Rocksolid Light

Welcome to Rocksolid Light

mail  files  register  newsreader  groups  login

Message-ID:  

"Imitation is the sincerest form of television." -- The New Mighty Mouse


computers / Rocksolid Nodes Help / Request for clarification | header_filters.conf | banned_names.conf

SubjectAuthor
* Request for clarification | header_filters.conf | banned_names.confSugarBug
`* Request for clarification | header_filters.conf | banned_names.confRetro Guy
 `* Request for clarification | header_filters.conf | banned_names.confRetro Guy
  `* Request for clarification | header_filters.conf | banned_names.confSugarBug
   +- Request for clarification | header_filters.conf | banned_names.confRetro Guy
   `* Request for clarification | header_filters.conf | banned_names.confRetro Guy
    +- Request for clarification | header_filters.conf | banned_names.confRetro Guy
    `* Request for clarification | header_filters.conf | banned_names.confRetro Guy
     `* Request for clarification | header_filters.conf | banned_names.confRetro Guy
      `* Request for clarification | header_filters.conf | banned_names.confRetro Guy
       `* Request for clarification | header_filters.conf | banned_names.confSugarBug
        `- Request for clarification | header_filters.conf | banned_names.confRetro Guy

1
Request for clarification | header_filters.conf | banned_names.conf

<20231228120719.71d503ff@dev>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=824&group=rocksolid.nodes.help#824

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: 3883@sugar.bug (SugarBug)
Newsgroups: rocksolid.nodes.help
Subject: Request for clarification | header_filters.conf | banned_names.conf
Date: Thu, 28 Dec 2023 12:07:19 -0600
Organization: sybershock.com Baggy Jeans Mafia
Message-ID: <20231228120719.71d503ff@dev>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: i2pn2.org;
logging-data="1458612"; mail-complaints-to="usenet@i2pn2.org";
posting-account="yZybWhCr+jI4C3MuGpPde+DhCwsjQrVZrsCOigcx7fM";
X-Spam-Checker-Version: SpamAssassin 4.0.0
 by: SugarBug - Thu, 28 Dec 2023 18:07 UTC

Successful spamassassin tests were performed on commit:
fcaea2cee456de55d1a00c18e13ca8be183b9fdc.

Rslight appears to be working correctly with spamassassin. I
blacklisted some addresses in spamassassin configuration. The
blacklisted addresses and messages with clearly malformed headers are
filtered out and do not reach the spool.

The files 'banned_names.conf' and 'header_filters.conf' do not appear
to have any effect. It may be that I do not have the syntax correct for
entries in these files. Here is copypasta for correction if necessary:

$ cat header_filters.conf
From: DEADBEEF
From: /DEADBEEF/
From: Black Hole
From: /Black Hole/
From: \<black@hole\.url\>

$ cat banned_names.conf
DEADBEEF
/DEADBEEF/
Black Hole
/Black Hole/
\<black@hole\.url\>

Is the regex flavor the PHP/Apache regex specification?

Do the entries in header_filters.conf affect both locally posted and
remotely pulled articles? What about banned_names.conf?

Once I get them right I will try testing again.

--
CRYP7010G3R | Read between the signals. | Read between the signs.
<6ef76f5d853272d23e209476783618ed$1@sybershock.com>
3883@sugar.bug | sybershock.com | alt.sources.crypto

Re: Request for clarification | header_filters.conf | banned_names.conf

<3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=825&group=rocksolid.nodes.help#825

  copy link   Newsgroups: rocksolid.nodes.help
Message-ID: <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org>
Organization: Rocksolid Light
From: retroguy@novabbs.org (Retro Guy)
Subject: Re: Request for clarification | header_filters.conf | banned_names.conf
Newsgroups: rocksolid.nodes.help
User-Agent: 40tude_Dialog/2.0.15.41
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
References: <20231228120719.71d503ff@dev>
Date: Thu, 28 Dec 2023 13:03:26 -0700
 by: Retro Guy - Thu, 28 Dec 2023 20:03 UTC

On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:

> Successful spamassassin tests were performed on commit:
> fcaea2cee456de55d1a00c18e13ca8be183b9fdc.
>
> Rslight appears to be working correctly with spamassassin. I
> blacklisted some addresses in spamassassin configuration. The
> blacklisted addresses and messages with clearly malformed headers are
> filtered out and do not reach the spool.
>
> The files 'banned_names.conf' and 'header_filters.conf' do not appear
> to have any effect. It may be that I do not have the syntax correct for
> entries in these files. Here is copypasta for correction if necessary:

banned_names.conf is deprecated. It's no longer read.

header_filters.conf is the way to go.

> $ cat header_filters.conf
> From: DEADBEEF // Will not work (not regex format)
> From: /DEADBEEF/ // That should work
> From: Black Hole // Will not work (not regex format)
> From: /Black Hole/ // That should work
> From: \<black@hole\.url\> // Will not work (not regex format)

Start each with '/' and end with '/' Then escape '\' any special
characters. The value is passed to preg_match in php:
https://www.php.net/manual/en/function.preg-match.php

If it works at this site: https://regex101.com/ it "should" work.

> Do the entries in header_filters.conf affect both locally posted and
> remotely pulled articles? What about banned_names.conf?

