• Who is peering all these spams ostensibly from Google Groups?

    From Wally J@21:1/5 to All on Sun Dec 3 16:10:07 2023
    XPost: news.software.nntp

    Who is peering all these spams ostensibly from Google Groups?
    <http://groups.google.com/g/comp.mobile.android>

    In the past few weeks, what I'll call "indonesian" spam has been
    increasing but not to the level of this "movie" spam which is now
    hundreds per day (at least it is on the Android newsgroup).

    While the headers look like they're coming from Google Groups,
    I'm aware that headers could be forged such that it could be
    coming from a rogue nntp server sending all this spam.

    But then why are the reputable nntp news server admins peering
    these spams?

    I realize every line in the header can be spoofed (even the
    path can have information injected into it), but I don't know
    how to read headers well.

    Is there any way to tell from the header who is peering them.
    To help you answer this question, below are just 3 random spams.

    ========< cut here for random spams >========
    X-Received: by 2002:a0c:ed31:0:b0:67a:b50a:cf46 with SMTP id u17-20020a0ced31000000b0067ab50acf46mr63374qvq.7.1701623906718; Sun, 03 Dec 2023 09:18:26 -0800 (PST)
    X-Received: by 2002:a05:6870:f293:b0:1fb:2688:896e with SMTP id u19-20020a056870f29300b001fb2688896emr1145397oap.8.1701623906460; Sun, 03 Dec 2023 09:18:26 -0800 (PST)
    Path: .!weretis.net!feeder8.news.weretis.net!3.eu.feeder.erje.net!3.us.feeder.erje.net!feeder.erje.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!
    nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: comp.mobile.android
    Date: Sun, 3 Dec 2023 09:18:26 -0800 (PST)
    Injection-Info: google-groups.googlegroups.com; posting-host=202.46.68.61; posting-account=FDFpwAkAAAAzh5Zwwcosm-KBqOzgWZ4S
    NNTP-Posting-Host: 202.46.68.61
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <d2da9b7d-4ac6-43dc-80e3-18962e6ccd5fn@googlegroups.com>
    Subject: [.WATCH.] Renaissance: A Film By Beyonc Watch (FullMovie) Free Online ON STREAMINGS
    From: Atto Lorse <attolorse@gmail.com>
    Injection-Date: Sun, 03 Dec 2023 17:18:26 +0000
    Content-Type: text/plain; charset="UTF-8"
    Content-Transfer-Encoding: quoted-printable
    X-Received-Bytes: 3761
    Xref: . comp.mobile.android:110200
    ========< cut here for random spams >========
    X-Received: by 2002:a05:6214:1fc4:b0:67a:262e:35b5 with SMTP id jh4-20020a0562141fc400b0067a262e35b5mr642984qvb.9.1701622417293; Sun, 03 Dec 2023 08:53:37 -0800 (PST)
    X-Received: by 2002:a9d:5cc6:0:b0:6d8:1345:7de4 with SMTP id r6-20020a9d5cc6000000b006d813457de4mr1630461oti.7.1701622417090; Sun, 03 Dec 2023 08:53:37 -0800 (PST)
    Path: .!weretis.net!feeder8.news.weretis.net!3.eu.feeder.erje.net!1.us.feeder.erje.net!feeder.erje.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!
    nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: comp.mobile.android
    Date: Sun, 3 Dec 2023 08:53:36 -0800 (PST)
    In-Reply-To: <f5e007ca-f669-4d58-9112-f36f426aead5n@googlegroups.com>
    Injection-Info: google-groups.googlegroups.com; posting-host=118.179.109.17; posting-account=cd0JhgoAAACShHBEpPkoEjnWjSQ47bCx
    NNTP-Posting-Host: 118.179.109.17
    References: <f5e007ca-f669-4d58-9112-f36f426aead5n@googlegroups.com>
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <f09f38dc-333c-4e8a-81b0-d4d63760088bn@googlegroups.com>
    Subject: Re: [.WATCH.] It Came from Dimension X Watch (.FullMovie.) Free Online On STREAMINGS
    From: Derrick Matthews <derrickmatthews946@gmail.com>
    Injection-Date: Sun, 03 Dec 2023 16:53:37 +0000
    Content-Type: text/plain; charset="UTF-8"
    Content-Transfer-Encoding: quoted-printable
    X-Received-Bytes: 5359
    Xref: . comp.mobile.android:110194
    ========< cut here for random spams >========
    X-Received: by 2002:a05:622a:103:b0:423:72a5:a7da with SMTP id u3-20020a05622a010300b0042372a5a7damr969557qtw.8.1701624819984; Sun, 03 Dec 2023 09:33:39 -0800 (PST)
    X-Received: by 2002:a9d:6a8f:0:b0:6d8:8052:2ec8 with SMTP id l15-20020a9d6a8f000000b006d880522ec8mr627917otq.2.1701624819695; Sun, 03 Dec 2023 09:33:39 -0800 (PST)
    Path: .!news2.arglkargh.de!2.eu.feeder.erje.net!1.us.feeder.erje.net!feeder.erje.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.google.com!
    postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: comp.mobile.android
    Date: Sun, 3 Dec 2023 09:33:39 -0800 (PST)
    Injection-Info: google-groups.googlegroups.com; posting-host=93.177.75.198; posting-account=IjNbuAoAAADuPrioAyFILqIJ1RQ_HnG8
    NNTP-Posting-Host: 93.177.75.198
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <fa356544-c7a3-4d01-bb73-58212af853b1n@googlegroups.com>
    Subject: **Wish 2023 free '.Fullmovie.' Online English HD 720p, 480p
    From: Raden Surya Sigadiraja <radensuryasigadiraja@gmail.com>
    Injection-Date: Sun, 03 Dec 2023 17:33:39 +0000
    Content-Type: text/plain; charset="UTF-8"
    Content-Transfer-Encoding: quoted-printable
    X-Received-Bytes: 16654
    Xref: . comp.mobile.android:110202
    --
    TIA

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to walterjones@invalid.nospam on Sun Dec 3 20:11:45 2023
    XPost: news.software.nntp

    In article <ukinav$m4i7$1@paganini.bofh.team>,
    Wally J <walterjones@invalid.nospam> wrote:
    Who is peering all these spams ostensibly from Google Groups?
    <http://groups.google.com/g/comp.mobile.android>

    In the past few weeks, what I'll call "indonesian" spam has been
    increasing but not to the level of this "movie" spam which is now
    hundreds per day (at least it is on the Android newsgroup).

    While the headers look like they're coming from Google Groups,
    I'm aware that headers could be forged such that it could be
    coming from a rogue nntp server sending all this spam.

    But then why are the reputable nntp news server admins peering
    these spams?

    I realize every line in the header can be spoofed (even the
    path can have information injected into it), but I don't know
    how to read headers well.

    Is there any way to tell from the header who is peering them.
    To help you answer this question, below are just 3 random spams.

    ========< cut here for random spams >========
    X-Received: by 2002:a0c:ed31:0:b0:67a:b50a:cf46 with SMTP id
    u17-20020a0ced31000000b0067ab50acf46mr63374qvq.7.1701623906718; Sun, 03
    Dec 2023 09:18:26 -0800 (PST)
    X-Received: by 2002:a05:6870:f293:b0:1fb:2688:896e with SMTP id
    u19-20020a056870f29300b001fb2688896emr1145397oap.8.1701623906460; Sun,
    03 Dec 2023 09:18:26 -0800 (PST)
    Path:
    .!weretis.net!feeder8.news.weretis.net!3.eu.feeder.erje.net!3.us.feeder.erje.net!feeder.erje.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.
    google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: comp.mobile.android
    Date: Sun, 3 Dec 2023 09:18:26 -0800 (PST)
    Injection-Info: google-groups.googlegroups.com;
    posting-host=202.46.68.61;
    posting-account=FDFpwAkAAAAzh5Zwwcosm-KBqOzgWZ4S
    NNTP-Posting-Host: 202.46.68.61
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <d2da9b7d-4ac6-43dc-80e3-18962e6ccd5fn@googlegroups.com>
    Subject: [.WATCH.] Renaissance: A Film By Beyonc Watch (FullMovie)
    Free Online ON STREAMINGS
    From: Atto Lorse <attolorse@gmail.com>
    Injection-Date: Sun, 03 Dec 2023 17:18:26 +0000
    Content-Type: text/plain; charset="UTF-8"
    Content-Transfer-Encoding: quoted-printable
    X-Received-Bytes: 3761
    Xref: . comp.mobile.android:110200
    ========< cut here for random spams >========
    X-Received: by 2002:a05:6214:1fc4:b0:67a:262e:35b5 with SMTP id
    jh4-20020a0562141fc400b0067a262e35b5mr642984qvb.9.1701622417293; Sun, 03
    Dec 2023 08:53:37 -0800 (PST)
    X-Received: by 2002:a9d:5cc6:0:b0:6d8:1345:7de4 with SMTP id
    r6-20020a9d5cc6000000b006d813457de4mr1630461oti.7.1701622417090; Sun, 03
    Dec 2023 08:53:37 -0800 (PST)
    Path:
    .!weretis.net!feeder8.news.weretis.net!3.eu.feeder.erje.net!1.us.feeder.erje.net!feeder.erje.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.
    google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: comp.mobile.android
    Date: Sun, 3 Dec 2023 08:53:36 -0800 (PST)
    In-Reply-To: <f5e007ca-f669-4d58-9112-f36f426aead5n@googlegroups.com> Injection-Info: google-groups.googlegroups.com;
    posting-host=118.179.109.17;
    posting-account=cd0JhgoAAACShHBEpPkoEjnWjSQ47bCx
    NNTP-Posting-Host: 118.179.109.17
    References: <f5e007ca-f669-4d58-9112-f36f426aead5n@googlegroups.com> User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <f09f38dc-333c-4e8a-81b0-d4d63760088bn@googlegroups.com>
    Subject: Re: [.WATCH.] It Came from Dimension X Watch (.FullMovie.)
    Free Online On STREAMINGS
    From: Derrick Matthews <derrickmatthews946@gmail.com>
    Injection-Date: Sun, 03 Dec 2023 16:53:37 +0000
    Content-Type: text/plain; charset="UTF-8"
    Content-Transfer-Encoding: quoted-printable
    X-Received-Bytes: 5359
    Xref: . comp.mobile.android:110194
    ========< cut here for random spams >========
    X-Received: by 2002:a05:622a:103:b0:423:72a5:a7da with SMTP id
    u3-20020a05622a010300b0042372a5a7damr969557qtw.8.1701624819984; Sun, 03
    Dec 2023 09:33:39 -0800 (PST)
    X-Received: by 2002:a9d:6a8f:0:b0:6d8:8052:2ec8 with SMTP id
    l15-20020a9d6a8f000000b006d880522ec8mr627917otq.2.1701624819695; Sun, 03
    Dec 2023 09:33:39 -0800 (PST)
    Path:
    .!news2.arglkargh.de!2.eu.feeder.erje.net!1.us.feeder.erje.net!feeder.erje.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.google.com!postnews.
    google.com!google-groups.googlegroups.com!not-for-mail
    Newsgroups: comp.mobile.android
    Date: Sun, 3 Dec 2023 09:33:39 -0800 (PST)
    Injection-Info: google-groups.googlegroups.com;
    posting-host=93.177.75.198;
    posting-account=IjNbuAoAAADuPrioAyFILqIJ1RQ_HnG8
    NNTP-Posting-Host: 93.177.75.198
    User-Agent: G2/1.0
    MIME-Version: 1.0
    Message-ID: <fa356544-c7a3-4d01-bb73-58212af853b1n@googlegroups.com>
    Subject: **Wish 2023 free '.Fullmovie.' Online English HD 720p, 480p
    From: Raden Surya Sigadiraja <radensuryasigadiraja@gmail.com>
    Injection-Date: Sun, 03 Dec 2023 17:33:39 +0000
    Content-Type: text/plain; charset="UTF-8"
    Content-Transfer-Encoding: quoted-printable
    X-Received-Bytes: 16654
    Xref: . comp.mobile.android:110202
    --
    TIA

    More reason to depeer Google GRoups now!
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to The Doctor on Sun Dec 3 16:29:06 2023
    XPost: news.software.nntp

    The Doctor <doctor@doctor.nl2k.ab.ca> wrote

    More reason to depeer Google GRoups now!

    I don't know what "depeer" means, but I suspect it means to nuke it.
    Sometimes nuking is appropriate. Most of the time it's too drastic.

    Cutting out this spam should be as easy as not peering it - should it not?
    <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    I'm not for knee-jerk reactions, but targeted surgical strikes.
    Maybe the problem is a single reliable news server is peering this spam?

    But I don't know enough about headers to determine who is peering it.
    I can read the path but I know the path can have injected components.

    For example, I'm assuming that none of this spam actually is coming from
    google posters - I'm assuming it's all coming from a roge nntp server who
    is impersonating a google groups poster.

    How can we tell who peered it first from the originating rouge nntp server?

    Here's a thread which brought up the subject where each recipient has to
    figure out on his own newsreader how to nuke this spam which purports to
    come from Google Groups (I suspect it comes from a rogue
    Like this thread, posted today, trying to solve this exact problem.
    <https://groups.google.com/g/comp.mobile.android/c/CvM86LHCHh4>

    The only reason I doubt this spam is coming from google users is Google
    would put a stop to this - but it's been happening for weeks on end.

    So I 'suspect' that it's coming from a rogue nntp news server.
    Which is why I'm asking the question that I'm asking.

    Who is peering all these spams ostensibly from Google Groups?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Sun Dec 3 14:36:10 2023
    XPost: news.software.nntp

    On 12/3/23 14:29, Wally J wrote:
    I don't know what "depeer" means, but I suspect it means to nuke it.

    Depeering means to no longer carry any articles from a news server.

    Sometimes nuking is appropriate. Most of the time it's too drastic.

    Cutting out this spam should be as easy as not peering it - should it not?

    It's relatively easy to filter out /everything/ from Google.

    It's much Much MUCH more difficult to filter /some/ /but/ /not/ /all/
    from Google.

    For example, I'm assuming that none of this spam actually is coming from google posters - I'm assuming it's all coming from a roge nntp server who
    is impersonating a google groups poster.

    Every single one that I've looked at the message /has/ /in/ /fact/
    originated from Google and been sent out to Usenet at large.

    How can we tell who peered it first from the originating rouge nntp server?

    Google is the rogue NNTP server that is the source of the spam.

    Here's a thread which brought up the subject where each recipient has to figure out on his own newsreader how to nuke this spam which purports to
    come from Google Groups (I suspect it comes from a rogue

    You suppose wrong.

    The spam /is/ originating from Google.

    The only reason I doubt this spam is coming from google users is Google
    would put a stop to this - but it's been happening for weeks on end.

    HA! If only.

    Google is an extremely bad for Usenet and an even worse steward for the Dejanews archive.

    So I 'suspect' that it's coming from a rogue nntp news server.

    You suspect wrong.

    Which is why I'm asking the question that I'm asking.

    Who is peering all these spams ostensibly from Google Groups?

    Look at the Path: headers to answer your own questions.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Moock@21:1/5 to All on Sun Dec 3 21:44:00 2023
    XPost: news.software.nntp

    Am 03.12.2023 um 16:29:06 Uhr schrieb Wally J:

    The Doctor <doctor@doctor.nl2k.ab.ca> wrote

    More reason to depeer Google GRoups now!

    I don't know what "depeer" means, but I suspect it means to nuke it. Sometimes nuking is appropriate. Most of the time it's too drastic.

    Removing the peering to google groups. Only server that currently peer
    can do that.
    If all of them removed the peering, post can't go from GG to other
    servers and vice-versa.

    Cutting out this spam should be as easy as not peering it - should it
    not? <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    It is possible to filter for injection-info.
    Google Groups places a correct header and the path also matches that.

    I'm not for knee-jerk reactions, but targeted surgical strikes.
    Maybe the problem is a single reliable news server is peering this
    spam?

    No, the problem is Google because Google doesn't stop people from
    abusing their services.

    But I don't know enough about headers to determine who is peering it.
    I can read the path but I know the path can have injected components.

    Forging a path is possible, but rather unlikely.
    Direct peers of GG can confirm that the path isn't forged.

    For example, I'm assuming that none of this spam actually is coming
    from google posters - I'm assuming it's all coming from a roge nntp
    server who is impersonating a google groups poster.

    Wrong summption.

    How can we tell who peered it first from the originating rouge nntp
    server?

    You can find who peers if you write a script and extract the patrh
    header and extract only the servers that are left of the googel groups
    part.

    Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!eternal-september.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!nntp.
    google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail


    E.g. news.highwinds-media.com peer with Google.

    The only reason I doubt this spam is coming from google users is
    Google would put a stop to this - but it's been happening for weeks
    on end.

    No, Google doesn't care about it. They also don't care about spam on
    their web services nor abuse from their IP ranges hosted for others.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Sun Dec 3 14:30:28 2023
    XPost: news.software.nntp

    On 12/3/23 14:10, Wally J wrote:
    Who is peering all these spams ostensibly from Google Groups?

    Ostensibly any news master that is not filtering Google Groups carte
    blanch is peering / feeding these articles. Few are directly peered
    with Google, more are downstream peers.



    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From candycanearter07@21:1/5 to Grant Taylor on Sun Dec 3 14:40:11 2023
    XPost: news.software.nntp

    On 12/3/23 14:36, Grant Taylor wrote:
    On 12/3/23 14:29, Wally J wrote:
    I don't know what "depeer" means, but I suspect it means to nuke it.

    Depeering means to no longer carry any articles from a news server.

    Sometimes nuking is appropriate. Most of the time it's too drastic.

    Cutting out this spam should be as easy as not peering it - should it
    not?

    It's relatively easy to filter out /everything/ from Google.

    It's much Much MUCH more difficult to filter /some/ /but/ /not/ /all/
    from Google.

    Yeah. I just filter everything from Google.
    --
    user <candycane> is generated from /dev/urandom

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Sun Dec 3 19:07:57 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    I don't know what "depeer" means, but I suspect it means to nuke it.

    Depeering means to no longer carry any articles from a news server.

    Hi Grant,

    Oh. DE-PEER! Duh. Sorry. I never heard the term before but I should have
    been able to figure it out on my own. Thanks for being nice about my faux
    pas. It was stupid of me to not realize that's what it had meant.

    Especially since that was my whole point.

    How do you de-peer the spams (which I suspect are not coming from Google).
    <https://groups.google.com/g/comp.mobile.android>
    (EDIT: I see below that you suspect they _are_ coming from Google though.)

    There are hundreds just today alone that anyone can see are clearly spam.
    <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    Sometimes nuking is appropriate. Most of the time it's too drastic.

    Cutting out this spam should be as easy as not peering it - should it not?

    It's relatively easy to filter out /everything/ from Google.

    I am almost 86 so I lived through the days when we'd complain to a host
    admin that someone spammed us once in a month or two, and then I lived
    through making my own procmail filters on SunOS, so I'm familiar with the
    fact that it's just plain stupid to filter out everything from Google.

    People do it all the time.
    But only stupid people do it.

    A smart admin would have a smarter filter than "everything".
    Worse....

    I suspect NONE of this spam is actually coming from Google anyway.
    (But I just saw below that you suspect they _are_ coming from Google.)

    For a filter, it's the same thing of course, but isn't it different to an
    nntp server who can tell where it's coming from better than I can tell?

    It's much Much MUCH more difficult to filter /some/ /but/ /not/ /all/
    from Google.

    I'm sure that's why they seem to be changing up the subject, headers, from, injection information, etc. in those headers.

    I'm almost certain (based on the modus operandi) that NONE of them are
    actually coming from Google servers but I saw below that you're sure they
    are, so I'd just ask how you know since almost everything in the header can
    be forged (as far as I know) except for the final path in the header.

    For example, I'm assuming that none of this spam actually is coming from
    google posters - I'm assuming it's all coming from a roge nntp server who
    is impersonating a google groups poster.

    Every single one that I've looked at the message /has/ /in/ /fact/
    originated from Google and been sent out to Usenet at large.

    Oh. Really? I didn't see this until now. I was pretty sure none was coming
    from Google simply because they'd put a stop to abuse pretty quickly you'd think. And this is clearly abuse.

    Is there a way (that works) to _complain_ to Google about it?
    Maybe they care?

    How can we tell who peered it first from the originating rouge nntp server?

    Google is the rogue NNTP server that is the source of the spam.

    I understand belatedly that you believe that - but how can you tell?
    I can't tell.

    Sure the message-ID is an indication.
    And the newsreader. But that can be forged.

    About the only thing that can't be forged are sections of the path.
    But they can 'inject' stuff into the path that is meaningless.

    So how do you know that it's really coming from Google servers?
    (I strongly suspect it is not for the reasons I already stated.)

    We have to confirm if it's coming from Google because the solution then is
    at Google whereas if they're just spoofing Google, the solution is
    elsewhere.


    Here's a thread which brought up the subject where each recipient has to
    figure out on his own newsreader how to nuke this spam which purports to
    come from Google Groups (I suspect it comes from a rogue

    You suppose wrong.

    The spam /is/ originating from Google.

    By now I see that you feel strongly it's coming from Google.
    But how do you know?

    And more importantly, how does "de-peering" happen so that it stops?

    The only reason I doubt this spam is coming from google users is Google
    would put a stop to this - but it's been happening for weeks on end.

    HA! If only.

    Google is an extremely bad for Usenet and an even worse steward for the Dejanews archive.

    I lived through DejaNews so I'm aware of what you say, and I certainly know
    a google search on the real google.com is different in functionality than a search on http://groups.google.com/g/<put.name.of.usenet.group.here> but at least DejaGoogle exists.

    I use it only for a lookup/search/reference engine, which it's very good at
    but I wouldn't even think of posting using Google Groups for all the
    reasons that nobody would be caught dead using AOL in the olden days.

    So I 'suspect' that it's coming from a rogue nntp news server.

    You suspect wrong.

    OK. So you think it's coming from Google. And that means Google either
    doesn't know about it - or - Google isn't doing anything about it.

    Is there any way to "complain" to Google to figure out which it is?


    Which is why I'm asking the question that I'm asking.

    Who is peering all these spams ostensibly from Google Groups?

    Look at the Path: headers to answer your own questions.

    The PATH (read right to left of course) isn't meaningful when anyone clever
    can inject components into it.

    I don't know what portion of the path is inviolable though.
    Do you?

    Assuming they're injecting into the path, what part of the path in the previously listed spams do you think are actually real?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Tom Furie@21:1/5 to Wally J on Sun Dec 3 23:30:43 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> writes:

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    Google is the rogue NNTP server that is the source of the spam.

    I understand belatedly that you believe that - but how can you tell?
    I can't tell.

    About the only thing that can't be forged are sections of the path.
    But they can 'inject' stuff into the path that is meaningless.

    So how do you know that it's really coming from Google servers?
    (I strongly suspect it is not for the reasons I already stated.)

    Look at the Path: headers to answer your own questions.

    The PATH (read right to left of course) isn't meaningful when anyone clever can inject components into it.

    I don't know what portion of the path is inviolable though.
    Do you?

    Assuming they're injecting into the path, what part of the path in the previously listed spams do you think are actually real?

    Look at the path on a random sampling of posts, they will likely come
    into your news server from a variety of its peers. Look to see where the
    path reconverges...

    Are these "Google impersonators" going to go to the effort of spoofing
    that many differing path components?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Wally J on Mon Dec 4 00:45:29 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> wrote

    What I'll do in a subsequent post is see if I can add that one line
    to my header - and if I can - which I suspect I can - it's not reliable.

    OK. I tried with a couple of news servers (Ivo's & Ray's).

