1. Forum
  2. Usenet
  3. ALT.COMP.OS.WINDOWS-10

  • Message header query. Can you help me to understand, please?

    From David Brooks@21:1/5 to All on Fri Sep 8 08:25:36 2023
    This post refers: http://al.howardknight.net/?ID=169407187300

    =

    X-Received: by 2002:a37:66d0:0:b0:6a3:6e94:7794 with SMTP id a199-20020a3766d0000000b006a36e947794mr5782903qkc.526.1653314753859;
    Mon, 23 May 2022 07:05:53 -0700 (PDT)
    X-Received: by 2002:a9d:5c11:0:b0:60a:fa23:6669 with SMTP id
    o17-20020a9d5c11000000b0060afa236669mr5005063otk.366.1653314753511;
    Mon, 23
    May 2022 07:05:53 -0700 (PDT)
    Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: alt.computer.workshop
    Date: Mon, 23 May 2022 07:05:53 -0700 (PDT)
    Injection-Info: google-groups.googlegroups.com; posting-host=2603:6080:5501:a86:45c9:7239:7906:e4af;
    posting-account=Nxyp_AoAAACGtpU0VyRJoCwoVcxIzSbD
    NNTP-Posting-Host: 2603:6080:5501:a86:45c9:7239:7906:e4af
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <d8ad2fa1-7820-4c79-9018-3843a562def8n@googlegroups.com>
    Subject: Clam XAV on my brand new Mac
    Injection-Date: Mon, 23 May 2022 14:05:53 +0000
    Content-Type: text/plain; charset="UTF-8"
    Bytes: 1238
    Lines: 2

    =

    I can't quite work out the path which was actually taken by this post
    for it to get to my computer. It's not 'normal'!

    Your help would be appreciated. Thanks.

    --
    David

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From VanguardLH@21:1/5 to David Brooks on Fri Sep 8 03:06:00 2023
    David Brooks <BDB@invalid.invalid.uk> wrote:

    And the nymshifter nymshifts again. Updated my Brooks filter.

    This post refers: http://al.howardknight.net/?ID=169407187300

    =

    Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail

    =

    I can't quite work out the path which was actually taken by this post
    for it to get to my computer. It's not 'normal'!

    Your help would be appreciated. Thanks.

    What you can't figure out you did not mention.

    Howard Knight does NOT show the full path, especially to themself. They
    are not interested in divulging just where is their client node
    receiving the peered article perhaps because it changes or they operate
    an NNTP farm. HK is operating an archive, not telling you their
    position in a peering relationship. This is something you realize after
    using HK for a few a while. HK used to have a search function, but that
    was removed back in 2019, so now you must know the MID for the archived article. HK moved to a different server, and change the server-side
    scripting (from Perl to PHP).

    It's really that tough to figure out the injection node was at Google?
    The right-token in the MID header confirms it, too, as well as G2 for
    the User-Agent header.

    Although I filter out all posts where the injection node shows the post originated from mixmin (aka the "sewer" which THEY have actually called themself in the PATH header), I don't filter out articles peered through
    them; i.e., injection node (source) is not mixmin, but from somewhere
    else that peered through mixmin.

    So, just WHAT couldn't you figure out? You'll need to hope someone else responds since I filter out nymshifters, like you.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From David Brooks@21:1/5 to VanguardLH on Fri Sep 8 23:07:34 2023
    On 08/09/2023 09:06, VanguardLH wrote:
    David Brooks <BDB@invalid.invalid.uk> wrote:

    And the nymshifter nymshifts again. Updated my Brooks filter.

    This post refers: http://al.howardknight.net/?ID=169407187300

    =

    Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail

    =

    I can't quite work out the path which was actually taken by this post
    for it to get to my computer. It's not 'normal'!

    Your help would be appreciated. Thanks.

    What you can't figure out you did not mention.

    Howard Knight does NOT show the full path, especially to themself. They
    are not interested in divulging just where is their client node
    receiving the peered article perhaps because it changes or they operate
    an NNTP farm. HK is operating an archive, not telling you their
    position in a peering relationship. This is something you realize after using HK for a few a while. HK used to have a search function, but that
    was removed back in 2019, so now you must know the MID for the archived article. HK moved to a different server, and change the server-side scripting (from Perl to PHP).

    It's really that tough to figure out the injection node was at Google?
    The right-token in the MID header confirms it, too, as well as G2 for
    the User-Agent header.

    Although I filter out all posts where the injection node shows the post originated from mixmin (aka the "sewer" which THEY have actually called themself in the PATH header), I don't filter out articles peered through them; i.e., injection node (source) is not mixmin, but from somewhere
    else that peered through mixmin.

    So, just WHAT couldn't you figure out? You'll need to hope someone else responds since I filter out nymshifters, like you.


