Hi folks,

I'm trying to get an overview of what de-spamming measures are currently
in use on Usenet.

Would I be right in thinking most newsadmins are using Cleanfeed as
their main spam-control measure?

Are there any current efforts to identify and reject spam at a level
beyond the individual provider or server admin? The Cleanfeed docs
mention a "bad_hosts_central" file that is meant to be a centrally-
maintained list of servers to reject messages from. However, the link to
it (http://www.mixmin.net/cleanfeed/bad_hosts_central) gives an error
403.

Is anyone still issuing cancels for spam? Is anyone still acting on
them?

What other methods, if any, are people using nowadays?

Regards,
Rayner

On 11/08/2023 15:52, Rayner Lucas wrote:
> Hi folks,
>
> I'm trying to get an overview of what de-spamming measures are currently
> in use on Usenet.
[cut]
>
> Regards,
> Rayner

Hi Rayner,

right now Usenet is left in a lot of disarray, so individual
administrators must necessarily rely on their own strength to keep SPAM
(in all its genres and forms) away.

In addition to the aforementioned CleanFeed, there are other ways to
keep spam away. For example NoCem-On-Spool. There are several bots that
are currently at work deleting unwanted messages, in some cases
automatically or "manually", and it is the bot operators who ensure
correct functioning and possibly few (or no) false positives.
Another way is to write your own filter, which using spamassassin or
other (like I do on my server which has an "open-server" policy, so
everyone can read and write with certain limits) eliminates or doesn't
accept all the unwanted.

Sincerely

--
Ivo Gandolfo
Newsmaster

On Fri, 11 Aug 2023 15:52:21, Rayner Lucas <usenet202101@magic-cookie.co.uknospamplease> wrote:
> Would I be right in thinking most newsadmins are using Cleanfeed as
> their main spam-control measure?

We use it here, but in a special way: we use a NNTP/NNRP proxy which can
allow user to choose what category they want to hide.

We use this for NoCeMs, most of cleanfeed (we still cancel binaries
locally, e.g.), etc.

As it's not really easy to see how our scheme work without a NNTP/NNRP
account, here is a quick web (not NNTP/NNRP) demo.

Look at this newsgroup:

https://nnrp.alphanet.ch/newsgroup-nothreads/news.admin.net-abuse.usenet

now, click on the Config link at the bottom of the page, select
"désactiver tout" at the bottom and then Submit query.

You now have access to news.admin.net-abuse.usenet with a lot of
spam.

Feel free to go back to https://nnrp.alphanet.ch/config and select what
filters you want.

> Is anyone still issuing cancels for spam? Is anyone still acting on
> them?

There are still some bots that send classic cyberspam cancels: bleachbot
and miakibot (fr hierarchy only).

However, a lot of servers only accept Cancel-Key, or sometimes some
NoCeMs.

> What other methods, if any, are people using nowadays?

NoCeM, site admin Cancel-Key.

Typically we use spamassassin to detect spam in the big8, post the
announces to news.lists.filters. Of course it needs configuration on
your part.

The Doctor <doctor@doctor.nl2k.ab.ca> wrote:

> In article <MPG.3f404d70284a94c79896be@news.eternal-september.org>,
> Rayner Lucas <usenet202101@magic-cookie.co.ukNOSPAMPLEASE> wrote:
> >Hi folks,
> >
> >I'm trying to get an overview of what de-spamming measures are currently
> >in use on Usenet.
> >
> >Would I be right in thinking most newsadmins are using Cleanfeed as
> >their main spam-control measure?
> >
> >Are there any current efforts to identify and reject spam at a level
> >beyond the individual provider or server admin? The Cleanfeed docs
> >mention a "bad_hosts_central" file that is meant to be a centrally-
> >maintained list of servers to reject messages from. However, the link to
> >it (http://www.mixmin.net/cleanfeed/bad_hosts_central) gives an error
> >403.
> >
> >Is anyone still issuing cancels for spam? Is anyone still acting on
> >them?
> >
> >What other methods, if any, are people using nowadays?
> >
> >Regards,
> >Rayner
> >
>
> Mixmin has been spamjacked.
>

In what way is that relevant to this query?



> Better to ask news.software.nntp .
>
> Which NNTP server are you using?
>

Is there some reason why you do not believe
his article's eternal-september headers?

--
^Ï^. – Sn!pe – <https://youtu.be/_kqytf31a8E>

My pet rock Gordon just is.