    I set the "injection-info" header to this (from the spam).
    Add_Headers = Injection-Info: google-groups.googlegroups.com; posting-host=202.46.68.61; posting-account=FDFpwAkAAAAzh5Zwwcosm-KBqOzgWZ4S

    Both servers the error below (which you knew but I did not).
    "Posting article failed: Can't set system Injection-Info: header

    Unless there's a compliant nntp server, I'll accept that the
    Injection-Info header can't be (trivially easily) forged.

    At least not with a simple "telnet newsserver 119" session.

    Thanks for letting me know I can filter on that line.
    But this is best taken up with the powers that be in this order.

    1. Google
    2. Peers
    3. Users

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Tom Furie on Mon Dec 4 01:07:25 2023
    XPost: news.software.nntp

    Tom Furie <tom@furie.org.uk> wrote

    Assuming they're injecting into the path, what part of the path in the
    previously listed spams do you think are actually real?

    Look at the path on a random sampling of posts, they will likely come
    into your news server from a variety of its peers. Look to see where the
    path reconverges...

    Are these "Google impersonators" going to go to the effort of spoofing
    that many differing path components?

    OK. Sorry for being dense. I am way behind but trying to catch up.

    The solution can only be in this order (as far as I can tell).
    1. Google
    2. Peers
    3. Users

    I'm probably with most of you that nothing good ever came out of
    a google groups post to Usenet so working backward, the users
    can all filter on the system "Injection-Info: header" (which
    moments ago I tried to spoof but Wolfgan'gs and Gondalfo's server
    prevented that (as they should).

    I'm wary that they can set up their own rogue server to allow
    spoofing of that header but then I defer to your experience
    and your sensible logic above that they'd have to fool peers.

    So I'll belatedly accept Google is letting this happen.
    With that in mind, I'm willing to "complain" to google.

    But of course, I don't have any special connections other than
    I live close to Mountainview and some of my buddies used to work there.

    The two questions would be to ask:
    a. Who wants to try to complain to Google (I'll try), and,
    b. Who can get a hold of the highwinds server (they suck).

    Note that I don't think either will be all that fruitful.
    But I wonder if it's only highwinds that sucks (I've dealt
    with them in the past and they just ignored everything).

    Other than having every user filter out a google injection info,
    what else can we do to stop these hundreds of spams daily?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Marco Moock on Sun Dec 3 19:33:38 2023
    XPost: news.software.nntp

    Marco Moock <mm+usenet-es@dorfdsl.de> wrote

    Removing the peering to google groups. Only server that currently peer
    can do that.
    If all of them removed the peering, post can't go from GG to other
    servers and vice-versa.

    OK. Grant also said the spam is really coming from Google servers, which is disappointing at best, and almost criminal at worst - but it is what it is.

    Certainly we can all blindly filter out EVERYTHING from Google Groups.
    And maybe that's what we'll have to do as I don't think I've ever seen a
    Usenet post from a Google Groups' poster that held any pertinent value.

    But before I do that, I still think there must be a better way, where what
    some people do on c.m.a is check a whitelist and then plonk if not in it.

    But that's gonna be newsreader-specific code (unlike procmail was).

    Cutting out this spam should be as easy as not peering it - should it
    not? <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    It is possible to filter for injection-info.
    Google Groups places a correct header and the path also matches that.

    Hmmmmm.... The purpose of this thread wasn't to create my own filter (as I could always have done that) but let me look at the injection information.

    Previous Spam 1:
    Injection-Info: google-groups.googlegroups.com; posting-host=202.46.68.61; posting-account=FDFpwAkAAAAzh5Zwwcosm-KBqOzgWZ4S

    Previous Spam 2:
    Injection-Info: google-groups.googlegroups.com; posting-host=118.179.109.17; posting-account=cd0JhgoAAACShHBEpPkoEjnWjSQ47bCx

    Previous Spam 3:
    Injection-Info: google-groups.googlegroups.com; posting-host=93.177.75.198; posting-account=IjNbuAoAAADuPrioAyFILqIJ1RQ_HnG8

    If that's not spoofed, then the only thing I'd need is to filter
    out anything with "google-groups.googlegroups.com" if it's real.

    What I'll do in a subsequent post is see if I can add that one line
    to my header - and if I can - which I suspect I can - it's not reliable.

    But maybe I can't. I don't know. I'm not all that clever.
    But I know how to use Telnet so I can try it. Later.

    Even so, any of us can filter it out but the problem is at the
    peering, so now I understand the suggestion of "de-peering" better!


    I'm not for knee-jerk reactions, but targeted surgical strikes.
    Maybe the problem is a single reliable news server is peering this
    spam?

    No, the problem is Google because Google doesn't stop people from
    abusing their services.

    Got it.
    If that's the case, then there are only three possible solutions:
    a. Solve it at Google
    b. Solve it at the peering level
    c. Solve it as the user level

    One by one, that's what I will try to do, where you can help (royal you)
    by letting me know if there is a way to complain to Google about it.

    But I don't know enough about headers to determine who is peering it.
    I can read the path but I know the path can have injected components.

    Forging a path is possible, but rather unlikely.
    Direct peers of GG can confirm that the path isn't forged.

    As I said, I'm astounded Google is allowing this to happen when
    they won't even let me log into my long-time email from the VPN
    service I've been using for years - but Google is Google after all.

    If peers can confirm this spam on c.m.a (and I'm sure many other ngs)
    is truly coming from Google servers, then that's where the solution lies.

    For example, I'm assuming that none of this spam actually is coming
    from google posters - I'm assuming it's all coming from a roge nntp
    server who is impersonating a google groups poster.

    Wrong summption.

    I haven't seen proof. But I openly instantly and readily admit that
    I don't know what any of you know, so I will accept that it's google.

    How can we tell who peered it first from the originating rouge nntp
    server?

    You can find who peers if you write a script and extract the patrh
    header and extract only the servers that are left of the googel groups
    part.

    That's assuming the "google groups part" isn't itself forged though.

    Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!eternal-september.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!news-out.google.com!
    nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail

    E.g. news.highwinds-media.com peer with Google.

    Shit. Highwinds doesn't give a shit. You probably know that.
    I've complained to them many times in the past. They do nothing.

    Hell, Rod Speed issued instructions to murder me using Highwinds.
    Just because I was able to get Paolo Amaroso to blacklist a.h.r.
    And they didn't even care (although I did call the FBI about it).

    Even Google put his email on a suspension once I wrote a formal
    letter which included the report to the FBI - but I don't know
    what happened of it as they told me never to contact him ever.

    That was hard enough.

    It's even worse with Highwinds because I'm sure legitimate posters
    must use it (do they?). If so, then highwinds can't be de-peered.

    I was hoping it was someone reputable, like Steve or Jesse
    or Wolfgang (Ray Bananna) or Paolo (if he's still alive) or
    Ivo or Daniel/Monica/Benjamin or Roman or Alex or Steen, et al.

    Bummer. Highwinds is one of the worst in my opinion, at least in
    terms of getting spammers booted.

    Is there someone at highwinds you'd recommend we contact to
    solve this - or has that long ago already been done (I suspect)?

    The only reason I doubt this spam is coming from google users is
    Google would put a stop to this - but it's been happening for weeks
    on end.

    No, Google doesn't care about it. They also don't care about spam on
    their web services nor abuse from their IP ranges hosted for others.

    That's a big problem. I'm pretty persistent but even I had to try hard to
    talk to a human in Mountainview when I needed a change in their routing.

    Finally after many calls (it's essentially impossible to get someone unless
    you know someone who knows exactly the someone you need to talk to) I was
    able to get it fixed, but the elapsed time was months in between.

    It might even be worse here because at least Google cares about Maps.

    Does anyone know of a way to _complain_ about it that exists somewhere?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Sun Dec 3 23:52:08 2023
    XPost: news.software.nntp

    On 12/3/23 18:07, Wally J wrote:
    OK. Sorry for being dense. I am way behind but trying to catch up.

    Dense is okay.

    You are asking intelligent questions and seem to want to understand and
    learn.

    I appreciate people who want to learn to understand in order to
    formulate their own opinion.

    This is true even if the opinion differs or you inadvertently call
    someone stupid by referencing their actions.

    The solution can only be in this order (as far as I can tell).
    1. Google
    2. Peers
    3. Users

    Yes.

    I'm probably with most of you that nothing good ever came out of
    a google groups post to Usenet

    I have personally had good conversations with people posting to Usenet
    via Google Groups.

    Sadly, I can no longer have discussions with those people as long as
    they continue to use Google Groups.

    Sadly, they are in the far minority, way less than 1%, of the messages
    coming from Google.

    so working backward, the users
    can all filter on the system "Injection-Info: header" (which
    moments ago I tried to spoof but Wolfgan'gs and Gondalfo's server
    prevented that (as they should).

    I don't know how protected the Injection-Info: header is. There's a
    good chance that it is as protected as the Path: header.

    I'm wary that they can set up their own rogue server to allow
    spoofing of that header but then I defer to your experience
    and your sensible logic above that they'd have to fool peers.

    News servers trust what peers send them. That's part of what is special
    about being a peer news server.

    As such, a rogue news server operator could inject malicious articles by leveraging their access to spoof headers to cast shade on someone else.

    Thankfully there are far fewer news administrators / peers than there
    are end users of said servers.

    So I'll belatedly accept Google is letting this happen.
    With that in mind, I'm willing to "complain" to google.

    By all means, please do.

    But I suggest you not hold your breath.

    But of course, I don't have any special connections other than
    I live close to Mountainview and some of my buddies used to work there.

    Used to work there hits quite close to home for me. -- I am one of the
    7,000 in the U.S.A. / 12,000 around the world that found I no longer had
    any access late January.

    The two questions would be to ask:
    a. Who wants to try to complain to Google (I'll try), and,

    I suspect that more people have tried complaining in various ways;
    between news masters peered with Google complaining directly to Google
    to end users marking messages as spam in Google Groups.

    b. Who can get a hold of the highwinds server (they suck).

    I don't know.

    Note that I don't think either will be all that fruitful.

    I suspect it's far easier to get a hold of High Winds than trying to get
    Google to do anything.

    But I wonder if it's only highwinds that sucks (I've dealt
    with them in the past and they just ignored everything).

    Sounds like Google.

    Though I got active rejections / "don't go there" while working inside
    of / for the beast.

    Other than having every user filter out a google injection info,
    what else can we do to stop these hundreds of spams daily?

    We can have the far fewer news administrators filter postnews.google.com
    and / or google-groups.googlegroups.com hosts from their servers.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Sun Dec 3 23:41:19 2023
    XPost: news.software.nntp

    On 12/3/23 17:07, Wally J wrote:
    Hi Grant,

    Hi Wally,

    Oh. DE-PEER! Duh. Sorry. I never heard the term before but I should have
    been able to figure it out on my own.

    Apology returned to sender as unnecessary.

    Thanks for being nice about my faux
    pas. It was stupid of me to not realize that's what it had meant.

    You're welcome.

    I believe that people trying to engage in civil conversation deserve
    civil responses.

    I don't think stupid. If anything, unaware. But, you are now aware,
    and therefor a little bit better off. :-)

    Especially since that was my whole point.

    ;-)

    How do you de-peer the spams (which I suspect are not coming from Google).

    You don't de-peer individual messages. You de-peer ... peer news servers.

    Few news servers directly peer with Google.

    Most news servers peer with other news server(s) that eventually peer
    with Google.

    So the only way that most news server administrators have to de-peer
    Google, in a manner of speaking, is to not allow messages from Google
    into their news server.

    (EDIT: I see below that you suspect they _are_ coming from Google though.)

    There are hundreds just today alone that anyone can see are clearly spam.
    <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    Yep.

    I am almost 86 so I lived through the days when we'd complain to a host
    admin that someone spammed us once in a month or two, and then I lived through making my own procmail filters on SunOS, so I'm familiar with the fact that it's just plain stupid to filter out everything from Google.

    I too make *EXTENSIVE* use of procmail for my email. Filtering Usenet
    is a little bit different.

    You may think it stupid that I have blocked all Google messages on my
    server. But you are as free to have your opinion as I am to have mine. ;-)

    The question is how much time is a news administrator willing to spend combating spam before they block a site entirely?

    Would you continue to accept messages from a small individual news
    server if 1 in 1,000 server legitimate and the other 999 were blatant
    spam? What if that was a university? What if it was google? What if
    it was more like 1 in 10,000 / 100,000 / 1,000,000? Is there a point
    when you would block an entire site because of the ratio of ham to spam?
    Does the size of the site make any difference?

    For me personally, I was spending an hour or more a day fighting Google
    spam and only getting to enjoy participating in conversations like this
    for about 15 minutes a day. After about two weeks of that, I decided to
    try filtering Google for a few days to see what I thought of it. I've
    got to say that I'm enjoying that 15 minutes on Usenet again and the
    hour (plus) of time that I've gotten back every day.

    Given that Usenet is flood full, all my peers that peer with someone
    other than me can get their messages from Google another way.

    I get to run my server the way that I want to. I choose to run my
    server in a way that makes me happy, or at the very least doesn't
    actively make me unhappy and want to shut it down.

    People do it all the time.
    But only stupid people do it.

    I guess I'm a stupid person then.

    A smart admin would have a smarter filter than "everything".
    Worse....

    I suspect you aren't intending to make a personal attack. But I'll ask
    you politely to not insult people who make their own choice, even if you
    don't agree with it.

    I suspect NONE of this spam is actually coming from Google anyway.
    (But I just saw below that you suspect they _are_ coming from Google.)

    For a filter, it's the same thing of course, but isn't it different to an nntp server who can tell where it's coming from better than I can tell?

    NNTP servers have a modicum of trust in each other. As in only NNTP
    peers are allowed to specify the Path header. Meaning that it's
    considerably more difficult for a /client/ to provide a forged path.

    All of the Google spam samples that I looked at had everything indicate
    that it was from Google; Path, Message-ID, From, etc. -- I no longer
    have any articles that originated from Google on my server as I had my
    server search through nearly 28 million messages to remove any messages
    from Google. -- That's how strongly I believe the spam originates from Google.

    Just about everybody else I've talked to believes the messages originate
    from Google.

    I can't recall anyone actually saying that the messages originate elsewhere.

    There are those that keep an open mind and allow for the possibility
    that they originate elsewhere.

    Google is notoriously non-responsive for dealing with problems
    originating from them into many ecosystems, Usenet is just the one being discussed here.

    As a former Google employee, I know how the people who supposedly are responsible for -- what I call -- the Google Groups Usenet gateway treat
    it at best as an also ran service.

    Google has a quite bad reputation as being a source of spam in the email community. All you need to do is look at the mailop / NANOG / Spammers
    Don't Like Us / SpamAssassin / ClamAV mailing lists and you will find
    hundreds of people talking about Google being the source of spam email
    and Usenet articles.

    There is exceedingly little doubt that Google is a source of massive
    amounts of spam.

    I have not seen any evidence that supports that someone is trying to
    frame Google by pretending to be them. -- I'd be quite curious to see
    any such statements.

    Google has responded to previous complaints about a few groups by making
    them read-only. At which point the spammers shift to different
    newsgroups. But this game of whack-a-mole is untenable and extremely slow.

    While at Google I witnessed them take 18 months to halfheartedly and ineffectively slow down, but not actually stop, spam originating from
    calendar invites.

    I experienced Google refusing to allow creation of new newsgroups for
    something that had a long history and pattern of newsgroups. I was
    ready to submit a change for the Windows 10 newsgroup to be created but
    was told that my change would be rejected and to not bother. I asked
    about the Firefox and Thunderbird newsgroups when Mozilla announced discontinuation of their (outsourced) news servers and was told to not
    even bother.

    I wholeheartedly believe that Google /is/ the source of the spam that
    appears to be from them and that they are not the victim of an attack.

    I'm sure that's why they seem to be changing up the subject, headers, from, injection information, etc. in those headers.

    I think one of the reasons that there are so many different clusters of similarities is because there are so many spammers each sending their
    own type of spam.

    A quote from a well known science fiction movie comes to mind, "You will
    never find a more wretched hive of scum and villainy." Mos Eisley^W^W
    Google.

    I'm almost certain (based on the modus operandi) that NONE of them are actually coming from Google servers but I saw below that you're sure they are, so I'd just ask how you know since almost everything in the header can be forged (as far as I know) except for the final path in the header.

    I'd be very interested in how / why you are as certain that the messages
    aren't originating from Google as I am that they are.

    Please elaborate with a rebuttal to my comments above.

    Oh. Really? I didn't see this until now. I was pretty sure none was coming from Google simply because they'd put a stop to abuse pretty quickly you'd think. And this is clearly abuse.

    Google want's you to think that they put a stop to spam quickly. But in effect, they don't. (See above about well respected places to see
    complaints.)

    Is there a way (that works) to _complain_ to Google about it?
    Maybe they care?

    I'm not aware of anything that works.

    I understand belatedly that you believe that - but how can you tell?
    I can't tell.

    Deduction / accumulation of many observations / experience working with
    the beast that is Google.

    Sure the message-ID is an indication.
    And the newsreader. But that can be forged.

    The Path: header is quite a bit more difficult to forge without being a
    news peer.

    I'm not aware of any (reputable) news server daemon / configuration that
    allows someone to spoof the Path: header.

    Sure, news servers can feed peers spoofed Path: headers. But it's quite difficult to do the original spoof without a corroborating news server.

    I strongly suspect that if there was a corroborating news server / administrator that was the source of the articles, the multiple people
    spending hours a day fighting this blight would have identified it and de-peered them without filtering Google.

    The vast majority of people want to not filter Google. The sad reality
    is that just about everybody has some point that filtering Google seems reasonable to them. It's simply a question of what that point is. --
    There's a crude joke that finishes with "we've already established that,
    now we're just negotiating price".

    About the only thing that can't be forged are sections of the path.

    Exactly.

    But they can 'inject' stuff into the path that is meaningless.

    As I indicated above, injecting something into the Path can only be done
    by /news/ /servers/. It's not something that properly configured news
    servers allow clients to do.

    As such, the injection is not something that end users can do.

    So how do you know that it's really coming from Google servers?
    (I strongly suspect it is not for the reasons I already stated.)

    Deja vu. ;-)

    We have to confirm if it's coming from Google because the solution then is
    at Google whereas if they're just spoofing Google, the solution is
    elsewhere.

    I hope that I've elaborated why I'm convinced that the spam is
    originating at Google.

    But I think it's worse than just needing to talk to Google.

    At this point I believe that Google is actually complicit in their
    negligent to do anything about it.

    N.B. I don't consider making specific groups read-only in a game of whack-a-mole to be sufficient.

    N.B. I consider that Google's action of making some groups read-only to
    be tantamount to admission that said group was a source of spam.

    By now I see that you feel strongly it's coming from Google.
    But how do you know?

    Deja vu.

    And more importantly, how does "de-peering" happen so that it stops?

    There is actual de-peering wherein the news servers that are actually / directly peered with Google turn off the connection with Google.

    Then there is filtering like what some of us have done wherein we make
    our down-stream servers simply refuse to accept any articles that come
    from Google.

    There are multiple ways to detect if an article comes from Google. The
    best is to look for postnews.google.com and / or
    google-groups.googlegroups.com in the Path. Some choose to filter based
    on part of the Message-ID: header. Still others choose to filter based
    on the From: email address.

    I have configured cleanfeed on my news server to reject messages from postnews.google.com and google-groups.googlegroups.com. As such, my
    server is happy to have articles from @gmail.com email addresses. -- I
    doubt that anyone will bother spoofing a Message-ID:. But I'm happy to
    have @gmail.com users send email through non-Google news servers.

    I lived through DejaNews so I'm aware of what you say, and I certainly know
    a google search on the real google.com is different in functionality than a search on http://groups.google.com/g/<put.name.of.usenet.group.here> but at least DejaGoogle exists.

    As time passes, more and more of the access to Usenet articles through
    Google Groups is taken away.

    I wanted to see if I could see the Path: for spam in Google Groups as it
    would be remarkably short if the spam existed in Google Groups and was originating in Google Groups. But, sadly, "Show original message" is
    greyed out.

    I use it only for a lookup/search/reference engine, which it's very good at but I wouldn't even think of posting using Google Groups for all the
    reasons that nobody would be caught dead using AOL in the olden days.

    In my not so humble opinion, AOL at it's worst still has a better
    reputation than Google currently does amongst news and email administrators.

    If Google wasn't as big as they are, more admins would have blocked them already.

    It is only Google's size that causes admins to hesitate.

    OK. So you think it's coming from Google. And that means Google either doesn't know about it - or - Google isn't doing anything about it.

    I very strongly believe that it's the latter; Google isn't doing
    anything (effective) about it.

    Is there any way to "complain" to Google to figure out which it is?

    I wasn't able to find anything effective while I was on the inside. In
    fact, I was given -- let's go with -- the cold shoulder brush off and
    actively discouraged to try to make things better.

    The PATH (read right to left of course) isn't meaningful when anyone clever can inject components into it.

    But my understanding and working premises is that /not/ /just/ /anyone/
    can spoof the Path: header.

    I don't know what portion of the path is inviolable though.
    Do you?

    Both all of it for the average user and none of it for a news administrator.

    My working understanding / premises is that news servers do not accept a
    Path: header from end users. News servers only accept Path: headers
    from other news servers. The news server appends it's name / path to
    the left side of the Path: header contents.

    As such, the only way to get postnews.google.com and / or google-groups.googlegroups.com into the path without actually passing
    through it is for a news server, or someone with news peer level access.

    As you can probably see from a number of newsgroups, the text-only news
    server community is relatively small and cooperative as well as being
    well motivated to stop the spam.

    I remain convinced that if there was someone pretending to be Google originating this spam, that the community would have an idea and would
    be working to depeer them.

    Assuming they're injecting into the path, what part of the path in the previously listed spams do you think are actually real?

    I have not seen any reason to doubt the Path: because of the special
    nature of the Path: header.

    Maybe I'm wrong. If I am, please correct / enlighten me. I'd like to
    learn more.

    But everything that I've experienced thus far either directly indicates
    or supports that the spam is originating from Google Groups.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Mon Dec 4 00:19:27 2023
    XPost: news.software.nntp

    On 12/3/23 17:45, Wally J wrote:
    Both servers the error below (which you knew but I did not).
    "Posting article failed: Can't set system Injection-Info: header

    Yep.

    You're obviously not a configured / recognized peer and thus not allowed
    to provide the Injection-Info: header.

    I suspect that the Path: header is equally well protected.

    Unless there's a compliant nntp server, I'll accept that the
    Injection-Info header can't be (trivially easily) forged.

    Hence why I say that end users can't spoof the Injection-Info: or the
    Path: header.

    This has to come from a trusted peer or the purported source.

    At least not with a simple "telnet newsserver 119" session.

    *nod*

    Thanks for letting me know I can filter on that line.

    So ... does this mean that you are starting to think about filtering all messages from Google, at least in the newsgroup that you're interested in?

    But this is best taken up with the powers that be in this order.

    1. Google

    Almost certainly deaf ears and / or don't care.

    2. Peers

    Likely deaf ears and / or don't care.

    3. Users

    Yep.

    Users are left to clean up the mess that others make way too often.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to walterjones@invalid.nospam on Mon Dec 4 07:09:18 2023
    XPost: news.software.nntp

    In article <ukioei$m66l$1@paganini.bofh.team>,
    Wally J <walterjones@invalid.nospam> wrote:
    The Doctor <doctor@doctor.nl2k.ab.ca> wrote

    More reason to depeer Google GRoups now!

    I don't know what "depeer" means, but I suspect it means to nuke it. >Sometimes nuking is appropriate. Most of the time it's too drastic.

    Cutting out this spam should be as easy as not peering it - should it not?
    <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    I'm not for knee-jerk reactions, but targeted surgical strikes.
    Maybe the problem is a single reliable news server is peering this spam?

    But I don't know enough about headers to determine who is peering it.
    I can read the path but I know the path can have injected components.