Right now it will only work on remotely pulled articles, not locally
posted.

Re: Request for clarification | header_filters.conf | banned_names.conf

<44a861ddcf33337e57801966920486f3@news.novabbs.org>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=827&group=rocksolid.nodes.help#827

  copy link   Newsgroups: rocksolid.nodes.help
Date: Fri, 29 Dec 2023 13:14:18 +0000
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
From: retro.guy@rocksolidbbs.com (Retro Guy)
Newsgroups: rocksolid.nodes.help
X-Rslight-Site: $2y$10$sf4jHAPUmVECTjr3JU2yQOiQdcUBQmMcqRN7bVipCQkJnbhmaCxiG
X-Rslight-Posting-User: 91053d4a47d51b416144568e5a1040f05e31ed1b
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
User-Agent: Rocksolid Light
References: <20231228120719.71d503ff@dev> <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org>
Organization: Rocksolid Light
Message-ID: <44a861ddcf33337e57801966920486f3@news.novabbs.org>
X-Face: .&YR-G(w(DZ$$,}%k=]*5*!p'=(anr"IT`wZG'2VWdfl\r)l[42u7JH`n(JUQ*e5*A|XCDf
?&\X&uwkl38"CYX3O8m}C8E4p'%N$2#kSTVzx{Ly|DjLT\Vk7NE}NQ(VC$Yq]i:7|z[.9iv^g>*8_B
H0=hZt'[%)4kG|
 by: Retro Guy - Fri, 29 Dec 2023 13:14 UTC

Retro Guy wrote:

> On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:

>> Successful spamassassin tests were performed on commit:
>> fcaea2cee456de55d1a00c18e13ca8be183b9fdc.
>>
>> Rslight appears to be working correctly with spamassassin. I
>> blacklisted some addresses in spamassassin configuration. The
>> blacklisted addresses and messages with clearly malformed headers are
>> filtered out and do not reach the spool.
>>
>> The files 'banned_names.conf' and 'header_filters.conf' do not appear
>> to have any effect. It may be that I do not have the syntax correct for
>> entries in these files. Here is copypasta for correction if necessary:

> banned_names.conf is deprecated. It's no longer read.

> header_filters.conf is the way to go.

>> $ cat header_filters.conf
>> From: DEADBEEF // Will not work (not regex format)
>> From: /DEADBEEF/ // That should work
>> From: Black Hole // Will not work (not regex format)
>> From: /Black Hole/ // That should work
>> From: <black@hole.url> // Will not work (not regex format)

> Start each with '/' and end with '/' Then escape '' any special
> characters. The value is passed to preg_match in php:
> https://www.php.net/manual/en/function.preg-match.php

> If it works at this site: https://regex101.com/ it "should" work.

>> Do the entries in header_filters.conf affect both locally posted and
>> remotely pulled articles? What about banned_names.conf?

> Right now it will only work on remotely pulled articles, not locally
> posted.

Also, for your reference, it is designed currently to work only on the following headers:

From:
Subject:
Path:
Message-ID:

Other headers will be ignored.

--
Retro Guy

Re: Request for clarification | header_filters.conf | banned_names.conf

<ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=835&group=rocksolid.nodes.help#835

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: 3883@sugar.bug (SugarBug)
Newsgroups: rocksolid.nodes.help
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
Date: Tue, 2 Jan 2024 20:51:35 -0600
Organization: sybershock.com Baggy Jeans Mafia
Message-ID: <ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com>
References: <20231228120719.71d503ff@dev>
<3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org>
<44a861ddcf33337e57801966920486f3@news.novabbs.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: i2pn2.org;
logging-data="2075821"; mail-complaints-to="usenet@i2pn2.org";
posting-account="yZybWhCr+jI4C3MuGpPde+DhCwsjQrVZrsCOigcx7fM";
X-Spam-Checker-Version: SpamAssassin 4.0.0
 by: SugarBug - Wed, 3 Jan 2024 02:51 UTC

On Fri, 29 Dec 2023 13:14:18 +0000
retro.guy@rocksolidbbs.com (Retro Guy) wrote:

> Retro Guy wrote:
>
> > On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:
>
> >> Successful spamassassin tests were performed on commit:
> >> fcaea2cee456de55d1a00c18e13ca8be183b9fdc.
> >>
> >> Rslight appears to be working correctly with spamassassin. I
> >> blacklisted some addresses in spamassassin configuration. The
> >> blacklisted addresses and messages with clearly malformed headers
> >> are filtered out and do not reach the spool.
> >>
> >> The files 'banned_names.conf' and 'header_filters.conf' do not
> >> appear to have any effect. It may be that I do not have the syntax
> >> correct for entries in these files. Here is copypasta for
> >> correction if necessary:
>
> > banned_names.conf is deprecated. It's no longer read.
>
> > header_filters.conf is the way to go.
>
> >> $ cat header_filters.conf
> >> From: DEADBEEF // Will not work (not regex format)
> >> From: /DEADBEEF/ // That should work
> >> From: Black Hole // Will not work (not regex format)
> >> From: /Black Hole/ // That should work
> >> From: <black@hole.url> // Will not work (not regex format)
>
> > Start each with '/' and end with '/' Then escape '' any special
> > characters. The value is passed to preg_match in php:
> > https://www.php.net/manual/en/function.preg-match.php
>
> > If it works at this site: https://regex101.com/ it "should" work.

