Wally J <walterjones@invalid.nospam> wrote:

[...]
> As I said, I'm astounded Google is allowing this to happen when
> they won't even let me log into my long-time email from the VPN
> service I've been using for years - but Google is Google after all.
[...]

PMFJI

I successfully use several Gmail accounts with a VPN but I access them
using IMAP with this Mac's native Mail.app. Are you using your browser
and Google's webmail interface? Do you perhaps have a spam-defeating
setting on your VPN? The VPN I use (PIA) has such a setting and it does
make a few websites barf until I switch it off.

--
^Ï^. Sn!pe, PA, FIBS - Professional Crastinator.
My pet rock Gordon just said "Klaatu barada nikto."

Google Groups articles not seen here unless poster is whitelisted.

On 12/3/23 23:52, Grant Taylor wrote:
> On 12/3/23 18:07, Wally J wrote:
>> so working backward, the users
>> can all filter on the system "Injection-Info: header" (which
>> moments ago I tried to spoof but Wolfgan'gs and Gondalfo's server
>> prevented that (as they should).
>
> I don't know how protected the Injection-Info: header is.  There's a
> good chance that it is as protected as the Path: header.
>

Does that mean they are protected or aren't?
--
user <candycane> is generated from /dev/urandom

candycanearter07 <no@thanks.net> writes:

> On 12/3/23 23:52, Grant Taylor wrote:
>> I don't know how protected the Injection-Info: header is.  There's a
>> good chance that it is as protected as the Path: header.
>
> Does that mean they are protected or aren't?

They're non-modifiable by clients.

Thus spake Tom Furie <tom@furie.org.uk>
> candycanearter07 <no@thanks.net> writes:
>> On 12/3/23 23:52, Grant Taylor wrote:
>>> I don't know how protected the Injection-Info: header is.  There's a
>>> good chance that it is as protected as the Path: header.
>> Does that mean they are protected or aren't?
> They're non-modifiable by clients.

Unlike the Injection-Info: header, the Path: header must be explicitly
protected by setting strippath to TRUE in readers,conf

,------------------------------------------------------------------------
| strippath
| If set to true, any Path header field provided by a user in a
| post is stripped rather than used as the beginning of the
| Path header field body of the article. This is a boolean
| value and the default is false.
| ^^^^^^
\________________________________________________________________________

man readers.conf (for INN2)

--
Пу́тін — хуйло́
http://www.eternal-september.org

On 12/4/23 01:02, Wally J wrote:
> OK. Thanks. I apologize for calling folks stupid as even I just now
> implemented regex filters to filter out _all_ Google Usenet posts.

;-)

I absolutely agree that filtering all of Google Groups is
/questionable/. And that news administrators that do so may need to
speak to why they did so. But I maintain that it's their choice to make
how they run their server.

Similarly it's end users choice how they run their news reader.

> It's stupid; but it's the easiest thing to do. I agree. I just did it.
> So call me stupid. I get it now.

I don't think saying that "it's the easiest thing to do" does it justice.

Filtering all of Google Groups is the only thing that I'm aware of that
doesn't miss any spam.

I'd love to learn about another option that doesn't miss the spam while
it does allow the good messages. I keep hoping that someone will
suggest something.

N.B. I don't believe that retroactively removing spam detected after the
fact; e.g. NoCeMs, is viable. -- I applaud people's efforts. But
there are multiple down sides to that system, much of which is people's
ongoing effort / time.

> If people want to post to Usenet, they will just have to know to not use
> Google Groups to do it. That's the result. I'm filtering it now myself.

That is the reality that is forming.

> I apologize it took me this long to understand, but now I agree with all
> the arguments that the news servers can't do much else given the newservers
> they peer with peer with Google, where de-peering isn't as easy as I had
> thought it would be.
>
> It would have to be the news server doing EXACTLY what I just did.
> Drop all messages coming from Google Groups users.
>
> It's too bad _any_ news servers peer with Google then, it seems.

I don't object to the concept of peering with Google, or anyone else,
for that matter. I do object to continuing to peer with an organization
that is clearly a massive source of spam.

> Namely Highwinds and Giganews (but I'm not sure which are the culprits).

Given the nature of Usenet's flood fill methodology, the articles will
eventually make it if there is a path and a receiving news server
doesn't filter them.

> Again, I am sorry I didnt' realize any of this when I had first posted.
> It took me a bunch of articles to get up to speed where I see now why "my"
> solution will have to be to just filter them _all_ out at receipt. Sigh.

I consider that to be learning. You presented valid points / concerns
and you listened to responses. You then came to your own conclusion.
-- I wish a LOT more people would do the same in many aspects of life.

> Luckily it's easy as there are at least three headers which are unique.
> Injection-Info: google-groups.googlegroups.com...
> Message-ID: <...@googlegroups.com>
> User-Agent: G2/1.0

I would discourage filtering on Message-ID: and User-Agent: as I think
that they can much more easily be faked by end users. Maybe I'm wrong.

> BTW, there's a project, I see, that tries to help users filter it all out.
> <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>

Yep. There's lots of effort to clean up the mess that emanates from Google.

> Thanks for your help.

You're welcome.

> My biggest hurdle was that I thought Google wouldn't
> allow it, and that if it happened, they'd put a stop to it pronto.

