|
Home > Archive > Anonymous Servers > June 2006 > Is This Kosher?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Nomen Nescio 2006-06-25, 1:12 pm |
| I am almost ready to switch my remailer to lasthop and would like
to get an idea as to the wisdom of doing the following.
Divert all lasthop email and newsgroup messages to a Visual Basic
module for filtering
a. filter on spam
b. filter on duplicate message bodies or even near-duplicates
c. run a regex test on each message. The regex is based on
complaints.
As I say, this is for emails as well as newsgroups. Instead of
blocking newsgroups, I will filter on content using the regex. If
the filtering does not work, I will block the group as a last
resort.
Anybody who wants his email address blocked from sending or
receiving messages through the
remailer can request it.
I have the feeling from reading prior discussions, that filtering
on content is looked down on by some people, and that filtering
emails based on their content is probably not liked either
(not sure if that applies to spam), but would appreciate the
opinions of the experts to be sure.
I am not sure if this sort of filtering is 'publishing', so it will
not be an announced policy.
| |
| Persona 2006-06-25, 7:17 pm |
| Nomen Nescio <nobody@dizum.com> wrote in
news:15914a573c20e551f03d65ffbe21557e@di
zum.com:
> I am almost ready to switch my remailer to lasthop and would like
> to get an idea as to the wisdom of doing the following.
>
> Divert all lasthop email and newsgroup messages to a Visual Basic
> module for filtering
>
> a. filter on spam
>
> b. filter on duplicate message bodies or even near-duplicates
>
> c. run a regex test on each message. The regex is based on
> complaints.
>
> As I say, this is for emails as well as newsgroups. Instead of
> blocking newsgroups, I will filter on content using the regex. If
> the filtering does not work, I will block the group as a last
> resort.
>
> Anybody who wants his email address blocked from sending or
> receiving messages through the
> remailer can request it.
>
> I have the feeling from reading prior discussions, that filtering
> on content is looked down on by some people, and that filtering
> emails based on their content is probably not liked either
> (not sure if that applies to spam), but would appreciate the
> opinions of the experts to be sure.
>
> I am not sure if this sort of filtering is 'publishing', so it will
> not be an announced policy.
>
>
You didn't sign this, and didn't identify yourself.
Don't forget that PGP messages all look "alike" or nearly alike.
They are all, therefore, "near-duplicates."
Persona
| |
| TwistyCreek 2006-06-25, 7:17 pm |
| In alt.privacy.anon-server, nobody@dizum.com wrote:
>I am almost ready to switch my remailer to lasthop and would like
>to get an idea as to the wisdom of doing the following.
>
>Divert all lasthop email and newsgroup messages to a Visual Basic
>module for filtering
>
>a. filter on spam
1. Bulk spammers do not use us. I am only aware of 1 instance in the last
many months of what I would consider the "bulk" type spam. This was within
the past several weeks. I was notified of it by the E-mail recipient.
However, the spam was sent to an anti-spam dot com organization E-mail
recipient. I believe it was simply an attack to have an exit blacklisted.
Probably a copy and paste of a spam message that was intentionally remailed.
I have installed blocks for the message subject. The operator of that
anti-spam organization was cooperative and understanding.
Nonetheless, I found myself on another spam blacklist, so whoever it was
apparently hit another of the anti-spam organizations. That particular
blacklist operator refuses to cooperate or communicate with me in any
manner. Needless to say where I think he can put his conceited mind
blacklist.
2. Another social pyschopathic spammer periodically hits different
newsgroups with the same type of "off topic" post. When he posts to groups
that children frequent, you will receive irate letter from the parents.
Continued off topic posting to all types of different groups is spam by
every definition. I have found that I could block that spam through filters
on the subject. I am here to provide Anonymity and Freedom of Speech. I am
not here to be the "Whipping Boy" or a "Conduit" for an Outright Spammer.
3. Those are the only 2 incidents I am aware of, so in general, as an exit,
spam is low on the list of concerns. I have a a total of 4 message subject
filters. The message body is not to be looked at or touched or altered in
any manner. The message body is sacred. I have absolutely no filters in
place that work on the message body. They are not required.
>b. filter on duplicate message bodies or even near-duplicates
Automatically filter dupes on arrival to you as an exit. That is normal
operation. Do not filter on multiple messages of the same unless it is an
obvious flood. If it is a flood, block the subject first. If you can't stop
the flood there, block the group temporarily. I am not aware of any recent
floods so this has not been a concern to me. I wouldn't bother to dwell on
problems that don't exist.
>c. run a regex test on each message. The regex is based on
>complaints.
>
>As I say, this is for emails as well as newsgroups. Instead of
>blocking newsgroups, I will filter on content using the regex. If
>the filtering does not work, I will block the group as a last
>resort.
Trust me on this one. The message body is sacred. Never filter on content.
Block on subject, headers, or block an E-mail address if someone requests
it, but never block on message content.
>Anybody who wants his email address blocked from sending or
>receiving messages through the
>remailer can request it.
Absolutely. But do not under any circumstances block an E-mail address at
the request of another. You can't know if there is a "behind the scenes"
motivation for a person to request a block for another.
>I have the feeling from reading prior discussions, that filtering
>on content is looked down on by some people, and that filtering
>emails based on their content is probably not liked either
>(not sure if that applies to spam), but would appreciate the
>opinions of the experts to be sure.
There are people here with a great deal of experience and intellect.
Listening to them and trying to understand them may be difficult at first.
But in the end, you may see the wisdom in their posts. I absolutely will not
filter on content. I will shut down or go middle first. Of course you are
free to operate as you choose.