Ok. So it looks like rslight is using preg_match?

I tested a few regexes for substrings and I think I got it right. Let
me know if this is wrong.

For instance I confirmed that matching: '/test/i'

to: 'TeSt_tEsT' or 'testing' or 'TESTING'

works for case insensitive substring 'test'.

I sent messages using one server and the sync server flagged them as
spam based on the substring being in the 'from' header in
header_filters.conf. So it works. There is no problem there.

<snip>

This leads me to another question. Take these paths for example:

news.spam.com!google-groups.googlegroups.com!not-for-mail
news.spam.com!google-groups.googlegroups.com!.POSTED!not-for-mail

I want to detect and ignore ".POSTED' and 'not-for-mail' and match
google in the path entry right next to it. So if google is in the
origin I want the match to be positive for spam flag. I can't use just
'$' for end of string regex because of 'not-for-mail' and other strings
like that that servers sometimes inject. How can I break this down? I
have no idea how to reference count the exclamation marks from string
tail in a preg_match regex string. I suspect I need to reference count
somehow and do a lookaround match between the last two '!' characters.

Before I start pulling a big feed of groups I want to ensure I am
pulling zero messages that originate with Google. I don't care if they
are spam or not, since I don't have time to sort them. I just want to
ensure that nothing originating with google is pulled into the spool
from remote.

--
1_|3_|7_|4_ 3883@sugar.bug | sybershock.com | alt.sources.crypto
1_|8_|7_|4_ sci.crypt | alt.random.noise | talk.politics.crypto
4_|8_|6_|7_ #CipherTag #WaffleTag #Cryptologer
4_|3_|6_|7_ fedi: @firefly@neon.nightbulb.net

Re: Request for clarification | header_filters.conf | banned_names.conf

<1bd118e8750174444532068d8a67c281$1@news.novabbs.org>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=836&group=rocksolid.nodes.help#836

  copy link   Newsgroups: rocksolid.nodes.help
Message-ID: <1bd118e8750174444532068d8a67c281$1@news.novabbs.org>
Organization: Rocksolid Light
From: retroguy@novabbs.org (Retro Guy)
Subject: Re: Request for clarification | header_filters.conf | banned_names.conf
Newsgroups: rocksolid.nodes.help
User-Agent: 40tude_Dialog/2.0.15.41
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
References: <20231228120719.71d503ff@dev> <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org> <44a861ddcf33337e57801966920486f3@news.novabbs.org> <ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com>
Date: Wed, 3 Jan 2024 05:47:47 -0700
 by: Retro Guy - Wed, 3 Jan 2024 12:47 UTC

On Tue, 2 Jan 2024 20:51:35 -0600, SugarBug wrote:

> On Fri, 29 Dec 2023 13:14:18 +0000
> retro.guy@rocksolidbbs.com (Retro Guy) wrote:
>
>> Retro Guy wrote:
>>
>>> On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:
>>

> <snip>
>
> This leads me to another question. Take these paths for example:
>
> news.spam.com!google-groups.googlegroups.com!not-for-mail
> news.spam.com!google-groups.googlegroups.com!.POSTED!not-for-mail
>
> I want to detect and ignore ".POSTED' and 'not-for-mail' and match
> google in the path entry right next to it. So if google is in the
> origin I want the match to be positive for spam flag. I can't use just
> '$' for end of string regex because of 'not-for-mail' and other strings
> like that that servers sometimes inject. How can I break this down? I
> have no idea how to reference count the exclamation marks from string
> tail in a preg_match regex string. I suspect I need to reference count
> somehow and do a lookaround match between the last two '!' characters.

There is preg_split() in php. Similar to explode().

You can create an array with these functins using whatever you want as a
separator, so you could use '!'. Then count forward, backward, however you
want.

Not sure all that is necessary to just block gg, but it's available.

Re: Request for clarification | header_filters.conf | banned_names.conf

<1e7afcc5d705c6ab2116dbdf6c9e28e0@news.novabbs.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=837&group=rocksolid.nodes.help#837

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: retro.guy@rocksolidbbs.com (Retro Guy)
Newsgroups: rocksolid.nodes.help
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
Date: Wed, 3 Jan 2024 12:43:53 +0000
Organization: novaBBS
Message-ID: <1e7afcc5d705c6ab2116dbdf6c9e28e0@news.novabbs.com>
References: <20231228120719.71d503ff@dev> <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org> <44a861ddcf33337e57801966920486f3@news.novabbs.org> <ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org;
logging-data="2123050"; mail-complaints-to="usenet@i2pn2.org";
posting-account="t+lO0yBNO1zGxasPvGSZV1BRu71QKx+JE37DnW+83jQ";
User-Agent: Rocksolid Light
X-Face: .&YR-G(w(DZ$$,}%k=]*5*!p'=(anr"IT`wZG'2VWdfl\r)l[42u7JH`n(JUQ*e5*A|XCDf
?&\X&uwkl38"CYX3O8m}C8E4p'%N$2#kSTVzx{Ly|DjLT\Vk7NE}NQ(VC$Yq]i:7|z[.9iv^g>*8_B
H0=hZt'[%)4kG|
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Rslight-Posting-User: 7d7988dda8edb1e67e0b2231ffa737cd2d14b9b9
X-Rslight-Site: $2y$10$HFpa2d65m0nQJT0EKHqaMOFKG/JMzFY2wMZreulinNAyZWQUp6SC.
 by: Retro Guy - Wed, 3 Jan 2024 12:43 UTC

