Discussion:
Keywords header (was: Re: Firefox ESR)
(too old to reply)
Eli the Bearded
2021-04-29 17:37:59 UTC
Permalink
Crossposted and follow-ups set.
Keywords: VanguardLH VLH811
I see you decided to steal my Keywords string.
It is a rn / trn feature to preserve the Keywords: in follow-ups. I
seldom examine them, since they are usually blank. Checking my post
archive I see this is not the first time you've gotten me like that.
The first appears to be my reply to <h1qr5g0nm2qu$***@v.nguard.lh>
in comp.mobile.android from way back in February 2018.

And golly gee, there's an earlier time I caught it.

Message-ID: <eli$***@qz.little-neck.ny.us>
Newsgroups: news.software.readers
References: <***@mid.individual.net> <***@v.nguard.lh>
Keywords: VanguardLH likes to stuff things in keywords.
Date: Wed, 20 Dec 2017 16:41:31 -0500 (EST)

March 2019 is the last time I posted with keywords that were not yours
nor added by me. I've added keywords to three posts of my own in that
period, most recently a post about headers to news.software.readers
on April third.

I found twenty-four posts since last rotating my "outposts" file in 2014
with keywords. Seven of them were replies to you, including that one I
caught.

Can I ask why? Or what you hope to get out of those keywords?

Elijah
------
will accept "for fun" as a good enough reason
VanguardLH
2021-05-06 10:52:32 UTC
Permalink
Post by Eli the Bearded
Crossposted and follow-ups set.
FollowUp-To ignored. It is rude to yank away a conversation from other
readers in the original newsgroup to which you posted by redirecting
replies to elsewhere than the original location.
Post by Eli the Bearded
I see you decided to steal my Keywords string.
It is a rn / trn feature to preserve the Keywords: in follow-ups. I
seldom examine them, since they are usually blank. Checking my post
archive I see this is not the first time you've gotten me like that.
...
Can I ask why? Or what you hope to get out of those keywords?
In addition to the From header, I use both the right token of the
Message-ID and the Keywords headers to make sure anyone that wants to
identify me, even to plonk me, has multiple and stable headers on which
to filter. If they wanted to ensure their filter only targeted me, or
they wanted to ensure a search only showed my posts, and not
accidentally on someone else, they can test on:

- Path injection node
- AND From
- AND Organization
- AND Message-ID
- AND Keywords.

Or, they could use just the From header for easy if filter definition,
too, but it's easy to catch forgers, especially since their Path
injection node won't be the same as mine (well, not for long since I use
responsive Usenet providers that can kill the forger's account very
quickly, and another reason I quit using freebie Usenet providers since
the forger would have to pay to get an account). I give lots of
compounded targets to identify me.

https://tools.ietf.org/html/rfc1036
Section 2.2.9
A few well-selected keywords identifying the message should be on this
line. This is used as an aid in determining if this message is
interesting to the reader.

https://tools.ietf.org/html/rfc5322#section-3.6.5
The "Keywords:" field contains a comma-separated list of one or more
words or quoted-strings.
...
These three fields are intended to have only human-readable content
with information about the message.
...
The "Keywords:" field contains a comma- separated list of important
words and phrases that might be useful for the recipient.

I would also use the "Comments:" header to further strengthen my Usenet
identity, but my client doesn't let me add that one. No, I'm not going
to PGP-sign my posts, because it is stupid since no one in Usenet is
going to bother doing the lookup.

While I can select a view that always shows all headers, that is usually
a bunch of noise (as is often the attribution lines where posters think
they have to add lots of duplicated info that is already available in
the headers). I only occasionally look at all headers, so it is
possible that I previously missed someone just copying my Keywords
header into their reply. From what I seen in many NNTP clients, they
generate their own Keywords header, if specified (non-blank), not
forward a value from what some other client specified in a parent post.
The RFC definition of the Keywords header is rather vague and very
terse. Just didn't figure any client would not use its own value.