    For example, I'm assuming that none of this spam actually is coming from >google posters - I'm assuming it's all coming from a roge nntp server who
    is impersonating a google groups poster.

    How can we tell who peered it first from the originating rouge nntp server?

    Here's a thread which brought up the subject where each recipient has to >figure out on his own newsreader how to nuke this spam which purports to
    come from Google Groups (I suspect it comes from a rogue
    Like this thread, posted today, trying to solve this exact problem.
    <https://groups.google.com/g/comp.mobile.android/c/CvM86LHCHh4>

    The only reason I doubt this spam is coming from google users is Google
    would put a stop to this - but it's been happening for weeks on end.

    So I 'suspect' that it's coming from a rogue nntp news server.
    Which is why I'm asking the question that I'm asking.

    Who is peering all these spams ostensibly from Google Groups?

    Depeer means dropping a newsfeeds as a peer.
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Mon Dec 4 03:02:16 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    Just about everybody else I've talked to believes the messages originate
    from Google.

    I can't recall anyone actually saying that the messages originate elsewhere.

    OK. Thanks. I apologize for calling folks stupid as even I just now
    implemented regex filters to filter out _all_ Google Usenet posts.

    It's stupid; but it's the easiest thing to do. I agree. I just did it.
    So call me stupid. I get it now.

    If people want to post to Usenet, they will just have to know to not use
    Google Groups to do it. That's the result. I'm filtering it now myself.

    I apologize it took me this long to understand, but now I agree with all
    the arguments that the news servers can't do much else given the newservers they peer with peer with Google, where de-peering isn't as easy as I had thought it would be.

    It would have to be the news server doing EXACTLY what I just did.
    Drop all messages coming from Google Groups users.

    It's too bad _any_ news servers peer with Google then, it seems.

    Namely Highwinds and Giganews (but I'm not sure which are the culprits).

    Again, I am sorry I didnt' realize any of this when I had first posted.
    It took me a bunch of articles to get up to speed where I see now why "my" solution will have to be to just filter them _all_ out at receipt. Sigh.

    Luckily it's easy as there are at least three headers which are unique.
    Injection-Info: google-groups.googlegroups.com...
    Message-ID: <...@googlegroups.com>
    User-Agent: G2/1.0

    Of those three, I can easily see why people prefer the "injection-info".
    So now I'm filtering it all out. Sorry for taking so long to come to that realization. I didn't know about the de-peering issues you brought up.

    BTW, there's a project, I see, that tries to help users filter it all out.
    <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>

    Thanks for your help. My biggest hurdle was that I thought Google wouldn't allow it, and that if it happened, they'd put a stop to it pronto.

    I thought it was a fluke.
    Someone slipping in an accidentally opened window.
    One that Google would close the moment that they realized it was open.
    Which is why I thought it more likely it went around Google.

    But I have to agree with you that it's actually coming from Google.
    Sigh.

    I have friends who had worked there and they're all smart guys who know how
    to code well. They just have to be given the task by Google Management.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Mon Dec 4 00:15:21 2023
    XPost: news.software.nntp

    On 12/3/23 17:33, Wally J wrote:
    OK. Grant also said the spam is really coming from Google servers, which is disappointing at best, and almost criminal at worst - but it is what it is.

    Yes, it's extremely disappointing.

    Certainly we can all blindly filter out EVERYTHING from Google Groups.

    How many people need to take action to clean up after one bad but big
    peer before the peer is made to go away?

    And maybe that's what we'll have to do as I don't think I've ever seen a Usenet post from a Google Groups' poster that held any pertinent value.

    As I said elsewhere, I've had good conversations with people that post
    to Usenet from Google Groups. It does happen.

    But before I do that, I still think there must be a better way, where what some people do on c.m.a is check a whitelist and then plonk if not in it.

    How complicated of a filter do you want to set up and maintain?

    But that's gonna be newsreader-specific code (unlike procmail was).

    Yep.

    But maybe I can't. I don't know. I'm not all that clever.
    But I know how to use Telnet so I can try it. Later.

    Kudos for speaking NNTP via telnet. :-)

    Even so, any of us can filter it out but the problem is at the
    peering, so now I understand the suggestion of "de-peering" better!

    The problem is Google.

    Google is the singular source of the problem of spam from Google Groups.
    The news servers / administrators peered with Google are less of the
    problem. They are simply trying to be a common carrier and carry all
    articles equally.

    The peers aren't the source of the spam.

    Don't shoot the ${MESSENGER}. where MESSENGER is "the news server peered
    with Google".

    As I said, I'm astounded Google is allowing this to happen when
    they won't even let me log into my long-time email from the VPN
    service I've been using for years - but Google is Google after all.

    Google has incentive to block you from using a VPN. I can't articulate
    what that incentive is, but I understand that your use of a VPN
    adversely impacts their business model.

    If peers can confirm this spam on c.m.a (and I'm sure many other ngs)
    is truly coming from Google servers, then that's where the solution lies.

    Yep.

    Even Google put his email on a suspension once I wrote a formal
    letter which included the report to the FBI - but I don't know
    what happened of it as they told me never to contact him ever.

    Sadly, I suspect it's going to take something like a police / FBI report
    to get attention of the people you need.

    That was hard enough.

    Yep. Getting Google to stop spam that doesn't impact them in a segment
    that they don't make any money from, that will be difficult.

    This is especially true if Google is avoiding the backlash of shutting
    down -- what I call -- their Google Groups Usenet gateway.

    It's even worse with Highwinds because I'm sure legitimate posters
    must use it (do they?). If so, then highwinds can't be de-peered.

    HighWinds can be de-peered just like Google can be.

    I was hoping it was someone reputable, like Steve or Jesse
    or Wolfgang (Ray Bananna) or Paolo (if he's still alive) or
    Ivo or Daniel/Monica/Benjamin or Roman or Alex or Steen, et al.

    If you want to get an individual person to rattle Google's cage, try to
    get someone like Tavis Ormandy of Google's Project Zero.

    Finally after many calls (it's essentially impossible to get someone unless you know someone who knows exactly the someone you need to talk to) I was able to get it fixed, but the elapsed time was months in between.

    That was for a broken routing issue.

    Now just imagine for something that is working as intended / designed / configured.

    It might even be worse here because at least Google cares about Maps.

    Yep.

    Does anyone know of a way to _complain_ about it that exists somewhere?

    Nope.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to no@thanks.net on Mon Dec 4 07:09:53 2023
    XPost: news.software.nntp

    In article <ukisac$30te6$2@dont-email.me>,
    candycanearter07 <no@thanks.net> wrote:
    On 12/3/23 14:36, Grant Taylor wrote:
    On 12/3/23 14:29, Wally J wrote:
    I don't know what "depeer" means, but I suspect it means to nuke it.

    Depeering means to no longer carry any articles from a news server.

    Sometimes nuking is appropriate. Most of the time it's too drastic.

    Cutting out this spam should be as easy as not peering it - should it
    not?

    It's relatively easy to filter out /everything/ from Google.

    It's much Much MUCH more difficult to filter /some/ /but/ /not/ /all/
    from Google.

    Yeah. I just filter everything from Google.

    Same here!

    --
    user <candycane> is generated from /dev/urandom



    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to gtaylor@tnetconsulting.net on Mon Dec 4 07:10:42 2023
    XPost: news.software.nntp

    In article <ukjopv$bqb$1@tncsrv09.home.tnetconsulting.net>,
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    On 12/3/23 17:07, Wally J wrote:
    Hi Grant,

    Hi Wally,

    Oh. DE-PEER! Duh. Sorry. I never heard the term before but I should have
    been able to figure it out on my own.

    Apology returned to sender as unnecessary.

    Thanks for being nice about my faux
    pas. It was stupid of me to not realize that's what it had meant.

    You're welcome.

    I believe that people trying to engage in civil conversation deserve
    civil responses.

    I don't think stupid. If anything, unaware. But, you are now aware,
    and therefor a little bit better off. :-)

    Especially since that was my whole point.

    ;-)

    How do you de-peer the spams (which I suspect are not coming from Google).

    You don't de-peer individual messages. You de-peer ... peer news servers.

    Few news servers directly peer with Google.

    Most news servers peer with other news server(s) that eventually peer
    with Google.

    So the only way that most news server administrators have to de-peer
    Google, in a manner of speaking, is to not allow messages from Google
    into their news server.

    (EDIT: I see below that you suspect they _are_ coming from Google though.) >>
    There are hundreds just today alone that anyone can see are clearly spam.
    <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    Yep.

    I am almost 86 so I lived through the days when we'd complain to a host
    admin that someone spammed us once in a month or two, and then I lived
    through making my own procmail filters on SunOS, so I'm familiar with the
    fact that it's just plain stupid to filter out everything from Google.

    I too make *EXTENSIVE* use of procmail for my email. Filtering Usenet
    is a little bit different.

    You may think it stupid that I have blocked all Google messages on my
    server. But you are as free to have your opinion as I am to have mine. ;-)

    The question is how much time is a news administrator willing to spend >combating spam before they block a site entirely?

    Would you continue to accept messages from a small individual news
    server if 1 in 1,000 server legitimate and the other 999 were blatant
    spam? What if that was a university? What if it was google? What if
    it was more like 1 in 10,000 / 100,000 / 1,000,000? Is there a point
    when you would block an entire site because of the ratio of ham to spam?
    Does the size of the site make any difference?

    For me personally, I was spending an hour or more a day fighting Google
    spam and only getting to enjoy participating in conversations like this
    for about 15 minutes a day. After about two weeks of that, I decided to
    try filtering Google for a few days to see what I thought of it. I've
    got to say that I'm enjoying that 15 minutes on Usenet again and the
    hour (plus) of time that I've gotten back every day.

    Given that Usenet is flood full, all my peers that peer with someone
    other than me can get their messages from Google another way.

    I get to run my server the way that I want to. I choose to run my
    server in a way that makes me happy, or at the very least doesn't
    actively make me unhappy and want to shut it down.

    People do it all the time.
    But only stupid people do it.

    I guess I'm a stupid person then.

    A smart admin would have a smarter filter than "everything".
    Worse....

    I suspect you aren't intending to make a personal attack. But I'll ask
    you politely to not insult people who make their own choice, even if you >don't agree with it.

    I suspect NONE of this spam is actually coming from Google anyway.
    (But I just saw below that you suspect they _are_ coming from Google.)

    For a filter, it's the same thing of course, but isn't it different to an
    nntp server who can tell where it's coming from better than I can tell?

    NNTP servers have a modicum of trust in each other. As in only NNTP
    peers are allowed to specify the Path header. Meaning that it's
    considerably more difficult for a /client/ to provide a forged path.

    All of the Google spam samples that I looked at had everything indicate
    that it was from Google; Path, Message-ID, From, etc. -- I no longer
    have any articles that originated from Google on my server as I had my
    server search through nearly 28 million messages to remove any messages
    from Google. -- That's how strongly I believe the spam originates from >Google.

    Just about everybody else I've talked to believes the messages originate
    from Google.

    I can't recall anyone actually saying that the messages originate elsewhere.

    There are those that keep an open mind and allow for the possibility
    that they originate elsewhere.

    Google is notoriously non-responsive for dealing with problems
    originating from them into many ecosystems, Usenet is just the one being >discussed here.

    As a former Google employee, I know how the people who supposedly are >responsible for -- what I call -- the Google Groups Usenet gateway treat
    it at best as an also ran service.

    Google has a quite bad reputation as being a source of spam in the email >community. All you need to do is look at the mailop / NANOG / Spammers
    Don't Like Us / SpamAssassin / ClamAV mailing lists and you will find >hundreds of people talking about Google being the source of spam email
    and Usenet articles.

    There is exceedingly little doubt that Google is a source of massive
    amounts of spam.

    I have not seen any evidence that supports that someone is trying to
    frame Google by pretending to be them. -- I'd be quite curious to see
    any such statements.

    Google has responded to previous complaints about a few groups by making
    them read-only. At which point the spammers shift to different
    newsgroups. But this game of whack-a-mole is untenable and extremely slow.

    While at Google I witnessed them take 18 months to halfheartedly and >ineffectively slow down, but not actually stop, spam originating from >calendar invites.

    I experienced Google refusing to allow creation of new newsgroups for >something that had a long history and pattern of newsgroups. I was
    ready to submit a change for the Windows 10 newsgroup to be created but
    was told that my change would be rejected and to not bother. I asked
    about the Firefox and Thunderbird newsgroups when Mozilla announced >discontinuation of their (outsourced) news servers and was told to not
    even bother.

    I wholeheartedly believe that Google /is/ the source of the spam that
    appears to be from them and that they are not the victim of an attack.

    I'm sure that's why they seem to be changing up the subject, headers, from, >> injection information, etc. in those headers.

    I think one of the reasons that there are so many different clusters of >similarities is because there are so many spammers each sending their
    own type of spam.

    A quote from a well known science fiction movie comes to mind, "You will >never find a more wretched hive of scum and villainy." Mos Eisley^W^W
    Google.

    I'm almost certain (based on the modus operandi) that NONE of them are
    actually coming from Google servers but I saw below that you're sure they
    are, so I'd just ask how you know since almost everything in the header can >> be forged (as far as I know) except for the final path in the header.

    I'd be very interested in how / why you are as certain that the messages >aren't originating from Google as I am that they are.

    Please elaborate with a rebuttal to my comments above.

    Oh. Really? I didn't see this until now. I was pretty sure none was coming >> from Google simply because they'd put a stop to abuse pretty quickly you'd >> think. And this is clearly abuse.

    Google want's you to think that they put a stop to spam quickly. But in >effect, they don't. (See above about well respected places to see >complaints.)

    Is there a way (that works) to _complain_ to Google about it?
    Maybe they care?

    I'm not aware of anything that works.

    I understand belatedly that you believe that - but how can you tell?
    I can't tell.

    Deduction / accumulation of many observations / experience working with
    the beast that is Google.

    Sure the message-ID is an indication.
    And the newsreader. But that can be forged.

    The Path: header is quite a bit more difficult to forge without being a
    news peer.

    I'm not aware of any (reputable) news server daemon / configuration that >allows someone to spoof the Path: header.

    Sure, news servers can feed peers spoofed Path: headers. But it's quite >difficult to do the original spoof without a corroborating news server.

    I strongly suspect that if there was a corroborating news server / >administrator that was the source of the articles, the multiple people >spending hours a day fighting this blight would have identified it and >de-peered them without filtering Google.

    The vast majority of people want to not filter Google. The sad reality
    is that just about everybody has some point that filtering Google seems >reasonable to them. It's simply a question of what that point is. -- >There's a crude joke that finishes with "we've already established that,
    now we're just negotiating price".

    About the only thing that can't be forged are sections of the path.

    Exactly.

    But they can 'inject' stuff into the path that is meaningless.

    As I indicated above, injecting something into the Path can only be done
    by /news/ /servers/. It's not something that properly configured news >servers allow clients to do.

    As such, the injection is not something that end users can do.

    So how do you know that it's really coming from Google servers?
    (I strongly suspect it is not for the reasons I already stated.)

    Deja vu. ;-)

    We have to confirm if it's coming from Google because the solution then is >> at Google whereas if they're just spoofing Google, the solution is
    elsewhere.

    I hope that I've elaborated why I'm convinced that the spam is
    originating at Google.

    But I think it's worse than just needing to talk to Google.

    At this point I believe that Google is actually complicit in their
    negligent to do anything about it.

    N.B. I don't consider making specific groups read-only in a game of >whack-a-mole to be sufficient.

    N.B. I consider that Google's action of making some groups read-only to
    be tantamount to admission that said group was a source of spam.

    By now I see that you feel strongly it's coming from Google.
    But how do you know?

    Deja vu.

    And more importantly, how does "de-peering" happen so that it stops?

    There is actual de-peering wherein the news servers that are actually / >directly peered with Google turn off the connection with Google.

    Then there is filtering like what some of us have done wherein we make
    our down-stream servers simply refuse to accept any articles that come
    from Google.

    There are multiple ways to detect if an article comes from Google. The
    best is to look for postnews.google.com and / or >google-groups.googlegroups.com in the Path. Some choose to filter based
    on part of the Message-ID: header. Still others choose to filter based
    on the From: email address.

    I have configured cleanfeed on my news server to reject messages from >postnews.google.com and google-groups.googlegroups.com. As such, my
    server is happy to have articles from @gmail.com email addresses. -- I >doubt that anyone will bother spoofing a Message-ID:. But I'm happy to
    have @gmail.com users send email through non-Google news servers.

    I lived through DejaNews so I'm aware of what you say, and I certainly know >> a google search on the real google.com is different in functionality than a >> search on http://groups.google.com/g/<put.name.of.usenet.group.here> but at >> least DejaGoogle exists.

    As time passes, more and more of the access to Usenet articles through
    Google Groups is taken away.

    I wanted to see if I could see the Path: for spam in Google Groups as it >would be remarkably short if the spam existed in Google Groups and was >originating in Google Groups. But, sadly, "Show original message" is
    greyed out.

    I use it only for a lookup/search/reference engine, which it's very good at >> but I wouldn't even think of posting using Google Groups for all the
    reasons that nobody would be caught dead using AOL in the olden days.

    In my not so humble opinion, AOL at it's worst still has a better
    reputation than Google currently does amongst news and email administrators.

    If Google wasn't as big as they are, more admins would have blocked them >already.

    It is only Google's size that causes admins to hesitate.

    OK. So you think it's coming from Google. And that means Google either
    doesn't know about it - or - Google isn't doing anything about it.

    I very strongly believe that it's the latter; Google isn't doing
    anything (effective) about it.

    Is there any way to "complain" to Google to figure out which it is?

    I wasn't able to find anything effective while I was on the inside. In
    fact, I was given -- let's go with -- the cold shoulder brush off and >actively discouraged to try to make things better.

    The PATH (read right to left of course) isn't meaningful when anyone clever >> can inject components into it.

    But my understanding and working premises is that /not/ /just/ /anyone/
    can spoof the Path: header.

    I don't know what portion of the path is inviolable though.
    Do you?

    Both all of it for the average user and none of it for a news administrator.

    My working understanding / premises is that news servers do not accept a >Path: header from end users. News servers only accept Path: headers
    from other news servers. The news server appends it's name / path to
    the left side of the Path: header contents.

    As such, the only way to get postnews.google.com and / or >google-groups.googlegroups.com into the path without actually passing
    through it is for a news server, or someone with news peer level access.

    As you can probably see from a number of newsgroups, the text-only news >server community is relatively small and cooperative as well as being
    well motivated to stop the spam.

    I remain convinced that if there was someone pretending to be Google >originating this spam, that the community would have an idea and would
    be working to depeer them.

    Assuming they're injecting into the path, what part of the path in the
    previously listed spams do you think are actually real?

    I have not seen any reason to doubt the Path: because of the special
    nature of the Path: header.

    Maybe I'm wrong. If I am, please correct / enlighten me. I'd like to
    learn more.

    But everything that I've experienced thus far either directly indicates
    or supports that the spam is originating from Google Groups.


    Still paralyse GG by depeering them.



    --
    Grant. . . .


    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Mon Dec 4 03:16:32 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    Thanks for letting me know I can filter on that line.

    So ... does this mean that you are starting to think about filtering all messages from Google, at least in the newsgroup that you're interested in?

    Well, um, er... it's embarrassing, especially after I said it was stupid to just filter out all Google Groups posts, but I've already implemented it.

    So can I take my words back now? :)
    I'm surprised you didn't ream me harder. Thanks for being nice about it.


    But this is best taken up with the powers that be in this order.

    1. Google

    Almost certainly deaf ears and / or don't care.

    Given Google won't even let me log into my own email account on VPN, I
    wasn't prepared when I asked the question for the answer to be that google isn't doing a thing about it. It wasn't one of the considerations I had.

    I _still_ think if we get to the right people, we can get them to do
    something about it. We just need a way to "tell them".

    Tomorrow I'll call Mountainview (but I've been there, done that). The
    operator must work on the side for the Gestapo as she'll never give you anyone's phone number. But she might give me a "contact" method, which
    likely entails a general Q&A location - but I'll try it nonetheless.

    2. Peers

    Likely deaf ears and / or don't care.

    That's the second shock. I was trying to think logically what the problem
    was, assuming it was an accidentally opened window they were climbing in.

    But if the window is left open on purpose, then that means the only avenue
    left is for each user to filter it out (or for the responsible servers to).

    Do I have my understanding correct yet that it's kind of like this?

    1. The spammer logs into google groups and posts mountains of spam.
    2. Servers just as Giganews & Highwinds peer with Google (I think).
    3. Servers such as dizum, mixmin, E-S, paganini, etc., peer with them.
    4. We get the articles from any one of those news servers.

    Is that kind of how it works?

    If so, then is the culprit first & foremost Google.
    But secondly the servers that peer with Google?


    3. Users

    Yep.

    Users are left to clean up the mess that others make way too often.

    Well. I just did it. I called it stupid. But I have to eat my words.
    I thought the right answer was to ask Google to close the window.
    Or, worst case, to ask peers to stop peering Google servers.

    Now that I'm edified, I still think those are the right answers.
    But they'll never happen (based on what folks told me).

    So I implemented a complete plonk already.
    I could have picked any of the three headers
    a. Message id
    b. Newsreader
    c. Injection-info

    So I picked the Injection info.
    Luckily it's easy to do for all people on all newsreaders.

    There's even a web site to help them do it.
    <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>
    --
    Usenet is a useful way to meet people who know more than I do.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Mon Dec 4 03:54:18 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    And maybe that's what we'll have to do as I don't think I've ever seen a
    Usenet post from a Google Groups' poster that held any pertinent value.

    As I said elsewhere, I've had good conversations with people that post
    to Usenet from Google Groups. It does happen.

    I'll ask Andy Burns to post his filters to the thunderbird newsgroup.

    Here's a snippet of his conversation earlier today on comp.mobile.android
    I have a separate address book called "google whitelist"
    I put people in it of I know they're google groups users
    I have a message filter that has two rules and two actions
    IF "from" ISN'T IN ADDR BOOK "google whitelist"
    AND message-id CONTAINS "@googlegroups.com"
    THEN mark as read
    AND add tag #6
    That's thunderbird, I'm sure other clients can do similar

    Here's the dejagoogle link to that conversation today:
    *fumigation?*
    <https://groups.google.com/g/comp.mobile.android/c/CvM86LHCHh4>
    Post:
    <https://groups.google.com/g/comp.mobile.android/c/CvM86LHCHh4/m/Q6bzV3aKAwAJ>
    <https://groups.google.com/g/comp.mobile.android/c/CvM86LHCHh4/m/zL-_isyMAwAJ>

    Here's a web site trying to do something about it to help users implement
    the filter since it's best if one person implements it & the others copy.
    <http://twovoyagers.com/improve-usenet.org/index.html>


    But before I do that, I still think there must be a better way, where what >> some people do on c.m.a is check a whitelist and then plonk if not in it.

    How complicated of a filter do you want to set up and maintain?

    Well, see above. If we can get one person on each newsreader to post their "complicated" filter, then everyone benefits. But I get your point.

    I, myself... don't feel like _writing_ a complicated filter.
    Of course, I'll _implement_ one if someone gives it to me.

    Likewise I think with many users.
    But I get your point.

    I already implemented a blind kill-all filter based on the Injection.


    But that's gonna be newsreader-specific code (unlike procmail was).

    Yep.

    This site is trying to give newsreader-specific solutions.
    <http://twovoyagers.com/improve-usenet.org/index.html>

    But maybe I can't. I don't know. I'm not all that clever.
    But I know how to use Telnet so I can try it. Later.

    Kudos for speaking NNTP via telnet. :-)

    Thanks.


    Even so, any of us can filter it out but the problem is at the
    peering, so now I understand the suggestion of "de-peering" better!

    The problem is Google.

