Anonymous Servers - Attn Eelbash Admin, newsanon.org bug

This is Interesting: Free IT Magazines  
Home > Archive > Anonymous Servers > July 2006 > Attn Eelbash Admin, newsanon.org bug





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Attn Eelbash Admin, newsanon.org bug
Edward Langenback

2006-07-06, 1:12 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've been doing some testing with mail2news gateways and noticed
something odd when using yyyymmdd-news.group@newsanon.org gateway.

In Message-Id: <20060706004506.aA5hhdZq23TX@newsanon.org>

I find that (when reading with slrn) the line endings show
as visible '^M' characters.

Message-ID: <20060706004005.E538188D@blackwhale.net> is the same message
resent through mail2news-yyyymmdd-group1=group2=group3@m2n.mixmin.net
and it's line endings are properly invisible.


- --
apostle AT peculiar.homeip.net Encrypted email only @ this address
key-id: 0x72A69CD5 or 0x84D46604 Non-encrypted mail deleted unread.
http://peculiarplace.com/mixminion-message-sender/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iQEVAwUBRKwbvXV+YnyE1GYEAQLlpwf+PaSmzjnK
8eN6P8q/fvz4/QjAJvm+b/MZ
LSL652XW71JDLznIYcqw6rnL+cZ7iHYwy9MXgL0+
7p7VknYgaWdtTtgdjmbRUCSY
W5rHHyngsjseSP5ZjYI7AFqd30JOJ5U/u+AfC/eFRCONdaXumPuUyqxuu6DpFsXx
+FhVDjW7QE4yQVGRATK5JZEiqeFdZbhhmdOfngWk
wZ5OSnj5FB/NaWcCscGAGXGe
uhJikmKwuaAvZfRAY53Ux4GzvYw1YPoLZHg0vVQZ
PW70j/geODfe1GysVH48Xo4E
ft3vmXoP+mNCSpVeZYeEZC4Dv1cJZwFWk8QWOM8N
beDhHd2rCih/jw==
=RRD5
-----END PGP SIGNATURE-----
admin

2006-07-06, 1:12 pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 05 Jul 2006 20:19:56 -0500, Edward Langenback wrote:


> I've been doing some testing with mail2news gateways and noticed
> something odd when using yyyymmdd-news.group@newsanon.org gateway.
>
> In Message-Id: <20060706004506.aA5hhdZq23TX@newsanon.org>
>
> I find that (when reading with slrn) the line endings show as visible
> '^M' characters.

Terrible. Please put a copy of the message on a website, or post it here.
Along with the message, please provide a hex edit of a couple of the lines
that have problems, and I'll take a look at it when I have a chance.

If you have retained a copy of the message before it was sent, please do a
hex edit of the same lines, and provide that as well.

> Message-ID: <20060706004005.E538188D@blackwhale.net> is the same message
> resent through mail2news-yyyymmdd-group1=group2=group3@m2n.mixmin.net
> and it's line endings are properly invisible.

Please do a hex edit of the same lines so I can see how the endings differ
from the ones that went through newsanon.org.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFErQYDEC+g9Qawm6QRAoA1AKCvAaz+5n5Z
1CDh2MgygtlqJCw8agCg2Vka
dzRvAyUITKIkZzH0wA+0J8A=
=gQcJ
-----END PGP SIGNATURE-----

Edward Langenback

2006-07-06, 7:12 pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2006-07-06, admin <admin@eelbash.org> wrote:
>
> On Wed, 05 Jul 2006 20:19:56 -0500, Edward Langenback wrote:
>
>
>
> Terrible. Please put a copy of the message on a website, or post it here.
> Along with the message, please provide a hex edit of a couple of the lines
> that have problems, and I'll take a look at it when I have a chance.

Here's results of testing nntp and m2n gateways against newsanon.org

in a nutshell, it looks like newsanon.org is using 'OD OA' for line
endings and everybody else is using 'OA'

I also noticed that newsanon.org is using 'Message-Id' and all the
others are using 'Message-ID'. I don't suppose that's against RFC, but
it is different from the others.

look for these msgs posted in alt.testing

'control' msg posted with slrn and non-anon nntp server
Message-ID: <slrneaq1bf.9oj.real.address@peculiar.homeip.net>

00000410 72 3A 20 31 2E 33 2E 33 32 0A 0A 2D 2D 2D 2D 2D r: 1.3.32..-----
00000420 42 45 47 49 4E 20 50 47 50 20 53 49 47 4E 45 44 BEGIN PGP SIGNED
00000430 20 4D 45 53 53 41 47 45 2D 2D 2D 2D 2D 0A 48 61 MESSAGE-----.Ha
00000440 73 68 3A 20 53 48 41 31 0A 0A 74 65 73 74 69 6E sh: SHA1..testin
00000450 67 20 6C 69 6E 65 20 65 6E 64 69 6E 67 73 0A 0A g line endings..
00000460 70 6F 73 74 65 64 20 77 69 74 68 20 73 6C 72 6E posted with slrn
00000470 0A 0A 76 69 61 20 6E 6E 74 70 20 73 65 72 76 65 ..via nntp serve
00000480 72 0A 0A 0A 2D 20 2D 2D 20 0A 61 70 6F 73 74 6C r...- -- .apostl
00000490 65 20 41 54 20 70 65 63 75 6C 69 61 72 2E 68 6F e AT peculiar.ho
000004A0 6D 65 69 70 2E 6E 65 74 20 45 6E 63 72 79 70 74 meip.net Encrypt
000004B0 65 64 20 65 6D 61 69 6C 20 6F 6E 6C 79 20 40 20 ed email only @
000004C0 74 68 69 73 20 61 64 64 72 65 73 73 0A 6B 65 79 this address.key
000004D0 2D 69 64 3A 20 30 78 37 32 41 36 39 43 44 35 20 -id: 0x72A69CD5
000004E0 6F 72 20 30 78 38 34 44 34 36 36 30 34 20 4E 6F or 0x84D46604 No