SugarBug wrote:

> On Fri, 29 Dec 2023 13:14:18 +0000
> retro.guy@rocksolidbbs.com (Retro Guy) wrote:

>> Retro Guy wrote:
>>
>> > On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:
>>
<snip>
>>
>> > banned_names.conf is deprecated. It's no longer read.
>>
>> > header_filters.conf is the way to go.
>>
>> >> $ cat header_filters.conf
>> >> From: DEADBEEF // Will not work (not regex format)
>> >> From: /DEADBEEF/ // That should work
>> >> From: Black Hole // Will not work (not regex format)
>> >> From: /Black Hole/ // That should work
>> >> From: <black@hole.url> // Will not work (not regex format)
>>
>> > Start each with '/' and end with '/' Then escape '' any special
>> > characters. The value is passed to preg_match in php:
>> > https://www.php.net/manual/en/function.preg-match.php
>>
>> > If it works at this site: https://regex101.com/ it "should" work.

> Ok. So it looks like rslight is using preg_match?

Yes, that is how the headers are checked against the filters.

> I tested a few regexes for substrings and I think I got it right. Let
> me know if this is wrong.

> For instance I confirmed that matching: '/test/i'

> to: 'TeSt_tEsT' or 'testing' or 'TESTING'

> works for case insensitive substring 'test'.

It's correct :) (/i) makes it case insensitive.

> I sent messages using one server and the sync server flagged them as
> spam based on the substring being in the 'from' header in
> header_filters.conf. So it works. There is no problem there.

> <snip>

> This leads me to another question. Take these paths for example:

> news.spam.com!google-groups.googlegroups.com!not-for-mail
> news.spam.com!google-groups.googlegroups.com!.POSTED!not-for-mail

I've seen the top one, but not the one with 'POSTED' from gg, but I haven't looked at a gg header in a while (it's all automated).

> I want to detect and ignore ".POSTED' and 'not-for-mail' and match
> google in the path entry right next to it. So if google is in the
> origin I want the match to be positive for spam flag. I can't use just
> '$' for end of string regex because of 'not-for-mail' and other strings
> like that that servers sometimes inject. How can I break this down? I
> have no idea how to reference count the exclamation marks from string
> tail in a preg_match regex string. I suspect I need to reference count
> somehow and do a lookaround match between the last two '!' characters.

I do most of my regex testing here:
https://regex101.com/
Just paste your line in, then try to match it.

This seems to work ok with or without the .POSTED:
/groups.googlegroups.com(!.POSTED)?!not-for-mail/

> Before I start pulling a big feed of groups I want to ensure I am
> pulling zero messages that originate with Google. I don't care if they
> are spam or not, since I don't have time to sort them. I just want to
> ensure that nothing originating with google is pulled into the spool
> from remote.

Makes sense, and have fun!

I'll be around later today.

--
Retro Guy

Re: Request for clarification | header_filters.conf | banned_names.conf

<49c10c132bdcbe55a994d697fc5bae6d$1@news.novabbs.org>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=838&group=rocksolid.nodes.help#838

  copy link   Newsgroups: rocksolid.nodes.help
Message-ID: <49c10c132bdcbe55a994d697fc5bae6d$1@news.novabbs.org>
Organization: Rocksolid Light
From: retroguy@novabbs.org (Retro Guy)
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
Newsgroups: rocksolid.nodes.help
User-Agent: 40tude_Dialog/2.0.15.41
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
References: <20231228120719.71d503ff@dev> <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org> <44a861ddcf33337e57801966920486f3@news.novabbs.org> <ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com> <1e7afcc5d705c6ab2116dbdf6c9e28e0@news.novabbs.com>
Date: Wed, 3 Jan 2024 06:14:34 -0700
 by: Retro Guy - Wed, 3 Jan 2024 13:14 UTC

On Wed, 3 Jan 2024 12:43:53 +0000, Retro Guy wrote:

