This post refers: http://al.howardknight.net/?ID=169407187300
=
Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
=
I can't quite work out the path which was actually taken by this post
for it to get to my computer. It's not 'normal'!
Your help would be appreciated. Thanks.
David Brooks <BDB@invalid.invalid.uk> wrote:
And the nymshifter nymshifts again. Updated my Brooks filter.
This post refers: http://al.howardknight.net/?ID=169407187300
=
Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
=
I can't quite work out the path which was actually taken by this post
for it to get to my computer. It's not 'normal'!
Your help would be appreciated. Thanks.
What you can't figure out you did not mention.
Howard Knight does NOT show the full path, especially to themself. They
are not interested in divulging just where is their client node
receiving the peered article perhaps because it changes or they operate
an NNTP farm. HK is operating an archive, not telling you their
position in a peering relationship. This is something you realize after using HK for a few a while. HK used to have a search function, but that
was removed back in 2019, so now you must know the MID for the archived article. HK moved to a different server, and change the server-side scripting (from Perl to PHP).
It's really that tough to figure out the injection node was at Google?
The right-token in the MID header confirms it, too, as well as G2 for
the User-Agent header.
Although I filter out all posts where the injection node shows the post originated from mixmin (aka the "sewer" which THEY have actually called themself in the PATH header), I don't filter out articles peered through them; i.e., injection node (source) is not mixmin, but from somewhere
else that peered through mixmin.
So, just WHAT couldn't you figure out? You'll need to hope someone else responds since I filter out nymshifters, like you.
This post refers: http://al.howardknight.net/?ID=169407187300
=
X-Received: by 2002:a37:66d0:0:b0:6a3:6e94:7794 with SMTP id a199-20020a3766d0000000b006a36e947794mr5782903qkc.526.1653314753859;
Mon, 23 May 2022 07:05:53 -0700 (PDT)
X-Received: by 2002:a9d:5c11:0:b0:60a:fa23:6669 with SMTP id o17-20020a9d5c11000000b0060afa236669mr5005063otk.366.1653314753511; Mon, 23 May 2022 07:05:53 -0700 (PDT)
Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: alt.computer.workshop
Date: Mon, 23 May 2022 07:05:53 -0700 (PDT)
Injection-Info: google-groups.googlegroups.com; posting-host=2603:6080:5501:a86:45c9:7239:7906:e4af;
posting-account=Nxyp_AoAAACGtpU0VyRJoCwoVcxIzSbD
NNTP-Posting-Host: 2603:6080:5501:a86:45c9:7239:7906:e4af
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <d8ad2fa1-7820-4c79-9018-3843a562def8n@googlegroups.com>
Subject: Clam XAV on my brand new Mac
Injection-Date: Mon, 23 May 2022 14:05:53 +0000
Content-Type: text/plain; charset="UTF-8"
Bytes: 1238
Lines: 2
=
I can't quite work out the path which was actually taken by this post for it to get to my computer. It's not 'normal'!
Your help would be appreciated. Thanks.
On 9/8/2023 3:25 AM, David Brooks wrote:
This post refers: http://al.howardknight.net/?ID=169407187300
=
X-Received: by 2002:a37:66d0:0:b0:6a3:6e94:7794 with SMTP id a199-20020a3766d0000000b006a36e947794mr5782903qkc.526.1653314753859;
Mon, 23 May 2022 07:05:53 -0700 (PDT)
X-Received: by 2002:a9d:5c11:0:b0:60a:fa23:6669 with SMTP id
o17-20020a9d5c11000000b0060afa236669mr5005063otk.366.1653314753511; Mon, 23
May 2022 07:05:53 -0700 (PDT)
Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: alt.computer.workshop
Date: Mon, 23 May 2022 07:05:53 -0700 (PDT)
Injection-Info: google-groups.googlegroups.com; posting-host=2603:6080:5501:a86:45c9:7239:7906:e4af;
posting-account=Nxyp_AoAAACGtpU0VyRJoCwoVcxIzSbD
NNTP-Posting-Host: 2603:6080:5501:a86:45c9:7239:7906:e4af
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <d8ad2fa1-7820-4c79-9018-3843a562def8n@googlegroups.com>
Subject: Clam XAV on my brand new Mac
Injection-Date: Mon, 23 May 2022 14:05:53 +0000
Content-Type: text/plain; charset="UTF-8"
Bytes: 1238
Lines: 2
=
I can't quite work out the path which was actually taken by this post for it to get to my computer. It's not 'normal'!
Your help would be appreciated. Thanks.
I checked on another server, and the path looks perfectly normal.
The poster was communicating from GoogleGroups spammer hole.
On 09/09/2023 17:38, Paul wrote:
On 9/8/2023 3:25 AM, David Brooks wrote:
This post refers: http://al.howardknight.net/?ID=169407187300
=
X-Received: by 2002:a37:66d0:0:b0:6a3:6e94:7794 with SMTP id a199-20020a3766d0000000b006a36e947794mr5782903qkc.526.1653314753859;
Mon, 23 May 2022 07:05:53 -0700 (PDT)
X-Received: by 2002:a9d:5c11:0:b0:60a:fa23:6669 with SMTP id
o17-20020a9d5c11000000b0060afa236669mr5005063otk.366.1653314753511; Mon, 23
May 2022 07:05:53 -0700 (PDT)
Path: ...!news.mixmin.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: alt.computer.workshop
Date: Mon, 23 May 2022 07:05:53 -0700 (PDT)
Injection-Info: google-groups.googlegroups.com; posting-host=2603:6080:5501:a86:45c9:7239:7906:e4af;
posting-account=Nxyp_AoAAACGtpU0VyRJoCwoVcxIzSbD
NNTP-Posting-Host: 2603:6080:5501:a86:45c9:7239:7906:e4af
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <d8ad2fa1-7820-4c79-9018-3843a562def8n@googlegroups.com>
Subject: Clam XAV on my brand new Mac
Injection-Date: Mon, 23 May 2022 14:05:53 +0000
Content-Type: text/plain; charset="UTF-8"
Bytes: 1238
Lines: 2
=
I can't quite work out the path which was actually taken by this post for it to get to my computer. It's not 'normal'!
Your help would be appreciated. Thanks.
I checked on another server, and the path looks perfectly normal.
It was most kind of you to check, Paul. Thank you. :-)
The poster was communicating from GoogleGroups spammer hole.
I'm sure you are well aware that Message Headers can be, and often are, forged!
https://flylib.com/books/en/2.57.1.182/1/
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 297 |
Nodes: | 16 (2 / 14) |
Uptime: | 04:14:10 |
Calls: | 6,666 |
Files: | 12,213 |
Messages: | 5,335,875 |