newsanon m2n
Message-Id: <20060706004506.aA5hhdZq23TX@newsanon.org>

00000380 20 69 73 20 61 20 54 79 70 65 20 49 49 49 20 61 is a Type III a
00000390 6E 6F 6E 79 6D 6F 75 73 20 6D 65 73 73 61 67 65 nonymous message
000003A0 2C 20 73 65 6E 74 20 74 6F 20 79 6F 75 20 62 79 , sent to you by
000003B0 20 74 68 65 20 4D 69 78 6D 69 6E 69 6F 6E 0D 0A the Mixminion..
000003C0 73 65 72 76 65 72 20 61 74 20 64 65 75 78 70 69 server at deuxpi
000003D0 2E 63 61 2E 20 20 49 66 20 79 6F 75 20 64 6F 20 .ca. If you do
000003E0 6E 6F 74 20 77 61 6E 74 20 74 6F 20 72 65 63 65 not want to rece
000003F0 69 76 65 20 61 6E 6F 6E 79 6D 6F 75 73 0D 0A 6D ive anonymous..m
00000400 65 73 73 61 67 65 73 2C 20 70 6C 65 61 73 65 20 essages, please
00000410 63 6F 6E 74 61 63 74 20 64 65 75 78 70 69 2D 61 contact deuxpi-a
00000420 64 6D 69 6E 40 64 65 75 78 70 69 2E 63 61 2E 20 amin@deuxpi.ca.
00000430 20 46 6F 72 20 6D 6F 72 65 20 69 6E 66 6F 72 6D For more inform
00000440 61 74 69 6F 6E 0D 0A 61 62 6F 75 74 20 61 6E 6F ation..about ano
00000450 6E 79 6D 69 74 79 2C 20 73 65 65 20 68 74 74 70 nymity, see http
00000460 3A 2F 2F 6D 69 78 6D 69 6E 69 6F 6E 2E 6E 65 74 ://mixminion.net
00000470 2E 0D 0A 0D 0A 2D 2D 2D 2D 2D 42 45 47 49 4E 20 .....-----BEGIN
00000480 54 59 50 45 20 49 49 49 20 41 4E 4F 4E 59 4D 4F TYPE III ANONYMO
00000490 55 53 20 4D 45 53 53 41 47 45 2D 2D 2D 2D 2D 0D US MESSAGE-----.
000004A0 0A 4D 65 73 73 61 67 65 2D 74 79 70 65 3A 20 70 .Message-type: p
000004B0 6C 61 69 6E 74 65 78 74 0D 0A 0D 0A 74 65 73 74 laintext....test
000004C0 69 6E 67 20 34 20 61 67 61 69 6E 2E 0D 0A 0D 0A ing 4 again.....
000004D0 0D 0A 32 0D 0A 0D 0A 0D 0A 0D 0A 0D 0A 2D 2D 2D ..2..........---
000004E0 2D 2D 45 4E 44 20 54 59 50 45 20 49 49 49 20 41 --END TYPE III A
000004F0 4E 4F 4E 59 4D 4F 55 53 20 4D 45 53 53 41 47 45 NONYMOUS MESSAGE
00000500 2D 2D 2D 2D 2D 0D 0A 0D 0A 0A -----.....