I've never been a Google fan boy by any stretch of the imagination. But
there was a time when I would have given Google the benefit of the
doubt. That was more like two decades ago. I've seen too much,
experienced too much, hurt too much, cleaned up from too much since then
to do more than keep an open ear / eye.

> I thought it was a fluke.

I wish it was a fluke. Or even a flash in the pan that Google was
/quickly/ reacting to.

> Someone slipping in an accidentally opened window.

Sadly not.

> One that Google would close the moment that they realized it was open.

If only.

> Which is why I thought it more likely it went around Google.

My curmudgeonly experience is that the bigger the institution the slower
that it moves. Leviathan comes to mind.

> But I have to agree with you that it's actually coming from Google.

;-)

> Sigh.

I hoist my beverage in equal dismay at Google's behavior.

> I have friends who had worked there and they're all smart guys who know how
> to code well. They just have to be given the task by Google Management.

Google is now an institution and does what they think is best for them.
The "Don't" sign has fallen over and nobody has bothered to pick up the
mess.

--
Grant. . . .

In article <ukjucg$slos$1@paganini.bofh.team>,
Wally J <walterjones@invalid.nospam> wrote:
>Grant Taylor <gtaylor@tnetconsulting.net> wrote
>
>>> Thanks for letting me know I can filter on that line.
>>
>> So ... does this mean that you are starting to think about filtering all
>> messages from Google, at least in the newsgroup that you're interested in?
>
>Well, um, er... it's embarrassing, especially after I said it was stupid to
>just filter out all Google Groups posts, but I've already implemented it.
>
>So can I take my words back now? :)
>I'm surprised you didn't ream me harder. Thanks for being nice about it.
>

I have had enough of GG and unaccountability!

>>
>>> But this is best taken up with the powers that be in this order.
>>>
>>> 1. Google
>>
>> Almost certainly deaf ears and / or don't care.
>
>Given Google won't even let me log into my own email account on VPN, I
>wasn't prepared when I asked the question for the answer to be that google
>isn't doing a thing about it. It wasn't one of the considerations I had.
>
>I _still_ think if we get to the right people, we can get them to do
>something about it. We just need a way to "tell them".
>
>Tomorrow I'll call Mountainview (but I've been there, done that). The
>operator must work on the side for the Gestapo as she'll never give you
>anyone's phone number. But she might give me a "contact" method, which
>likely entails a general Q&A location - but I'll try it nonetheless.
>
>>> 2. Peers
>>
>> Likely deaf ears and / or don't care.
>
>That's the second shock. I was trying to think logically what the problem
>was, assuming it was an accidentally opened window they were climbing in.
>
>But if the window is left open on purpose, then that means the only avenue
>left is for each user to filter it out (or for the responsible servers to).
>
>Do I have my understanding correct yet that it's kind of like this?
>
>1. The spammer logs into google groups and posts mountains of spam.
>2. Servers just as Giganews & Highwinds peer with Google (I think).
>3. Servers such as dizum, mixmin, E-S, paganini, etc., peer with them.
>4. We get the articles from any one of those news servers.
>
>Is that kind of how it works?
>
>If so, then is the culprit first & foremost Google.
>But secondly the servers that peer with Google?
>
>>
>>> 3. Users
>>
>> Yep.
>>
>> Users are left to clean up the mess that others make way too often.
>
>Well. I just did it. I called it stupid. But I have to eat my words.
>I thought the right answer was to ask Google to close the window.
>Or, worst case, to ask peers to stop peering Google servers.
>
>Now that I'm edified, I still think those are the right answers.
>But they'll never happen (based on what folks told me).
>
>So I implemented a complete plonk already.
>I could have picked any of the three headers
>a. Message id
>b. Newsreader
>c. Injection-info
>
>So I picked the Injection info.
>Luckily it's easy to do for all people on all newsreaders.
>
>There's even a web site to help them do it.
> <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>

Is that indexed by Google?

>--
>Usenet is a useful way to meet people who know more than I do.

Exactly how I feel.
--
Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen
Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

In article <ukk29k$m8d$1@freeq.furie.org.uk>,
Tom Furie <tom@furie.org.uk> wrote:
>Grant Taylor <gtaylor@tnetconsulting.net> writes:
>
>> HighWinds can be de-peered just like Google can be.
>
>The follow-on problem there is that in today's world, if your ISP still
>offers usenet access, or if you subscribe to a commercial usenet
>provider, there's a high probability that what you're connecting with is
>in reality nothing more than a front-end to Highwinds/Abavia/Giganews.
>
>At least users of Google Groups *know* they're using Google Groups, even
>if they don't understand the distinction between that and usenet.

Can we get Highwindsto drop GG like a rock?
--
Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen
Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

doctor@doctor.nl2k.ab.ca (The Doctor) writes:

> Can we get Highwindsto drop GG like a rock?

Unlikely. It seems (hearsay only, I have no direct experience) that
speaking to Highwinds is about as effective as speaking to Google.

On 12/4/23 01:16, Wally J wrote:
> Well, um, er... it's embarrassing, especially after I said it was stupid to
> just filter out all Google Groups posts, but I've already implemented it.
>
> So can I take my words back now? :)

No. You can't take them back.

But you can learn from them and try to avoid the same mistake in the
future. -- Or so I've been told.

> I'm surprised you didn't ream me harder. Thanks for being nice about it.

Would it have done any good? Would you feel better if I had? I
wouldn't feel better about it.