    I had trouble believing that. But if they know about it, and don't do
    anything about it, then the problem _is_ google, I agree.

    They make a newsgroup unusable without filtering them out.


    Google is the singular source of the problem of spam from Google Groups.
    The news servers / administrators peered with Google are less of the problem. They are simply trying to be a common carrier and carry all articles equally.

    Yes but. If the peers-with-google dropped their messages, maybe Google
    would think twice? Dunno. I'll give Mountainview a call tomorrow.

    But last time I called Google to get them to do something was long ago
    when I tried to get them to change their dejagoogle URI from this...
    <https://groups.google.com/forum/#!forum/newsgroup.name.here>
    To this...
    <https://groups.google.com/g/newsgroup.name.here>

    For example, from this:
    <https://groups.google.com/forum/#!forum/news.admin.peering>
    <https://groups.google.com/forum/#!forum/news.software.nntp>
    <https://groups.google.com/forum/#!forum/comp.mobile.android>

    For example, to this:
    <https://groups.google.com/g/news.admin.peering>
    <https://groups.google.com/g/news.software.nntp>
    <https://groups.google.com/g/comp.mobile.android>
    etc.

    When I created these shortcuts (really long ago for most of them).
    <http://tinyurl.com/news-admin-peering>
    <http://tinyurl.com/news-software-nntp>
    <http://tinyurl.com/comp-mobile-android>
    etc.

    The peers aren't the source of the spam.

    Don't shoot the ${MESSENGER}. where MESSENGER is "the news server peered
    with Google".

    Well, the solution, as I think everyone agrees, is for Google to do their
    job. I'm shocked, actually, that Google allows this. You're not. But I am.

    Again, I will call Mountainview and try to get a human (fat chance).
    They may give me a way though to file a complaint using my Google Account. That's how they fixed the Google Maps errors I had told them about.
    That took 'em only a month - but I suspect this process will be longer.
    If not forever.


    As I said, I'm astounded Google is allowing this to happen when
    they won't even let me log into my long-time email from the VPN
    service I've been using for years - but Google is Google after all.

    Google has incentive to block you from using a VPN. I can't articulate
    what that incentive is, but I understand that your use of a VPN
    adversely impacts their business model.

    Understood. The weird thing though is their coding is so sophomoric that it even blocks me when I post from a public library to a large group of my neighbors, but it doesn't block me when I post from home - but get this -
    the same account posts to the same neighbors (so it's just bad coding).

    If peers can confirm this spam on c.m.a (and I'm sure many other ngs)
    is truly coming from Google servers, then that's where the solution lies.

    Yep.

    Even Google put his email on a suspension once I wrote a formal
    letter which included the report to the FBI - but I don't know
    what happened of it as they told me never to contact him ever.

    Sadly, I suspect it's going to take something like a police / FBI report
    to get attention of the people you need.

    Yeah. And that took a formal paper letter. They wouldn't accept anything
    else but a letter with documentation (which wasn't hard to do but nowadays
    we use email for almost everything).


    That was hard enough.

    Yep. Getting Google to stop spam that doesn't impact them in a segment
    that they don't make any money from, that will be difficult.

    This is especially true if Google is avoiding the backlash of shutting
    down -- what I call -- their Google Groups Usenet gateway.

    Well, I'm glad the search engine exists, and I've been a big proponent of
    it for many years, as it's much better than some of the others, e.g.,
    Narkives:
    <https://news.admin.peering.narkive.com>
    <https://news.software.nntp.narkive.com>
    <https://comp.mobile.narkive.com>
    etc.


    It's even worse with Highwinds because I'm sure legitimate posters
    must use it (do they?). If so, then highwinds can't be de-peered.

    HighWinds can be de-peered just like Google can be.

    I think it's highwinds and giganews but I don't know much about peering.


    I was hoping it was someone reputable, like Steve or Jesse
    or Wolfgang (Ray Bananna) or Paolo (if he's still alive) or
    Ivo or Daniel/Monica/Benjamin or Roman or Alex or Steen, et al.

    If you want to get an individual person to rattle Google's cage, try to
    get someone like Tavis Ormandy of Google's Project Zero.

    I don't think they'll ever let me get to a person inside without a person inside giving me the email, but I will try tomorrow but I don't expect a miracle.


    Finally after many calls (it's essentially impossible to get someone unless >> you know someone who knows exactly the someone you need to talk to) I was
    able to get it fixed, but the elapsed time was months in between.

    That was for a broken routing issue.

    Now just imagine for something that is working as intended / designed / configured.

    Yeah. I know. Plus they care about Google Maps being correct.
    DejaGoogle they don't (most likely).


    It might even be worse here because at least Google cares about Maps.

    Yep.

    Does anyone know of a way to _complain_ about it that exists somewhere?

    Nope.

    Thanks for being nice to me, especially since I had barged in clueless.
    If something comes of my call tomorrow, I'll let you know.
    But I don't expect much (and I'm sure you expect even less than I do).
    --
    The whole point of Usenet is to find people who know more than you do.
    And to contribute to the overall tribal knowledge value of the newsgroup.
    It's a domino effect where each of us helps the next person in the lineup.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Moock@21:1/5 to All on Mon Dec 4 09:29:46 2023
    XPost: news.software.nntp

    Am 04.12.2023 um 08:23:15 Uhr schrieb Tom Furie:

    The follow-on problem there is that in today's world, if your ISP
    still offers usenet access, or if you subscribe to a commercial usenet provider, there's a high probability that what you're connecting with
    is in reality nothing more than a front-end to
    Highwinds/Abavia/Giganews.

    What is the problem here?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Tom Furie@21:1/5 to Grant Taylor on Mon Dec 4 08:23:15 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> writes:

    HighWinds can be de-peered just like Google can be.

    The follow-on problem there is that in today's world, if your ISP still
    offers usenet access, or if you subscribe to a commercial usenet
    provider, there's a high probability that what you're connecting with is
    in reality nothing more than a front-end to Highwinds/Abavia/Giganews.

    At least users of Google Groups *know* they're using Google Groups, even
    if they don't understand the distinction between that and usenet.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Tom Furie@21:1/5 to Marco Moock on Mon Dec 4 09:08:46 2023
    XPost: news.software.nntp

    Marco Moock <mm+usenet-es@dorfdsl.de> writes:

    What is the problem here?
    Unwitting innocents falling foul of the backwash if we get to the point
    of feeling the need to shut off from those path components. Not a
    significant hurdle, but a factor to be aware of.

    Those users likely won't be aware that the server at "news.myisp.com" or "news.retentionallthewayback.net" or whatever is just one of those bulk services with a custom facade.

    The difference being that Google Groups users know they're using Google
    Groups and make the conscious choice as to whether to continue to do so.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From candycanearter07@21:1/5 to Grant Taylor on Mon Dec 4 08:03:27 2023
    XPost: news.software.nntp

    On 12/3/23 23:52, Grant Taylor wrote:
    On 12/3/23 18:07, Wally J wrote:
    so working backward, the users
    can all filter on the system "Injection-Info: header" (which
    moments ago I tried to spoof but Wolfgan'gs and Gondalfo's server
    prevented that (as they should).

    I don't know how protected the Injection-Info: header is.  There's a
    good chance that it is as protected as the Path: header.


    Does that mean they are protected or aren't?
    --
    user <candycane> is generated from /dev/urandom

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Tom Furie@21:1/5 to no@thanks.net on Mon Dec 4 14:27:35 2023
    XPost: news.software.nntp

    candycanearter07 <no@thanks.net> writes:

    On 12/3/23 23:52, Grant Taylor wrote:
    I don't know how protected the Injection-Info: header is.  There's a
    good chance that it is as protected as the Path: header.

    Does that mean they are protected or aren't?

    They're non-modifiable by clients.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ray Banana@21:1/5 to All on Mon Dec 4 16:31:17 2023
    XPost: news.software.nntp

    Thus spake Tom Furie <tom@furie.org.uk>

    candycanearter07 <no@thanks.net> writes:
    On 12/3/23 23:52, Grant Taylor wrote:
    I don't know how protected the Injection-Info: header is.  There's a
    good chance that it is as protected as the Path: header.
    Does that mean they are protected or aren't?
    They're non-modifiable by clients.

    Unlike the Injection-Info: header, the Path: header must be explicitly protected by setting strippath to TRUE in readers,conf

    ,------------------------------------------------------------------------
    | strippath
    | If set to true, any Path header field provided by a user in a
    | post is stripped rather than used as the beginning of the
    | Path header field body of the article. This is a boolean
    | value and the default is false.
    | ^^^^^^
    \________________________________________________________________________

    man readers.conf (for INN2)

    --
    Пу́тін — хуйло́
    http://www.eternal-september.org

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to tom@furie.org.uk on Mon Dec 4 16:58:34 2023
    XPost: news.software.nntp

    In article <ukk29k$m8d$1@freeq.furie.org.uk>,
    Tom Furie <tom@furie.org.uk> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> writes:

    HighWinds can be de-peered just like Google can be.

    The follow-on problem there is that in today's world, if your ISP still >offers usenet access, or if you subscribe to a commercial usenet
    provider, there's a high probability that what you're connecting with is
    in reality nothing more than a front-end to Highwinds/Abavia/Giganews.

    At least users of Google Groups *know* they're using Google Groups, even
    if they don't understand the distinction between that and usenet.

    Can we get Highwindsto drop GG like a rock?
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to walterjones@invalid.nospam on Mon Dec 4 16:57:31 2023
    XPost: news.software.nntp

    In article <ukjucg$slos$1@paganini.bofh.team>,
    Wally J <walterjones@invalid.nospam> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    Thanks for letting me know I can filter on that line.

    So ... does this mean that you are starting to think about filtering all
    messages from Google, at least in the newsgroup that you're interested in?

    Well, um, er... it's embarrassing, especially after I said it was stupid to >just filter out all Google Groups posts, but I've already implemented it.

    So can I take my words back now? :)
    I'm surprised you didn't ream me harder. Thanks for being nice about it.


    I have had enough of GG and unaccountability!


    But this is best taken up with the powers that be in this order.

    1. Google

    Almost certainly deaf ears and / or don't care.

    Given Google won't even let me log into my own email account on VPN, I
    wasn't prepared when I asked the question for the answer to be that google >isn't doing a thing about it. It wasn't one of the considerations I had.

    I _still_ think if we get to the right people, we can get them to do >something about it. We just need a way to "tell them".

    Tomorrow I'll call Mountainview (but I've been there, done that). The >operator must work on the side for the Gestapo as she'll never give you >anyone's phone number. But she might give me a "contact" method, which
    likely entails a general Q&A location - but I'll try it nonetheless.

    2. Peers

    Likely deaf ears and / or don't care.

    That's the second shock. I was trying to think logically what the problem >was, assuming it was an accidentally opened window they were climbing in.

    But if the window is left open on purpose, then that means the only avenue >left is for each user to filter it out (or for the responsible servers to).

    Do I have my understanding correct yet that it's kind of like this?

    1. The spammer logs into google groups and posts mountains of spam.
    2. Servers just as Giganews & Highwinds peer with Google (I think).
    3. Servers such as dizum, mixmin, E-S, paganini, etc., peer with them.
    4. We get the articles from any one of those news servers.

    Is that kind of how it works?

    If so, then is the culprit first & foremost Google.
    But secondly the servers that peer with Google?


    3. Users

    Yep.

    Users are left to clean up the mess that others make way too often.

    Well. I just did it. I called it stupid. But I have to eat my words.
    I thought the right answer was to ask Google to close the window.
    Or, worst case, to ask peers to stop peering Google servers.

    Now that I'm edified, I still think those are the right answers.
    But they'll never happen (based on what folks told me).

    So I implemented a complete plonk already.
    I could have picked any of the three headers
    a. Message id
    b. Newsreader
    c. Injection-info

    So I picked the Injection info.
    Luckily it's easy to do for all people on all newsreaders.

    There's even a web site to help them do it.
    <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>

    Is that indexed by Google?

    --
    Usenet is a useful way to meet people who know more than I do.

    Exactly how I feel.
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Mon Dec 4 10:54:58 2023
    XPost: news.software.nntp

    On 12/4/23 01:02, Wally J wrote:
    OK. Thanks. I apologize for calling folks stupid as even I just now implemented regex filters to filter out _all_ Google Usenet posts.

    ;-)

    I absolutely agree that filtering all of Google Groups is
    /questionable/. And that news administrators that do so may need to
    speak to why they did so. But I maintain that it's their choice to make
    how they run their server.

    Similarly it's end users choice how they run their news reader.

    It's stupid; but it's the easiest thing to do. I agree. I just did it.
    So call me stupid. I get it now.

    I don't think saying that "it's the easiest thing to do" does it justice.

    Filtering all of Google Groups is the only thing that I'm aware of that
    doesn't miss any spam.

    I'd love to learn about another option that doesn't miss the spam while
    it does allow the good messages. I keep hoping that someone will
    suggest something.

    N.B. I don't believe that retroactively removing spam detected after the
    fact; e.g. NoCeMs, is viable. -- I applaud people's efforts. But
    there are multiple down sides to that system, much of which is people's
    ongoing effort / time.

    If people want to post to Usenet, they will just have to know to not use Google Groups to do it. That's the result. I'm filtering it now myself.

    That is the reality that is forming.

    I apologize it took me this long to understand, but now I agree with all
    the arguments that the news servers can't do much else given the newservers they peer with peer with Google, where de-peering isn't as easy as I had thought it would be.

    It would have to be the news server doing EXACTLY what I just did.
    Drop all messages coming from Google Groups users.

    It's too bad _any_ news servers peer with Google then, it seems.

    I don't object to the concept of peering with Google, or anyone else,
    for that matter. I do object to continuing to peer with an organization
    that is clearly a massive source of spam.

    Namely Highwinds and Giganews (but I'm not sure which are the culprits).

    Given the nature of Usenet's flood fill methodology, the articles will eventually make it if there is a path and a receiving news server
    doesn't filter them.

    Again, I am sorry I didnt' realize any of this when I had first posted.
    It took me a bunch of articles to get up to speed where I see now why "my" solution will have to be to just filter them _all_ out at receipt. Sigh.

    I consider that to be learning. You presented valid points / concerns
    and you listened to responses. You then came to your own conclusion.
    -- I wish a LOT more people would do the same in many aspects of life.

    Luckily it's easy as there are at least three headers which are unique.
    Injection-Info: google-groups.googlegroups.com...
    Message-ID: <...@googlegroups.com>
    User-Agent: G2/1.0

    I would discourage filtering on Message-ID: and User-Agent: as I think
    that they can much more easily be faked by end users. Maybe I'm wrong.

    BTW, there's a project, I see, that tries to help users filter it all out.
    <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>

    Yep. There's lots of effort to clean up the mess that emanates from Google.

    Thanks for your help.

    You're welcome.

    My biggest hurdle was that I thought Google wouldn't
    allow it, and that if it happened, they'd put a stop to it pronto.

    I've never been a Google fan boy by any stretch of the imagination. But
    there was a time when I would have given Google the benefit of the
    doubt. That was more like two decades ago. I've seen too much,
    experienced too much, hurt too much, cleaned up from too much since then
    to do more than keep an open ear / eye.

    I thought it was a fluke.

    I wish it was a fluke. Or even a flash in the pan that Google was
    /quickly/ reacting to.

    Someone slipping in an accidentally opened window.

    Sadly not.

    One that Google would close the moment that they realized it was open.

    If only.

    Which is why I thought it more likely it went around Google.

    My curmudgeonly experience is that the bigger the institution the slower
    that it moves. Leviathan comes to mind.

    But I have to agree with you that it's actually coming from Google.

    ;-)

    Sigh.

    I hoist my beverage in equal dismay at Google's behavior.

    I have friends who had worked there and they're all smart guys who know how to code well. They just have to be given the task by Google Management.

    Google is now an institution and does what they think is best for them.
    The "Don't" sign has fallen over and nobody has bothered to pick up the
    mess.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Mon Dec 4 11:46:24 2023
    XPost: news.software.nntp

    On 12/4/23 01:54, Wally J wrote:
    I'll ask Andy Burns to post his filters to the thunderbird newsgroup.

    Here's a snippet of his conversation earlier today on comp.mobile.android
    I have a separate address book called "google whitelist"
    I put people in it of I know they're google groups users
    I have a message filter that has two rules and two actions
    IF "from" ISN'T IN ADDR BOOK "google whitelist"
    AND message-id CONTAINS "@googlegroups.com"
    THEN mark as read
    AND add tag #6
    That's thunderbird, I'm sure other clients can do similar

    Kudos for "mark as read" vs "delete".

    That has the benefit of the messages being there if you want to go look
    for them. Which is exactly why I do that very thing for email filters.

    But Usenet is somewhat different, especially filtering server side.

    Well, see above. If we can get one person on each newsreader to post their "complicated" filter, then everyone benefits. But I get your point.

    I was thinking more server side to catch each type of spam emanating
    from Google Groups while still allowing ham through. That's at least
    two orders of magnitude more complicated and an ever changing game of whack-a-mole.

    I, myself... don't feel like _writing_ a complicated filter.
    Of course, I'll _implement_ one if someone gives it to me.

    *nod*

    Likewise I think with many users.
    But I get your point.

    ;-)

    Thanks.

    You're welcome.

    I'd have to look up NNTP as I don't do it often enough. But I used to
    do SMTP / POP3 / IMAP weekly and sometimes daily at ${OLD_JOB}.

    I find that I'm now occasionally speaking HTTP via telnet or via
    OpenSSL's s_client for TLS.

    I had trouble believing that. But if they know about it, and don't do anything about it, then the problem _is_ google, I agree.

    I can't "like" this statement, no matter how much I agree with it.

    They make a newsgroup unusable without filtering them out.

    #HEAVYsigh

    Yes but. If the peers-with-google dropped their messages, maybe Google
    would think twice? Dunno. I'll give Mountainview a call tomorrow.

    I suspect that there are multiple, if not many, in Google that would
    think "finally, now we can kill that thing that we've been dragging
    forward".

    Well, the solution, as I think everyone agrees, is for Google to do their job. I'm shocked, actually, that Google allows this. You're not. But I am.

    I want to be clear, I used to be shocked. That was years ago. The
    shock wore off. The apathy -- I think that's the word that I want --
    remains.

    Again, I will call Mountainview and try to get a human (fat chance).

    I suspect that you'll eventually get to a human if you try hard and / or
    long enough.

    I'll be surprised if that human is anything more than a complaints
    department / yes person.

    I'll be shocked if any good comes from your efforts. Unless you are the
    final straw that breaks the camel's back.

    They may give me a way though to file a complaint using my Google Account. That's how they fixed the Google Maps errors I had told them about.
    That took 'em only a month - but I suspect this process will be longer.
    If not forever.


    Understood. The weird thing though is their coding is so sophomoric that it even blocks me when I post from a public library to a large group of my neighbors, but it doesn't block me when I post from home - but get this -
    the same account posts to the same neighbors (so it's just bad coding).

    "sophomoric" is a good way to describe much of what I experienced.

    Yeah. And that took a formal paper letter. They wouldn't accept anything
    else but a letter with documentation (which wasn't hard to do but nowadays
    we use email for almost everything).

    The requirement for paper was probably a very low level gate that blocks multiple orders of magnitude of complaints that they consider to be noise.

    Well, I'm glad the search engine exists,

    Please don't get me started on their search engine.

    I have a funny thing wherein I expect words that I search for to be in
    the (cached version of) the results page.

    I use `grep`, `find.exe`, and the likes frequently.

    But I'm also a lay human I can't possibly know what I want to search for
    and I must be helped / coddled by the LLM feigning AI. <PROJECTILE VOMIT>

    and I've been a big proponent of
    it for many years, as it's much better than some of the others, e.g., Narkives:
    <https://news.admin.peering.narkive.com>
    <https://news.software.nntp.narkive.com>
    <https://comp.mobile.narkive.com>
    etc.

    I think it's highwinds and giganews but I don't know much about peering.


    I don't think they'll ever let me get to a person inside without a person inside giving me the email, but I will try tomorrow but I don't expect a miracle.

    Tavis O. used to be on the blue bird sight that used to start with a T.
    I've not been there in a while and have no idea if he is either.

    Yeah. I know. Plus they care about Google Maps being correct.
    DejaGoogle they don't (most likely).

    Sadly.

    Thanks for being nice to me, especially since I had barged in clueless.

    Please return the favor to someone else. ;-)

    If something comes of my call tomorrow, I'll let you know.

    Please do.

    But I don't expect much (and I'm sure you expect even less than I do).

    ;-)



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Tom Furie on Mon Dec 4 11:48:30 2023
    XPost: news.software.nntp

    On 12/4/23 02:23, Tom Furie wrote:
    The follow-on problem there is that in today's world, if your ISP still offers usenet access, or if you subscribe to a commercial usenet
    provider, there's a high probability that what you're connecting with is
    in reality nothing more than a front-end to Highwinds/Abavia/Giganews.

    Agreed.

    Though I don't see a problem with that in and of itself. Though if I
    were an ISP, I would refer to it as outsourced service for ISP customers.

    I don't think there is any shame in an ISP outsourcing some services.
    They just need to own it and admit it.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Mon Dec 4 11:27:09 2023
    XPost: news.software.nntp

    On 12/4/23 01:16, Wally J wrote:
    Well, um, er... it's embarrassing, especially after I said it was stupid to just filter out all Google Groups posts, but I've already implemented it.

    So can I take my words back now? :)

    No. You can't take them back.

    But you can learn from them and try to avoid the same mistake in the
    future. -- Or so I've been told.

    I'm surprised you didn't ream me harder. Thanks for being nice about it.

    Would it have done any good? Would you feel better if I had? I
    wouldn't feel better about it.

    So ... why put people out if there's no benefit longer than 45 seconds
    of me feeling better when venting. ;-)

    Given Google won't even let me log into my own email account on VPN, I
    wasn't prepared when I asked the question for the answer to be that google isn't doing a thing about it. It wasn't one of the considerations I had.

    I'm genuinely sorry for being party to your experiencing Google falling
    off a pedestal. That's never fun and I don't encourage it.

    I _still_ think if we get to the right people, we can get them to do something about it. We just need a way to "tell them".

    I think it will actually take multiple people. The people to advocate
    that there is a problem that needs to be fixed. The people with the
    know how to fix the problem. The people to encourage management to
    allow the people with the know how to fix the problem. The management
    to listen.

    Tomorrow I'll call Mountainview (but I've been there, done that). The operator must work on the side for the Gestapo as she'll never give you anyone's phone number. But she might give me a "contact" method, which
    likely entails a general Q&A location - but I'll try it nonetheless.

    :-/

    That's the second shock. I was trying to think logically what the problem was, assuming it was an accidentally opened window they were climbing in.

    Sadly nothing as benign as that.

    But if the window is left open on purpose, then that means the only avenue left is for each user to filter it out (or for the responsible servers to).

    Reluctantly.

    Do I have my understanding correct yet that it's kind of like this?

    1. The spammer logs into google groups and posts mountains of spam.
    2. Servers just as Giganews & Highwinds peer with Google (I think).
    3. Servers such as dizum, mixmin, E-S, paganini, etc., peer with them.
    4. We get the articles from any one of those news servers.

    Is that kind of how it works?

    Yep.

    If so, then is the culprit first & foremost Google.
    But secondly the servers that peer with Google?

    Also true.

    Giganews and Highwinds are in a somewhat unique position in that they
    can literally de-peer Google as in remove the peering configuration for
    Google from their servers.

    For the rest of us that don't actually peer with Google, "de-peer"
    translates to filter.

    Well. I just did it. I called it stupid. But I have to eat my words.

    Trust me when I say that I've had to eat far worse words that I've said
    / typed. -- It's part of why I afford people wider berths when they
    may be preparing a foot salad of their own. ;-)

    I thought the right answer was to ask Google to close the window.