> SugarBug wrote:
>
>> On Fri, 29 Dec 2023 13:14:18 +0000
>> retro.guy@rocksolidbbs.com (Retro Guy) wrote:
>
>>> Retro Guy wrote:
>>>
>>> > On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:
>>>
> <snip>
>>>
>>> > banned_names.conf is deprecated. It's no longer read.
>>>
>>> > header_filters.conf is the way to go.
>>>
>>> >> $ cat header_filters.conf
>>> >> From: DEADBEEF // Will not work (not regex format)
>>> >> From: /DEADBEEF/ // That should work
>>> >> From: Black Hole // Will not work (not regex format)
>>> >> From: /Black Hole/ // That should work
>>> >> From: <black@hole.url> // Will not work (not regex format)
>>>
>>> > Start each with '/' and end with '/' Then escape '' any special
>>> > characters. The value is passed to preg_match in php:
>>> > https://www.php.net/manual/en/function.preg-match.php
>>>
>>> > If it works at this site: https://regex101.com/ it "should" work.
>
>> Ok. So it looks like rslight is using preg_match?
>
> Yes, that is how the headers are checked against the filters.
>
>> I tested a few regexes for substrings and I think I got it right. Let
>> me know if this is wrong.
>
>> For instance I confirmed that matching: '/test/i'
>
>> to: 'TeSt_tEsT' or 'testing' or 'TESTING'
>
>> works for case insensitive substring 'test'.
>
> It's correct :) (/i) makes it case insensitive.
>
>> I sent messages using one server and the sync server flagged them as
>> spam based on the substring being in the 'from' header in
>> header_filters.conf. So it works. There is no problem there.
>
>> <snip>
>
>> This leads me to another question. Take these paths for example:
>
>> news.spam.com!google-groups.googlegroups.com!not-for-mail
>> news.spam.com!google-groups.googlegroups.com!.POSTED!not-for-mail
>
> I've seen the top one, but not the one with 'POSTED' from gg, but I haven't looked at a gg header in a while (it's all automated).
>
>> I want to detect and ignore ".POSTED' and 'not-for-mail' and match
>> google in the path entry right next to it. So if google is in the
>> origin I want the match to be positive for spam flag. I can't use just
>> '$' for end of string regex because of 'not-for-mail' and other strings
>> like that that servers sometimes inject. How can I break this down? I
>> have no idea how to reference count the exclamation marks from string
>> tail in a preg_match regex string. I suspect I need to reference count
>> somehow and do a lookaround match between the last two '!' characters.
>
> I do most of my regex testing here:
> https://regex101.com/
> Just paste your line in, then try to match it.
>
> This seems to work ok with or without the .POSTED:
> /groups.googlegroups.com(!.POSTED)?!not-for-mail/

All the backslashes are stripped. I need to fix that at some point.

Anyway, the above regex should contain a number of backslashes.

Re: Request for clarification | header_filters.conf | banned_names.conf

<1d57cd647af879be4bd0b95c6f43a4b1@example.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=839&group=rocksolid.nodes.help#839

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: retroguy@i2pn2.org (Retro Guy)
Newsgroups: rocksolid.nodes.help
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
Date: Fri, 5 Jan 2024 13:42:43 +0000
Organization: Unconfigured rslight site
Message-ID: <1d57cd647af879be4bd0b95c6f43a4b1@example.com>
References: <20231228120719.71d503ff@dev> <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org> <44a861ddcf33337e57801966920486f3@news.novabbs.org> <ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com> <1e7afcc5d705c6ab2116dbdf6c9e28e0@news.novabbs.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org;
logging-data="2369435"; mail-complaints-to="usenet@i2pn2.org";
posting-account="D0b4VQC1DRDMD6KZpq3aPScvEpIhqvuykTqXjXAFAlQ";
User-Agent: Rocksolid Light
X-Rslight-Posting-User: 1b51c8649999ea58fca9cd4a8ad0cc963922859a
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Rslight-Site: $2y$10$cHj13DIOfvkU4T4U0GbSz..u5/kQzjmrd/TR0GcJEzMVkl4iVlflK
 by: Retro Guy - Fri, 5 Jan 2024 13:42 UTC

Retro Guy wrote:

> SugarBug wrote:

>> On Fri, 29 Dec 2023 13:14:18 +0000
>> retro.guy@rocksolidbbs.com (Retro Guy) wrote:

>>> Retro Guy wrote:
>>>
>>> > On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:
>>>
> <snip>
>>>
>>> > banned_names.conf is deprecated. It's no longer read.
>>>
>>> > header_filters.conf is the way to go.
>>>
>>> >> $ cat header_filters.conf
>>> >> From: DEADBEEF // Will not work (not regex format)
>>> >> From: /DEADBEEF/ // That should work
>>> >> From: Black Hole // Will not work (not regex format)
>>> >> From: /Black Hole/ // That should work
>>> >> From: <black@hole.url> // Will not work (not regex format)
>>>
>>> > Start each with '/' and end with '/' Then escape '' any special
>>> > characters. The value is passed to preg_match in php:
>>> > https://www.php.net/manual/en/function.preg-match.php
>>>
>>> > If it works at this site: https://regex101.com/ it "should" work.

>> Ok. So it looks like rslight is using preg_match?

> Yes, that is how the headers are checked against the filters.

>> I tested a few regexes for substrings and I think I got it right. Let
>> me know if this is wrong.

>> For instance I confirmed that matching: '/test/i'

>> to: 'TeSt_tEsT' or 'testing' or 'TESTING'

>> works for case insensitive substring 'test'.

> It's correct :) (/i) makes it case insensitive.

>> I sent messages using one server and the sync server flagged them as
>> spam based on the substring being in the 'from' header in
>> header_filters.conf. So it works. There is no problem there.