So ... why put people out if there's no benefit longer than 45 seconds
of me feeling better when venting. ;-)

> Given Google won't even let me log into my own email account on VPN, I
> wasn't prepared when I asked the question for the answer to be that google
> isn't doing a thing about it. It wasn't one of the considerations I had.

I'm genuinely sorry for being party to your experiencing Google falling
off a pedestal. That's never fun and I don't encourage it.

> I _still_ think if we get to the right people, we can get them to do
> something about it. We just need a way to "tell them".

I think it will actually take multiple people. The people to advocate
that there is a problem that needs to be fixed. The people with the
know how to fix the problem. The people to encourage management to
allow the people with the know how to fix the problem. The management
to listen.

> Tomorrow I'll call Mountainview (but I've been there, done that). The
> operator must work on the side for the Gestapo as she'll never give you
> anyone's phone number. But she might give me a "contact" method, which
> likely entails a general Q&A location - but I'll try it nonetheless.

:-/

> That's the second shock. I was trying to think logically what the problem
> was, assuming it was an accidentally opened window they were climbing in.

Sadly nothing as benign as that.

> But if the window is left open on purpose, then that means the only avenue
> left is for each user to filter it out (or for the responsible servers to).

Reluctantly.

> Do I have my understanding correct yet that it's kind of like this?
>
> 1. The spammer logs into google groups and posts mountains of spam.
> 2. Servers just as Giganews & Highwinds peer with Google (I think).
> 3. Servers such as dizum, mixmin, E-S, paganini, etc., peer with them.
> 4. We get the articles from any one of those news servers.
>
> Is that kind of how it works?

Yep.

> If so, then is the culprit first & foremost Google.
> But secondly the servers that peer with Google?

Also true.

Giganews and Highwinds are in a somewhat unique position in that they
can literally de-peer Google as in remove the peering configuration for
Google from their servers.

For the rest of us that don't actually peer with Google, "de-peer"
translates to filter.

> Well. I just did it. I called it stupid. But I have to eat my words.

Trust me when I say that I've had to eat far worse words that I've said
/ typed. -- It's part of why I afford people wider berths when they
may be preparing a foot salad of their own. ;-)

> I thought the right answer was to ask Google to close the window.

I think that it is the most proper / most direct thing to do. Sadly I
think it's the least likely to have any effect.

> Or, worst case, to ask peers to stop peering Google servers.

Sadly, the big peers don't care and are unwilling to take it on the chin
to de-peer Google. After all It's Google, they can do no wrong! <sick>

> Now that I'm edified, I still think those are the right answers.
> But they'll never happen (based on what folks told me).

That seems to be the unpalatable reality.

> So I implemented a complete plonk already.
> I could have picked any of the three headers
> a. Message id
> b. Newsreader
> c. Injection-info

I take it that Path: wasn't an option for you?

I used Path: as cleanfeed on my news server has explicit support for
banning hosts in the Path: header.

> So I picked the Injection info.
> Luckily it's easy to do for all people on all newsreaders.

ACK

> There's even a web site to help them do it.
> <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>

Yep.

--
Grant. . . .

On 12/4/23 01:54, Wally J wrote:
> I'll ask Andy Burns to post his filters to the thunderbird newsgroup.
>
> Here's a snippet of his conversation earlier today on comp.mobile.android
> I have a separate address book called "google whitelist"
> I put people in it of I know they're google groups users
> I have a message filter that has two rules and two actions
> IF "from" ISN'T IN ADDR BOOK "google whitelist"
> AND message-id CONTAINS "@googlegroups.com"
> THEN mark as read
> AND add tag #6
> That's thunderbird, I'm sure other clients can do similar

Kudos for "mark as read" vs "delete".

That has the benefit of the messages being there if you want to go look
for them. Which is exactly why I do that very thing for email filters.

But Usenet is somewhat different, especially filtering server side.

> Well, see above. If we can get one person on each newsreader to post their
> "complicated" filter, then everyone benefits. But I get your point.

I was thinking more server side to catch each type of spam emanating
from Google Groups while still allowing ham through. That's at least
two orders of magnitude more complicated and an ever changing game of
whack-a-mole.

> I, myself... don't feel like _writing_ a complicated filter.
> Of course, I'll _implement_ one if someone gives it to me.

*nod*

> Likewise I think with many users.
> But I get your point.

;-)

> Thanks.

You're welcome.

I'd have to look up NNTP as I don't do it often enough. But I used to
do SMTP / POP3 / IMAP weekly and sometimes daily at ${OLD_JOB}.

I find that I'm now occasionally speaking HTTP via telnet or via
OpenSSL's s_client for TLS.

> I had trouble believing that. But if they know about it, and don't do
> anything about it, then the problem _is_ google, I agree.

I can't "like" this statement, no matter how much I agree with it.

> They make a newsgroup unusable without filtering them out.

#HEAVYsigh

> Yes but. If the peers-with-google dropped their messages, maybe Google
> would think twice? Dunno. I'll give Mountainview a call tomorrow.

I suspect that there are multiple, if not many, in Google that would
think "finally, now we can kill that thing that we've been dragging
forward".

> Well, the solution, as I think everyone agrees, is for Google to do their
> job. I'm shocked, actually, that Google allows this. You're not. But I am.

I want to be clear, I used to be shocked. That was years ago. The
shock wore off. The apathy -- I think that's the word that I want --
remains.