news.group@bigapple.yi.org
Message-ID: <20060706004005.E538188D@blackwhale.net>

00000380 20 54 79 70 65 20 49 49 49 20 61 6E 6F 6E 79 6D Type III anonym
00000390 6F 75 73 20 6D 65 73 73 61 67 65 2C 20 73 65 6E ous message, sen
000003A0 74 20 74 6F 20 79 6F 75 20 62 79 20 74 68 65 20 t to you by the
000003B0 4D 69 78 6D 69 6E 69 6F 6E 0A 73 65 72 76 65 72 Mixminion.server
000003C0 20 61 74 20 73 74 72 61 79 6C 69 67 68 74 2E 73 at straylight.s
000003D0 6E 69 6B 74 2E 6E 65 74 2E 20 20 49 66 20 79 6F nikt.net. If yo
000003E0 75 20 64 6F 20 6E 6F 74 20 77 61 6E 74 20 74 6F u do not want to
000003F0 20 72 65 63 65 69 76 65 0A 61 6E 6F 6E 79 6D 6F receive.anonymo
00000400 75 73 20 6D 65 73 73 61 67 65 73 2C 20 70 6C 65 us messages, ple
00000410 61 73 65 20 63 6F 6E 74 61 63 74 20 41 44 4D 49 ase contact ADMI
00000420 4E 2E 20 20 46 6F 72 20 6D 6F 72 65 20 69 6E 66 N. For more inf
00000430 6F 72 6D 61 74 69 6F 6E 20 61 62 6F 75 74 0A 61 ormation about.a
00000440 6E 6F 6E 79 6D 69 74 79 2C 20 73 65 65 20 55 52 nonymity, see UR
00000450 4C 2E 0A 0A 2D 2D 2D 2D 2D 42 45 47 49 4E 20 54 L...-----BEGIN T
00000460 59 50 45 20 49 49 49 20 41 4E 4F 4E 59 4D 4F 55 YPE III ANONYMOU
00000470 53 20 4D 45 53 53 41 47 45 2D 2D 2D 2D 2D 0A 4D S MESSAGE-----.M
00000480 65 73 73 61 67 65 2D 74 79 70 65 3A 20 70 6C 61 essage-type: pla
00000490 69 6E 74 65 78 74 0A 0A 74 65 73 74 69 6E 67 20 intext..testing
000004A0 34 20 61 67 61 69 6E 2E 0A 0A 0A 32 20 20 33 0A 4 again....2 3.
000004B0 0A 0A 0A 0A 2D 2D 2D 2D 2D 45 4E 44 20 54 59 50 ....-----END TYP
000004C0 45 20 49 49 49 20 41 4E 4F 4E 59 4D 4F 55 53 20 E III ANONYMOUS
000004D0 4D 45 53 53 41 47 45 2D 2D 2D 2D 2D 0A 0A MESSAGE-----..

yyyymmdd-group1=group2@m2n.mixmin.net
Message-ID: < 137b8e6d52d655b9992add187b1decbe@mixmast
er.it>

00000380 0A 0A 0A 0A 74 65 73 74 69 6E 67 20 31 20 32 20 ....testing 1 2
00000390 33 0A 0A 6D 61 69 6C 32 6E 65 77 73 2D 79 79 79 3..mail2news-yyy
000003A0 79 6D 6D 64 64 2D 67 72 6F 75 70 31 3D 67 72 6F ymmdd-group1=gro
000003B0 75 70 32 3D 67 72 6F 75 70 33 40 6D 32 6E 2E 6D up2=group3@m2n.m
000003C0 69 78 6D 69 6E 2E 6E 65 74 0A 0A 0A 0A 0A 0A 0A ixmin.net.......
000003D0 0A 0A ..





- --
apostle AT peculiar.homeip.net Encrypted email only @ this address
key-id: 0x72A69CD5 or 0x84D46604 Non-encrypted mail deleted unread.
http://peculiarplace.com/mixminion-message-sender/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iQEVAwUBRK0U+HV+YnyE1GYEAQKEXwf/WmpsBALCWTj5sNpzPYDNeht12SaF+WDs
HMhUiJRY80MwrFG0slS4PIuYsOa2SaK4XxjBtUYn
t2hLxQRjcYvFhMtEYoA+FLFo
9WMQUdW9yI7vtgSYAL7Xd8xMcinXREjdktkz97Kw
p2G7mXM+HZ3Qd3rnkryYF42y
p0U+bEaxUB/ UmduzulGpggZYMo8AooJepehBdWkHiUa+ZLNevFE
Q8/NrXM9lGuPl
gjI485cas6pk6DOh5Tl9i9xaIo9c5t4ohBpheLBi
hkI9Dr5wvpe/q9oVGBr6r8EQ
wjKl428LCZ7QEb5L+bgcfjOfDtgtQMLpbnO+g/7LZYHRngBJh9Z4HA==
=TQ4w
-----END PGP SIGNATURE-----
admin

2006-07-06, 7:12 pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 06 Jul 2006 13:50:50 -0500, Edward Langenback wrote:


>
> Here's results of testing nntp and m2n gateways against newsanon.org
>
> in a nutshell, it looks like newsanon.org is using 'OD OA' for line
> endings and everybody else is using 'OA'

I ran a few test posts and looked at them using a hex editor and didn't
see any 'OD', either in the headers or body.

I can see from your examples that the problem appears with Mixminion
messages. The best I can do to recreate that is to use, as input, the
body of a mixminion message already posted to a test group, which I did.

Running that through the gateway did not result in 'OD' showing up, so I
am at a loss to say what is happening.

Thanks for putting this documentation together. I'll continue looking at
it, but at this point, I have no idea what the problem could be.

>
> I also noticed that newsanon.org is using 'Message-Id' and all the
> others are using 'Message-ID'. I don't suppose that's against RFC, but
> it is different from the others.

That should now be identical to others.