I don't delete any unwanted posts. Instead my filters colorize them and
add an Ignore flag. I use a default view of Hide Ignored Posts;
however, if I need to check my filters for false positives or someone
mentions something in an otherwise hidden post, I can just switch to the
Show All Messages view. When I showed all messages, including the
ignore-flagged ones, I saw your post. It was colorized, because it
originated from Panix. So, I looked at the raw source of your message
to see your Keywords header duplicated mine instead of your client
adding its own value. Panix has been ignored-flagged by me ever since
they decided to spamify all posts that originate at them by appending a
deliberately invalid signature (so clients that hide sigs won't work).
I wasn't interested in seeing posts by users of a spamifying Usenet
provider.

I've see Avast users, and other anti-virus program users, that spamify
their Usenet posts (and e-mails). Avast does the same as did/does
Panix: use an invalid sigdash line followed by 1, or more, lines of spam
announcing the users employs Avast. The default config in Avast is to
add the invalid sigblock. I'll alert such users that they are spamming
their choice of anti-virus software, and to turn it off. If they
continue to refuse, and because they choose to be spamming affiliates,
they'll get kill filed. I did the same to Panix when they were
appending their invalid sigblock to all submissions.

Has Panix ceased spamifying the articles submitted to them? I don't see
it in your posts. Did they ever offer free trials, and those are the
submissions they spamified (as a lure to get those users to move to
their pay service)? If Panix is no longer spammifying their articles, I
will modify my filter on them to stop flagging them as ignored. I'll
still colorize them for awhile to watch if any spammified posts show up.
VanguardLH
2021-05-06 11:06:32 UTC
Permalink
Post by VanguardLH
Panix has been ignored-flagged by me ever since
they decided to spamify all posts that originate at them by appending a
deliberately invalid signature (so clients that hide sigs won't work).
I wasn't interested in seeing posts by users of a spamifying Usenet
provider.
...
Has Panix ceased spamifying the articles submitted to them?
...
Oh, I also have a filter on foul-mouthed posters. Several test on
headers (Subject, From, Organization, Keywords, or X-headers) with a
value containing foul words, like "fuck". Yep, you have one:

X-US-Congress: Moronic Fucks.

Although I changed my Panix filter to no longer ignore-flag those posts
(but keep colorizing them to remind me to monitor them for a while
longer), I'm not removing my filter against inane posters. I'll only
see your reply if I remember later to revisit the firefox and readers
newsgroups to select All Messages View to see if you replied.
!@!.invalid (Ï)
2021-05-06 13:39:53 UTC
Permalink
Organization: Usenet Elder
You da man, oh yes.
--
fold, spindle, mutilate.
Adam H. Kerman
2021-05-06 15:14:10 UTC
Permalink
Post by VanguardLH
Oh, I also have a filter on foul-mouthed posters. Several test on
headers (Subject, From, Organization, Keywords, or X-headers) with a
X-US-Congress: Moronic Fucks. . . .
Who the fuck cares what you filter with your fucking kill file? It's
none of fucking Usenet's fucking business.

Fuck. Fucking public plonking announcements are fucking immature.
J. P. Gilliver (John)
2021-05-06 17:04:52 UTC
Permalink
Post by Adam H. Kerman
Post by VanguardLH
Oh, I also have a filter on foul-mouthed posters. Several test on
headers (Subject, From, Organization, Keywords, or X-headers) with a
X-US-Congress: Moronic Fucks. . . .
Who the fuck cares what you filter with your fucking kill file? It's
none of fucking Usenet's fucking business.
Fuck. Fucking public plonking announcements are fucking immature.
It gives me great pleasure to be (actually, only appear) immature in
this case then.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)***@T+H+Sh0!:`)DNAf

If it ain't broke, fix it 'til it is.
VanguardLH
2021-05-08 20:01:56 UTC
Permalink
Post by Adam H. Kerman
Post by VanguardLH
Oh, I also have a filter on foul-mouthed posters. Several test on
headers (Subject, From, Organization, Keywords, or X-headers) with a
X-US-Congress: Moronic Fucks. . . .
Who the fuck cares what you filter with your fucking kill file? It's
none of fucking Usenet's fucking business.
Fuck. Fucking public plonking announcements are fucking immature.
And you don't care that *I* filtered out Panix articles when Panix used
to spammify posts submitted to them, too. You don't care about any of
my filters. You only care about YOUR filters. DUH!