> Again, I will call Mountainview and try to get a human (fat chance).

I suspect that you'll eventually get to a human if you try hard and / or
long enough.

I'll be surprised if that human is anything more than a complaints
department / yes person.

I'll be shocked if any good comes from your efforts. Unless you are the
final straw that breaks the camel's back.

> They may give me a way though to file a complaint using my Google Account.
> That's how they fixed the Google Maps errors I had told them about.
> That took 'em only a month - but I suspect this process will be longer.
> If not forever.
>
>
> Understood. The weird thing though is their coding is so sophomoric that it
> even blocks me when I post from a public library to a large group of my
> neighbors, but it doesn't block me when I post from home - but get this -
> the same account posts to the same neighbors (so it's just bad coding).

"sophomoric" is a good way to describe much of what I experienced.

> Yeah. And that took a formal paper letter. They wouldn't accept anything
> else but a letter with documentation (which wasn't hard to do but nowadays
> we use email for almost everything).

The requirement for paper was probably a very low level gate that blocks
multiple orders of magnitude of complaints that they consider to be noise.

> Well, I'm glad the search engine exists,

Please don't get me started on their search engine.

I have a funny thing wherein I expect words that I search for to be in
the (cached version of) the results page.

I use `grep`, `find.exe`, and the likes frequently.

But I'm also a lay human I can't possibly know what I want to search for
and I must be helped / coddled by the LLM feigning AI. <PROJECTILE VOMIT>

> and I've been a big proponent of
> it for many years, as it's much better than some of the others, e.g.,
> Narkives:
> <https://news.admin.peering.narkive.com>
> <https://news.software.nntp.narkive.com>
> <https://comp.mobile.narkive.com>
> etc.
>
> I think it's highwinds and giganews but I don't know much about peering.
>
>
> I don't think they'll ever let me get to a person inside without a person
> inside giving me the email, but I will try tomorrow but I don't expect a
> miracle.

Tavis O. used to be on the blue bird sight that used to start with a T.
I've not been there in a while and have no idea if he is either.

> Yeah. I know. Plus they care about Google Maps being correct.
> DejaGoogle they don't (most likely).

Sadly.

> Thanks for being nice to me, especially since I had barged in clueless.

Please return the favor to someone else. ;-)

> If something comes of my call tomorrow, I'll let you know.

Please do.

> But I don't expect much (and I'm sure you expect even less than I do).

;-)

--
Grant. . . .

On 12/4/23 02:23, Tom Furie wrote:
> The follow-on problem there is that in today's world, if your ISP still
> offers usenet access, or if you subscribe to a commercial usenet
> provider, there's a high probability that what you're connecting with is
> in reality nothing more than a front-end to Highwinds/Abavia/Giganews.

Agreed.

Though I don't see a problem with that in and of itself. Though if I
were an ISP, I would refer to it as outsourced service for ISP customers.

I don't think there is any shame in an ISP outsourcing some services.
They just need to own it and admit it.

--
Grant. . . .

On 12/4/23 03:08, Tom Furie wrote:
> The difference being that Google Groups users know they're using Google
> Groups and make the conscious choice as to whether to continue to do so.

Except the Google Groups users posting to comp.os.vms aren't posting to
a Google Group, they are posting to Usenet. They are experiencing the
very same thing you're lamenting, just the opposite side of the same coin.

--
Grant. . . .

Grant Taylor <gtaylor@tnetconsulting.net> writes:

> On 12/4/23 03:08, Tom Furie wrote:
>> The difference being that Google Groups users know they're using Google
>> Groups and make the conscious choice as to whether to continue to do so.
>
> Except the Google Groups users posting to comp.os.vms aren't posting
> to a Google Group, they are posting to Usenet. They are experiencing
> the very same thing you're lamenting, just the opposite side of the
> same coin.

That's fair comment, but they *are* doing it through the Google Groups
interface/infrastructure, and therein lies their choice.

Grant Taylor <gtaylor@tnetconsulting.net> writes:

> I don't think there is any shame in an ISP outsourcing some
> services. They just need to own it and admit it.

Neither do I, sometimes it's just not cost effective to do everything
in-house. Much better all around to hand said service to someone who
specialises in it and can deliver more effectively/efficiently.

Their owning and admitting to doing so, however, is for the most part a
matter of "if only".

On 12/4/23 10:54, Grant Taylor wrote:
> On 12/4/23 01:02, Wally J wrote:
>> I have friends who had worked there and they're all smart guys who
>> know how
>> to code well. They just have to be given the task by Google Management.
>
> Google is now an institution and does what they think is best for them.
> The "Don't" sign has fallen over and nobody has bothered to pick up the
> mess.

Do you mean the "Don't be evil" sign? They took that down recently.
--
user <candycane> is generated from /dev/urandom

On 12/4/23 11:54, Tom Furie wrote:
> Grant Taylor <gtaylor@tnetconsulting.net> writes:
>
>> On 12/4/23 03:08, Tom Furie wrote:
>>> The difference being that Google Groups users know they're using Google
>>> Groups and make the conscious choice as to whether to continue to do so.
>>
>> Except the Google Groups users posting to comp.os.vms aren't posting
>> to a Google Group, they are posting to Usenet. They are experiencing
>> the very same thing you're lamenting, just the opposite side of the
>> same coin.
>
> That's fair comment, but they *are* doing it through the Google Groups
> interface/infrastructure, and therein lies their choice.