>I am not sure if this sort of filtering is 'publishing', so it will
>not be an announced policy.
That is probably a wrong policy. It is a sensitive subject so you do or you
don't.
| |
| Nomen Nescio 2006-06-25, 7:17 pm |
| On Sun, 25 Jun 2006 18:42:21 +0000, Persona wrote:
> Nomen Nescio <nobody@dizum.com> wrote in
> news:15914a573c20e551f03d65ffbe21557e@di
zum.com:
>
> You didn't sign this, and didn't identify yourself.
>
> Don't forget that PGP messages all look "alike" or nearly alike.
> They are all, therefore, "near-duplicates."
It's likely there is some more sophisticated way to check than by
appearance. I think there is something called 'checksum' or something like
that. It gives a value to each character, so a near-duplicate might be
where the total value of one message is within a certain percentage of the
other. Something like that.
I don't blame him for not identifying himself. Those are pretty poor ideas
of how to run an exit remailer.
| |
| TwistyCreek 2006-06-25, 7:17 pm |
| Nomen Nescio wrote:
> I am almost ready to switch my remailer to lasthop and would like
> to get an idea as to the wisdom of doing the following.
First of all, who are you?
Second, no, almost none of it's "wise".
> a. filter on spam
SPAM isn't a problem in the remailer network.
> b. filter on duplicate message bodies or even near-duplicates
Dupe checking is built in to most transport agents, and you'll never
succeed at detecting "near-duplicates" even if you succeed in defining
them. Are you going to store and byte compare every message you pass to
those that preceded it? How many bytes in common do they have to have
to be "near-duplicates"?
> c. run a regex test on each message. The regex is based on
> complaints.
What are you even talking about here? You're going to dynamically build
PCRE pattern matches based on what OTHER people tell you they don't
like?
Gooooood luck. ;)
> I have the feeling from reading prior discussions, that filtering
> on content is looked down on by some people, and that filtering
> emails based on their content is probably not liked either
> (not sure if that applies to spam), but would appreciate the
> opinions of the experts to be sure.
It's frowned upon, and potentially makes you liable for ALL message
content that passes through your remailer. If you miss something, and
bad things happen, you've established a precedent of proactively
dealing with bad things and essentially become a person who "screwed
up". If you refuse to filter on content you establish a position of
"common carrier" and enjoy legal immunity for the bad things that
happen because of message content that passes through your remailer.
It's up to you. Do you want to be responsible for anonymous messages,
or not? 
> I am not sure if this sort of filtering is 'publishing', so it will
> not be an announced policy.
What makes you believe it's not trivial to figure out?
| |
| TwistyCreek 2006-06-27, 1:12 am |
| In article <15914a573c20e551f03d65ffbe21557e@dizum.com>
Nomen Nescio <nobody@dizum.com> wrote:
>
> I am almost ready to switch my remailer to lasthop and would like
> to get an idea as to the wisdom of doing the following.
>
> I have the feeling from reading prior discussions, that filtering
> on content is looked down on by some people, and that filtering
> emails based on their content is probably not liked either
> (not sure if that applies to spam), but would appreciate the
> opinions of the experts to be sure.
>
> I am not sure if this sort of filtering is 'publishing', so it will
> not be an announced policy.
Do whatever you want, but be prepared to be called Eelbash Junior and spat
upon. Repeatedly.
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
for abuse and hashcash info.
| |
| Thomas J. Boschloo 2006-06-29, 1:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
TwistyCreek schreef:
> In alt.privacy.anon-server, nobody@dizum.com wrote:
>
> 1. Bulk spammers do not use us. I am only aware of 1 instance in the last
> many months of what I would consider the "bulk" type spam. This was within
> the past several weeks. I was notified of it by the E-mail recipient.
> However, the spam was sent to an anti-spam dot com organization E-mail
> recipient. I believe it was simply an attack to have an exit blacklisted.
They will win in the end. Fortunately the situation isn't as hopeless on
usenet. AFAIK there are no cancels based on message source there.
> Probably a copy and paste of a spam message that was intentionally remailed.
> I have installed blocks for the message subject. The operator of that
> anti-spam organization was cooperative and understanding.
Seems you are setting yourself up for more trouble. It is very easy to
change the subject. It is very easy to send messages of any kind to
anywhere. I think what worked for remops in 1998 should still work now
(aside from designer abuse like from Script-Kiddie).
[snip]
> Trust me on this one. The message body is sacred. Never filter on content.
> Block on subject, headers, or block an E-mail address if someone requests
> it, but never block on message content.
I think anything but (temporarily) newsgroup blocks with published
filters and destination-block listing of e-mail addresses is overkill.
Having no custom e-mail addresses and defaulting to easy to recognize
and filter names like 'Anonymous' also helps to help targets of remailer
abuse to opt-out easily.
> Absolutely. But do not under any circumstances block an E-mail address at
> the request of another. You can't know if there is a "behind the scenes"
> motivation for a person to request a block for another.
And remember the recent (few months/years) blocking of all mail2news
gateways. That was kind of annoying!
Hi!
Thomas
- --
"When paranoia is outlawed .."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBRKQLegEP2l8iXKAJAQGcXAMdFOhTF/PaqOV7i0/rA93m60sOlH5tcUk+
cHYo+8y24YnrLhteEasX0skeVGrX0vbC35l5tpTD
YvNPwyHAFUh8V2YagXSD8prn
ubLZ34DTC7Fgn/mIF/7mP7TgbfCp9Rbtj8ciOw==
=6fyO
-----END PGP SIGNATURE-----
|
|
|
|
|