I explained to Eli why I didn't see his article thinking it originally
was due to him using Panix, but after modifying that filter (to no
longer ignore-flag those articles) then noticed he also has foul
language in his headers.

You really want to lower your reputation in Usenet to that of a
foul-mouthed inane peurile? How old are you (mentally, not physically)?
Adam H. Kerman
2021-05-08 21:08:13 UTC
Permalink
Post by VanguardLH
Post by Adam H. Kerman
Post by VanguardLH
Oh, I also have a filter on foul-mouthed posters. Several test on
headers (Subject, From, Organization, Keywords, or X-headers) with a
X-US-Congress: Moronic Fucks. . . .
Who the fuck cares what you filter with your fucking kill file? It's
none of fucking Usenet's fucking business.
Fuck. Fucking public plonking announcements are fucking immature.
And you don't care that *I* filtered out Panix articles when Panix used
to spammify posts submitted to them, too. You don't care about any of
my filters. You only care about YOUR filters. DUH!
As it's relevant to the individual user only, public plonking
announcements really don't belong on Usenet, unless one is deliberately
being a drama queen in which case carry on.

What was Panix doing, appending an advertisment in a sigfile? I vaguely
recall that.
Post by VanguardLH
I explained to Eli why I didn't see his article thinking it originally
was due to him using Panix, but after modifying that filter (to no
longer ignore-flag those articles) then noticed he also has foul
language in his headers.
You really want to lower your reputation in Usenet to that of a
foul-mouthed inane peurile? How old are you (mentally, not physically)?
My reputation for unintentional subtlety still stands.
VanguardLH
2021-05-08 21:37:42 UTC
Permalink
Post by Adam H. Kerman
What was Panix doing, appending an advertisment in a sigfile? I vaguely
recall that.
If it had been enclosed in a proper sigblock (i.e., had a valid sigdash
line), I wouldn't have cared since my client is configured to hide sigs.
They are extremely rare to be on-topic to a thread. Only if an invalid
sigdash line were used, like "---\n", would I see the spam sigblock
because it was within the message, not in a proper sigblock.

Not all their submissions got spammified with their invalid sigblock.
Been a long time since I first started seeing their spammy invalid
sigblock, but then I've been filtering them out for a long time, too.
I'm not sure now, but recall they might've had free trial accounts, and
those were the submissions that got spammified. I don't keep, as
comments, evidence of posts (headers+message+sig) in the comments of my
filters. My comment for the Panix filter is:

# Ignore posts that get spamified by Usenet providers (appended spam is
not in a proper signature), ...

That block of filters were about spammification by Usenet providers, and
invalid sigblocks was only one scheme. Some didn't even bother to
pretend their spam was in a sigblock, and just appended it to the
article submitted to them (they modified the message).
!@!.invalid (Ï)
2021-05-08 21:52:53 UTC
Permalink
[...]
Post by Adam H. Kerman
Post by VanguardLH
You really want to lower your reputation in Usenet to that of a
foul-mouthed inane peurile? How old are you (mentally, not physically)?
My reputation for unintentional subtlety still stands.
If nothing else, an old-fashioned netiquette row in
these end times of Usenet is quaintly entertaining.

[xpost and fup]
--
fold, spindle, mutilate.
Frank Slootweg
2021-05-06 17:49:41 UTC
Permalink
VanguardLH <***@nguard.lh> wrote:
[...]
Post by VanguardLH
I've see Avast users, and other anti-virus program users, that spamify
their Usenet posts (and e-mails). Avast does the same as did/does
Panix: use an invalid sigdash line followed by 1, or more, lines of spam
announcing the users employs Avast.
FYI, AFAICT Avast does no longer generate an invalid sigdash line, but
a valid '-- ' one.

See for example the many posts from 'Boris' (<***@att.net>) in
alt.comp.os.windows-10.