>> <snip>

>> This leads me to another question. Take these paths for example:

>> news.spam.com!google-groups.googlegroups.com!not-for-mail
>> news.spam.com!google-groups.googlegroups.com!.POSTED!not-for-mail

> I've seen the top one, but not the one with 'POSTED' from gg, but I haven't looked at a gg header in a while (it's all automated).

>> I want to detect and ignore ".POSTED' and 'not-for-mail' and match
>> google in the path entry right next to it. So if google is in the
>> origin I want the match to be positive for spam flag. I can't use just
>> '$' for end of string regex because of 'not-for-mail' and other strings
>> like that that servers sometimes inject. How can I break this down? I
>> have no idea how to reference count the exclamation marks from string
>> tail in a preg_match regex string. I suspect I need to reference count
>> somehow and do a lookaround match between the last two '!' characters.

> I do most of my regex testing here:
> https://regex101.com/
> Just paste your line in, then try to match it.

> This seems to work ok with or without the .POSTED:
> /groups.googlegroups.com(!.POSTED)?!not-for-mail/

Testing where I shouldn't be testing.

Do the backslashes remain?

/groups\.googlegroups\.com(\!\.POSTED)?|not-for-mail/

--
Unconfigured rslight site

Re: Request for clarification | header_filters.conf | banned_names.conf

<93079000a5fca6eccc0acaf4becd5559@example.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=840&group=rocksolid.nodes.help#840

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: retroguy@i2pn2.org (Retro Guy)
Newsgroups: rocksolid.nodes.help
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
Date: Fri, 5 Jan 2024 13:46:41 +0000
Organization: Unconfigured rslight site
Message-ID: <93079000a5fca6eccc0acaf4becd5559@example.com>
References: <20231228120719.71d503ff@dev> <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org> <44a861ddcf33337e57801966920486f3@news.novabbs.org> <ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com> <1e7afcc5d705c6ab2116dbdf6c9e28e0@news.novabbs.com> <1d57cd647af879be4bd0b95c6f43a4b1@example.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org;
logging-data="2369779"; mail-complaints-to="usenet@i2pn2.org";
posting-account="D0b4VQC1DRDMD6KZpq3aPScvEpIhqvuykTqXjXAFAlQ";
User-Agent: Rocksolid Light
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Rslight-Posting-User: 1b51c8649999ea58fca9cd4a8ad0cc963922859a
X-Rslight-Site: $2y$10$VhexqdEA/6.1h1bL.d/QJOBLxQN1O3f5XsljXuBCQ/JyJ/wM81xr.
 by: Retro Guy - Fri, 5 Jan 2024 13:46 UTC

Retro Guy wrote:

> Retro Guy wrote:

>> SugarBug wrote:

>>> On Fri, 29 Dec 2023 13:14:18 +0000
>>> retro.guy@rocksolidbbs.com (Retro Guy) wrote:

>>>> Retro Guy wrote:
>>>>
>>>> > On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:
>>>>
>> <snip>
>>>>
>>>> > banned_names.conf is deprecated. It's no longer read.
>>>>
>>>> > header_filters.conf is the way to go.
>>>>
>>>> >> $ cat header_filters.conf
>>>> >> From: DEADBEEF // Will not work (not regex format)
>>>> >> From: /DEADBEEF/ // That should work
>>>> >> From: Black Hole // Will not work (not regex format)
>>>> >> From: /Black Hole/ // That should work
>>>> >> From: <black@hole.url> // Will not work (not regex format)
>>>>
>>>> > Start each with '/' and end with '/' Then escape '' any special
>>>> > characters. The value is passed to preg_match in php:
>>>> > https://www.php.net/manual/en/function.preg-match.php
>>>>
>>>> > If it works at this site: https://regex101.com/ it "should" work.

>>> Ok. So it looks like rslight is using preg_match?

>> Yes, that is how the headers are checked against the filters.

>>> I tested a few regexes for substrings and I think I got it right. Let
>>> me know if this is wrong.

>>> For instance I confirmed that matching: '/test/i'

>>> to: 'TeSt_tEsT' or 'testing' or 'TESTING'

>>> works for case insensitive substring 'test'.

>> It's correct :) (/i) makes it case insensitive.

>>> I sent messages using one server and the sync server flagged them as
>>> spam based on the substring being in the 'from' header in
>>> header_filters.conf. So it works. There is no problem there.

>>> <snip>

>>> This leads me to another question. Take these paths for example:

>>> news.spam.com!google-groups.googlegroups.com!not-for-mail
>>> news.spam.com!google-groups.googlegroups.com!.POSTED!not-for-mail

>> I've seen the top one, but not the one with 'POSTED' from gg, but I haven't looked at a gg header in a while (it's all automated).

>>> I want to detect and ignore ".POSTED' and 'not-for-mail' and match
>>> google in the path entry right next to it. So if google is in the
>>> origin I want the match to be positive for spam flag. I can't use just
>>> '$' for end of string regex because of 'not-for-mail' and other strings
>>> like that that servers sometimes inject. How can I break this down? I
>>> have no idea how to reference count the exclamation marks from string
>>> tail in a preg_match regex string. I suspect I need to reference count
>>> somehow and do a lookaround match between the last two '!' characters.

>> I do most of my regex testing here:
>> https://regex101.com/
>> Just paste your line in, then try to match it.