    I think that it is the most proper / most direct thing to do. Sadly I
    think it's the least likely to have any effect.

    Or, worst case, to ask peers to stop peering Google servers.

    Sadly, the big peers don't care and are unwilling to take it on the chin
    to de-peer Google. After all It's Google, they can do no wrong! <sick>

    Now that I'm edified, I still think those are the right answers.
    But they'll never happen (based on what folks told me).

    That seems to be the unpalatable reality.

    So I implemented a complete plonk already.
    I could have picked any of the three headers
    a. Message id
    b. Newsreader
    c. Injection-info

    I take it that Path: wasn't an option for you?

    I used Path: as cleanfeed on my news server has explicit support for
    banning hosts in the Path: header.

    So I picked the Injection info.
    Luckily it's easy to do for all people on all newsreaders.

    ACK

    There's even a web site to help them do it.
    <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>

    Yep.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Tom Furie on Mon Dec 4 11:50:03 2023
    XPost: news.software.nntp

    On 12/4/23 03:08, Tom Furie wrote:
    The difference being that Google Groups users know they're using Google Groups and make the conscious choice as to whether to continue to do so.

    Except the Google Groups users posting to comp.os.vms aren't posting to
    a Google Group, they are posting to Usenet. They are experiencing the
    very same thing you're lamenting, just the opposite side of the same coin.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Tom Furie@21:1/5 to Grant Taylor on Mon Dec 4 18:03:40 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> writes:

    I don't think there is any shame in an ISP outsourcing some
    services. They just need to own it and admit it.

    Neither do I, sometimes it's just not cost effective to do everything
    in-house. Much better all around to hand said service to someone who specialises in it and can deliver more effectively/efficiently.

    Their owning and admitting to doing so, however, is for the most part a
    matter of "if only".

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Tom Furie@21:1/5 to Grant Taylor on Mon Dec 4 17:54:24 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> writes:

    On 12/4/23 03:08, Tom Furie wrote:
    The difference being that Google Groups users know they're using Google
    Groups and make the conscious choice as to whether to continue to do so.

    Except the Google Groups users posting to comp.os.vms aren't posting
    to a Google Group, they are posting to Usenet. They are experiencing
    the very same thing you're lamenting, just the opposite side of the
    same coin.

    That's fair comment, but they *are* doing it through the Google Groups interface/infrastructure, and therein lies their choice.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Tom Furie@21:1/5 to The Doctor on Mon Dec 4 17:21:54 2023
    XPost: news.software.nntp

    doctor@doctor.nl2k.ab.ca (The Doctor) writes:

    Can we get Highwindsto drop GG like a rock?

    Unlikely. It seems (hearsay only, I have no direct experience) that
    speaking to Highwinds is about as effective as speaking to Google.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From candycanearter07@21:1/5 to Grant Taylor on Mon Dec 4 12:58:55 2023
    XPost: news.software.nntp

    On 12/4/23 10:54, Grant Taylor wrote:
    On 12/4/23 01:02, Wally J wrote:
    I have friends who had worked there and they're all smart guys who
    know how
    to code well. They just have to be given the task by Google Management.

    Google is now an institution and does what they think is best for them.
    The "Don't" sign has fallen over and nobody has bothered to pick up the
    mess.

    Do you mean the "Don't be evil" sign? They took that down recently.
    --
    user <candycane> is generated from /dev/urandom

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From candycanearter07@21:1/5 to Tom Furie on Mon Dec 4 13:00:16 2023
    XPost: news.software.nntp

    On 12/4/23 11:54, Tom Furie wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> writes:

    On 12/4/23 03:08, Tom Furie wrote:
    The difference being that Google Groups users know they're using Google
    Groups and make the conscious choice as to whether to continue to do so.

    Except the Google Groups users posting to comp.os.vms aren't posting
    to a Google Group, they are posting to Usenet. They are experiencing
    the very same thing you're lamenting, just the opposite side of the
    same coin.

    That's fair comment, but they *are* doing it through the Google Groups interface/infrastructure, and therein lies their choice.

    Yeah, you can't control what Google does to its own server.
    --
    user <candycane> is generated from /dev/urandom

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to All on Mon Dec 4 13:13:01 2023
    XPost: news.software.nntp

    On 12/4/23 12:58, candycanearter07 wrote:
    Do you mean the "Don't be evil" sign? They took that down recently.

    Yes, I do.

    But no, they didn't take the sing down.

    The "be evil" is still there.

    They pulled an Office Space patch wherein they fixed the accounting
    error but didn't tell ${CHARACTER_WHOS_NAME_I_FORGOT} that he was no
    longer employed.



    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Mon Dec 4 17:48:00 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    I _still_ think if we get to the right people, we can get them to do
    something about it. We just need a way to "tell them".

    I think it will actually take multiple people. The people to advocate
    that there is a problem that needs to be fixed. The people with the
    know how to fix the problem. The people to encourage management to
    allow the people with the know how to fix the problem. The management
    to listen.

    Well, I was hoping to get a hold of a person at Google to make the starting case, which I think is obvious with this one screenshot alone.

    Site: <http://groups.google.com/g/comp.mobile.android>
    Group: comp.mobile.android
    Results: <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    The argument is Google alone is making that newsgroup unreadable.
    Even if we filter it out, the _search engine_ is still almost unusable.

    Can you imagine looking for "movie editors" on that Android search engine? Google is breaking their own search engine (about which they should care).

    Tomorrow I'll call Mountainview (but I've been there, done that). The
    operator must work on the side for the Gestapo as she'll never give you
    anyone's phone number. But she might give me a "contact" method, which
    likely entails a general Q&A location - but I'll try it nonetheless.

    :-/

    It's currently 205 minutes and the endless loop of songs ran out around the
    185 minute so it's just deadly silence at the moment - don't wish me much.
    <https://i.postimg.cc/kgFknPX0/google01.jpg>
    <https://i.postimg.cc/d388rqkj/google02.jpg>

    Good thing I use Google Voice to call Google in Mountainview so I can use
    up some of their own free bits waiting more than three hours for them to
    pick up the phone by a human... :)

    1. The spammer logs into google groups and posts mountains of spam.
    2. Servers just as Giganews & Highwinds peer with Google (I think).
    3. Servers such as dizum, mixmin, E-S, paganini, etc., peer with them.
    4. We get the articles from any one of those news servers.

    Is that kind of how it works?

    Yep.

    Thanks. That pretty much answers my original question, at least at the
    level that I can do anything about it after understanding that answer.

    So I implemented a complete plonk already.
    I could have picked any of the three headers
    a. Message id
    b. Newsreader
    c. Injection-info

    I take it that Path: wasn't an option for you?

    I used Path: as cleanfeed on my news server has explicit support for
    banning hosts in the Path: header.

    Oh. The path? Yeah. It could be useful too. I didn't even think of that.
    Thanks for bringing it up. But I already implemented "injection info".
    Plus I have tested the PATH: before with Frank Slootweg.
    You can, in some cases, mess with it, even as a non-sophisticated user.

    If so, then is the culprit first & foremost Google.
    But secondly the servers that peer with Google?

    Also true.

    Giganews and Highwinds are in a somewhat unique position in that they
    can literally de-peer Google as in remove the peering configuration for Google from their servers.

    For the rest of us that don't actually peer with Google, "de-peer"
    translates to filter.

    I need to do one more thing which is figure out if it's just giganews and highwinds or if individual.net is also involved. Now that I've filtered out
    the spam, I don't see it and the dejagoogle web archives no longer show the headers (they used to show them, but not anymore).

    So I have the cruelly ironic task of removing my filters in order to figure
    out the sum total of peers directly to the google spam.

    Do you know, offhand, if individual.net is also one of them?
    Is there any way to tell other than to look at the PATH headers again?

    I thought the right answer was to ask Google to close the window.

    I think that it is the most proper / most direct thing to do. Sadly I
    think it's the least likely to have any effect.

    Here's what might be nice to communicate to the thousands of users.

    Here is where they can complain to the powers that be at Google.
    They're welcome to attach as an upload my screenshot from yesterday.
    <https://i.postimg.cc/6pj29c6f/spam01.jpg>
    And the link from whence it came:
    <https://groups.google.com/g/comp.mobile.android>
    Because that shows the spam has made even Google's web search unusable.

    Here's how to tell Google they need to reduce this spam content:
    "*Contact Owners and Managers of Google Usenet*"
    Google Usenet (google-usenet@googlegroups.com)
    <https://groups.google.com/g/google-usenet/about>

    There is a settings-gear-icon image at top right, which has the option to:
    "Send feedback to Google"
    1. Tell us what prompted this feedback.
    2. A screenshot will help us better understand your feedback.

    Here's a screenshot of that which I recommend others do right now.
    <https://i.postimg.cc/k462x02X/spam02.jpg>

    The more people who contact Google, teh better, but like you, I'm at the
    point that Google must know about it by now - so maybe they don't care.

    But maybe not.
    I think it's worth a try for everyone to communicate the problem to them.
    That link is the only way I know of at the moment.
    As calling them isn't gonna happen (it's 216 minutes and counting).

    Which is proof of the inordinate amount of spam making the ng unusable.
    --
    Posting a question on Usenet is an attempt to learn from others who know
    more than you do & then to combine our tribal knowledge for all to benefit.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Slootweg@21:1/5 to Wally J on Mon Dec 4 21:51:24 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> wrote:
    [...]

    Absolutely you are correct. The only two headers that I'm aware of that are "harder" to spoof are the path (which I tested once with Frank Slootweg to see what we could inject into the path) and now I foound out the injection header also.

    For the record, I never "tested" spoofing the PATH header with you,
    because - being an ex News admin - I knew the PATH header can't be
    'spoofed' (read: preloaded) - by a newsreader user - on a properly
    configured News server.

    By that time, the News server(s) which *did* allow path preloading had probably already vanished and if it/they hadn't, I wasn't going to
    mention its/their name(s).

    For the PATH: header, as I recall, long ago (depending on the server) we could inject stuff into it but at some point we lost control & the news server took it from here (and yes, I saw Wolfgang Weyand's response about
    his warning on the default PATH settings allowing more freedom for that).

    A warning is always good, but I don't think there's currently any
    legit server out there which allows path preloading.

    [...]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Mon Dec 4 18:13:37 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    I'd have to look up NNTP as I don't do it often enough. But I used to
    do SMTP / POP3 / IMAP weekly and sometimes daily at ${OLD_JOB}.

    I wrote this up once in a tutorial to help users respond to an old expired article where all they had was teh message id (in the days when Google's Dejagoogle search engine provided the headers - which they don't do now).

    I find that I'm now occasionally speaking HTTP via telnet or via
    OpenSSL's s_client for TLS.

    I use stunnel quite frequently but telnet with encryption is a hassle
    as I really don't understand how to do it except to check Steve Crook's free-certificate expiry dates. :)

    Well, I'm glad the search engine exists,

    Please don't get me started on their search engine.

    I have a funny thing wherein I expect words that I search for to be in
    the (cached version of) the results page.

    I use `grep`, `find.exe`, and the likes frequently.

    Yup. I use "control F" and then "F3" (and shift F3) a lot when using
    the dejagoogle search engine to find things I _know_ are there.

    Note: Many articles of long ago said that was a big problem
    that the dejagoogle search doesn't even find what is _known_ to exist.
    <https://www.vice.com/en/article/jp5a77/google-a-search-company-has-made-its-internet-archive-impossible-to-search>

    Yes but. If the peers-with-google dropped their messages, maybe Google
    would think twice? Dunno. I'll give Mountainview a call tomorrow.

    I suspect that there are multiple, if not many, in Google that would
    think "finally, now we can kill that thing that we've been dragging
    forward".

    Remember when AT&T teamed up with the Cuomo bastard to make excuses for why they dropped all Usenet services from their cable service about 20 years
    ago?

    All their excuses were only believed by stupid people.
    They dropped it for the reason you said above.

    They can't make money off us using it.

    Again, I will call Mountainview and try to get a human (fat chance).

    I suspect that you'll eventually get to a human if you try hard and / or
    long enough.

    It's currently 235 minutes and waiting. I don't feel like making more screenshots to prove what I say as I suspect you believe me on this.

    I'll be surprised if that human is anything more than a complaints
    department / yes person.

    I'm hoping I get a contact, just like I did in the past to get some minor things fixed that they cared about (like map routing & google URIs).

    I'll be shocked if any good comes from your efforts. Unless you are the final straw that breaks the camel's back.

    I would NOT recommend calling them as I've been on for hours, so the only
    thing people _can_ do, I think, is explain the situation over here.
    <https://i.postimg.cc/k462x02X/spam02.jpg>

    1. Go here <https://groups.google.com/g/google-usenet/about>
    2. Press the settings-gear-icon image at top right
    3. Select "Send feedback to Google"
    a. "Tell us what prompted this feedback."
    b. "A screenshot will help us better understand your feedback."
    Folks can refer to <https://groups.google.com/g/comp.mobile.android>
    And they can use this too <https://i.postimg.cc/6pj29c6f/spam01.jpg>

    If a few hundred people did that, "maybe" they'd take notice.
    --
    Each of us on Usenet has a different use model so we learn from each other.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Mon Dec 4 17:23:12 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    N.B. I don't believe that retroactively removing spam detected after the fact; e.g. NoCeMs, is viable. -- I applaud people's efforts. But
    there are multiple down sides to that system, much of which is people's ongoing effort / time.

    Frank Slootweg, whom I think you know of, also suggested that the news
    server admins were making use of NoCeMs in this post today on c.m.a.
    *Spam floods from Google Groups (was fumigation)* by Frank Slootweg
    Message-ID: <ukkvm4.1jc.1@ID-201911.user.individual.net>
    <https://groups.google.com/g/comp.mobile.android/c/CvM86LHCHh4/m/997jctDYAwAJ>

    Frank pointed the Android users to this FAQ for what servers are doing.
    'The NoCeM FAQ' <http://www.cm.org/faq.html>

    If people want to post to Usenet, they will just have to know to not use
    Google Groups to do it. That's the result. I'm filtering it now myself.

    That is the reality that is forming.

    I'd point every user to this page (unless you know of better) who
    wants/needs an if-not-whitelist-then-blacklist google groups poster.
    *Usenet Improvement Project - Google Groups Filters*
    <http://twovoyagers.com/improve-usenet.org/index.html>

    I'm all about communicating good things so let me know if you know of a
    better page for showing nascent users how to use the google filters.

    It's too bad _any_ news servers peer with Google then, it seems.

    I don't object to the concept of peering with Google, or anyone else,
    for that matter. I do object to continuing to peer with an organization
    that is clearly a massive source of spam.

    The only three things I've ever had even a teeny tiny bit of success with Google on a personal level is Rod Speed's murder email, changing Usenet
    URIs to the dejagoogle archives and fixing local Google Maps routing.

    But it must be getting worse as I'm on the phone right now after going to
    <https://about.google/intl/ALL_us/contact-google/>
    And then after calling 650-253-0000 (which is a googleplex automated human)
    And which only works "Monday to Friday from 8 am to 5 pm PST" where
    you say "It's something else" a few times and then they tell you...
    "Continue to hold for the next available Agent"

    Guess how long I've been on the phone waiting for a human to pick up?
    <https://i.postimg.cc/kgFknPX0/google01.jpg> 650-253-0000 phone call
    (It's now well over three hours waiting for Google to pick up the phone.)

    Note: I use Google Voice on the iPad because it doesn't create an account
    on the mothership whereas GV on Android does create that account (if you
    don't have any accounts on Android - which I don't for privacy reasons).

    While I was waiting, I went to see if there's a contact on Wikipedia.
    <https://en.wikipedia.org/wiki/Google_Groups>
    Nothing useful there except the DejaNews history we already know.

    Still waiting, I looked up "how to contact google for real"
    <https://www.businessinsider.com/guides/tech/how-to-contact-google-support> But they only said what I knew e.g., "Google doesn't want to talk to you".

    Still waiting... I searched s'more and found other garbage such as this.
    <https://groups.google.com/g/google-usenet>
    Or this "chat support" link:
    <https://support.google.com/chatsupport/?hl=en>
    But all it has is a single article on "Add a Google Group to a space".

    Namely Highwinds and Giganews (but I'm not sure which are the culprits).

    Given the nature of Usenet's flood fill methodology, the articles will eventually make it if there is a path and a receiving news server
    doesn't filter them.

    In the past, I was able to get spammers booted off the a.h.r. newsgroup
    simply by sending the proof to the respective admins, where Paolo
    blacklisted the entire group (which was a bit Draconian if you ask me),
    but others like Ray Banana just kicked off the OT spammers themselves.

    While Steve Crook, Benjamin Gufler, Roman Racine, Jesse Rehmer, Alex
    DeJoode, Steen Jensen (as I recall) and a few other reliable news server
    admins responded positively (Ray simply asked for valid proof for example),
    I never could get any response from the likes of Giganews, Highwinds, or Individual.net admins.

    While the top level problem lies with Google, I think whomever it was that
    said the problem also involves those who peer with Google like those three.

    Again, I am sorry I didnt' realize any of this when I had first posted.
    It took me a bunch of articles to get up to speed where I see now why "my" >> solution will have to be to just filter them _all_ out at receipt. Sigh.

    I consider that to be learning. You presented valid points / concerns
    and you listened to responses. You then came to your own conclusion.
    -- I wish a LOT more people would do the same in many aspects of life.

    Thanks. I have multiple degrees in varying fields and it's amazing both how much we know and how much we don't know - such that I'm never embarrassed
    to let someone know what I don't know - nor to learn from them what they
    do.

    I would discourage filtering on Message-ID: and User-Agent: as I think
    that they can much more easily be faked by end users. Maybe I'm wrong.

    Absolutely you are correct. The only two headers that I'm aware of that are "harder" to spoof are the path (which I tested once with Frank Slootweg to
    see what we could inject into the path) and now I foound out the injection header also.

    For the PATH: header, as I recall, long ago (depending on the server) we
    could inject stuff into it but at some point we lost control & the news
    server took it from here (and yes, I saw Wolfgang Weyand's response about
    his warning on the default PATH settings allowing more freedom for that).


    BTW, there's a project, I see, that tries to help users filter it all out. >> <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>

    Yep. There's lots of effort to clean up the mess that emanates from Google.

    Heh heh... you should see how much I have to do on my non-rootable Android Samsung Galaxy A32-5G just to break free of Google's privacy intrusions!
    <https://xdaforums.com/m/galaxya325g.11604613/recent-content>

    I thought it was a fluke.

    I wish it was a fluke. Or even a flash in the pan that Google was
    /quickly/ reacting to.

    Well, I was "hoping" I could do something given three times I was able to
    get Google to do something - but it's been three hours and they still
    haven't picked up the phone - so I may have to give up on this tack.

    It has been so long that their "endless loop" of songs finally ran out
    at around the 185 minute mark! <https://i.postimg.cc/d388rqkj/google02.jpg>

    Bearing in mind that Google Groups isn't "exactly" the same as Google
    Usenet is, there is this URL that says it allows you to contact them...
    "*Contact Owners and Managers of Google Usenet*"
    Google Usenet (google-usenet@googlegroups.com)
    <https://groups.google.com/g/google-usenet/about>

    There is a settings-gear-icon image at top right, which has the option to:
    "Send feedback to Google"
    1. Tell us what prompted this feedback.
    2. A screenshot will help us better understand your feedback.

    Here's a screenshot of that which I recommend others do right now.
    <https://i.postimg.cc/k462x02X/spam02.jpg>
    Which is based on this URL:
    <http://groups.google.com/g/comp.mobile.android>
    Which is proof of the inordinate amount of spam making the ng unusable.

    You're welcome to refer to that spam shot in your request for Google
    Groups Usenet to implement spam filters to make ngs usable again.
    --
    Usenet is a way to discuss topics with people who know more than I do.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Frank Slootweg on Mon Dec 4 18:26:33 2023
    XPost: news.software.nntp

    Frank Slootweg <this@ddress.is.invalid> wrote

    Absolutely you are correct. The only two headers that I'm aware of that are >> "harder" to spoof are the path (which I tested once with Frank Slootweg to >> see what we could inject into the path) and now I foound out the injection >> header also.

    For the record, I never "tested" spoofing the PATH header with you,

    Depends on how you word that. You vehemently disagreed with what I had
    stated, and then I proved to you what was possible. We agreed on that
    (which, how could we not - because it _was_ possible at that time).

    because - being an ex News admin - I knew the PATH header can't be
    'spoofed' (read: preloaded) - by a newsreader user - on a properly
    configured News server.

    You don't remember challenging me on my statements to the iKooks that the header can't be changed, Frank? I do. I very well do. Google it. :)

    At that time, what could be changed was stuff could be injected.
    But only for some servers.

    I proved it to you using nothing more than telnet, at that time as I
    recall.

    By that time, the News server(s) which *did* allow path preloading had probably already vanished and if it/they hadn't, I wasn't going to
    mention its/their name(s).

    You need to search on what we discussed. Let me refresh your memory:
    a. An iKook said the headers were inviolable
    b. I responded, off the cuff, that they're "all" fungible
    c. You disputed that (rightly so) but on the technical merits

    We covered this twice, Frank. Once then, and once a few years later.
    (You forget I have a good memory - and all this is in the public record.)

    What happened, years later, is I brought it up and you again refuted it.

    Then I tested it in that rebuttal and that's when I learned what can and
    can not be done with the path header, as _every_ other header tested in
    that communication was fungible (time, date, newsreader, etc.).

    I was able to inject stuff into the path, so I agreed with you that any
    header that is not fully controlled by the server, is fungible.

    And we left it at that.
    If we must, I'll dig up the cite as it was on the comp.mobile.android ng.

    Note: Both of us were correct from the beginning even as you knew then more than I did then and you know now more than I do now about this stuff.

    What you objected to was the off-hand colloquial use of "all" when my explanation was I was explaining things to an iKook who didn't have the capacity to understand it at the level of detail that you do.

    For the PATH: header, as I recall, long ago (depending on the server) we
    could inject stuff into it but at some point we lost control & the news
    server took it from here (and yes, I saw Wolfgang Weyand's response about
    his warning on the default PATH settings allowing more freedom for that).

    A warning is always good, but I don't think there's currently any
    legit server out there which allows path preloading.

    Probably true, as I'm well aware you use to run an nntp server as I recall,
    so I'll accept what you say as probable fact as I've done my path header testing at the time we last discussed it long ago.
    --
    Sensible people will agree with anyone who says something logically sound.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to tom@furie.org.uk on Tue Dec 5 00:27:32 2023
    XPost: news.software.nntp

    In article <ukl1rj$4pj$1@freeq.furie.org.uk>,
    Tom Furie <tom@furie.org.uk> wrote:
    doctor@doctor.nl2k.ab.ca (The Doctor) writes:

    Can we get Highwindsto drop GG like a rock?

    Unlikely. It seems (hearsay only, I have no direct experience) that
    speaking to Highwinds is about as effective as speaking to Google.

    sick!
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Slootweg@21:1/5 to Wally J on Tue Dec 5 09:48:39 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> wrote:

    [Much deleted.]

    What happened, years later, is I brought it up and you again refuted it.

    Then I tested it in that rebuttal and that's when I learned what can and
    can not be done with the path header, as _every_ other header tested in
    that communication was fungible (time, date, newsreader, etc.).

    I was able to inject stuff into the path, so I agreed with you that any header that is not fully controlled by the server, is fungible.

    And we left it at that.

    Duh! The *point* is that - on a properly configured server - the PATH
    header *is* "fully controlled by the server", so it's *not* "fungible".

    So as usual a lot of talk, without specifics, let alone proof.

    As I said, *some* rogue server(s) allowed preloading the path, so
    obviously on that/those server(s) one was "able to inject stuff into the
    path". But on a legit server, this was and is not possible.

    If we must, I'll dig up the cite as it was on the comp.mobile.android ng.