*
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFErWsLEC+g9Qawm6QRAtB2AJ4+4BGePoL/T0HHS757FfvpG3Fm0wCg0gz1
fY7MLHwL3f659qgBS+tuC5M=
=A5XP
-----END PGP SIGNATURE-----

admin

2006-07-06, 7:12 pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 06 Jul 2006 13:50:50 -0500, Edward Langenback wrote:

>
> Here's results of testing nntp and m2n gateways against newsanon.org
>
> in a nutshell, it looks like newsanon.org is using 'OD OA' for line
> endings and everybody else is using 'OA'
>
> I also noticed that newsanon.org is using 'Message-Id' and all the
> others are using 'Message-ID'. I don't suppose that's against RFC, but
> it is different from the others.
>
> look for these msgs posted in alt.testing
>

>
> newsanon m2n
> Message-Id: <20060706004506.aA5hhdZq23TX@newsanon.org>

To follow up: I found this message in alt.testing, but when I copy and
paste the message body into a hex editor, it does not contain the '0D'
characters that are below.



>
> 00000380 20 69 73 20 61 20 54 79 70 65 20 49 49 49 20 61 is a Type III a
> 00000390 6E 6F 6E 79 6D 6F 75 73 20 6D 65 73 73 61 67 65 nonymous message
> 000003A0 2C 20 73 65 6E 74 20 74 6F 20 79 6F 75 20 62 79 , sent to you by
> 000003B0 20 74 68 65 20 4D 69 78 6D 69 6E 69 6F 6E 0D 0A the Mixminion..
> 000003C0 73 65 72 76 65 72 20 61 74 20 64 65 75 78 70 69 server at deuxpi
> 000003D0 2E 63 61 2E 20 20 49 66 20 79 6F 75 20 64 6F 20 .ca. If you do
> 000003E0 6E 6F 74 20 77 61 6E 74 20 74 6F 20 72 65 63 65 not want to rece
> 000003F0 69 76 65 20 61 6E 6F 6E 79 6D 6F 75 73 0D 0A 6D ive anonymous..m
> 00000400 65 73 73 61 67 65 73 2C 20 70 6C 65 61 73 65 20 essages, please
> 00000410 63 6F 6E 74 61 63 74 20 64 65 75 78 70 69 2D 61 contact deuxpi-a
> 00000420 64 6D 69 6E 40 64 65 75 78 70 69 2E 63 61 2E 20 amin@deuxpi.ca.
> 00000430 20 46 6F 72 20 6D 6F 72 65 20 69 6E 66 6F 72 6D For more inform
> 00000440 61 74 69 6F 6E 0D 0A 61 62 6F 75 74 20 61 6E 6F ation..about ano
> 00000450 6E 79 6D 69 74 79 2C 20 73 65 65 20 68 74 74 70 nymity, see http
> 00000460 3A 2F 2F 6D 69 78 6D 69 6E 69 6F 6E 2E 6E 65 74 ://mixminion.net
> 00000470 2E 0D 0A 0D 0A 2D 2D 2D 2D 2D 42 45 47 49 4E 20 .....-----BEGIN
> 00000480 54 59 50 45 20 49 49 49 20 41 4E 4F 4E 59 4D 4F TYPE III ANONYMO
> 00000490 55 53 20 4D 45 53 53 41 47 45 2D 2D 2D 2D 2D 0D US MESSAGE-----.
> 000004A0 0A 4D 65 73 73 61 67 65 2D 74 79 70 65 3A 20 70 .Message-type: p
> 000004B0 6C 61 69 6E 74 65 78 74 0D 0A 0D 0A 74 65 73 74 laintext....test
> 000004C0 69 6E 67 20 34 20 61 67 61 69 6E 2E 0D 0A 0D 0A ing 4 again.....
> 000004D0 0D 0A 32 0D 0A 0D 0A 0D 0A 0D 0A 0D 0A 2D 2D 2D ..2..........---
> 000004E0 2D 2D 45 4E 44 20 54 59 50 45 20 49 49 49 20 41 --END TYPE III A
> 000004F0 4E 4F 4E 59 4D 4F 55 53 20 4D 45 53 53 41 47 45 NONYMOUS MESSAGE
> 00000500 2D 2D 2D 2D 2D 0D 0A 0D 0A 0A -----.....
>



*
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFErXZkEC+g9Qawm6QRAsF9AKCFzCNec92f
KXiU94WAogIfPa74SgCfSjNk
hg6Vu4rTCZW51Dp+/vDQ0VM=
=Bl0N
-----END PGP SIGNATURE-----

Nomen Nescio

2006-07-06, 7:12 pm

Edward Langenback wrote:

> Here's results of testing nntp and m2n gateways against newsanon.org
>
> in a nutshell, it looks like newsanon.org is using 'OD OA' for line
> endings and everybody else is using 'OA'

This means Eeltard is hard coding line breaks as '\0x0d\0x0a'.
Absolutely no reason for it what so ever, unless you want things to
stick out.

I absolutely remember seeing some "remailer associated" code in the past
where this was done, but I can't for the life of me remember where.
Still, it's pretty obvious Eeltard once again coderipped someones work
and put his name on it, after thoroughly XXXXing it up of course.

I'll dig around in my archives and see if I can't come up with the
source code he stole. Should be interesting. ;)

>
> I also noticed that newsanon.org is using 'Message-Id' and all the

Every little flag helps. You're probably suppose to catch some of them.
It's the ones you haven't seen yet that will bite you.

I dare ANYONE to name a single person who has XXXXed up so many things
in such a short time in the remailer network. Go ahead, just TRY and
name someone who comes close at all.