>> This seems to work ok with or without the .POSTED:
>> /groups.googlegroups.com(!.POSTED)?!not-for-mail/

> Testing where I shouldn't be testing.

> Do the backslashes remain?

> /groups\.googlegroups\.com(\!\.POSTED)?|not-for-mail/

Appears so.

--
Unconfigured rslight site

Re: Request for clarification | header_filters.conf | banned_names.conf

<1c8b2a24f3b57aa7620805a48ec42d9c@news.novabbs.org>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=841&group=rocksolid.nodes.help#841

  copy link   Newsgroups: rocksolid.nodes.help
Date: Fri, 5 Jan 2024 14:04:18 +0000
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
From: retro.guy@rocksolidbbs.com (Retro Guy)
Newsgroups: rocksolid.nodes.help
X-Rslight-Site: $2y$10$lTZY7omz.wDzFpRDkvH0JOVUofN.pHNWX98NOlLcQqb7heTy5JjgO
X-Rslight-Posting-User: 91053d4a47d51b416144568e5a1040f05e31ed1b
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
User-Agent: Rocksolid Light
References: <20231228120719.71d503ff@dev> <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org> <44a861ddcf33337e57801966920486f3@news.novabbs.org> <ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com> <1e7afcc5d705c6ab2116dbdf6c9e28e0@news.novabbs.com> <1d57cd647af879be4bd0b95c6f43a4b1@example.com> <93079000a5fca6eccc0acaf4becd5559@example.com>
Organization: Rocksolid Light
Message-ID: <1c8b2a24f3b57aa7620805a48ec42d9c@news.novabbs.org>
X-Face: .&YR-G(w(DZ$$,}%k=]*5*!p'=(anr"IT`wZG'2VWdfl\r)l[42u7JH`n(JUQ*e5*A|XCDf
?&\X&uwkl38"CYX3O8m}C8E4p'%N$2#kSTVzx{Ly|DjLT\Vk7NE}NQ(VC$Yq]i:7|z[.9iv^g>*8_B
H0=hZt'[%)4kG|
 by: Retro Guy - Fri, 5 Jan 2024 14:04 UTC

Retro Guy wrote:

> Retro Guy wrote:

>> Retro Guy wrote:

>>> SugarBug wrote:

>>>> On Fri, 29 Dec 2023 13:14:18 +0000
>>>> retro.guy@rocksolidbbs.com (Retro Guy) wrote:

>>>>> Retro Guy wrote:
>>>>>
>>>>> > On Thu, 28 Dec 2023 12:07:19 -0600, SugarBug wrote:
>>>>>
>>> <snip>
>>>>>
>>>>> > banned_names.conf is deprecated. It's no longer read.
>>>>>
>>>>> > header_filters.conf is the way to go.
>>>>>
>>>>> >> $ cat header_filters.conf
>>>>> >> From: DEADBEEF // Will not work (not regex format)
>>>>> >> From: /DEADBEEF/ // That should work
>>>>> >> From: Black Hole // Will not work (not regex format)
>>>>> >> From: /Black Hole/ // That should work
>>>>> >> From: <black@hole.url> // Will not work (not regex format)
>>>>>
>>>>> > Start each with '/' and end with '/' Then escape '' any special
>>>>> > characters. The value is passed to preg_match in php:
>>>>> > https://www.php.net/manual/en/function.preg-match.php
>>>>>
>>>>> > If it works at this site: https://regex101.com/ it "should" work.

>>>> Ok. So it looks like rslight is using preg_match?

>>> Yes, that is how the headers are checked against the filters.

>>>> I tested a few regexes for substrings and I think I got it right. Let
>>>> me know if this is wrong.

>>>> For instance I confirmed that matching: '/test/i'

>>>> to: 'TeSt_tEsT' or 'testing' or 'TESTING'

>>>> works for case insensitive substring 'test'.

>>> It's correct :) (/i) makes it case insensitive.

>>>> I sent messages using one server and the sync server flagged them as
>>>> spam based on the substring being in the 'from' header in
>>>> header_filters.conf. So it works. There is no problem there.

>>>> <snip>

>>>> This leads me to another question. Take these paths for example:

>>>> news.spam.com!google-groups.googlegroups.com!not-for-mail
>>>> news.spam.com!google-groups.googlegroups.com!.POSTED!not-for-mail

>>> I've seen the top one, but not the one with 'POSTED' from gg, but I haven't looked at a gg header in a while (it's all automated).

>>>> I want to detect and ignore ".POSTED' and 'not-for-mail' and match
>>>> google in the path entry right next to it. So if google is in the
>>>> origin I want the match to be positive for spam flag. I can't use just
>>>> '$' for end of string regex because of 'not-for-mail' and other strings
>>>> like that that servers sometimes inject. How can I break this down? I
>>>> have no idea how to reference count the exclamation marks from string
>>>> tail in a preg_match regex string. I suspect I need to reference count
>>>> somehow and do a lookaround match between the last two '!' characters.

>>> I do most of my regex testing here:
>>> https://regex101.com/
>>> Just paste your line in, then try to match it.

>>> This seems to work ok with or without the .POSTED:
>>> /groups.googlegroups.com(!.POSTED)?!not-for-mail/

>> Testing where I shouldn't be testing.