    Don't "dig up the cite", because that will be only more talk and no
    proof, but post a cite which proves you "injected stuff into the path"
    of a *legit* server *and* give the Message-ID of that cite.

    [...]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Adam H. Kerman@21:1/5 to Frank Slootweg on Tue Dec 5 17:08:04 2023
    XPost: news.software.nntp

    Frank Slootweg <this@ddress.is.invalid> wrote:
    Wally J <walterjones@invalid.nospam> wrote:

    [Much deleted.]

    What happened, years later, is I brought it up and you again refuted it.

    Then I tested it in that rebuttal and that's when I learned what can and >>can not be done with the path header, as _every_ other header tested in >>that communication was fungible (time, date, newsreader, etc.).

    I was able to inject stuff into the path, so I agreed with you that any >>header that is not fully controlled by the server, is fungible.

    And we left it at that.

    Duh! The *point* is that - on a properly configured server - the PATH
    header *is* "fully controlled by the server", so it's *not* "fungible".

    So as usual a lot of talk, without specifics, let alone proof.

    As I said, *some* rogue server(s) allowed preloading the path, so
    obviously on that/those server(s) one was "able to inject stuff into the >path". But on a legit server, this was and is not possible.

    Eyeballing, it's usually obvious what the preloaded portion of the Path
    is.

    [...]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Frank Slootweg on Tue Dec 5 20:33:30 2023
    XPost: news.software.nntp

    Frank Slootweg <this@ddress.is.invalid> wrote

    Duh! The *point* is that - on a properly configured server - the PATH header *is* "fully controlled by the server", so it's *not* "fungible".

    As I said, I'll defer to your knowledge, Frank. Otherwise I have to dig up
    the cites but all I want you to do is agree that we discussed this twice.

    Now three times.

    So as usual a lot of talk, without specifics, let alone proof.

    I'm deferring to you, Frank. I'm not disputing you. I'm only disputing your comments that we didn't discuss this in the past (twice) - that's all.

    As I said, *some* rogue server(s) allowed preloading the path, so
    obviously on that/those server(s) one was "able to inject stuff into the path". But on a legit server, this was and is not possible.

    Again (and again and again), I'm agreeing with you Frank.
    I never dispute facts. Only fools do that (that's why they're fools).

    The only thing I disputed was your statement that we never covered this.
    We did. Twice. Now three times.

    That's all.

    If we must, I'll dig up the cite as it was on the comp.mobile.android ng.

    Don't "dig up the cite", because that will be only more talk and no
    proof, but post a cite which proves you "injected stuff into the path"
    of a *legit* server *and* give the Message-ID of that cite.

    Frank, I'm one of the most logical and sensible people you'll ever have the pleasure of speaking with anywhere - not just on Usenet - but anywhere.

    I look at facts and I assess those facts.
    Empirically I test some of the facts.

    My assessments are based on the facts.
    I rarely guess.

    I wouldn't have multiple graduate degrees, Frank, if I always guessed.
    You can't pass those science & engineering tests by mere guessing, Frank.

    My conclusions are always sound as long as the facts they're based on are.
    And I'm not disagreeing with any fact you've presented other than the fact
    that we discussed this problem in the past - twice - and now three times.

    In _my_ tests, long ago (and one this week) many parts of the header were fungible (which is why I told the moronic iKooks that the headers were not inviolate and which is what you originally disputed (rightly so since
    _some_ headers are inviolate but it was an off-the-cuff response to a moron
    who wouldn't know a PATH: header from an Injection-Info: header.

    Suffice to say I agree with you fully that it's a waste of time to even try
    to spoof teh PATH: or Injection-Info: for someone like me who has no great skills other than I can spoof the easy-to-spoof headers on most servers.

    What are the easy-to-spoof headers on most nntp servers?

    In my experience what the user can specify is usually something like
    The subject
    The references list
    The time zone
    The user agent (or newsreader)
    The mime version
    The character encoding
    The message id
    The from
    The content type
    Most X headers
    XFaces

    That's all I can think of, offhand, but notice I didn't put the path in
    that since it shouldn't be fungible for a reasonably well set up server.
    --
    Logically sensible people base their assessments on facts.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From D@21:1/5 to Wally J on Wed Dec 6 05:31:13 2023
    On Tue, 5 Dec 2023 20:33:30 -0400, Wally J <walterjones@invalid.nospam> wrote: >Frank Slootweg <this@ddress.is.invalid> wrote
    Duh! The *point* is that - on a properly configured server - the PATH
    header *is* "fully controlled by the server", so it's *not* "fungible".
    As I said, I'll defer to your knowledge, Frank. Otherwise I have to dig up >the cites but all I want you to do is agree that we discussed this twice.
    Now three times.
    So as usual a lot of talk, without specifics, let alone proof.
    I'm deferring to you, Frank. I'm not disputing you. I'm only disputing your >comments that we didn't discuss this in the past (twice) - that's all.
    As I said, *some* rogue server(s) allowed preloading the path, so
    obviously on that/those server(s) one was "able to inject stuff into the
    path". But on a legit server, this was and is not possible.
    Again (and again and again), I'm agreeing with you Frank.
    I never dispute facts. Only fools do that (that's why they're fools).
    The only thing I disputed was your statement that we never covered this.
    We did. Twice. Now three times.
    That's all.
    If we must, I'll dig up the cite as it was on the comp.mobile.android ng. >> Don't "dig up the cite", because that will be only more talk and no
    proof, but post a cite which proves you "injected stuff into the path"
    of a *legit* server *and* give the Message-ID of that cite.
    Frank, I'm one of the most logical and sensible people you'll ever have the >pleasure of speaking with anywhere - not just on Usenet - but anywhere.
    I look at facts and I assess those facts.
    Empirically I test some of the facts.
    My assessments are based on the facts.
    I rarely guess.
    I wouldn't have multiple graduate degrees, Frank, if I always guessed.
    You can't pass those science & engineering tests by mere guessing, Frank.
    My conclusions are always sound as long as the facts they're based on are. >And I'm not disagreeing with any fact you've presented other than the fact >that we discussed this problem in the past - twice - and now three times.
    In _my_ tests, long ago (and one this week) many parts of the header were >fungible (which is why I told the moronic iKooks that the headers were not >inviolate and which is what you originally disputed (rightly so since
    _some_ headers are inviolate but it was an off-the-cuff response to a moron >who wouldn't know a PATH: header from an Injection-Info: header.
    Suffice to say I agree with you fully that it's a waste of time to even try >to spoof teh PATH: or Injection-Info: for someone like me who has no great >skills other than I can spoof the easy-to-spoof headers on most servers.
    What are the easy-to-spoof headers on most nntp servers?
    In my experience what the user can specify is usually something like
    The subject
    The references list
    The time zone
    The user agent (or newsreader)
    The mime version
    The character encoding
    The message id
    The from
    The content type
    Most X headers
    XFaces
    That's all I can think of, offhand, but notice I didn't put the path in
    that since it shouldn't be fungible for a reasonably well set up server.

    probably a dumb question, but could a rogue server make article path
    headers appear to be downstream from "googlegroups" as the beginning
    in a path, when in fact it might not be, but was somehow modified in
    order to hide the actual source, e.g. this hypothetical path example:

    path: properly.configured.server!...improperly.configured.server!...googlegroups.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to All on Wed Dec 6 00:08:41 2023
    On 12/5/23 23:31, D wrote:
    probably a dumb question, but could a rogue server make article path
    headers appear to be downstream from "googlegroups" as the beginning
    in a path, when in fact it might not be, but was somehow modified in
    order to hide the actual source, e.g. this hypothetical path example:

    I think that a rogue server that peers with other servers would be
    allowed to present anything that the rogue server wanted to in the articles.

    Well, save for things that the receiving server would (should) reject;
    e.g. anything pretending to be the receiving server.

    That being said, I don't think that this is very likely as I suspect it
    would be a matter of (short amount of) time before this was detected and
    UDP applied to said rogue server.



    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Slootweg@21:1/5 to Wally J on Wed Dec 6 09:41:51 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> wrote:
    Frank Slootweg <this@ddress.is.invalid> wrote

    Duh! The *point* is that - on a properly configured server - the PATH header *is* "fully controlled by the server", so it's *not* "fungible".

    As I said, I'll defer to your knowledge, Frank. Otherwise I have to dig up the cites but all I want you to do is agree that we discussed this twice.

    Now three times.

    You didn't say we discussed this - which indeed we did - but said we
    *tested* this:


    Absolutely you are correct. The only two headers that I'm aware of that are "harder" to spoof are the path (which I tested once with Frank Slootweg to
    see what we could inject into the path) and now I foound out the injection header also.
    </WJ>

    I objected to *that*, hence I wrote:


    For the record, I never "tested" spoofing the PATH header with you,
    because - being an ex News admin - I knew the PATH header can't be
    'spoofed' (read: preloaded) - by a newsreader user - on a properly
    configured News server.
    </FS>

    [...]

    Frank, I'm one of the most logical and sensible people you'll ever have the pleasure of speaking with anywhere - not just on Usenet - but anywhere.

    I look at facts and I assess those facts.
    Empirically I test some of the facts.

    My assessments are based on the facts.
    I rarely guess.

    Well, you did this time [1]. Guessing what you wrote, instead of knowing/checking what you actually wrote, despite my clue-by-four.

    EOD.

    [...]

    [1] Not that it's the only time, far from it.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ted Heise@21:1/5 to Frank Slootweg on Wed Dec 6 14:38:09 2023
    XPost: news.software.nntp

    On 6 Dec 2023 09:41:51 GMT,
    Frank Slootweg <this@ddress.is.invalid> wrote:
    Wally J <walterjones@invalid.nospam> wrote:
    Frank Slootweg <this@ddress.is.invalid> wrote

    Duh! The *point* is that - on a properly configured server
    - the PATH header *is* "fully controlled by the server", so
    it's *not* "fungible".

    As I said, I'll defer to your knowledge, Frank. Otherwise I
    have to dig up the cites but all I want you to do is agree
    that we discussed this twice.

    Now three times.

    You didn't say we discussed this - which indeed we did - but
    said we *tested* this:


    Absolutely you are correct. The only two headers that I'm aware
    of that are "harder" to spoof are the path (which I tested once
    with Frank Slootweg to see what we could inject into the path)
    and now I foound out the injection header also.
    </WJ>

    I objected to *that*, hence I wrote:


    For the record, I never "tested" spoofing the PATH header with
    you, because - being an ex News admin - I knew the PATH header
    can't be 'spoofed' (read: preloaded) - by a newsreader user -
    on a properly configured News server.
    </FS>

    Piping up with some trepidation, but feel a need to point out it
    may depend on how one interprets "which I tested once with Frank
    Slootweg." Wally did say *he* tested it, and the "with" part is
    perhaps ambiguous. For example, it could mean "taking into
    account input from discussions with Frank." Of course, it could
    also mean the testing was done with Frank, which seems to be not
    the case.

    Ted out.

    --
    Ted Heise <theise@panix.com> West Lafayette, IN, USA

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Slootweg@21:1/5 to Ted Heise on Wed Dec 6 15:16:22 2023
    XPost: news.software.nntp

    Ted Heise <theise@panix.com> wrote:
    On 6 Dec 2023 09:41:51 GMT,
    Frank Slootweg <this@ddress.is.invalid> wrote:
    Wally J <walterjones@invalid.nospam> wrote:
    Frank Slootweg <this@ddress.is.invalid> wrote

    Duh! The *point* is that - on a properly configured server
    - the PATH header *is* "fully controlled by the server", so
    it's *not* "fungible".

    As I said, I'll defer to your knowledge, Frank. Otherwise I
    have to dig up the cites but all I want you to do is agree
    that we discussed this twice.

    Now three times.

    You didn't say we discussed this - which indeed we did - but
    said we *tested* this:


    Absolutely you are correct. The only two headers that I'm aware
    of that are "harder" to spoof are the path (which I tested once
    with Frank Slootweg to see what we could inject into the path)
    and now I foound out the injection header also.
    </WJ>

    I objected to *that*, hence I wrote:


    For the record, I never "tested" spoofing the PATH header with
    you, because - being an ex News admin - I knew the PATH header
    can't be 'spoofed' (read: preloaded) - by a newsreader user -
    on a properly configured News server.
    </FS>

    Piping up with some trepidation, but feel a need to point out it
    may depend on how one interprets "which I tested once with Frank
    Slootweg." Wally did say *he* tested it, and the "with" part is
    perhaps ambiguous. For example, it could mean "taking into
    account input from discussions with Frank." Of course, it could
    also mean the testing was done with Frank, which seems to be not
    the case.

    Yes, I know what he wrote was ambiguous (and I'm sure purposely so),
    that's why I removed the ambiguity with my "For the record, I never
    "tested" ..." response. But he didn't get that (or rather he chose not
    to get it).

    Ted out.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Wed Dec 6 13:55:08 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    On 12/5/23 23:31, D wrote:
    probably a dumb question, but could a rogue server make article path
    headers appear to be downstream from "googlegroups" as the beginning
    in a path, when in fact it might not be, but was somehow modified in
    order to hide the actual source, e.g. this hypothetical path example:

    I think that a rogue server that peers with other servers would be
    allowed to present anything that the rogue server wanted to in the articles.

    Well, save for things that the receiving server would (should) reject;
    e.g. anything pretending to be the receiving server.

    That being said, I don't think that this is very likely as I suspect it
    would be a matter of (short amount of) time before this was detected and
    UDP applied to said rogue server.

    I agree with everything said above, based on an assessment of the facts.
    I'm ignorant. But logical. And sensible.

    I don't speak nntp as well as those here, but I would also think that a
    rogue server could present anything it wants to present, which is why I originally had "assumed" this spam wasn't coming from Google's servers.

    Of course, someone has to peer it, for us to end up seeing it, but notice
    that Google's own DejaGoogle Usenet portal is showing that same spam.
    <https://i.postimg.cc/fyCXPjpR/Google-Groups-Usenet-Portal-spam-20231206-730am.jpg>

    That fact "implies" that Google is indeed the source of this spam
    (since we could "logically assume" that Google users their own servers
    for the DejaNews DejaGoogle portal from Google Groups to Usenet).

    BTW, I entreaty everyone here to spend a minute to complain to Google:
    <https://groups.google.com/g/google-usenet/about>
    This is what that interface initially looks like:
    <https://i.postimg.cc/3JzWxG3f/please-do-this.jpg>

    Then you get the option to send the owners of Google Usenet a complaint.
    <https://i.postimg.cc/mgt9kRxV/googlebug3.jpg>

    More detailed instructions here:
    *Please complain to Google about their spamming of Usenet*
    <https://groups.google.com/g/news.admin.peering/c/xxniDVj3ArI>
    <https://groups.google.com/g/news.admin.net-abuse.usenet/c/fr5MQcarCMM>
    <https://groups.google.com/g/comp.mobile.android/c/hO4JNke1bNc>
    --
    Together, maybe, just maybe, perhaps we can get someone at Google to care.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Patrick@21:1/5 to Wally J on Wed Dec 6 12:09:19 2023
    XPost: news.software.nntp

    On 6/12/2023, Wally J wrote:
    Of course, someone has to peer it, for us to end up seeing it

    The news.dizum.net admin is peering all of that Google spam.
    Whoever that server admin is, he needs to get a knock at his door.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to patrick@oleary.com on Wed Dec 6 18:27:54 2023
    XPost: news.software.nntp

    In article <ukqdcg$3ev56$1@novabbs.org>, Patrick <patrick@oleary.com> wrote: >On 6/12/2023, Wally J wrote:
    Of course, someone has to peer it, for us to end up seeing it

    The news.dizum.net admin is peering all of that Google spam.
    Whoever that server admin is, he needs to get a knock at his door.

    And Giganews as well!
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Patrick on Wed Dec 6 12:43:21 2023
    XPost: news.software.nntp

    On 12/6/23 12:09, Patrick wrote:
    The news.dizum.net admin is peering all of that Google spam.
    Whoever that server admin is, he needs to get a knock at his door.

    Remember, the choice to carry a feed or not is up to each news server administrator.

    This applies to all server administrators.

    If one server administrator wants to carry news from a spammy source,
    that's their prerogative just like it's other news administrators
    prerogative if they want to carry news from the previous news administrator.

    I find it entertaining how quickly I've seen things progress along the
    line from "YOU CAN'T FILTER" to "complain to the admin that isn't
    filtering (Google)".



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From D@21:1/5 to The Doctor on Wed Dec 6 18:49:32 2023
    On Wed, 6 Dec 2023 18:27:54 -0000 (UTC), doctor@doctor.nl2k.ab.ca (The Doctor) wrote:
    In article <ukqdcg$3ev56$1@novabbs.org>, Patrick <patrick@oleary.com> wrote: >>On 6/12/2023, Wally J wrote:
    Of course, someone has to peer it, for us to end up seeing it

    The news.dizum.net admin is peering all of that Google spam.
    Whoever that server admin is, he needs to get a knock at his door.

    And Giganews as well!

    as for the living legend . . . they better watch out for his cat! https://dizum.com/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Frank Slootweg on Wed Dec 6 14:24:24 2023
    XPost: news.software.nntp

    Frank Slootweg <this@ddress.is.invalid> wrote

    Ted Heise <theise@panix.com> wrote:
    On 6 Dec 2023 09:41:51 GMT,
    Frank Slootweg <this@ddress.is.invalid> wrote:
    Wally J <walterjones@invalid.nospam> wrote:
    Frank Slootweg <this@ddress.is.invalid> wrote

    Duh! The *point* is that - on a properly configured server
    - the PATH header *is* "fully controlled by the server", so
    it's *not* "fungible".

    As I said, I'll defer to your knowledge, Frank. Otherwise I
    have to dig up the cites but all I want you to do is agree
    that we discussed this twice.

    Now three times.

    You didn't say we discussed this - which indeed we did - but
    said we *tested* this:

    <WJ>
    Absolutely you are correct. The only two headers that I'm aware
    of that are "harder" to spoof are the path (which I tested once
    with Frank Slootweg to see what we could inject into the path)
    and now I foound out the injection header also.
    </WJ>

    I objected to *that*, hence I wrote:

    <FS>
    For the record, I never "tested" spoofing the PATH header with
    you, because - being an ex News admin - I knew the PATH header
    can't be 'spoofed' (read: preloaded) - by a newsreader user -
    on a properly configured News server.
    </FS>

    Piping up with some trepidation, but feel a need to point out it
    may depend on how one interprets "which I tested once with Frank
    Slootweg." Wally did say *he* tested it, and the "with" part is
    perhaps ambiguous. For example, it could mean "taking into
    account input from discussions with Frank." Of course, it could
    also mean the testing was done with Frank, which seems to be not
    the case.

    Yes, I know what he wrote was ambiguous (and I'm sure purposely so),
    that's why I removed the ambiguity with my "For the record, I never
    "tested" ..." response. But he didn't get that (or rather he chose not
    to get it).

    Ted out.

    Jesus Christ Frank, you can exasperate even me, and I'm the one who waited
    five hours for Google to pick up the phone so it's not easy to fluster me.

    Does _every_ post have to be vetted by your lawyer before you accept
    that Usenet is a colloquial medium - and not peer-reviewed research?

    Please send me the email of your lawyer so he can vet this next post.

    A. First, I had responded to an iKook who claimed the newsreader
    header was inviolable, and Frank vehemently and repeatedly
    disputed that the headers could be munged at all.
    B. Then I patiently explained (multiple times) to Frank that
    speaking to an ignorant iKook is different than speaking with him.
    C. Frank _still_ disputed the facts (as Frank is want to do)...
    D. So I again patiently explained to Frank by showing him my tests.

    Now we have to deal with this again?
    And again?
    And again?

    Jesus Christ Frank.

    Please send me your mom's email so that she can vet this post
    to your liking as it still probably isn't explicit enough for you.

    I had already written the below response up before I saw this crap.

    Frank Slootweg <this@ddress.is.invalid> wrote

    Well, you did this time [1]. Guessing what you wrote, instead of knowing/checking what you actually wrote, despite my clue-by-four.

    OK. I admit you didn't test anything. You never do.
    You simply disputed everything. You always do.

    So is _this summary_ precise enough yet for you Frank?
    a. I tested it.
    b. We discussed those tests.
    c. Three times now.

    Is _that_ precise enough of a summary for you, Frank?
    --
    Let's write down this message-ID so that the next time you dispute every
    word said because it's not precise enough for you, we'll have it handy.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Slootweg@21:1/5 to Wally J on Wed Dec 6 19:11:42 2023
    XPost: news.software.nntp

    Disclaimer: My apologies to the rest of the audience. I'll try to keep
    it short, but this personal abuse has to be dealt with.

    Wally J <walterjones@invalid.nospam> wrote:
    [...]

    Does _every_ post have to be vetted by your lawyer before you accept
    that Usenet is a colloquial medium - and not peer-reviewed research?

    Yes, Usenet is a colloquial medium. That's why if someone posts
    something which isn't quite correct, another poster can clarify/correct
    and we all live happily ever after.

    *Except* when the first poster is 'Arlen Holder' (or any other of his
    eighty or so nyms) who can't handle being corrected, gets his knickers
    in a twist and gets into an endless beating around the bush routine.

    Please send me the email of your lawyer so he can vet this next post.

    A. First, I had responded to an iKook who claimed the newsreader
    header was inviolable, and Frank vehemently and repeatedly
    disputed that the headers could be munged at all.

    And there you fsck up *again*! (Of course) I did no such thing. So you
    might as well quit while you're behind.

    Do us all a favour: Don't ruin this newsgroup with your nonsensical
    rants, like you've done - and are still doing - with so many other
    groups.

    [Rest of rant deleted.]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Don@21:1/5 to Grant on Wed Dec 6 19:52:12 2023
    XPost: news.software.nntp

    Grant wrote:
    Patrick wrote:
    The news.dizum.net admin is peering all of that Google spam.
    Whoever that server admin is, he needs to get a knock at his door.

    Remember, the choice to carry a feed or not is up to each news server administrator.

    This applies to all server administrators.

    If one server administrator wants to carry news from a spammy source,
    that's their prerogative just like it's other news administrators
    prerogative if they want to carry news from the previous news administrator.

    I find it entertaining how quickly I've seen things progress along the
    line from "YOU CAN'T FILTER" to "complain to the admin that isn't
    filtering (Google)".

    Yes! ROTFL.

    dizum has an anonymity agenda. Although YMMV, an excerpt of pertinent
    dizum headers tells /me/ everything there is to know about dizum:

    Path: sewer!news.dizum.net!not-for-mail
    Organization: dizum.com - The Internet Problem Provider
    Injection-Info: sewer.dizum.com

    Besides dizum, many other news hosts also peer with google-groups.

    ###

    On another note, a change in my own news host's pseudo peers now
    provides a proper Path: to implement Stéphane's suggestion:

    $BADPATHS=google-groups.googlegroups.com
    ME/$BADPATHS:::

    Danke,

    --
    Don, KB7RPU, https://www.qsl.net/kb7rpu
    There was a young lady named Bright Whose speed was far faster than light;
    She set out one day In a relative way And returned on the previous night.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Wally J on Wed Dec 6 14:45:29 2023
    XPost: news.software.nntp

    On 12/6/23 14:38, Wally J wrote:
    a. I was corrected numerous times, Frank, e.g., by Grant Taylor.

    Hey now, don't bring me into this. I have a reputation to hold down.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Frank Slootweg on Wed Dec 6 16:38:10 2023
    XPost: news.software.nntp

    Frank Slootweg <this@ddress.is.invalid> wrote

    who can't handle being corrected

    Frank

    I'm going to write this to you as if you own adult comprehensive skills.

    ACTION FOR FRANK:
    1. First, read your own posts in this thread.
    2. Then, read mine.