Anonymous

2006-07-06, 7:12 pm

On Thu, 6 Jul 2006, Nomen Nescio <nobody@dizum.com> wrote:
>
>I dare ANYONE to name a single person who has XXXXed up so many things
>in such a short time in the remailer network. Go ahead, just TRY and
>name someone who comes close at all.

Oh, YEAH?!? I can name a bunch!

eelbash
axloltl
axolotl2
cheshire
congo
bog
bogg
eelbash (again)
bushwa
greatwall
asmodeus

<VBSEG>


Edward Langenback

2006-07-07, 1:12 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2006-07-06, admin <admin@eelbash.org> wrote:
>
> On Thu, 06 Jul 2006 13:50:50 -0500, Edward Langenback wrote:
>
>
>
> I ran a few test posts and looked at them using a hex editor and didn't
> see any 'OD', either in the headers or body.
>
> I can see from your examples that the problem appears with Mixminion
> messages. The best I can do to recreate that is to use, as input, the
> body of a mixminion message already posted to a test group, which I did.

If you're thinking that this is only involving mixminion messages,
then in apa-s have a look at these messages by authors posting by
'conventional anon' methods of mixmaster/cpunk chains to mail2news
gateways or using remailer post directives.

Message-Id: <20060705132506.LqUdh2HysnPB@newsanon.org>
Message-ID: <3FK70GHE38903.7213078704@twistycreek.com> is by the same
author, not using newsanon.org

later, here's the same author again, using newsanon.org

Message-Id: <20060703223250.kaZG6bugFpOG@newsanon.org> and once again
'0D 0A' line endings as opposed to '0A' line endings.

Some other messages that appears to simply be an anon msg that exited
through eelbash remailer also exhibits this trait:
message-id: <FYJGDR4E38890.1595717593@anonymous.poster>
message-id: <S73X7LJP38890.6684027778@anonymous.poster>


- --
apostle AT peculiar.homeip.net Encrypted email only @ this address
key-id: 0x72A69CD5 or 0x84D46604 Non-encrypted mail deleted unread.
http://peculiarplace.com/mixminion-message-sender/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iQEVAwUBRK2lxHV+YnyE1GYEAQL1sgf/Tlkgbi9FCWkBHAkkqnxeU6SjNPnAY8qQ
mYCqU1VLSfGGwrMCc5V4XzYXf2FVrGNPTkWaCSng
ZTRiBVipTsDlQHHxyTZ6enG4
+wTH5K2/ MBIMVNEx6iHVj8jFMSKhN67CbjjxwaXHwhy6yqiS
3CODcIKqQH2f0xoN
SIeprpP14GvVrpNw1WQPeM/e/IXUhYD/NvwMCShg8Gq7kdVCs5oTrzWih7BCUkyj
a0KXzBbFsgnzAcSIOIjOqXPIWTB3W6cuUhK/rSh77PL2CmqHYBs6b80T147/O5vu
zvQPsOgcuJCt5UEjC371iUl0eHEzyAafZAYWD7Gh
2amVvudvtH24ng==
=pFOY
-----END PGP SIGNATURE-----
Christian Danner

2006-07-07, 7:14 am

Hi Edward!

IMHO your message doesn't comply with current Internet standards. The
RFCs state clearly, that lines have to end with $0D$0A aka CRLF. It
seems the Eelbash remailer is the only one, which cares about a proper
message format (not only in this particular case). So no partitioning,
but exactly the opposite. You would be partitioned as a ***X user, if
lines ending with a single $0A found their way to the Usenet, resp.
you already are partitioned, as the correction takes place after the
anonymization process. Interesting, that even the Usenet servers don't
care.

Regards

Christian
--
OmniMix .. protect your privacy
http://www.danner-net.de/om.htm



Edward Langenback

2006-07-07, 7:12 pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2006-07-07, Christian Danner <---@---.---> wrote:
> Hi Edward!
>
> IMHO your message doesn't comply with current Internet standards. The
> RFCs state clearly, that lines have to end with $0D$0A aka CRLF. It
> seems the Eelbash remailer is the only one, which cares about a proper
> message format (not only in this particular case). So no partitioning,
> but exactly the opposite. You would be partitioned as a ***X user, if
> lines ending with a single $0A found their way to the Usenet, resp.
> you already are partitioned, as the correction takes place after the
> anonymization process. Interesting, that even the Usenet servers don't
> care.

from your own Message-ID: <82TMS2R638905.0925462963@anonymous.poster>

00000760 64 6F 6E 27 74 0A 63 61 72 65 2E 0A 0A 52 65 67 don't.care...Reg
00000770 61 72 64 73 0A 0A 43 68 72 69 73 74 69 61 6E 0A ards..Christian.
00000780 2D 2D 20 0A 4F 6D 6E 69 4D 69 78 20 2E 2E 20 70 -- .OmniMix .. p
00000790 72 6F 74 65 63 74 20 79 6F 75 72 20 70 72 69 76 rotect your priv
000007A0 61 63 79 0A 68 74 74 70 3A 2F 2F 77 77 77 2E 64 acy.http://www.d
000007B0 61 6E 6E 65 72 2D 6E 65 74 2E 64 65 2F 6F 6D 2E anner-net.de/om.
000007C0 68 74 6D 0A 20 0A 0A 0A 0A htm. ....