[...]
VanguardLH
2021-05-08 20:40:30 UTC
Permalink
Post by Frank Slootweg
[...]
Post by VanguardLH
I've see Avast users, and other anti-virus program users, that spamify
their Usenet posts (and e-mails). Avast does the same as did/does
Panix: use an invalid sigdash line followed by 1, or more, lines of spam
announcing the users employs Avast.
FYI, AFAICT Avast does no longer generate an invalid sigdash line, but
a valid '-- ' one.
alt.comp.os.windows-10.
[...]
Boris (there's more than one there) does *NOT* add a signature. That's
the username I searched there, because that's the nym you mentioned.
Then I searched that newsgroup on "<***@att.net>", the e-mail
address (in the comment field) you mentioned. That user's nym is Bill,
not Boris.

Bill does have a proper sigdash line in his posts assuming Avast added
the sigblock instead of Bill specifying it as his sig in his client
(Thunderbird) and disabling the spam sigblock in Avast AV's settings.
With the plethora of Avast-related headers, it appears Avast finally got
around to using a valid sigdash line -- after how many years of ignoring
their impoliteness?

Of course, it is still a spam sig, but now clients that hide sigblocks
will work to eliminate Avast's spam postfix. It is still a stupid
statement: oh yes, we all must surely believe a post is clean just
because it says so.



The best solution would be for Bill to configure Avast AV to *not*
postfix its spam sigblock. It makes the poster look ignorant while
enlisting the poster as a voluntary spamming affiliate.

Those that I plonked were those that refused to stop spamming in Usenet.
Even you probably have filters against spammers. When they refused to
reconfigure Avast (and I often gave instructions), they overly chose to
continue spamming, so I hid their posts. They were educated, they
refused, were too lazy, or ignorant in thinking the sigblock magically
made their posts safe, they continued to spam, so those spammers also
got filtered. They choose to spam.

My filters don't plonk those that had invalid sigblocks that spammed
Avast. They were spamming, they were told how to stop it, they didn't,
they continued to spam, so it was the spamming poster that got plonked,
not based on the content of their article. There are posters that also
pretend to help with minimal or irrelevant responses just so they can
spam in their signatures. Their intent is to spam, not to help.
Whatever the cause, I filter out spammers.

That Avast still defaults to opt-out for their sigblock still makes them
rude regarding this behavior. They've been puking out their spam tag in
content NOT owned by them since Dec 2015, or earlier. Nope, it isn't
about the cost of using freeware. Their payware is also misbehaved.

Thanks for the heads up that perhaps Avast stopped using an invalid
sigdash line (although they still spammify, by default). I never
filtered out posts based on signatures (extremely rare they are on-topic
to a discussion), especially since *valid* sigblocks are hidden, by
default, in my client. It's those that [continue to knowingly] spam
that get hidden from my view of Usenet.

Note: If we continue this sigblock spam subthread, I'm tempted to change
the Subject again. First was to address Eli's duplication of my
Keywords header. Now we're into invalid sigblock spam. Probably won't
continue this subthread since I'm not interested in others' opinion of
what constitutes spam or not. My filters, my definition of spam, my
intolerance of spammers, my choice of how I view Usenet.
Miguel Tomar Nogueira
2021-05-09 05:58:29 UTC
Permalink
Post by VanguardLH
The best solution would be for Bill to configure Avast AV to *not*
postfix its spam sigblock. It makes the poster look ignorant while
enlisting the poster as a voluntary spamming affiliate.
...
Post by VanguardLH
My filters don't plonk those that had invalid sigblocks that spammed
Avast. They were spamming, they were told how to stop it, they didn't,
they continued to spam
I remember seeing suggestions that it's not the posters but their VPN
is using Avast and automatically adding those signatures to all
articles/email messages.

Just did some quick googling and it seems that there definitely is
some product called "Avast SecureLine VPN." I'm not going to bother to
check it but it seems that there is a free trial, so anyone can download
it, post to Usenet and see if any unwanted signatures will appear. I
suspect it will happen only in case of unsecured connection.
Frank Slootweg
2021-05-09 17:24:29 UTC
Permalink
VanguardLH <***@nguard.lh> wrote:

[...]
Post by VanguardLH
Boris (there's more than one there) does *NOT* add a signature. That's
the username I searched there, because that's the nym you mentioned.
address (in the comment field) you mentioned. That user's nym is Bill,
not Boris.
Yup. Sorry about that. I indeed meant 'Bill <***@att.net>'.
Probably saw too many Boris postings.

[...]
Eli the Bearded
2021-05-06 18:11:45 UTC
Permalink
Post by VanguardLH
Post by Eli the Bearded
Crossposted and follow-ups set.
FollowUp-To ignored. It is rude to yank away a conversation from other
readers in the original newsgroup to which you posted by redirecting
replies to elsewhere than the original location.
It's rude to post off-topic content in a group. I knew you have posted
to news.software.readers in the past, so it seemed the politer thing to
do.
Post by VanguardLH
Post by Eli the Bearded
Can I ask why? Or what you hope to get out of those keywords?
In addition to the From header, I use both the right token of the
Message-ID and the Keywords headers to make sure anyone that wants to
identify me, even to plonk me, has multiple and stable headers on which
to filter. If they wanted to ensure their filter only targeted me, or
they wanted to ensure a search only showed my posts, and not
Anyone wanting to plonk people should be glad to have a stable
message-id to do so. Message-IDs are in the overview headers, so are
fast to get and filter on. Even better, filterable message IDs mean
you can filter replies easily too, via References. In my case, I
autoselect responses with my qaz.wtf host in References.

Keywords is generally not in overview, you can only use it to filter
after loading all headers or the entire article. For optimization
reasons, I only filter with overview headers.
Post by VanguardLH
While I can select a view that always shows all headers, that is usually
a bunch of noise (as is often the attribution lines where posters think
they have to add lots of duplicated info that is already available in
the headers). I only occasionally look at all headers, so it is
possible that I previously missed someone just copying my Keywords
header into their reply.
I'm having a hard time finding rn code online now, but I'm quite sure
the trn code has done that a long time, and I'm fairly sure the original
rn did it, too. The official trn source is at Sourceforge which does
not, unlike github, allow browsing of the code commit history.
Post by VanguardLH
It was colorized, because it
originated from Panix. So, I looked at the raw source of your message
to see your Keywords header duplicated mine instead of your client
adding its own value. Panix has been ignored-flagged by me ever since
they decided to spamify all posts that originate at them by appending a
deliberately invalid signature (so clients that hide sigs won't work).
I wasn't interested in seeing posts by users of a spamifying Usenet
provider.
I don't believe you. Panix has never "spamif[ied] all posts". Panix
has never forced users to post with a signature nor provided a default
one for users.

Panix is one of the soundest Usenet sites around. It's home to Seth
Breidbart of "Breidbart Index", Mike Godwin of "Godwin's Law", Jesse
Sheidlower author of dictionary _The F Word_ (relevant to your profanity
concerns). Multiple moderated groups are using Panix news servers as
origins. I know comp.risks and rec.humor.oracle, and I think
soc.singles.moderated, sci.space.* and rec.radio.amateur.moderated still
are. I'm also reasonably sure Panix still runs "News Shogun" to
proactively stop spammers, even though the Usenet II experiment it was
created for has long since died:

https://www.panix.com/shogun/

Panix is also not selling itself as a "Usenet provider". Usenet is a
feature available to customers of their shell and virtual hosting
customers. The Panix list of services offered doesn't seem to mention
"Usenet", they call it "netnews".

Elijah
------
owns the domain used in his message IDs
VanguardLH
2021-05-08 21:30:06 UTC
Permalink
Post by Eli the Bearded
I don't believe you. Panix has never "spamif[ied] all posts". Panix
has never forced users to post with a signature nor provided a default
one for users.
Alas, I didn't add timestamps when I added filters to later see how old
they are. Don't care if you don't believe. I judged Panix on what I
saw, and I saw them add an invalid sigblock to spam on submissions to
their service. That's what *I* saw, and that's why I filtered them out.
That was probably many years ago. Perhaps back then they had a free
trial service tier, and submissions using those freebie accounts got
spammified. Some posts got spammified by them, some didn't, so there
was some differentiating factor that triggered the spammification.