Yeah, you can't control what Google does to its own server.
--
user <candycane> is generated from /dev/urandom

On 12/4/23 12:58, candycanearter07 wrote:
> Do you mean the "Don't be evil" sign? They took that down recently.

Yes, I do.

But no, they didn't take the sing down.

The "be evil" is still there.

They pulled an Office Space patch wherein they fixed the accounting
error but didn't tell ${CHARACTER_WHOS_NAME_I_FORGOT} that he was no
longer employed.

Grant. . . .

Grant Taylor <gtaylor@tnetconsulting.net> wrote

> N.B. I don't believe that retroactively removing spam detected after the
> fact; e.g. NoCeMs, is viable. -- I applaud people's efforts. But
> there are multiple down sides to that system, much of which is people's
> ongoing effort / time.

Frank Slootweg, whom I think you know of, also suggested that the news
server admins were making use of NoCeMs in this post today on c.m.a.
*Spam floods from Google Groups (was fumigation)* by Frank Slootweg
Message-ID: <ukkvm4.1jc.1@ID-201911.user.individual.net>
<https://groups.google.com/g/comp.mobile.android/c/CvM86LHCHh4/m/997jctDYAwAJ>

Frank pointed the Android users to this FAQ for what servers are doing.
'The NoCeM FAQ' <http://www.cm.org/faq.html>

>> If people want to post to Usenet, they will just have to know to not use
>> Google Groups to do it. That's the result. I'm filtering it now myself.
>
> That is the reality that is forming.

I'd point every user to this page (unless you know of better) who
wants/needs an if-not-whitelist-then-blacklist google groups poster.
*Usenet Improvement Project - Google Groups Filters*
<http://twovoyagers.com/improve-usenet.org/index.html>

I'm all about communicating good things so let me know if you know of a
better page for showing nascent users how to use the google filters.
>> It's too bad _any_ news servers peer with Google then, it seems.
>
> I don't object to the concept of peering with Google, or anyone else,
> for that matter. I do object to continuing to peer with an organization
> that is clearly a massive source of spam.

The only three things I've ever had even a teeny tiny bit of success with
Google on a personal level is Rod Speed's murder email, changing Usenet
URIs to the dejagoogle archives and fixing local Google Maps routing.

But it must be getting worse as I'm on the phone right now after going to
<https://about.google/intl/ALL_us/contact-google/>
And then after calling 650-253-0000 (which is a googleplex automated human)
And which only works "Monday to Friday from 8 am to 5 pm PST" where
you say "It's something else" a few times and then they tell you...
"Continue to hold for the next available Agent"

Guess how long I've been on the phone waiting for a human to pick up?
<https://i.postimg.cc/kgFknPX0/google01.jpg> 650-253-0000 phone call
(It's now well over three hours waiting for Google to pick up the phone.)

Note: I use Google Voice on the iPad because it doesn't create an account
on the mothership whereas GV on Android does create that account (if you
don't have any accounts on Android - which I don't for privacy reasons).

While I was waiting, I went to see if there's a contact on Wikipedia.
<https://en.wikipedia.org/wiki/Google_Groups>
Nothing useful there except the DejaNews history we already know.

Still waiting, I looked up "how to contact google for real"
<https://www.businessinsider.com/guides/tech/how-to-contact-google-support>
But they only said what I knew e.g., "Google doesn't want to talk to you".

Still waiting... I searched s'more and found other garbage such as this.
<https://groups.google.com/g/google-usenet>
Or this "chat support" link:
<https://support.google.com/chatsupport/?hl=en>
But all it has is a single article on "Add a Google Group to a space".

>> Namely Highwinds and Giganews (but I'm not sure which are the culprits).
>
> Given the nature of Usenet's flood fill methodology, the articles will
> eventually make it if there is a path and a receiving news server
> doesn't filter them.

In the past, I was able to get spammers booted off the a.h.r. newsgroup
simply by sending the proof to the respective admins, where Paolo
blacklisted the entire group (which was a bit Draconian if you ask me),
but others like Ray Banana just kicked off the OT spammers themselves.

While Steve Crook, Benjamin Gufler, Roman Racine, Jesse Rehmer, Alex
DeJoode, Steen Jensen (as I recall) and a few other reliable news server
admins responded positively (Ray simply asked for valid proof for example),
I never could get any response from the likes of Giganews, Highwinds, or
Individual.net admins.

While the top level problem lies with Google, I think whomever it was that
said the problem also involves those who peer with Google like those three.

>> Again, I am sorry I didnt' realize any of this when I had first posted.
>> It took me a bunch of articles to get up to speed where I see now why "my"
>> solution will have to be to just filter them _all_ out at receipt. Sigh.
>
> I consider that to be learning. You presented valid points / concerns
> and you listened to responses. You then came to your own conclusion.
> -- I wish a LOT more people would do the same in many aspects of life.

Thanks. I have multiple degrees in varying fields and it's amazing both how
much we know and how much we don't know - such that I'm never embarrassed
to let someone know what I don't know - nor to learn from them what they
do.

> I would discourage filtering on Message-ID: and User-Agent: as I think
> that they can much more easily be faked by end users. Maybe I'm wrong.

Absolutely you are correct. The only two headers that I'm aware of that are
"harder" to spoof are the path (which I tested once with Frank Slootweg to
see what we could inject into the path) and now I foound out the injection
header also.