You'll note from the above that your line endings are all '0A'. I also
took a minute to examine the posts previously mentioned in another
newsreader and it seems that Knode for example, handles the '0D 0A'
endings properly (invisibly that is)

It's entirely possible that this is a matter of slrn not handling 'OD
0A' line endings, showing a ^M where the '0D' appears. My seeing this
in slrn is what prompted me to look at what was being used for line
endings to find out why it was happening because it not only makes a
post bloody hard to read, it also breaks pgp signatures.

If this is a fault in slrn, is there a fix that will correct it's
rendering without breaking pgp sigatures?

- --
apostle AT peculiar.homeip.net Encrypted email only @ this address
key-id: 0x72A69CD5 or 0x84D46604 Non-encrypted mail deleted unread.
http://peculiarplace.com/mixminion-message-sender/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iQEVAwUBRK5iYHV+YnyE1GYEAQLd0gf/ZtuaWhHvwYiq4khMO9lSE6Lb1+qJKHpv
fqeNdoC8Qe/ mgnPao+0JyAeYbqcDhFvE9QwLSV6pqPMBkvjX31q
KT2mmcxlEeart
X6LiGPEQPLAFcEe15OcbOc3+RZrpJbxQzhIJeXKT
tWMlfz08wG9HCGw+C1gBQOr3
K1DI4V3g87JJ0HGdIu+FwoRAwlR0VSHvlMINNHVA
71D96sdL3KHqQESlgU03iZjY
isqx6irLFvyH1PwLorGuTmhvcOqj9KSTQ+7JIFtq
dUfxiWh7v1WzvpAyFkgyepH3
kS0zJlX/ lzBdGO6pehIawNXpl9dTjGkxdOlIqL+VsDzjmv7M
nRLQAg==
=0e4X
-----END PGP SIGNATURE-----
Nomen Nescio

2006-07-07, 7:12 pm

Christian Danner <---@---.---> wrote:

> IMHO your message doesn't comply with current Internet standards. The
> RFCs state clearly, that lines have to end with $0D$0A aka CRLF. It
> seems the Eelbash remailer is the only one, which cares about a proper
> message format (not only in this particular case). So no partitioning,
> but exactly the opposite. You would be partitioned as a ***X user, if
> lines ending with a single $0A found their way to the Usenet, resp.
> you already are partitioned, as the correction takes place after the
> anonymization process. Interesting, that even the Usenet servers don't
> care.

Your analysis is bit flawed.

You're correct that CR LF is the raw "wire" format of NNTP and SMTP. The
newsreader translates it to whatever is the OS native format (eg. CR LF on
windows, LF only on most *NIX and IIRC CR only on older Macs). That's
probably what Edward saw.

If you retrieve the article <20060706004506.aA5hhdZq23TX@newsanon.org> in
raw format from your newsserver, you will see that eelbash's articles end
in CR CR LF. Didn't he talk about a Python script? I wonder if it's
possible that the Python interpreter translates "\r\n" to "CR <line
ending>" which does the right thing on unix but adds a CR on windows.

Christian Danner

2006-07-08, 7:13 am

Nomen Nescio <nobody@dizum.com> - Sat, 8 Jul 2006 00:50:04 +0200
(CEST):

>If you retrieve the article <20060706004506.aA5hhdZq23TX@newsanon.org> in
>raw format from your newsserver, you will see that eelbash's articles end
>in CR CR LF. Didn't he talk about a Python script? I wonder if it's
>possible that the Python interpreter translates "\r\n" to "CR <line
>ending>" which does the right thing on unix but adds a CR on windows.

I didn't examine the case myself, solely interpreted the data Edward
presented, presuming, that they came from a tcp sniffer, which,
considering his latest statement, obviously wasn't the case. But for
me it's still unclear, why in his comparison the Eelbash server showed
all EOL characters differently. That might mean, that all lines are
terminated with <CR><CR><LF> with one <CR> removed by the client app.

Regards

Christian
--
OmniMix .. protect your privacy
http://www.danner-net.de/om.htm



Edward Langenback

2006-07-08, 1:11 pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2006-07-08, Christian Danner <---@---.---> wrote:
> Nomen Nescio <nobody@dizum.com> - Sat, 8 Jul 2006 00:50:04 +0200
> (CEST):
>
>
> I didn't examine the case myself, solely interpreted the data Edward
> presented, presuming, that they came from a tcp sniffer, which,
> considering his latest statement, obviously wasn't the case. But for

Not a TCP sniffer, as I don't have such a beast. I got this by loading
the problem articles into hexcurse and looking at the hex values used at
line endings

> me it's still unclear, why in his comparison the Eelbash server showed
> all EOL characters differently. That might mean, that all lines are
> terminated with <CR><CR><LF> with one <CR> removed by the client app.

I don't know either. All I can say for sure is that all messages that
exit from eelbash remailer or newsanon.org mail2news have the '0D 0A'
line endings and absolutely NONE of the others do this. This is
regardless of the means used to post; cpunk, mixmaster, mixminion or a
regular email client sending to the m2n.