    HINT #1:
    a. I was corrected numerous times, Frank, e.g., by Grant Taylor.
    b. And I took that correction like an adult should, Frank, now didn't I?

    HINT #2:
    A. You repeatedly ascribed ill intent on my part in your posts, Frank.
    B. And then you bring up unrelated privacy issues you don't understand.

    REQUEST FOR FRANK:
    Act like an adult would, for once, Frank.

    ADULT LOGIC:
    Yes, Usenet is colloquial.
    But don't use that as your paramount excuse to accuse others of ill intent.

    In summary, if you can't comprehend what I'm proving to you, then I gave
    you far too much credit already for being intelligent enough to do so.

    Let's stop this childish idiocy of yours you always foment, Frank.
    Please.
    --
    Usenet is water under the bridge, Frank.
    Act civilly to me and I'll respond in kind.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Wed Dec 6 21:29:50 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    a. I was corrected numerous times, Frank, e.g., by Grant Taylor.

    Hey now, don't bring me into this. I have a reputation to hold down.

    The point was Frank accused me of something that simply isn't the case.

    I know you're joking above but the moment Frank Slootweg starts trolling a thread with his personal attacks claiming that colloquial speech is ill intended, the thread gets derailed to whatever Frank wants it to become.

    This thread is about peering.
    Not about Frank.

    Despite that, Frank wants this thread to be all about him - and he's told
    us that numerous times - but what I'll do in this thread moving forward to prevent Frank's attacks is ignore Frank's purposefully off topic trolling.

    Frank - *I will only respond to you if you can stay on topic please.*

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to snipeco.2@gmail.com on Wed Dec 6 21:25:10 2023
    XPost: news.software.nntp

    Sn!pe <snipeco.2@gmail.com> wrote

    I can respect that

    Your OT trolling (& personal attacks) attempting to derail this thread are
    duly noted; but what you should be respecting is the topic of this thread.

    Who do you think is peering all these spams coming out of Google?
    We've noted giganews, individual and highwinds so far, but there are more.

    Who else have you found to be peering spam emanating from Google groups?

    And what do you think the best solution might be to protect the fragile
    deja google search engine (which is very useful for millions of lookups)?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to snipeco.1@gmail.com on Thu Dec 7 12:20:48 2023
    XPost: news.software.nntp

    In article <1qld835.q80bavucvhs1N%snipeco.2@gmail.com>,
    Sn!pe <snipeco.1@gmail.com> wrote:
    Wally J <walterjones@invalid.nospam> wrote:

    Sn!pe <snipeco.2@gmail.com> wrote

    I can respect that


    Your OT trolling (& personal attacks) attempting to derail this thread are >> duly noted; but what you should be respecting is the topic of this thread. >>
    Who do you think is peering all these spams coming out of Google?
    We've noted giganews, individual and highwinds so far, but there are more. >>
    Who else have you found to be peering spam emanating from Google groups?

    And what do you think the best solution might be to protect the fragile
    deja google search engine (which is very useful for millions of lookups)?


    IMO the DejaNews archive is so debased that it's next to useless.


    Thank you Google for that!

    I take a simple approach to Googlespam - I mark all GG posts as
    read unless I have the poster whitelisted. Life is too short to
    play whack-a-mole.

    I'm sorry if you perceive my respectful comments (which you have
    declined to quote) as abusive. I assure you that I am not trolling.
    I had a comment to make, I made it, and now I am perfectly content
    to disengage. Feel free to have the last word, Wally.


    I wonder if a class action lawsuit against Google would get their attentino.

    --
    ^^. Sn!pe, PA, FIBS - Professional Crastinator.
    My pet rock Gordon just said "Don't Be Evil!"

    Google Groups articles are not seen here unless poster is whitelisted.


    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to The Doctor on Thu Dec 7 09:34:43 2023
    XPost: news.software.nntp

    On 12/7/23 06:20, The Doctor wrote:
    I wonder if a class action lawsuit against Google would get their attentino.

    I'm quite certain that it would get the lawyercats attention.

    I don't know what the result of that attention would be. I think it's a
    three way split between more of what they are doing now (marking some
    groups read-only), actually fixing the spam (to a very large degree), or termination of the Google Groups Usenet gateway.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to gtaylor@tnetconsulting.net on Fri Dec 8 00:12:20 2023
    XPost: news.software.nntp

    In article <uksomj$ugp$1@tncsrv09.home.tnetconsulting.net>,
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    On 12/7/23 06:20, The Doctor wrote:
    I wonder if a class action lawsuit against Google would get their attentino.

    I'm quite certain that it would get the lawyercats attention.

    I don't know what the result of that attention would be. I think it's a >three way split between more of what they are doing now (marking some
    groups read-only), actually fixing the spam (to a very large degree), or >termination of the Google Groups Usenet gateway.


    So a win for the complainant.



    --
    Grant. . . .



    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Don@21:1/5 to Don on Fri Dec 8 00:41:13 2023
    XPost: news.software.nntp

    Don wrote:
    Grant wrote:
    Patrick wrote:
    The news.dizum.net admin is peering all of that Google spam.
    Whoever that server admin is, he needs to get a knock at his door.

    Remember, the choice to carry a feed or not is up to each news server
    administrator.

    This applies to all server administrators.

    If one server administrator wants to carry news from a spammy source,
    that's their prerogative just like it's other news administrators
    prerogative if they want to carry news from the previous news administrator. >>
    I find it entertaining how quickly I've seen things progress along the
    line from "YOU CAN'T FILTER" to "complain to the admin that isn't
    filtering (Google)".

    Yes! ROTFL.

    dizum has an anonymity agenda. Although YMMV, an excerpt of pertinent
    dizum headers tells /me/ everything there is to know about dizum:

    Path: sewer!news.dizum.net!not-for-mail
    Organization: dizum.com - The Internet Problem Provider
    Injection-Info: sewer.dizum.com

    Besides dizum, many other news hosts also peer with google-groups.

    ###

    On another note, a change in my own news host's pseudo peers now
    provides a proper Path: to implement Stéphane's suggestion:

    $BADPATHS=google-groups.googlegroups.com
    ME/$BADPATHS:::

    There's one more thing - dizum is a remailer. And, although it offers a mail2news gateway, it is not a news host.

    Danke,

    --
    Don, KB7RPU, https://www.qsl.net/kb7rpu
    There was a young lady named Bright Whose speed was far faster than light;
    She set out one day In a relative way And returned on the previous night.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Don@21:1/5 to All on Fri Dec 8 03:41:18 2023
    XPost: news.software.nntp

    D wrote:
    Don wrote:
    Don wrote:

    <snip>

    dizum has an anonymity agenda. Although YMMV, an excerpt of pertinent
    dizum headers tells /me/ everything there is to know about dizum:
    Path: sewer!news.dizum.net!not-for-mail
    Organization: dizum.com - The Internet Problem Provider
    Injection-Info: sewer.dizum.com
    Besides dizum, many other news hosts also peer with google-groups.

    <snip>

    There's one more thing - dizum is a remailer. And, although it offers a >>mail2news gateway, it is not a news host.

    news.dizum.net

    Bless you for setting me straight! It makes me very happy to discover the
    dizum newshost. It will be immediately put to good use.

    news.admin.peering re-added to header in case anyone encounters my bad
    info in the group at a later date.

    Danke,

    --
    Don, KB7RPU, https://www.qsl.net/kb7rpu
    There was a young lady named Bright Whose speed was far faster than light;
    She set out one day In a relative way And returned on the previous night.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Don on Fri Dec 8 12:13:55 2023
    XPost: news.software.nntp

    Don <g@crcomp.net> wrote

    Bless you for setting me straight! It makes me very happy to discover the dizum newshost. It will be immediately put to good use.

    news.admin.peering re-added to header in case anyone encounters my bad
    info in the group at a later date.

    I happen to use a different news host for each newsgroup (for privacy
    reasons, that's why) where I just checked & dizum today is 95.5% Google
    spam (1687 new articles, 9 of which made it past my google spam filter).

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Wally J on Fri Dec 8 12:16:11 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> wrote

    I just checked & dizum today is 95.5% Google
    spam (1687 new articles, 9 of which made it past my google spam filter).

    BTW, here's a re-post of what was just posted to the Android newsgroup.
    It discusses that articles are pulled and then the filters are run.
    In the case of the Android newsgroup today, 95.5% of it is now spam.

    ======< this is a re-post of that article just now on c.m.a >======


    On 2023-12-06 21:22, micky wrote:
    Wow, just now 25 real posts and 2600 spam. Thank goodness for filters.

    Where? I only saw one or two, in this group at least.

    Don't you understand how it works?
    It depends whether your service provider is filtering or not.

    My goodness, Carlos!

    Do you really think I didn't know?

    You are a fun spoiler.

    On News.Individual.Net there are big holes in the article number
    ranges, i.e. where the spam articles were before they got (locally)
    canceled.

    For safety reasons, I pull only 50 articles at a time, but because of >>> the holes, each pull actually pulls only a few or no articles.

    Because today my own posts from yesterday appeared, I found out that
    my pulls have a backlog of some 2000 (mostly non-existing) articles.

    So if I'm slow in responding, you know why! :-) Just blame Google
    (Groups).

    Two or three times, start of day, machine booted or coming from
    suspend/hibernation, Thunderbird asks for permission to download 3000
    headers. But then just a few actually show up.

    Maybe TB is just looking at the index number, and as you say, there are
    holes.

    Frank Slootweg <this@ddress.is.invalid> wrote

    Trying to load 3000 articles is probably enough. Over the past few
    days, I've seen article number deltas of some 2000 per day.

    I thank Carlos & Frank for their civil discussion of what's going on.
    We can all learn from Frank's assessment of the nntp server facts.

    A newsreader can only ask for headers by article numbers, because
    while it does know past article numbers (and so can ask for the next
    ones), it does not know the message-ids of the next ones (because the message-ids are in the headers which it still has to fetch).

    So the newsreader only gets the headers for the articles which
    actually exist, not for the (spam) articles which have been (locally) canceled by the news server.

    So your 3000 headers at a time works for you.

    I have my scripts set to download all available headers, which is likely
    why I've been noticing slowdowns when only 10 headers show up but it seems
    like it's taking the time to download thousands of headers instead.

    Thanks for assessing the facts which I have been seeing on my end.

    I OTOH have to do it bit by bit, because my local news server
    (Hamster) does the fetching of headers and articles and I do not want to
    risk loading *other* (than this GG) 'spam', because I keep my groups 'forever' (currently upto some 20 years) and Hamster has no way of
    deleting (local cancel) already received articles, so this spam would
    forever pollute my local news server (and hence its disk space, backup, etc.).

    I use a variety of news servers where I looked into my log file and it
    seems the incoming server I used for Android just got almost 1,700 headers.

    Only 9 of which showed up after my kill-all-google-spam filters kicked in. That's about 1/2 of 1% of the messages are real messages. 99.5% are spam.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to The Doctor on Fri Dec 8 19:02:20 2023
    XPost: news.software.nntp

    The Doctor <doctor@doctor.nl2k.ab.ca> wrote

    I don't know what the result of that attention would be. I think it's a >>three way split between more of what they are doing now (marking some >>groups read-only), actually fixing the spam (to a very large degree), or >>termination of the Google Groups Usenet gateway.


    So a win for the complainant.

    It seems pretty clear now, even as it wasn't at all clear to me in the beginning that what you guys knew is most likely the situation here.

    1. Google is (knowingly?) allowing their users to create this spam
    2. Google doesn't seem to care some newsgroups are now 95.5% spam
    3. People can complain to the Google Groups Usenet portal if they like
    <https://groups.google.com/g/google-usenet/about>
    4. But that's about it for what you can realistically do with Google
    (don't even think about calling them at 650-253-0000 as I've tried)
    5. The suggestion of "de-peering" needs to be directed to some servers
    (most notably which seem to be highwinds, giganews & individual)

    If someone can post the 'de-peering' contacts for those three servers,
    then maybe we can send them a message letting them know of the problem.
    --
    "*Contact Owners and Managers of Google Usenet*"
    Google Usenet (google-usenet@googlegroups.com)
    <https://groups.google.com/g/google-usenet/about>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to walterjones@invalid.nospam on Sat Dec 9 00:08:05 2023
    XPost: news.software.nntp

    In article <ul079r$2311s$1@paganini.bofh.team>,
    Wally J <walterjones@invalid.nospam> wrote:
    The Doctor <doctor@doctor.nl2k.ab.ca> wrote

    I don't know what the result of that attention would be. I think it's a >>>three way split between more of what they are doing now (marking some >>>groups read-only), actually fixing the spam (to a very large degree), or >>>termination of the Google Groups Usenet gateway.


    So a win for the complainant.

    It seems pretty clear now, even as it wasn't at all clear to me in the >beginning that what you guys knew is most likely the situation here.

    1. Google is (knowingly?) allowing their users to create this spam
    2. Google doesn't seem to care some newsgroups are now 95.5% spam
    3. People can complain to the Google Groups Usenet portal if they like
    <https://groups.google.com/g/google-usenet/about>
    4. But that's about it for what you can realistically do with Google
    (don't even think about calling them at 650-253-0000 as I've tried)
    5. The suggestion of "de-peering" needs to be directed to some servers
    (most notably which seem to be highwinds, giganews & individual)

    If someone can post the 'de-peering' contacts for those three servers,
    then maybe we can send them a message letting them know of the problem.

    That would be one way.

    giganews is one peer.

    --
    "*Contact Owners and Managers of Google Usenet*"
    Google Usenet (google-usenet@googlegroups.com) <https://groups.google.com/g/google-usenet/about>


    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Heiko Schlichting@21:1/5 to Wally J on Sat Dec 9 11:15:45 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> wrote:
    5. The suggestion of "de-peering" needs to be directed to some servers
    (most notably which seem to be highwinds, giganews & individual)

    If someone can post the 'de-peering' contacts for those three servers,
    then maybe we can send them a message letting them know of the problem.

    We follow the discussion here and are aware of the Google spam problem. We
    also have some anti-spam measures for our reader servers. But it is really
    easy to find our contact address (news@individual.net) on https://news.individual.net/

    In the past, issuing a UDP has often not been particularly successful.

    Heiko (for Newsmaster-Team of individual.net)

    https://en.wikipedia.org/wiki/Usenet_Death_Penalty

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Slootweg@21:1/5 to Wally J on Sun Dec 10 19:24:32 2023
    XPost: news.software.nntp

    [Troll group snecked.]

    Wally J <walterjones@invalid.nospam> wrote:
    [...]

    The bad news servers, apparently, are these three, in order (AFAIK):
    1. Highwinds
    2. Giganews
    3. Individual

    But I could be wrong on that as I don't know nntp like Frank Slootweg does.

    I have no indication that News.Individual.Net is a direct peer (of
    Google Groups), but also no indication of the contrary.

    Anyway, the consensus in the relevant groups is that a direct peer is
    not in any way "bad". If it was, the admins would have depeered them.

    [...]

    These three news server admins are, in a word, complete assholes.
    1. Highwinds
    2. Giganews
    3. Individual

    You owe the admin(s) of News.Individual.Net an apology and quick smart
    too!

    You asked (in this thread) for the "'de-peering' contacts" (which is a non-concept) - which was unneeded, because it is in plain sight and
    standard -, but one the admins of News.Individual.Net responded anyway.
    AFAICT, you didn't even bother to respond to him, let alone thank him.

    So if there's any "asshole", ....

    [...]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Heiko Schlichting on Sun Dec 10 15:18:35 2023
    XPost: news.software.nntp

    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote

    Wally J <walterjones@invalid.nospam> wrote:
    5. The suggestion of "de-peering" needs to be directed to some servers
    (most notably which seem to be highwinds, giganews & individual)

    If someone can post the 'de-peering' contacts for those three servers,
    then maybe we can send them a message letting them know of the problem.

    We follow the discussion here and are aware of the Google spam problem. We also have some anti-spam measures for our reader servers. But it is really easy to find our contact address (news@individual.net) on https://news.individual.net/

    In the past, issuing a UDP has often not been particularly successful.

    Heiko (for Newsmaster-Team of individual.net)

    https://en.wikipedia.org/wiki/Usenet_Death_Penalty

    Oh wow! Brian Gregory was _correct_ about your service, Mr. Schlichting!
    <https://groups.google.com/g/news.admin.peering/c/xxniDVj3ArI/m/WfJqjUVPAQAJ>

    You _do_ care about this google-groups-99.5%-spam-on-usenet problem!
    (Note that I'm surprised. Humbled. Gratified. And humiliated!)

    I have never worked with you - but I have tried, in the past, to get
    spammers off of the various servers (as explained in articles cited below).

    I humbly apologize to you.
    Sincerely.
    Directly.
    And apologetically.

    Mea culpa.

    Unfortunately, only moments before I saw your article above, I posted this (which I now belatedly would wish I had learned how to _cancel_ years ago).
    <https://groups.google.com/g/news.admin.peering/c/AgrNUeZuAkw/m/wjFb9mb3AAAJ>

    I will issue a humble but well-intended sincere retraction of my
    deprecating comments about you (where I had accidentally lumped you into
    the same category as the news server admins for Highwinds & Giganews).

    The very fact you know about the issue & that you care about the issue
    enough to respond to the people who most care about Usenet, is gratifying.

    I openly and publicly apologize to you for deprecating you moments ago.
    I am sorry.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Slootweg@21:1/5 to Wally J on Sun Dec 10 19:44:39 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> wrote:
    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote

    [Most addressed in my response of a little earlier, so only some loose
    ends.]

    Oh wow! Brian Gregory was _correct_ about your service, Mr. Schlichting!
    <https://groups.google.com/g/news.admin.peering/c/xxniDVj3ArI/m/WfJqjUVPAQAJ>

    Don't use Google Groups URLs, but use message-ids or use both.

    Google Groups doesn't show the full article and given the message-id,
    users can use other means.

    And especially in this (and similar) thread, using *Google Groups*
    references is quite silly, don't you agree!?

    [...]

    Unfortunately, only moments before I saw your article above, I posted this (which I now belatedly would wish I had learned how to _cancel_ years ago).
    <https://groups.google.com/g/news.admin.peering/c/AgrNUeZuAkw/m/wjFb9mb3AAAJ>

    I will issue a humble but well-intended sincere retraction of my
    deprecating comments about you (where I had accidentally lumped you into
    the same category as the news server admins for Highwinds & Giganews).

    So your qualification and insulting of the Highwinds & Giganews admins
    is OK?

    [...]

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Frank Slootweg on Sun Dec 10 15:38:12 2023
    XPost: news.software.nntp

    Frank Slootweg <this@ddress.is.invalid> wrote

    I have no indication that News.Individual.Net is a direct peer (of
    Google Groups), but also no indication of the contrary.

    I will now, belatedly, agree with Frank Slootweg that the admins of News.Individual.Net have responded just recently that
    a. They're aware of the issue
    b. They care, and,
    c. They're doing something about it.

    I apologize for deprecating them, which was based on my lack of information about them. Mea culpa.

    You owe the admin(s) of News.Individual.Net an apology and quick smart
    too!

    Thank you Frank for suggesting that apology, which, you'll note, was quick smart sooner than you even could think imaginable, as you know me well in
    that I am always ready to admit my mistakes when I make them (and I do).

    It was my mistake alone to lump the admins of Individual with the likes of Highwinds (whom I've never gotten any response to in _many_ requests) and Giganews.

    I apologize directly and humbly and sincerely to the Individual.net admins.
    (If I knew how to cancel via telnet, I would try it if it's possible.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Slootweg@21:1/5 to Wally J on Sun Dec 10 20:06:31 2023
    XPost: news.software.nntp

    Wally J <walterjones@invalid.nospam> wrote:
    Frank Slootweg <this@ddress.is.invalid> wrote

    I have no indication that News.Individual.Net is a direct peer (of
    Google Groups), but also no indication of the contrary.

    I will now, belatedly, agree with Frank Slootweg that the admins of News.Individual.Net have responded just recently that
    a. They're aware of the issue
    b. They care, and,
    c. They're doing something about it.

    I apologize for deprecating them, which was based on my lack of information about them. Mea culpa.

    You owe the admin(s) of News.Individual.Net an apology and quick smart too!

    Thank you Frank for suggesting that apology, which, you'll note, was quick smart sooner than you even could think imaginable, as you know me well in that I am always ready to admit my mistakes when I make them (and I do).

    Good.

    I saw your apology directly after my response. That happens.

    It was my mistake alone to lump the admins of Individual with the likes of Highwinds (whom I've never gotten any response to in _many_ requests) and Giganews.

    A bad experience is no excuse for public insults, especially not when
    the insulted party is not even present. Also you're not their customer.
    At best, you're a customer of one of their customers. So any complaints
    should go to their customer. Seeing you couldn't be bothered to use the
    obvious way to contact the NIN admin(s), I doubt you used the right way
    to contact Highwinds/Giganews.

    I apologize directly and humbly and sincerely to the Individual.net admins. (If I knew how to cancel via telnet, I would try it if it's possible.

    Very few - if any - News servers honour cancel commands/control-messages
    from users (or other servers for that matter). Way too easy to abuse.
    For all intents and purposes, cancels do not work. (They only worked in
    The Good Old Days (TM), when everybody was still behaving.)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Frank Slootweg on Sun Dec 10 14:15:50 2023
    XPost: news.software.nntp

    On 12/10/23 14:06, Frank Slootweg wrote:
    Very few - if any - News servers honour cancel commands/control-messages from users (or other servers for that matter). Way too easy to abuse.
    For all intents and purposes, cancels do not work. (They only worked in
    The Good Old Days (TM), when everybody was still behaving.)

    I wonder if there's any room for, or value in, network providing a
    gateway that takes locally originated cancels (preferably from an
    authenticated user on the reader server they use) and convert them into
    a NoCeM.



    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From D@21:1/5 to snipeco.2@Use.Reply-To.Address.inva on Mon Dec 11 01:08:41 2023
    On Mon, 11 Dec 2023 00:05:34 +0000, snipeco.2@Use.Reply-To.Address.invalid (Sn!pe) wrote:
    Wally J <walterjones@invalid.nospam> wrote:
    [...]

    The iKooks are, by way of stark contrast, _never_ purposefully helpful.
    They're the antithesis of me, which is why I despise their very existence. >> They wouldn't stick out a finger to help anyone - and - in fact - they'd go >> well out of their way to make life miserable for any innocent poster here. >[...]

    Wally J, you are either trolling or just very rude; which is it?

    as an amateur and outsider to any of these high-level discussions among professional news server administrators, it does seem peculiar that the
    op of this burgeoning thread message-id ukinav$m4i7$1@paganini.bofh.team
    seems prolific yet discourteous for such an elderly and experienced soul; exactitude should be the minimum standard for discussing important topics

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Heiko Schlichting@21:1/5 to Frank Slootweg on Mon Dec 11 08:40:27 2023
    XPost: news.software.nntp

    Frank Slootweg <this@ddress.is.invalid> wrote:

    I have no indication that News.Individual.Net is a direct peer (of
    Google Groups), but also no indication of the contrary.

    News.Individual.Net is handled on our reader servers. The peering with
    Google takes place on our feeder server (newsfeed.fu-berlin.de) which is operated by the same news admin team. So we are responsible for the
    peering, but not for the Spam itself.

    We do care about the Spam flood posted via Google Groups but as a German
    state university we do not have any influence on Google. But - if
    necessary - we would stop our long time peering with Google. Unfortunately,
    as an isolated action, this doesn't make a positive difference. We will continue to follow the discussion here closely.