For the PATH: header, as I recall, long ago (depending on the server) we
could inject stuff into it but at some point we lost control & the news
server took it from here (and yes, I saw Wolfgang Weyand's response about
his warning on the default PATH settings allowing more freedom for that).

>
>> BTW, there's a project, I see, that tries to help users filter it all out.
>> <http://twovoyagers.com/improve-usenet.org/filters_ex3.html>
>
> Yep. There's lots of effort to clean up the mess that emanates from Google.

Heh heh... you should see how much I have to do on my non-rootable Android
Samsung Galaxy A32-5G just to break free of Google's privacy intrusions!
<https://xdaforums.com/m/galaxya325g.11604613/recent-content>

>> I thought it was a fluke.
>
> I wish it was a fluke. Or even a flash in the pan that Google was
> /quickly/ reacting to.

Well, I was "hoping" I could do something given three times I was able to
get Google to do something - but it's been three hours and they still
haven't picked up the phone - so I may have to give up on this tack.

It has been so long that their "endless loop" of songs finally ran out
at around the 185 minute mark! <https://i.postimg.cc/d388rqkj/google02.jpg>

Bearing in mind that Google Groups isn't "exactly" the same as Google
Usenet is, there is this URL that says it allows you to contact them...
"*Contact Owners and Managers of Google Usenet*"
Google Usenet (google-usenet@googlegroups.com)
<https://groups.google.com/g/google-usenet/about>

There is a settings-gear-icon image at top right, which has the option to:
"Send feedback to Google"
1. Tell us what prompted this feedback.
2. A screenshot will help us better understand your feedback.

Here's a screenshot of that which I recommend others do right now.
<https://i.postimg.cc/k462x02X/spam02.jpg>
Which is based on this URL:
<http://groups.google.com/g/comp.mobile.android>
Which is proof of the inordinate amount of spam making the ng unusable.

You're welcome to refer to that spam shot in your request for Google
Groups Usenet to implement spam filters to make ngs usable again.
--
Usenet is a way to discuss topics with people who know more than I do.

Grant Taylor <gtaylor@tnetconsulting.net> wrote

>> I _still_ think if we get to the right people, we can get them to do
>> something about it. We just need a way to "tell them".
>
> I think it will actually take multiple people. The people to advocate
> that there is a problem that needs to be fixed. The people with the
> know how to fix the problem. The people to encourage management to
> allow the people with the know how to fix the problem. The management
> to listen.

Well, I was hoping to get a hold of a person at Google to make the starting
case, which I think is obvious with this one screenshot alone.

Site: <http://groups.google.com/g/comp.mobile.android>
Group: comp.mobile.android
Results: <https://i.postimg.cc/6pj29c6f/spam01.jpg>

The argument is Google alone is making that newsgroup unreadable.
Even if we filter it out, the _search engine_ is still almost unusable.

Can you imagine looking for "movie editors" on that Android search engine?
Google is breaking their own search engine (about which they should care).

>> Tomorrow I'll call Mountainview (but I've been there, done that). The
>> operator must work on the side for the Gestapo as she'll never give you
>> anyone's phone number. But she might give me a "contact" method, which
>> likely entails a general Q&A location - but I'll try it nonetheless.
>
> :-/

It's currently 205 minutes and the endless loop of songs ran out around the
185 minute so it's just deadly silence at the moment - don't wish me much.
<https://i.postimg.cc/kgFknPX0/google01.jpg>
<https://i.postimg.cc/d388rqkj/google02.jpg>

Good thing I use Google Voice to call Google in Mountainview so I can use
up some of their own free bits waiting more than three hours for them to
pick up the phone by a human... :)

>> 1. The spammer logs into google groups and posts mountains of spam.
>> 2. Servers just as Giganews & Highwinds peer with Google (I think).
>> 3. Servers such as dizum, mixmin, E-S, paganini, etc., peer with them.
>> 4. We get the articles from any one of those news servers.
>>
>> Is that kind of how it works?
>
> Yep.

Thanks. That pretty much answers my original question, at least at the
level that I can do anything about it after understanding that answer.

>> So I implemented a complete plonk already.
>> I could have picked any of the three headers
>> a. Message id
>> b. Newsreader
>> c. Injection-info
>
> I take it that Path: wasn't an option for you?
>
> I used Path: as cleanfeed on my news server has explicit support for
> banning hosts in the Path: header.

Oh. The path? Yeah. It could be useful too. I didn't even think of that.
Thanks for bringing it up. But I already implemented "injection info".
Plus I have tested the PATH: before with Frank Slootweg.
You can, in some cases, mess with it, even as a non-sophisticated user.

>> If so, then is the culprit first & foremost Google.
>> But secondly the servers that peer with Google?
>
> Also true.
>
> Giganews and Highwinds are in a somewhat unique position in that they
> can literally de-peer Google as in remove the peering configuration for
> Google from their servers.
>
> For the rest of us that don't actually peer with Google, "de-peer"
> translates to filter.

I need to do one more thing which is figure out if it's just giganews and
highwinds or if individual.net is also involved. Now that I've filtered out
the spam, I don't see it and the dejagoogle web archives no longer show the
headers (they used to show them, but not anymore).

So I have the cruelly ironic task of removing my filters in order to figure
out the sum total of peers directly to the google spam.

