On Thu, 29 Jun 1995 08:52:20 -0500 Kyle said:
>I would pursue legal action against this britestar if they aliased your site.
 
No, here's what happens. Usenet cares very much about the Date: and
Message-ID: fields because these influence the way posts are distributed.
Usenet doesn't care about From: fields. Listserv, on the other hand,
doesn't care about Date: or Message-ID: but does care about From: since
it is a mail-based system.
 
The spammers post their spam to every newsgroup in sight. (They generally
do so from an account they've opened with some Internet Service Provider
(ISP). They usually go to some small ISP and they give no indication
about what they intend to do. After spam the ISP closes the account, but
the spammers just walk away. They've made their money by posting the spam
and will just open an account with some other ISP for the next spam.)
 
Anyhow, the spammers post to every newsgroup and do so with an invalid
From: address because they don't want you tracking them down too quickly
(ie, before the spam makes its way around the net). Usenet doesn't care
and distributes the spam. If the spam is to a newsgroup gateway'ed to a
mailing list, the gateway gets the spam and mails it to the listserv.
 
Now, the listserv does care about the From: address and detects the bad
one. It has no address it can use, so it uses the return address provided
by the "SMTP" mail transport mechanism. This address, which is suppose to
be used to return bounce messages to the sender, points to the gateway.
This is why the post appeared to come from the gateway. The address was
put there not by the spammers or by the gateway, but by the listserv as
it distributes the post to the list subscribers.
 
>Reply-to:     [log in to unmask]     (the gateway)
>Sender:       HP-3000 Systems Discussion <[log in to unmask]>
>Comments:     RFC822 error: <W> Incorrect or incomplete address field found and
>              ignored.                 (the invalid From: address)
 
For the last few years The American University has been providing a
gateway service between about 350 electronic mailing lists and usenet
newsgroups (most in the bit.* hierarchy). We have donated the resources
need to perform this service as a contribution to the networking
community.
 
The gateway passes all posts from the newsgroup to the mailing list and
from the mailing list to the newsgroup. This allows people to read from
and post to mailing lists using a "news reader" instead of having the
mail arrive intermixed with their incoming personal e-mail. It also
allows those who do not have access to news to read from and post to a
newsgroup in which they have an interest. The gateway passes all posts
without examining their contents. In all cases the gateways were
established at the request of or with the permission of the list owners.
 
From time to time someone has posted an advertisement to a large number
of newsgroups -- including those for which we provide this gateway
service. These posts are then sent to the mailing list associated with
the newsgroup. Also from time to time someone has posted an advertisement
to a large number of mailing lists, and the gateway again has done its
job and posted these messages to the newsgroups associated with these
mailing lists. These "spam" messages almost always result in hundreds of
complaints to the postmaster account at our site. Even worse, our mail
software appends our domain name to badly constructed e-mail addresses --
making it look like the person who posted the "spam" message is one of
our users -- or the listserv detects the incorrect e-mail address and
instead uses the gateway's address -- making it look like the gateway
originated the post.
 
The amount of time dealing with the peripheral issues related to the
gateways has simply gotten out of hand. We have not minded providing
the machine resources for the gateway service -- most of the posts were
coming to our Listserv and/or news server anyway -- and the time needed
to set up the gateways has been minimal. However I cannot afford to spend
vast amounts of time dealing with complaints every time a "spam" occurs
-- on top of the fact that for providing a service to the networking
community we appear to be a site which is causing trouble for the
network.
 
Frankly, there seems to be no good way to provide a transparent gateway
service between mailing lists and newsgroups in such a way as to prevent
spams. It doesn't matter if the newsgroup is moderated or the mailing
list is protected (eg, set Send=Private). The spammers put in Approved
tags in their posts so they are accepted in moderated newsgroups, and
since the gateway is both subscribed to the list and refered to in the
post's headers the post is accepted for protected mailing lists.
 
We are at this point considering our options. We are looking into moving
the gateways to a unix machine and both suppressing the appending of our
domain name to incorrect addresses, as well as pointing back to the
original poster or the list in the Return-Path field. Our only other
alternative will be to stop providing the gateway service. Lists which
cannot find an alternative gateway site would then have their associated
newsgroups rmgroup'ed. We recognize this may effectively close down the
bit.* hierarchy so we would prefer to get the first solution -- that of
masking the gateway's address -- working.
 
Jim McIntosh ([log in to unmask])
The American University
Washington DC 20016-8019 USA