>> Do the backslashes remain?

>> /groups\.googlegroups\.com(\!\.POSTED)?|not-for-mail/

> Appears so.

Great! But it actually should be:

/groups\.googlegroups\.com(\!\.POSTED)?\!not-for-mail/

--
Retro Guy

Re: Request for clarification | header_filters.conf | banned_names.conf

<ee68af3ba039f45efa4e1c45f76762ab$1@sybershock.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=842&group=rocksolid.nodes.help#842

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: 3883@sugar.bug (SugarBug)
Newsgroups: rocksolid.nodes.help
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
Date: Fri, 5 Jan 2024 19:26:47 -0600
Organization: sybershock.com Baggy Jeans Mafia
Message-ID: <ee68af3ba039f45efa4e1c45f76762ab$1@sybershock.com>
References: <20231228120719.71d503ff@dev>
<3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org>
<44a861ddcf33337e57801966920486f3@news.novabbs.org>
<ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com>
<1e7afcc5d705c6ab2116dbdf6c9e28e0@news.novabbs.com>
<1d57cd647af879be4bd0b95c6f43a4b1@example.com>
<93079000a5fca6eccc0acaf4becd5559@example.com>
<1c8b2a24f3b57aa7620805a48ec42d9c@news.novabbs.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: i2pn2.org;
logging-data="2428524"; mail-complaints-to="usenet@i2pn2.org";
posting-account="yZybWhCr+jI4C3MuGpPde+DhCwsjQrVZrsCOigcx7fM";
X-Spam-Checker-Version: SpamAssassin 4.0.0
 by: SugarBug - Sat, 6 Jan 2024 01:26 UTC

On Fri, 5 Jan 2024 14:04:18 +0000
retro.guy@rocksolidbbs.com (Retro Guy) wrote:

> >> Do the backslashes remain?
>
> >> /groups\.googlegroups\.com(\!\.POSTED)?|not-for-mail/
>
> > Appears so.
>
> Great! But it actually should be:
>
> /groups\.googlegroups\.com(\!\.POSTED)?\!not-for-mail/

Is the backend stripping them?

--
No man is free who is not master of himself. ~ Reinhard Ponty

Re: Request for clarification | header_filters.conf | banned_names.conf

<47613fb12f1970eaa738a1a564f0eea4@news.novabbs.org>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=843&group=rocksolid.nodes.help#843

  copy link   Newsgroups: rocksolid.nodes.help
Date: Sat, 6 Jan 2024 02:18:18 +0000
Subject: Re: Request for clarification | header_filters.conf |
banned_names.conf
From: retro.guy@rocksolidbbs.com (Retro Guy)
Newsgroups: rocksolid.nodes.help
X-Rslight-Site: $2y$10$HY2Xbksk9Vca5PyMdGHnPek/ffOtwzzDXon/WfwBNoWe4XhGpm5yy
X-Rslight-Posting-User: 91053d4a47d51b416144568e5a1040f05e31ed1b
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
User-Agent: Rocksolid Light
References: <20231228120719.71d503ff@dev> <3692fbb23c8446bec0c2b8498fc98986$1@news.novabbs.org> <44a861ddcf33337e57801966920486f3@news.novabbs.org> <ebb35f4e1caf01cbd051d0d9faa9d678$1@sybershock.com> <1e7afcc5d705c6ab2116dbdf6c9e28e0@news.novabbs.com> <1d57cd647af879be4bd0b95c6f43a4b1@example.com> <93079000a5fca6eccc0acaf4becd5559@example.com> <1c8b2a24f3b57aa7620805a48ec42d9c@news.novabbs.org> <ee68af3ba039f45efa4e1c45f76762ab$1@sybershock.com>
Organization: Rocksolid Light
Message-ID: <47613fb12f1970eaa738a1a564f0eea4@news.novabbs.org>
X-Face: .&YR-G(w(DZ$$,}%k=]*5*!p'=(anr"IT`wZG'2VWdfl\r)l[42u7JH`n(JUQ*e5*A|XCDf
?&\X&uwkl38"CYX3O8m}C8E4p'%N$2#kSTVzx{Ly|DjLT\Vk7NE}NQ(VC$Yq]i:7|z[.9iv^g>*8_B
H0=hZt'[%)4kG|
 by: Retro Guy - Sat, 6 Jan 2024 02:18 UTC

SugarBug wrote:

> On Fri, 5 Jan 2024 14:04:18 +0000
> retro.guy@rocksolidbbs.com (Retro Guy) wrote:

>> >> Do the backslashes remain?
>>
>> >> /groups\.googlegroups\.com(\!\.POSTED)?|not-for-mail/
>>
>> > Appears so.
>>
>> Great! But it actually should be:
>>
>> /groups\.googlegroups\.com(\!\.POSTED)?\!not-for-mail/

> Is the backend stripping them?

It was in post.php. Backslashes were being stripped at the 'textarea' where the post is entered. That included quoted text.

Posts sent / received using the nntp server not affected.

Should be all fixed now.

--
Retro Guy


computers / Rocksolid Nodes Help / Request for clarification | header_filters.conf | banned_names.conf

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor