Discussion:
Yay, Altopia is dead ... maybe
(too old to reply)
VanguardLH
2021-04-19 19:48:12 UTC
Permalink
Altopia allows pre-loading of the PATH header. Spammers and malcontents
love this, so they can hide where they injected their turds.

https://www.altopia.com/polfaq.html
Q: What is your policy on Path: pre-loading?
A: If a customer of Altopia performs Path: pre-loading on their Path:
lines with valid (or valid looking) site names before "news.alt.net"
they should end their path-preloading with "news.alt.net", so that it
appears twice and it is obvious the post originated at Altopia.

Oooh, a "should" condition, which means no one has to honor it.
"should" is nothing like "we will actively block the violation".
Nowhere have I ever found a declaration by Altopia that they will
automatically reject submissions with pre-load strings in the PATH
header that are not postfixed with alt.net. Their policy just shakes a
finger at abusive users, but still allows the abuse.

Even if it only looked like an article got peered through alt.net,
malcontents could falsify the PATH header by adding a string and NOT end
it with alt.net, and Altopia would accept the falsified submission.
That is, alt.net would appear in the PATH, but it would look like a
peering node, not the injection node.

Path: ...!news.alt.net!<someOtherNodes>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

All of the marked portion of the above string could be falsified. The
malcontent preloads the indicated portion without appending alt.net, so
the article appears to have been injected elsewhere. This made Altopia
a spam- and malcontent-friendly Usenet provider. Whether PATH showed
the article originated at alt.net (the injection node was alt.net), or
"looked" like it only peered through alt.net (alt.net appears anywhere
within in PATH), the source could not be trusted, so I filtered out all
posts that had alt.net anywhere in the PATH header. They supported
falsification of the injection node which made them an untrusted source.

Don't believe me about the abuse of pre-loading the PATH header? Go
online to search on articles on why preloading is a nasty trick used by
spammers to hide from where they inject their turds.

Do any other Usenet providers allow PATH pre-loading, or is Altopia the
only rogue?

Know of any Usenet providers that accept the client's PATH header as-is
(that is, they let the client specify the PATH header)? My assumption,
validated by many articles, is that each server through which an article
passes is supposed to prepend itself to the PATH header, so the servers
build the PATH header. Any NNTP server that accepts a client-specified
PATH header would violate the PATH header as an info header for routing
information and constitutes complicity to forgery. Pre-loading is also
a violation of that premise and also constitutes forgery.

Altopia says they died; see: https://www.altopia.com/. Well, that's
what they claim. They say they turned off their servers on March 1,
2020. Yet I still see posts that appear to have been peered through
them (not sourced by them) for articles up to April 17. Over a month
and a half of their proclaimed shutdown, alt.net is still appearing in
the PATH header. They allowed their posters to lie regarding the
injection node. Not a huge surprise they're still peering over a month
and a half despite their professed shutdown.
Neodome Admin
2021-04-22 21:51:40 UTC
Permalink
Post by VanguardLH
Altopia says they died; see: https://www.altopia.com/. Well, that's
what they claim. They say they turned off their servers on March 1,
2020. Yet I still see posts that appear to have been peered through
them (not sourced by them) for articles up to April 17. Over a month
and a half of their proclaimed shutdown, alt.net is still appearing in
the PATH header. They allowed their posters to lie regarding the
injection node. Not a huge surprise they're still peering over a month
and a half despite their professed shutdown.
I think netnews.com took over Altopia peering. Apparently it’s a new
commercial binary Usenet provider which is currently in testing. I expect
alt.net to point to netnews.com once they decide to go to production. If
you look at the Path header, you’ll see that in recent articles alt.net is
always surrounded by netnews.com addresses. I suppose those who used to
peer with alt.net will be able to say more if they are not under NDA.

Lately netnews.com increased their peering very significantly. Currently
they are number 1 in the world according to Top1000. Alt.net also jumped
from being number 50 to being number 4. It does not really mean much,
except that you can be sure that they’re passing a lot of articles between
big peers participating in Top1000.

http://top1000.anthologeek.net

I assume it’s a good thing, even for text-only part of Usenet.
--
Neodome
Loading...