- --
apostle AT peculiar.homeip.net Encrypted email only @ this address
key-id: 0x72A69CD5 or 0x84D46604 Non-encrypted mail deleted unread.
http://peculiarplace.com/mixminion-message-sender/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iQEVAwUBRK+thHV+YnyE1GYEAQIGWQf+J2kePuM/u56fUDIHZnLX2VBhDIckAtzE
GijT5cSN/ gib5UHuFsFBignEqIYCvTZtPfbwEq9yMFu3vEHxM
DtpmF+lsdl8lUBc
pqRXtSVkKmensS6nnlXYKX6SW+/ZTUKanQguZdXE5Nkhl+KrAnD+iDGbvRyqcjmX
g7WvOwTm+SdPVuxtHnSdqQXkPteC/2nqlpzrt/Cwh9TFuL0B17BM6Ss4A0JaOFeH
+6Os9L1FiQPh/j0M3K/gbxh8vnzNG3ZwLQBQT5jnCMlRIghg337/Kb59E4rEb7V3
0G8aYD59bjZMP/Y6WUScEms9/E7ZwIvvXBsRowdxw2ru+3iDCvUwNA==
=mF3l
-----END PGP SIGNATURE-----
Thomas J. Boschloo

2006-07-08, 7:11 pm

-----BEGIN PGP SIGNED MESSAGE-----

Edward Langenback schreef:
[snip]
> I don't know either. All I can say for sure is that all messages that
> exit from eelbash remailer or newsanon.org mail2news have the '0D 0A'
> line endings and absolutely NONE of the others do this. This is
> regardless of the means used to post; cpunk, mixmaster, mixminion or a
> regular email client sending to the m2n.

If it helps the discussion. I also have seen double linefeed posts from
Eelbash in this group.

I use Mozilla Thunderbird 1.5.0.4 on Windows 98SE (nl)

The Enigmail Plugin also cannot deal with these messages if they are pgp
signed (I suppose)

Thomas
- --
"When paranoia is outlawed .."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQB5AwUBRLAXXAEP2l8iXKAJAQE9aAMdFonJaxWY
lbURnwLwzJxwj2rBMzn0YLIA
tmB0RCBvSQ+DZ0O97FWK5pwUaI6gB32TJore++Bf
vmz7zkSg/TN1xGQVpbVYmUJg
4gT54O0BvrD8MqPcEQfhYFegHTCl8DaJ341Meg==

=SdX3
-----END PGP SIGNATURE-----
Non scrivetemi

2006-07-08, 7:11 pm

Thomas J. Boschloo wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
>
> Edward Langenback schreef:
> [snip]
>
> If it helps the discussion. I also have seen double linefeed posts
> from Eelbash in this group.
>
> I use Mozilla Thunderbird 1.5.0.4 on Windows 98SE (nl)
>
> The Enigmail Plugin also cannot deal with these messages if they are
> pgp signed (I suppose)

You actually send something through Eelbash and expect it to come out
the other end undamaged?

I have a bridge you might be interested in...


>
> Thomas
> - --
> "When paranoia is outlawed .."
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.4 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQB5AwUBRLAXXAEP2l8iXKAJAQE9aAMdFonJaxWY
lbURnwLwzJxwj2rBMzn0YLIA
> tmB0RCBvSQ+DZ0O97FWK5pwUaI6gB32TJore++Bf
vmz7zkSg/TN1xGQVpbVYmUJg
> 4gT54O0BvrD8MqPcEQfhYFegHTCl8DaJ341Meg==

> =SdX3
> -----END PGP SIGNATURE-----





















rover

2006-07-08, 7:11 pm

-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 8 Jul 2006, "Non scrivetemi"
<nonscrivetemi@pboxmix.winstonsmith.info> wrote:
>Thomas J. Boschloo wrote:
>
>
>You actually send something through Eelbash and expect it to come out
>the other end undamaged?
>
>I have a bridge you might be interested in...

Only if I can get an extended warrantee on that! :-)

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQA/AwUBRLA50w6cfiGatg8+EQIhtACg9AsEdVa2Gz/dnCzT/9thLm5CH0wAoI4H
ioSIyQQk//OQZY+33pGQKuhf
=Ff+m
-----END PGP SIGNATURE-----








Edward Langenback

2006-07-09, 1:12 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2006-07-08, Thomas J. Boschloo <nospam@hccnet.nl> wrote:
>
> Edward Langenback schreef:
> [snip]
>
> If it helps the discussion. I also have seen double linefeed posts from
> Eelbash in this group.
>
> I use Mozilla Thunderbird 1.5.0.4 on Windows 98SE (nl)
>
> The Enigmail Plugin also cannot deal with these messages if they are pgp
> signed (I suppose)

That shoud be easy enough to check. I sent a set of test posts to
alt.testing and alt.testing.it a little while ago through several
mail2news gateways from my email client (slypheed-claws). all pgp
signed. as soon as they show up, see if they verify.

