu
Dick Yuknavech r...@mindspring.com


Pointers
========
For more information on cancel messages, or for information on
related issues, try checking some of the following pages:

Related FAQs
------------
news.admin.net-abuse FAQ
<URL:http://www.cybernothing.org/faq/net-abuse-faq.html>
Advertising on Usenet FAQ
<URL:http://www.danger.com/FAQs/advo.htm>

<URL:http://www.cs.ruu.nl/wais/html/na-dir/net-abuse-faq/spam-faq.html>
The Spam Thresholds FAQ
<URL:http://www.killfile.org/faqs/spam.html>
The Bincancel FAQ
<URL:http://www.geniac.net/bincancel/>
The Newsgroup Care Cancel Cookbook
<URL:http://www.xs4all.nl/~rosalind/faq-care.html>
The Moderated Newsgroups FAQ
<URL:http://www.swcp.com/~dmckeon/mod-faq.html>


Utilities
---------
Anti-Spam Software
<URL:http://www.exit109.com/~jeremy/news/antispam.html>
Apollo - News/INN, a set of news related utilities
<URL:http://www.backplane.com/news/>
Adcomplain shell script
<URL:http://www.rdrop.com/~billmc/adcomplain.html>
Purge-binaries, an anti-binary script
<URL:http://www.tju.edu/~theall1/tools/purge-binaries/>
NoCeM
<URL:http://www.cm.org/nocem.html>


RFCs
----
RFC 1036 -- Usenet Guidelines
<URL:http://www.cis.ohio-state.edu/htbin/rfc/rfc1036>
RFC 1855 -- Netiquette Guidelines
<URL:http://www.cis.ohio-state.edu/htbin/rfc/rfc1855>
RFC 1036bis (temporary)
<URL:http://www.killfile.org/faqs/rfc1036b>


Newsgroups
----------
news.announce.newusers
news.answers
news.admin.announce
news.admin.nocem
news.admin.net-abuse.bulletins
news.admin.net-abuse.email
news.admin.net-abuse.misc
news.admin.net-abuse.policy
news.admin.net-abuse.sightings
news.admin.net-abuse.usenet
news.admin.misc
news.groups


Additional/Other
----------------
Fight Spam on the Internet!
<URL:http://spam.abuse.net/>
The Jargon File
<URL:http://www.ctrl-c.liu.se/~ingvar/jargon/>
net.legends FAQ
<URL:http://www.killfile.org/faqs/legends.html>
news.admin.net-abuse homepage
<URL:http://www.killfile.org/~tskirvin/nana/>
The Free.* FAQ
<URL:http://www.killfile.org/faqs/free.html>
--
Copyright 1999, Tim Skirvin. All rights reserved.

Reply all
Reply to author
Forward
0 new messages