Hi,

Ivo Gandolfo a écrit :

> In addition to the aforementioned CleanFeed, there are other ways to
> keep spam away. For example NoCem-On-Spool. There are several bots that
> are currently at work deleting unwanted messages, in some cases
> automatically or "manually", and it is the bot operators who ensure
> correct functioning and possibly few (or no) false positives.

Yes, I saw that my bot mark as spam the posts of an user on your server
maybe he wrote often the same words?
Often the notices "spam" from nono are really goods, I will look at that in
august...

I cannot see if there is false positive on alphanet nocem notices but it is
also based on spamassassin.

> Another way is to write your own filter, which using spamassassin or
> other (like I do on my server which has an "open-server" policy, so
> everyone can read and write with certain limits) eliminates or doesn't
> accept all the unwanted.

It is possible, I can send by mail my config (on cleanfeed.local) which drop
a lot of spam :
<https://pasdenom.info/usenet/news-notice.2023.08.11-06.15.02.html#innd_perl>

--
Stéphane
Sorry for my bad English

In article <ub5eo2$1nng$2@gallifrey.nk.ca>, doctor@doctor.nl2k.ab.ca
says...
>
> In article <MPG.3f404d70284a94c79896be@news.eternal-september.org>,
> Rayner Lucas <usenet202101@magic-cookie.co.ukNOSPAMPLEASE> wrote:
> >
> >Are there any current efforts to identify and reject spam at a level
> >beyond the individual provider or server admin? The Cleanfeed docs
> >mention a "bad_hosts_central" file that is meant to be a centrally-
> >maintained list of servers to reject messages from. However, the link to
> >it (http://www.mixmin.net/cleanfeed/bad_hosts_central) gives an error
> >403.
>
> Mixmin has been spamjacked.
>
> Better to ask news.software.nntp .
>
> Which NNTP server are you using?

Hmm, I'm out of the loop with whatever's been happening at Mixmin. The
Cleanfeed web pages still seem to be there, but not sure how up to date
anything is.

I'm currently posting via Eternal September, but have been planning to
set up INN (with some degree of spam filtering) for testing and/or
personal use. Mostly I wanted to make sure I was up-to-date and informed
about what people are currently doing to keep Usenet running smoothly.

Thanks for the reply!

Rayner

In article <ub5f6b$1orvh$1@paganini.bofh.team>, usenet@bofh.team says...
>
> Hi Rayner,
>
> right now Usenet is left in a lot of disarray, so individual
> administrators must necessarily rely on their own strength to keep SPAM
> (in all its genres and forms) away.
>
> In addition to the aforementioned CleanFeed, there are other ways to
> keep spam away. For example NoCem-On-Spool. There are several bots that
> are currently at work deleting unwanted messages, in some cases
> automatically or "manually", and it is the bot operators who ensure
> correct functioning and possibly few (or no) false positives.
> Another way is to write your own filter, which using spamassassin or
> other (like I do on my server which has an "open-server" policy, so
> everyone can read and write with certain limits) eliminates or doesn't
> accept all the unwanted.

Hi Ivo,

Thank you for this. It looks like the NoCeM Registry is still actively
updated and even gets new participants, which is great to see.

I had the impression that (as you say) news admins were mostly relying
on their own efforts to keep spam off their servers. But it is
encouraging to know that there is still co-ordination happening at a
higher level.

Best regards,
Rayner

In article <ub5kt4$jgm$2@shakotay.alphanet.ch>, schaefer@alphanet.ch
says...
>
> On Fri, 11 Aug 2023 15:52:21, Rayner Lucas
> <usenet202101@magic-cookie.co.uknospamplease> wrote:
> > Would I be right in thinking most newsadmins are using Cleanfeed as
> > their main spam-control measure?
>
> We use it here, but in a special way: we use a NNTP/NNRP proxy which can
> allow user to choose what category they want to hide.
>
> We use this for NoCeMs, most of cleanfeed (we still cancel binaries
> locally, e.g.), etc.
>
[snip explanations]
>
> Typically we use spamassassin to detect spam in the big8, post the
> announces to news.lists.filters. Of course it needs configuration on
> your part.

Thank you for such a detailed reply with a demo of your spam-filtering
measures.

I did not know that any sites were configured to allow users to choose
which categories of spam-filtering to use. That is an ingenious way of
implementing it, very nice!

I appreciate all the other pointers too, particularly the explanation of
how you're using news.lists.filters. Thank you for the education, I now
feel like I have a much better idea of what's possible.

Thanks and regards,
Rayner