Do you know, offhand, if individual.net is also one of them?
Is there any way to tell other than to look at the PATH headers again?
>> I thought the right answer was to ask Google to close the window.
>
> I think that it is the most proper / most direct thing to do. Sadly I
> think it's the least likely to have any effect.

Here's what might be nice to communicate to the thousands of users.

Here is where they can complain to the powers that be at Google.
They're welcome to attach as an upload my screenshot from yesterday.
<https://i.postimg.cc/6pj29c6f/spam01.jpg>
And the link from whence it came:
<https://groups.google.com/g/comp.mobile.android>
Because that shows the spam has made even Google's web search unusable.

Here's how to tell Google they need to reduce this spam content:
"*Contact Owners and Managers of Google Usenet*"
Google Usenet (google-usenet@googlegroups.com)
<https://groups.google.com/g/google-usenet/about>

There is a settings-gear-icon image at top right, which has the option to:
"Send feedback to Google"
1. Tell us what prompted this feedback.
2. A screenshot will help us better understand your feedback.

Here's a screenshot of that which I recommend others do right now.
<https://i.postimg.cc/k462x02X/spam02.jpg>

The more people who contact Google, teh better, but like you, I'm at the
point that Google must know about it by now - so maybe they don't care.

But maybe not.
I think it's worth a try for everyone to communicate the problem to them.
That link is the only way I know of at the moment.
As calling them isn't gonna happen (it's 216 minutes and counting).

Which is proof of the inordinate amount of spam making the ng unusable.
--
Posting a question on Usenet is an attempt to learn from others who know
more than you do & then to combine our tribal knowledge for all to benefit.

Wally J <walterjones@invalid.nospam> wrote:
[...]

> Absolutely you are correct. The only two headers that I'm aware of that are
> "harder" to spoof are the path (which I tested once with Frank Slootweg to
> see what we could inject into the path) and now I foound out the injection
> header also.

For the record, I never "tested" spoofing the PATH header with you,
because - being an ex News admin - I knew the PATH header can't be
'spoofed' (read: preloaded) - by a newsreader user - on a properly
configured News server.

By that time, the News server(s) which *did* allow path preloading had
probably already vanished and if it/they hadn't, I wasn't going to
mention its/their name(s).

> For the PATH: header, as I recall, long ago (depending on the server) we
> could inject stuff into it but at some point we lost control & the news
> server took it from here (and yes, I saw Wolfgang Weyand's response about
> his warning on the default PATH settings allowing more freedom for that).

A warning is always good, but I don't think there's currently any
legit server out there which allows path preloading.

[...]

Grant Taylor <gtaylor@tnetconsulting.net> wrote

> I'd have to look up NNTP as I don't do it often enough. But I used to
> do SMTP / POP3 / IMAP weekly and sometimes daily at ${OLD_JOB}.

I wrote this up once in a tutorial to help users respond to an old expired
article where all they had was teh message id (in the days when Google's
Dejagoogle search engine provided the headers - which they don't do now).

> I find that I'm now occasionally speaking HTTP via telnet or via
> OpenSSL's s_client for TLS.

I use stunnel quite frequently but telnet with encryption is a hassle
as I really don't understand how to do it except to check Steve Crook's
free-certificate expiry dates. :)

>> Well, I'm glad the search engine exists,
>
> Please don't get me started on their search engine.
>
> I have a funny thing wherein I expect words that I search for to be in
> the (cached version of) the results page.
>
> I use `grep`, `find.exe`, and the likes frequently.

Yup. I use "control F" and then "F3" (and shift F3) a lot when using
the dejagoogle search engine to find things I _know_ are there.

Note: Many articles of long ago said that was a big problem
that the dejagoogle search doesn't even find what is _known_ to exist.
<https://www.vice.com/en/article/jp5a77/google-a-search-company-has-made-its-internet-archive-impossible-to-search>

>> Yes but. If the peers-with-google dropped their messages, maybe Google
>> would think twice? Dunno. I'll give Mountainview a call tomorrow.
>
> I suspect that there are multiple, if not many, in Google that would
> think "finally, now we can kill that thing that we've been dragging
> forward".

Remember when AT&T teamed up with the Cuomo bastard to make excuses for why
they dropped all Usenet services from their cable service about 20 years
ago?

All their excuses were only believed by stupid people.
They dropped it for the reason you said above.

They can't make money off us using it.

>> Again, I will call Mountainview and try to get a human (fat chance).
>
> I suspect that you'll eventually get to a human if you try hard and / or
> long enough.

It's currently 235 minutes and waiting. I don't feel like making more
screenshots to prove what I say as I suspect you believe me on this.

> I'll be surprised if that human is anything more than a complaints
> department / yes person.

I'm hoping I get a contact, just like I did in the past to get some minor
things fixed that they cared about (like map routing & google URIs).

> I'll be shocked if any good comes from your efforts. Unless you are the
> final straw that breaks the camel's back.

I would NOT recommend calling them as I've been on for hours, so the only
thing people _can_ do, I think, is explain the situation over here.
<https://i.postimg.cc/k462x02X/spam02.jpg>

1. Go here <https://groups.google.com/g/google-usenet/about>
2. Press the settings-gear-icon image at top right
3. Select "Send feedback to Google"
a. "Tell us what prompted this feedback."
b. "A screenshot will help us better understand your feedback."
Folks can refer to <https://groups.google.com/g/comp.mobile.android>
And they can use this too <https://i.postimg.cc/6pj29c6f/spam01.jpg>

If a few hundred people did that, "maybe" they'd take notice.
--
Each of us on Usenet has a different use model so we learn from each other.