    Thank you for your kind and helpful words, VLH! :-D

    --
    David

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Paul@21:1/5 to David Brooks on Sat Sep 9 12:38:03 2023
    On 9/8/2023 3:25 AM, David Brooks wrote:
    This post refers: http://al.howardknight.net/?ID=169407187300

    =

    X-Received: by 2002:a37:66d0:0:b0:6a3:6e94:7794 with SMTP id a199-20020a3766d0000000b006a36e947794mr5782903qkc.526.1653314753859;
            Mon, 23 May 2022 07:05:53 -0700 (PDT)
    X-Received: by 2002:a9d:5c11:0:b0:60a:fa23:6669 with SMTP id  o17-20020a9d5c11000000b0060afa236669mr5005063otk.366.1653314753511; Mon, 23  May 2022 07:05:53 -0700 (PDT)
    Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: alt.computer.workshop
    Date: Mon, 23 May 2022 07:05:53 -0700 (PDT)
    Injection-Info: google-groups.googlegroups.com; posting-host=2603:6080:5501:a86:45c9:7239:7906:e4af;
     posting-account=Nxyp_AoAAACGtpU0VyRJoCwoVcxIzSbD
    NNTP-Posting-Host: 2603:6080:5501:a86:45c9:7239:7906:e4af
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <d8ad2fa1-7820-4c79-9018-3843a562def8n@googlegroups.com>
    Subject: Clam XAV on my brand new Mac
    Injection-Date: Mon, 23 May 2022 14:05:53 +0000
    Content-Type: text/plain; charset="UTF-8"
    Bytes: 1238
    Lines: 2

    =

    I can't quite work out the path which was actually taken by this post for it to get to my computer. It's not 'normal'!

    Your help would be appreciated. Thanks.


    I checked on another server, and the path looks perfectly normal.

    The poster was communicating from GoogleGroups spammer hole.

    Paul

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From David Brooks@21:1/5 to Paul on Sat Sep 9 23:51:51 2023
    On 09/09/2023 17:38, Paul wrote:
    On 9/8/2023 3:25 AM, David Brooks wrote:
    This post refers: http://al.howardknight.net/?ID=169407187300

    =

    X-Received: by 2002:a37:66d0:0:b0:6a3:6e94:7794 with SMTP id a199-20020a3766d0000000b006a36e947794mr5782903qkc.526.1653314753859;
            Mon, 23 May 2022 07:05:53 -0700 (PDT)
    X-Received: by 2002:a9d:5c11:0:b0:60a:fa23:6669 with SMTP id
     o17-20020a9d5c11000000b0060afa236669mr5005063otk.366.1653314753511; Mon, 23
     May 2022 07:05:53 -0700 (PDT)
    Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: alt.computer.workshop
    Date: Mon, 23 May 2022 07:05:53 -0700 (PDT)
    Injection-Info: google-groups.googlegroups.com; posting-host=2603:6080:5501:a86:45c9:7239:7906:e4af;
     posting-account=Nxyp_AoAAACGtpU0VyRJoCwoVcxIzSbD
    NNTP-Posting-Host: 2603:6080:5501:a86:45c9:7239:7906:e4af
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <d8ad2fa1-7820-4c79-9018-3843a562def8n@googlegroups.com>
    Subject: Clam XAV on my brand new Mac
    Injection-Date: Mon, 23 May 2022 14:05:53 +0000
    Content-Type: text/plain; charset="UTF-8"
    Bytes: 1238
    Lines: 2

    =

    I can't quite work out the path which was actually taken by this post for it to get to my computer. It's not 'normal'!

    Your help would be appreciated. Thanks.


    I checked on another server, and the path looks perfectly normal.

    It was most kind of you to check, Paul. Thank you. :-)

    The poster was communicating from GoogleGroups spammer hole.

    I'm sure you are well aware that Message Headers can be, and often are,
    forged!
    https://flylib.com/books/en/2.57.1.182/1/

    --
    David

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Paul@21:1/5 to David Brooks on Sat Sep 9 20:00:21 2023
    On 9/9/2023 6:51 PM, David Brooks wrote:
    On 09/09/2023 17:38, Paul wrote:
    On 9/8/2023 3:25 AM, David Brooks wrote:
    This post refers: http://al.howardknight.net/?ID=169407187300

    =

    X-Received: by 2002:a37:66d0:0:b0:6a3:6e94:7794 with SMTP id a199-20020a3766d0000000b006a36e947794mr5782903qkc.526.1653314753859;
             Mon, 23 May 2022 07:05:53 -0700 (PDT)
    X-Received: by 2002:a9d:5c11:0:b0:60a:fa23:6669 with SMTP id
      o17-20020a9d5c11000000b0060afa236669mr5005063otk.366.1653314753511; Mon, 23
      May 2022 07:05:53 -0700 (PDT)
    Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: alt.computer.workshop
    Date: Mon, 23 May 2022 07:05:53 -0700 (PDT)
    Injection-Info: google-groups.googlegroups.com; posting-host=2603:6080:5501:a86:45c9:7239:7906:e4af;
      posting-account=Nxyp_AoAAACGtpU0VyRJoCwoVcxIzSbD
    NNTP-Posting-Host: 2603:6080:5501:a86:45c9:7239:7906:e4af
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <d8ad2fa1-7820-4c79-9018-3843a562def8n@googlegroups.com>
    Subject: Clam XAV on my brand new Mac
    Injection-Date: Mon, 23 May 2022 14:05:53 +0000
    Content-Type: text/plain; charset="UTF-8"
    Bytes: 1238
    Lines: 2

    =

    I can't quite work out the path which was actually taken by this post for it to get to my computer. It's not 'normal'!

    Your help would be appreciated. Thanks.


    I checked on another server, and the path looks perfectly normal.

    It was most kind of you to check, Paul. Thank you. :-)

    The poster was communicating from GoogleGroups spammer hole.

    I'm sure you are well aware that Message Headers can be, and often are, forged!
    https://flylib.com/books/en/2.57.1.182/1/

    Why do you think all that drug-spam comes from Google Groups ???

    It's the perfect place to post from. Just use a throw-away GMail account.

    There's a trick, so that people can't even report you for abuse.

    It's the perfect haven.

    Paul

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)