    Heiko (for Newsmaster-Team of individual.net)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From D@21:1/5 to snipeco.2@Use.Reply-To.Address.inva on Mon Dec 11 14:24:26 2023
    On Mon, 11 Dec 2023 01:45:17 +0000, snipeco.2@Use.Reply-To.Address.invalid (Sn!pe) wrote:
    D <noreply@mixmin.net> wrote:
    On Mon, 11 Dec 2023 00:05:34 +0000,
    snipeco.2@Use.Reply-To.Address.invalid (Sn!pe) wrote:
    Wally J <walterjones@invalid.nospam> wrote:
    [...]
    The iKooks are, by way of stark contrast, _never_ purposefully helpful. >> >> They're the antithesis of me, which is why I despise their very existence.
    They wouldn't stick out a finger to help anyone - and - in fact - they'd go
    well out of their way to make life miserable for any innocent poster here.
    [...]
    Wally J, you are either trolling or just very rude; which is it?

    as an amateur and outsider to any of these high-level discussions among
    professional news server administrators, it does seem peculiar that the
    op of this burgeoning thread message-id ukinav$m4i7$1@paganini.bofh.team
    seems prolific yet discourteous for such an elderly and experienced soul;
    exactitude should be the minimum standard for discussing important topics

    I too am only an amateur but interested lurker; I've read the whole of
    nap and nsn for several months before "Wally J" began this thread.
    I note that it was "Wally J" who added the crosspost to >misc.phone.mobile.iphone three articles upthread from this one.
    Message-ID: <ul51vm$2k18f$1@paganini.bofh.team>
    While I have no concrete evidence other than style, IMO it's Arlen.

    every busy newsgroup has been continually infiltrated and occupied by
    "tokyo rose" troll farms promoting obfuscation, confusion, mediocrity,
    vanity, politics, religion, sectarianism, demoralization, mendacities,
    business as usual; and not only them, but others perhaps unwitting of
    the collective process, idealists, activists, and so forth, have each contributed their own part along the way; alas, no one can fight city
    hall; e.g. in the context of hailing the google ghost ship, good luck

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Heiko Schlichting on Mon Dec 11 09:02:32 2023
    XPost: news.software.nntp

    On 12/11/23 02:40, Heiko Schlichting wrote:
    News.Individual.Net is handled on our reader servers. The peering with
    Google takes place on our feeder server (newsfeed.fu-berlin.de) which is operated by the same news admin team. So we are responsible for the
    peering, but not for the Spam itself.

    ACK

    We do care about the Spam flood posted via Google Groups

    DoubleACK

    but as a German state university we do not have any influence on Google.

    Do you as a Google peer have any contacts inside of Google?

    The last time I tried to interact with the newsmaster(s) at Google ended
    poorly with a refusal to create some new groups being created at the
    time (either Mozilla adjacent and / or Windows 10) with some other disheartening outcome.

    I would /hope/ -- but not hold my breath -- that you have a bit more
    influence /as/ /a/ /peer/ than others around the world / Internet.

    But - if necessary - we would stop our long time peering with Google.

    I appreciate that you are willing to de-peer Google if it comes to that.

    Unfortunately,
    as an isolated action, this doesn't make a positive difference. We will continue to follow the discussion here closely.

    I would encourage you and your colleagues to start thinking about what
    actions would warrant de-peering Google to you / your team, along with
    any communications you might want to have with Google regarding -- what
    I consider to be -- blatant spam spewing from them.

    Again, I would hope, that as a peer, you might be able to contact
    someone in Google and get them to try to stem the tide.

    Thank you for your consideration, whatever that ends up being.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Mon Dec 11 11:11:34 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    Again, I would hope, that as a peer, you might be able to contact
    someone in Google and get them to try to stem the tide.

    100% agree with both Grant and Heiko (and much appreciate their actions!).

    As with Grant, I was only able to get Google to change their format for the dejaGoogle URIs, but I was not able to get them to add the Windows
    newsgroups or some of the common software newsgroups (tbird, ffox, etc.).

    As with Grant, I would "hope" (to dear God I hope, in fact) that you and
    the other peers to Google have "some method" of getting a hold of them.

    Worst case, there's this URL (which is for the proletariat such as I am).
    <https://groups.google.com/g/google-usenet/about>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to All on Mon Dec 11 09:04:08 2023
    On 12/11/23 08:24, D wrote:
    hailing the google ghost ship

    I like that description. "Google ghost ship" and "hailing" seem to be
    apt descriptions that match my opinion of the situation.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Wally J@21:1/5 to Grant Taylor on Mon Dec 11 11:15:40 2023
    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    On 12/11/23 08:24, D wrote:
    hailing the google ghost ship

    I like that description. "Google ghost ship" and "hailing" seem to be
    apt descriptions that match my opinion of the situation.

    We have Heiko at Individual trying to hail the Google ghost ship.
    What's a good contact for the other two big peers of the Google ghost ship? I'll volunteer to send them each an email (but I don't expect much of it).

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to gtaylor@tnetconsulting.net on Mon Dec 11 16:22:49 2023
    XPost: news.software.nntp

    In article <ul78a8$66j$2@tncsrv09.home.tnetconsulting.net>,
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    On 12/11/23 02:40, Heiko Schlichting wrote:
    News.Individual.Net is handled on our reader servers. The peering with
    Google takes place on our feeder server (newsfeed.fu-berlin.de) which is
    operated by the same news admin team. So we are responsible for the
    peering, but not for the Spam itself.

    ACK

    We do care about the Spam flood posted via Google Groups

    DoubleACK

    but as a German state university we do not have any influence on Google.

    Do you as a Google peer have any contacts inside of Google?

    The last time I tried to interact with the newsmaster(s) at Google ended >poorly with a refusal to create some new groups being created at the
    time (either Mozilla adjacent and / or Windows 10) with some other >disheartening outcome.

    I would /hope/ -- but not hold my breath -- that you have a bit more >influence /as/ /a/ /peer/ than others around the world / Internet.

    But - if necessary - we would stop our long time peering with Google.

    I appreciate that you are willing to de-peer Google if it comes to that.

    Unfortunately,
    as an isolated action, this doesn't make a positive difference. We will
    continue to follow the discussion here closely.

    I would encourage you and your colleagues to start thinking about what >actions would warrant de-peering Google to you / your team, along with
    any communications you might want to have with Google regarding -- what
    I consider to be -- blatant spam spewing from them.

    Again, I would hope, that as a peer, you might be able to contact
    someone in Google and get them to try to stem the tide.

    Thank you for your consideration, whatever that ends up being.



    Motion 2nded!


    --
    Grant. . . .


    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to heiko@cis.fu-berlin.de on Mon Dec 11 16:21:59 2023
    XPost: news.software.nntp

    In article <kto07rFc2cvU1@mid.uni-berlin.de>,
    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:
    Frank Slootweg <this@ddress.is.invalid> wrote:

    I have no indication that News.Individual.Net is a direct peer (of
    Google Groups), but also no indication of the contrary.

    News.Individual.Net is handled on our reader servers. The peering with
    Google takes place on our feeder server (newsfeed.fu-berlin.de) which is >operated by the same news admin team. So we are responsible for the
    peering, but not for the Spam itself.

    We do care about the Spam flood posted via Google Groups but as a German >state university we do not have any influence on Google. But - if
    necessary - we would stop our long time peering with Google. Unfortunately, >as an isolated action, this doesn't make a positive difference. We will >continue to follow the discussion here closely.

    Heiko (for Newsmaster-Team of individual.net)

    You will make a difference. In depeering GG from your peers,
    you are telling Enough Google! Clean up your act
    if you want to be a good netizen.
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to gtaylor@tnetconsulting.net on Mon Dec 11 16:23:14 2023
    In article <ul78d8$66j$3@tncsrv09.home.tnetconsulting.net>,
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    On 12/11/23 08:24, D wrote:
    hailing the google ghost ship

    I like that description. "Google ghost ship" and "hailing" seem to be
    apt descriptions that match my opinion of the situation.



    One for alt.humor .


    --
    Grant. . . .


    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to walterjones@invalid.nospam on Mon Dec 11 16:25:03 2023
    XPost: news.software.nntp

    In article <ul78r5$2s6eg$1@paganini.bofh.team>,
    Wally J <walterjones@invalid.nospam> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    Again, I would hope, that as a peer, you might be able to contact
    someone in Google and get them to try to stem the tide.

    100% agree with both Grant and Heiko (and much appreciate their actions!).

    As with Grant, I was only able to get Google to change their format for the >dejaGoogle URIs, but I was not able to get them to add the Windows
    newsgroups or some of the common software newsgroups (tbird, ffox, etc.).

    As with Grant, I would "hope" (to dear God I hope, in fact) that you and
    the other peers to Google have "some method" of getting a hold of them.

    Worst case, there's this URL (which is for the proletariat such as I am).
    <https://groups.google.com/g/google-usenet/about>

    About time GG does something about their abuse ,same with GMail.
    I make on Twitter, Facebook and Linkedin daily updates on
    Google abuse occurs when necessary.

    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Heiko Schlichting@21:1/5 to Grant Taylor on Mon Dec 11 17:08:13 2023
    XPost: news.software.nntp

    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    On 12/11/23 02:40, Heiko Schlichting wrote:
    but as a German state university we do not have any influence on Google.

    Do you as a Google peer have any contacts inside of Google?

    We do have a contact address which is many years old and which we will not publish (under no circumstances). We communicate via a generic admin
    address but didn't have any conversation for many, many years. The peering
    is established log time ago and stable since then.

    I would /hope/ -- but not hold my breath -- that you have a bit more influence /as/ /a/ /peer/ than others around the world / Internet.

    One might think. Unfortunately that's not really the case. Sorry.

    Heiko (for Newsmaster-Team of individual.net)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From candycanearter07@21:1/5 to The Doctor on Mon Dec 11 12:14:39 2023
    On 12/11/23 10:25, The Doctor wrote:
    In article <ul792r$2s6nu$1@paganini.bofh.team>,
    Wally J <walterjones@invalid.nospam> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    On 12/11/23 08:24, D wrote:
    hailing the google ghost ship

    I like that description. "Google ghost ship" and "hailing" seem to be
    apt descriptions that match my opinion of the situation.

    We have Heiko at Individual trying to hail the Google ghost ship.
    What's a good contact for the other two big peers of the Google ghost ship? >> I'll volunteer to send them each an email (but I don't expect much of it).

    Go for it!

    Time to stand up to the giant abuser!


    +1
    --
    user <candycane> is generated from /dev/urandom

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to heiko@cis.fu-berlin.de on Mon Dec 11 18:29:49 2023
    XPost: news.software.nntp

    In article <ktotvtFj1sfU1@mid.uni-berlin.de>,
    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    On 12/11/23 02:40, Heiko Schlichting wrote:
    but as a German state university we do not have any influence on Google.

    Do you as a Google peer have any contacts inside of Google?

    We do have a contact address which is many years old and which we will not >publish (under no circumstances). We communicate via a generic admin
    address but didn't have any conversation for many, many years. The peering
    is established log time ago and stable since then.

    I would /hope/ -- but not hold my breath -- that you have a bit more
    influence /as/ /a/ /peer/ than others around the world / Internet.

    One might think. Unfortunately that's not really the case. Sorry.

    Heiko (for Newsmaster-Team of individual.net)

    Do what is right and depeer Google Groups now!
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to no@thanks.net on Mon Dec 11 18:30:02 2023
    In article <ul7jif$38rtp$1@dont-email.me>,
    candycanearter07 <no@thanks.net> wrote:
    On 12/11/23 10:25, The Doctor wrote:
    In article <ul792r$2s6nu$1@paganini.bofh.team>,
    Wally J <walterjones@invalid.nospam> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    On 12/11/23 08:24, D wrote:
    hailing the google ghost ship

    I like that description. "Google ghost ship" and "hailing" seem to be >>>> apt descriptions that match my opinion of the situation.

    We have Heiko at Individual trying to hail the Google ghost ship.
    What's a good contact for the other two big peers of the Google ghost ship? >>> I'll volunteer to send them each an email (but I don't expect much of it). >>
    Go for it!

    Time to stand up to the giant abuser!


    +1

    +2

    --
    user <candycane> is generated from /dev/urandom



    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to All on Mon Dec 11 14:56:22 2023
    On 12/11/23 14:14, Sn!pe wrote:
    The Doctor <doctor@doctor.nl2k.ab.ca> wrote:

    In article <ul7jif$38rtp$1@dont-email.me>,
    candycanearter07 <no@thanks.net> wrote:
    On 12/11/23 10:25, The Doctor wrote:
    In article <ul792r$2s6nu$1@paganini.bofh.team>,
    Wally J <walterjones@invalid.nospam> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote

    On 12/11/23 08:24, D wrote:
    hailing the google ghost ship

    I like that description. "Google ghost ship" and "hailing" seem to be >>>>>> apt descriptions that match my opinion of the situation.

    We have Heiko at Individual trying to hail the Google ghost ship.
    What's a good contact for the other two big peers of the Google ghost >>>>> ship? I'll volunteer to send them each an email (but I don't expect
    much of it).

    Go for it!

    Time to stand up to the giant abuser!


    +1

    +2

    +3, more in hope than expectation.

    +4

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Grant Taylor on Mon Dec 11 14:57:52 2023
    On 12/11/23 14:56, Grant Taylor wrote:
    On 12/11/23 14:14, Sn!pe wrote:
    The Doctor <doctor@doctor.nl2k.ab.ca> wrote:
    In article <ul7jif$38rtp$1@dont-email.me>,
    candycanearter07  <no@thanks.net> wrote:
    On 12/11/23 10:25, The Doctor wrote:
    In article <ul792r$2s6nu$1@paganini.bofh.team>,
    Wally J  <walterjones@invalid.nospam> wrote:
    Time to stand up to the giant abuser!

    +1

    +2

    +3, more in hope than expectation.

    +4

    I usually trim quotes, but I think this is an entertaining exception to
    me. :-D

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From John@21:1/5 to Grant Taylor on Mon Dec 11 20:59:48 2023
    Grant Taylor <gtaylor@aol.com> writes:

    On 12/11/23 14:14, Sn!pe <snip@aol.com> wrote:
    The Doctor <doctor@aol.com> wrote:

    In article <ul7jif$38rtp$1@dont-email.me>,
    candycanearter07 <no@aol.com> wrote:
    [snip]
    +1

    +2
    +3, more in hope than expectation.

    +4

    me too!!!!!111

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Grant Taylor@21:1/5 to Heiko Schlichting on Mon Dec 11 15:53:40 2023
    XPost: news.software.nntp

    On 12/11/23 11:08, Heiko Schlichting wrote:
    We do have a contact address which is many years old and which we will not publish (under no circumstances). We communicate via a generic admin
    address but didn't have any conversation for many, many years. The peering
    is established log time ago and stable since then.

    It might be time to pull that old address out, blow the dust off of it,
    and see if anyone answers.

    One might think. Unfortunately that's not really the case. Sorry.

    Based on my personal experience I'm not going to be surprised if nobody answers.

    N.B. I don't consider an auto-reply referring you to public
    documentation to be a legitimate answer.



    --
    Grant. . . .

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Heiko Schlichting@21:1/5 to The Doctor on Fri Dec 15 08:59:34 2023
    XPost: news.software.nntp

    The Doctor <doctor@doctor.nl2k.ab.ca> wrote:
    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    I would /hope/ -- but not hold my breath -- that you have a bit more
    influence /as/ /a/ /peer/ than others around the world / Internet.

    One might think. Unfortunately that's not really the case. Sorry.

    Do what is right and depeer Google Groups now!

    All peerings with Google will end on 2024-02-22:
    https://support.google.com/groups?p=usenet

    Google also informed their peers like us.

    Until then, there are strong anti-spam measures on our reader servers for
    our customers. We'll see if the spammers look for another news server or
    not. Hopefully not.

    Google's departure will change Usenet again, just as AOL did in
    "September" 1993. For better or worse? We'll find out.

    Heiko (for Newsmaster-Team of individual.net)

    https://en.wikipedia.org/wiki/Eternal_September

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From D@21:1/5 to Heiko Schlichting on Fri Dec 15 13:44:15 2023
    On 15 Dec 2023 08:59:34 GMT, Heiko Schlichting <heiko@cis.fu-berlin.de> wrote: >The Doctor <doctor@doctor.nl2k.ab.ca> wrote:
    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    I would /hope/ -- but not hold my breath -- that you have a bit more
    influence /as/ /a/ /peer/ than others around the world / Internet.
    One might think. Unfortunately that's not really the case. Sorry.
    Do what is right and depeer Google Groups now!

    All peerings with Google will end on 2024-02-22:
    https://support.google.com/groups?p=usenet

    Google also informed their peers like us.
    Until then, there are strong anti-spam measures on our reader servers for
    our customers. We'll see if the spammers look for another news server or
    not. Hopefully not.
    Google's departure will change Usenet again, just as AOL did in
    "September" 1993. For better or worse? We'll find out.
    Heiko (for Newsmaster-Team of individual.net)

    yesterday it was "effective February 15, 2024..." so they're already
    moving the goal posts... ulterior motives should not surprise anyone

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Tom Furie@21:1/5 to noreply@mixmin.net on Fri Dec 15 13:57:09 2023
    D <noreply@mixmin.net> writes:

    yesterday it was "effective February 15, 2024..." so they're already
    moving the goal posts... ulterior motives should not surprise anyone

    It's a two stage separation. Stage one occurs on the 15th, stage two on
    the 22nd.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From D@21:1/5 to Tom Furie on Fri Dec 15 14:52:20 2023
    On Fri, 15 Dec 2023 13:57:09 +0000, Tom Furie <tom@furie.org.uk> wrote:
    D <noreply@mixmin.net> writes:
    yesterday it was "effective February 15, 2024..." so they're already
    moving the goal posts... ulterior motives should not surprise anyone

    It's a two stage separation. Stage one occurs on the 15th, stage two on
    the 22nd.

    maybe stage three on the 29th . . . ad infinitum; just to be on the
    safe side, every news server that hasn't already should immediately
    depeer from the google ghost ship slowly drifting off into oblivion

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to heiko@cis.fu-berlin.de on Fri Dec 15 16:01:00 2023
    XPost: news.software.nntp

    In article <ku2irmFodmsU1@mid.uni-berlin.de>,
    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:
    The Doctor <doctor@doctor.nl2k.ab.ca> wrote:
    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    I would /hope/ -- but not hold my breath -- that you have a bit more
    influence /as/ /a/ /peer/ than others around the world / Internet.

    One might think. Unfortunately that's not really the case. Sorry.

    Do what is right and depeer Google Groups now!

    All peerings with Google will end on 2024-02-22:
    https://support.google.com/groups?p=usenet

    Google also informed their peers like us.

    Until then, there are strong anti-spam measures on our reader servers for
    our customers. We'll see if the spammers look for another news server or
    not. Hopefully not.

    Google's departure will change Usenet again, just as AOL did in
    "September" 1993. For better or worse? We'll find out.

    Heiko (for Newsmaster-Team of individual.net)

    https://en.wikipedia.org/wiki/Eternal_September

    Yay! Anyways I keep seeing 15 Feb 2024 !
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to noreply@mixmin.net on Fri Dec 15 16:04:31 2023
    In article <20231215.134415.7e115a2d@mixmin.net>,
    D <noreply@mixmin.net> wrote:
    On 15 Dec 2023 08:59:34 GMT, Heiko Schlichting <heiko@cis.fu-berlin.de> wrote: >>The Doctor <doctor@doctor.nl2k.ab.ca> wrote:
    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:
    Grant Taylor <gtaylor@tnetconsulting.net> wrote:
    I would /hope/ -- but not hold my breath -- that you have a bit more >>>>> influence /as/ /a/ /peer/ than others around the world / Internet. >>>>One might think. Unfortunately that's not really the case. Sorry.
    Do what is right and depeer Google Groups now!

    All peerings with Google will end on 2024-02-22:
    https://support.google.com/groups?p=usenet

    Google also informed their peers like us.
    Until then, there are strong anti-spam measures on our reader servers for >>our customers. We'll see if the spammers look for another news server or >>not. Hopefully not.
    Google's departure will change Usenet again, just as AOL did in
    "September" 1993. For better or worse? We'll find out.
    Heiko (for Newsmaster-Team of individual.net)

    yesterday it was "effective February 15, 2024..." so they're already
    moving the goal posts... ulterior motives should not surprise anyone


    The sooner, the better!
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to tom@furie.org.uk on Fri Dec 15 16:04:53 2023
    In article <ulhlvl$t6l$1@freeq.furie.org.uk>,
    Tom Furie <tom@furie.org.uk> wrote:
    D <noreply@mixmin.net> writes:

    yesterday it was "effective February 15, 2024..." so they're already
    moving the goal posts... ulterior motives should not surprise anyone

    It's a two stage separation. Stage one occurs on the 15th, stage two on
    the 22nd.

    All in one go would be nice.
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to nobody@yamn.paranoici.org on Fri Dec 15 16:07:41 2023
    In article <20231215.145220.3af5e6c9@yamn.paranoici.org>,
    D <nobody@yamn.paranoici.org> wrote:
    On Fri, 15 Dec 2023 13:57:09 +0000, Tom Furie <tom@furie.org.uk> wrote:
    D <noreply@mixmin.net> writes:
    yesterday it was "effective February 15, 2024..." so they're already
    moving the goal posts... ulterior motives should not surprise anyone

    It's a two stage separation. Stage one occurs on the 15th, stage two on
    the 22nd.

    maybe stage three on the 29th . . . ad infinitum; just to be on the
    safe side, every news server that hasn't already should immediately
    depeer from the google ghost ship slowly drifting off into oblivion


    Please earlier!
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Heiko Schlichting@21:1/5 to Heiko Schlichting on Thu Feb 22 18:06:09 2024
    XPost: news.software.nntp

    Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:
    The Doctor <doctor@doctor.nl2k.ab.ca> wrote:

    Do what is right and depeer Google Groups now!

    All peerings with Google will end on 2024-02-22:
    https://support.google.com/groups?p=usenet

    Done.

    Heiko (for Newsmaster-Team of individual.net)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Adam W.@21:1/5 to Heiko Schlichting on Thu Feb 22 20:05:31 2024
    XPost: news.software.nntp

    In news.software.nntp Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:

    All peerings with Google will end on 2024-02-22:
    https://support.google.com/groups?p=usenet

    Done.

    Confirmed here (news.chmurka.net). What a relief.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From The Doctor@21:1/5 to llp@news.usenet.ovh on Fri Feb 23 00:31:17 2024
    XPost: news.software.nntp

    In article <ur8opf$31fqu$1@news.usenet.ovh>, llp <llp@news.usenet.ovh> wrote: >Adam W. avait soumis l'ide :
    In news.software.nntp Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:

    All peerings with Google will end on 2024-02-22:
    https://support.google.com/groups?p=usenet

    Done.

    Confirmed here (news.chmurka.net). What a relief.

    Same here :-)

    The horror is over!
    --
    Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
    Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen What worth the power of law that won't stop lawlessness? -unknown

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From llp@21:1/5 to All on Fri Feb 23 01:27:26 2024
    XPost: news.software.nntp

    Adam W. avait soumis l'ide :
    In news.software.nntp Heiko Schlichting <heiko@cis.fu-berlin.de> wrote:

    All peerings with Google will end on 2024-02-22:
    https://support.google.com/groups?p=usenet

    Done.

    Confirmed here (news.chmurka.net). What a relief.

    Same here :-)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From david@21:1/5 to All on Sat Feb 24 21:02:01 2024
    XPost: news.admin.net-abuse.usenet, news.software.nntp

    I guess we know the answer to the question for sure now, don't we.
    It *was* Google from whence all that spam was emanating after all!

    Before: https://groups.google.com/g/news.admin.peering/c/AgrNUeZuAkw
    After: https://news.admin.peering.narkive.com/489FsG6L/google-groups-no-longer-supports-new-usenet-posts-or-subscriptions-historical-content-remains

    You'd think Google, of all outfits, would have figured out that
    an account that sends a billion messages to any given newsgroup
    is spamming that newsgroup. I guess they didn't care.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)