Frank Slootweg <this@ddress.is.invalid> wrote

>> Absolutely you are correct. The only two headers that I'm aware of that are
>> "harder" to spoof are the path (which I tested once with Frank Slootweg to
>> see what we could inject into the path) and now I foound out the injection
>> header also.
>
> For the record, I never "tested" spoofing the PATH header with you,

Depends on how you word that. You vehemently disagreed with what I had
stated, and then I proved to you what was possible. We agreed on that
(which, how could we not - because it _was_ possible at that time).

> because - being an ex News admin - I knew the PATH header can't be
> 'spoofed' (read: preloaded) - by a newsreader user - on a properly
> configured News server.

You don't remember challenging me on my statements to the iKooks that the
header can't be changed, Frank? I do. I very well do. Google it. :)

At that time, what could be changed was stuff could be injected.
But only for some servers.

I proved it to you using nothing more than telnet, at that time as I
recall.

> By that time, the News server(s) which *did* allow path preloading had
> probably already vanished and if it/they hadn't, I wasn't going to
> mention its/their name(s).

You need to search on what we discussed. Let me refresh your memory:
a. An iKook said the headers were inviolable
b. I responded, off the cuff, that they're "all" fungible
c. You disputed that (rightly so) but on the technical merits

We covered this twice, Frank. Once then, and once a few years later.
(You forget I have a good memory - and all this is in the public record.)

What happened, years later, is I brought it up and you again refuted it.

Then I tested it in that rebuttal and that's when I learned what can and
can not be done with the path header, as _every_ other header tested in
that communication was fungible (time, date, newsreader, etc.).

I was able to inject stuff into the path, so I agreed with you that any
header that is not fully controlled by the server, is fungible.

And we left it at that.
If we must, I'll dig up the cite as it was on the comp.mobile.android ng.

Note: Both of us were correct from the beginning even as you knew then more
than I did then and you know now more than I do now about this stuff.

What you objected to was the off-hand colloquial use of "all" when my
explanation was I was explaining things to an iKook who didn't have the
capacity to understand it at the level of detail that you do.

>> For the PATH: header, as I recall, long ago (depending on the server) we
>> could inject stuff into it but at some point we lost control & the news
>> server took it from here (and yes, I saw Wolfgang Weyand's response about
>> his warning on the default PATH settings allowing more freedom for that).
>
> A warning is always good, but I don't think there's currently any
> legit server out there which allows path preloading.

Probably true, as I'm well aware you use to run an nntp server as I recall,
so I'll accept what you say as probable fact as I've done my path header
testing at the time we last discussed it long ago.
--
Sensible people will agree with anyone who says something logically sound.

In article <ukl1rj$4pj$1@freeq.furie.org.uk>,
Tom Furie <tom@furie.org.uk> wrote:
>doctor@doctor.nl2k.ab.ca (The Doctor) writes:
>
>> Can we get Highwindsto drop GG like a rock?
>
>Unlikely. It seems (hearsay only, I have no direct experience) that
>speaking to Highwinds is about as effective as speaking to Google.

sick!
--
Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen
Merry Christmas 2023 and Happy New year 2024 Beware https://mindspring.com

Wally J <walterjones@invalid.nospam> wrote:

[Much deleted.]

> What happened, years later, is I brought it up and you again refuted it.
>
> Then I tested it in that rebuttal and that's when I learned what can and
> can not be done with the path header, as _every_ other header tested in
> that communication was fungible (time, date, newsreader, etc.).
>
> I was able to inject stuff into the path, so I agreed with you that any
> header that is not fully controlled by the server, is fungible.
>
> And we left it at that.

Duh! The *point* is that - on a properly configured server - the PATH
header *is* "fully controlled by the server", so it's *not* "fungible".

So as usual a lot of talk, without specifics, let alone proof.

As I said, *some* rogue server(s) allowed preloading the path, so
obviously on that/those server(s) one was "able to inject stuff into the
path". But on a legit server, this was and is not possible.

> If we must, I'll dig up the cite as it was on the comp.mobile.android ng.

Don't "dig up the cite", because that will be only more talk and no
proof, but post a cite which proves you "injected stuff into the path"
of a *legit* server *and* give the Message-ID of that cite.

[...]

Frank Slootweg <this@ddress.is.invalid> wrote:
>Wally J <walterjones@invalid.nospam> wrote:

>[Much deleted.]

>>What happened, years later, is I brought it up and you again refuted it.

>>Then I tested it in that rebuttal and that's when I learned what can and
>>can not be done with the path header, as _every_ other header tested in
>>that communication was fungible (time, date, newsreader, etc.).
>>I was able to inject stuff into the path, so I agreed with you that any
>>header that is not fully controlled by the server, is fungible.

>>And we left it at that.

> Duh! The *point* is that - on a properly configured server - the PATH
>header *is* "fully controlled by the server", so it's *not* "fungible".

> So as usual a lot of talk, without specifics, let alone proof.

> As I said, *some* rogue server(s) allowed preloading the path, so
>obviously on that/those server(s) one was "able to inject stuff into the
>path". But on a legit server, this was and is not possible.

Eyeballing, it's usually obvious what the preloaded portion of the Path
is.

>[...]