- --
apostle AT peculiar.homeip.net Encrypted email only @ this address
key-id: 0x72A69CD5 or 0x84D46604 Non-encrypted mail deleted unread.
http://peculiarplace.com/mixminion-message-sender/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iQEVAwUBRLAZSnV+YnyE1GYEAQJh8Af/Qc1Kk5Za86CylPOXijkpEVfYOIADmkoc
dE1gWbDiQ+LBS7pAwa5rPX7ZpqSeezuz2wpgaj9M
gbHxAv0sMsIoOlHbWtbxmPPH
qpGO0b0NMvWOTBhHYBu9MB3zddRl1hN1c3ZKlR8d
81DwwLRuQf4u+CeNA1m0bJbI
veYVdN2ChK5OZ33ggz9P8cCKmNIKs38/IzVOsfpKVdV65NmYzttZAJYDQmB0VCX9
hW7OWxoug/SggewYgfpAvSp+bM/n8yXAmcQn7q0vtr6MfENixNzHVqA0FSNlKvNr
tNr6yVabA2LKk4VJ/VSrLPQyz8HcRMHeVqlkV0JZdqLNyh1ffIZTcQ==
=rhvp
-----END PGP SIGNATURE-----
George Orwell

2006-07-09, 1:12 am

rover wrote:

>
> Only if I can get an extended warrantee on that! :-)

But of course. I guarantee all the bridges I sell to be free from
material and workmanship for life, or double your money back. ;o)

Edward Langenback

2006-07-09, 1:12 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2006-07-09, Edward Langenback <real.address@in.sig.invalid> wrote:
>
> On 2006-07-08, Thomas J. Boschloo <nospam@hccnet.nl> wrote:
>
> That shoud be easy enough to check. I sent a set of test posts to
> alt.testing and alt.testing.it a little while ago through several
> mail2news gateways from my email client (slypheed-claws). all pgp
> signed. as soon as they show up, see if they verify.

Ok, the tests are in except for anon.lcs.mit.edu (big suprize eh?)

I sent pgp signed messages by way of four m2n gateways, the one sent
through lcs hasn't shown up yet, messages sent through bigapple and
mixmin.net have good signatures, the one posted through newsanon.org has
a bad signature

1st test:
Message-Id: <20060709015004.zzwFBUawd8Z7@newsanon.org>
TO: 20060708-alt.testing=alt.testing.it@newsanon.org
Subject: another test

pgp signature:
apostle5406@debian:~$ gpg -v --verify tmp1
gpg: armor header: Hash: SHA1
gpg: armor header: Version: GnuPG v1.4.3 (GNU/Linux)
gpg: original file name=''
gpg: Signature made Sat 08 Jul 2006 01:18:48 PM UTC using RSA key ID 84D46604
gpg: using PGP trust model
gpg: BAD signature from "Edward Langenback <apostle@pokynet.com>"
gpg: textmode signature, digest algorithm SHA1


2nd test:
Message-Id: <200607082047812.SM04248@peculiar.homeip.net>
To: mail2news-20060708-alt.testing=alt.testing.it@m2n.mixmin.net
Subject: ...and again

pgp signature:
apostle5406@debian:~$ gpg -v --verify tmp2
gpg: armor header: Hash: SHA1
gpg: armor header: Version: GnuPG v1.4.3 (GNU/Linux)
gpg: original file name=''
gpg: Signature made Sat 08 Jul 2006 01:20:32 PM UTC using RSA key ID 84D46604
gpg: using PGP trust model
gpg: Good signature from "Edward Langenback <apostle@pokynet.com>"
gpg: textmode signature, digest algorithm SHA1


3rd test:
Message-ID: <200607082048750.SM04248@peculiar.homeip.net>
To: alt.testing@bigapple.yi.org
Subject: line ending again

pgp signature:
apostle5406@debian:~$ gpg -v --verify tmp3
gpg: armor header: Hash: SHA1
gpg: armor header: Version: GnuPG v1.4.3 (GNU/Linux)
gpg: original file name=''
gpg: Signature made Sat 08 Jul 2006 01:23:18 PM UTC using RSA key ID 84D46604
gpg: using PGP trust model
gpg: Good signature from "Edward Langenback <apostle@pokynet.com>"
gpg: textmode signature, digest algorithm SHA1



- --
apostle AT peculiar.homeip.net Encrypted email only @ this address
key-id: 0x72A69CD5 or 0x84D46604 Non-encrypted mail deleted unread.
http://peculiarplace.com/mixminion-message-sender/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iQEVAwUBRLAjRHV+YnyE1GYEAQIjPwgAhQco9/zKFV2RIs7GvRDlkmO1Zd9VPpLC
GfsDu3kusDNFqib8gC9UnkMTkm44tly2OUN+WwnZ
cugDfvWhWVxHTutR2YzvgvQW
fnCwpp4cjSPG5Nztd2COlXfqvGE3i8yKV43FzuWt
YE+3hu6rhqWx/Ni8PBpz1Zy4
3WCRC9qW/ F8Z+kQofHo07KAjUrzvhBCR5GHKh3jHoNXEyGlHF
xGfwjWEhY3oyUqF
lQquWxrZ+ulwXj7oMocnwAXOxBxi91+F7uJ2V9nz
Zsw9MsTUccUeaSl2O7xXoxsL
EyX76jfGAT8CHNsCKs+u2DyNjJsxFtHCGBgdyPHo
Uwcol04BGDXdhg==
=O31a
-----END PGP SIGNATURE-----
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com