Don't care how old is a Usenet provider. When I see it appends an
invalid sigblock that introduces spam (promoting their own service) then
it becomes a spam source. First I colorize in my filters to alert me to
watch some behavior by a poster or provider. After several months, I'll
decide they haven't corrected their behavior, and then add the Ignore
flag to hide those articles in my default "Hide Ignored Messages" view.
That's what happened to AIOE: colorized to monitor them for many months
after getting tired of all the trolls, malcontents, forgers, and other
bad types that were using that *un*registered free Usenet provider. The
owner's claims of abuse terms was unenforceable since no one needed an
account there, and there was no penalty to the trolls because they had
no account to lose even if only to get nuisanced to create another free
account. I grew weary of the same malcontents and uber-boobs at Google
Groups, so they were first to get monitored and eventually filtered out.
Years later I decided to do the same with AIOE.

Recently I changed the AIOE filter to just colorize those posts to
monitor if it is just as bad a troll source as it was before. I've done
the same to my old Panix filter to colorize and monitor if any spam sigs
show up that Panix postfixed to their submissions.

No, I don't create filters because I enjoy doing so, and make them up
for behavior that was never noticed. My Panix filter exists because I
did see Panix spammifying some submissions.

I noticed some of my posts back in 2010 were not filtering out Panix
posters (I replied to Panix posters), but in 2017 I wasn't seeing your
posts through Panix. I've been in Usenet since early 90's, had a haitus
of a few years (got way too busy at work and home construction), and
started again, I think, around 1998 (hard to remember back that far,
especially since Google destroyed their Usenet search). Back then I
used my legal name, but way too many others had the same name, and I
wasn't interested in hiding in a crowd of same-named posters. I went to
my gamer's nym, Vanguard, but hit a newsgroup where someone already used
that nym. To be polite and not impinge on his Usenet identify, I added
the LH postfix. First it was (space)LH, then .LH, then _LH, but
Google's search has always been screwed up by removing non-alphnumeric
characters from search results, so I went to VanguardLH.

If I had timestamped my filters in their comments, I'd know when I saw
Panix started spammifying their submissions. I haven't been using
Dialog since its creation. Years ago I trialed many NNTP clients, and
did several re-trials hunting for an NNTP client that satisfied my
wishlist. Dialog didn't make the cut for many trials, because it was
lacking features. Not until I was willing to delve into scripting
(custom ones that can be added to toolbar buttons, and those that
trigger on message events and client action events) did I choose to
switch to Dialog. There's no way to import filters into Dialog from
whatever I was using back then (Outlook Express + OE_Quotefix, MesNews,
TeraNews, Xnews, old Forte Agent freebies, etc), so all filters in
Dialog were created new when I started using it. Again, Google Groups
sucks as a Usenet archive: when articles get older than some threshold,
the "Show original message" (to look at headers, like User-Agent) is
disabled. No way to use GG to see which NNTP client that I used. I
found find articles dated back to July 2014
(https://groups.google.com/g/news.software.readers/c/Ks2z3I3ADpU/m/7YvzGEi2_QcJ)
where I was asking for help on Dialog. So, sometime in the last 7 years
of using Dialog, I encountered articles submitted through Panix that
were getting spammified with invalid sigblocks added by Panix.

My Panix anti-spam filter was defined new into Dialog sometime in the
last 7 years. How long have you been using Panix?
Eli the Bearded
2021-05-10 02:34:19 UTC
Permalink
Post by VanguardLH
Post by Eli the Bearded
I don't believe you. Panix has never "spamif[ied] all posts". Panix
has never forced users to post with a signature nor provided a default
one for users.
Alas, I didn't add timestamps when I added filters to later see how old
they are. Don't care if you don't believe.
Followed by a wall of text trying to justify yourself. Are you sure
about that?

Elijah
------
happy Panix customer for about twenty four years

Loading...