bob@acornrc.UUCP (Bob Weissman) (07/10/87)
Why are these bogus "newgroup comp.sources.unix unmoderated" control
messages propagating all over the world? Look at the path it took to
reach me; surely some news admin somewhere in this chain should have
noticed and cancelled the article before it got farther, n'est-ce pas?
We've all got to stay on our toes with randoms like news@pbinfo.uucp around!
<Path: acornrc!ames!sdcsvax!nosc!humu!islenet!dual!seismo!mcvax!unido!pbinfo!news
<From: news@pbinfo.UUCP (News 2.11)
<Newsgroups: comp.sources.unix.ctl
<Subject: newgroup comp.sources.unix unmoderated
<Message-ID: <421c@pbinfo.UUCP>
<Date: 6 Jul 87 16:40:45 GMT
<Control: newgroup comp.sources.unix unmoderated
<Distribution: world
<Organization: Uni-GH Paderborn, FB17/Informatik
<Lines: 0
<Approved: news@pbinfo.UUCP
<Posted: Mon Jul 6 17:40:45 1987
--
Bob Weissman
Internet: bob@acornrc.UUCP
UUCP: ...!{ ames | decwrl | oliveb | apple }!acornrc!bob
Arpanet: bob%acornrc.UUCP@AMES.ARPAjeff@necntc.NEC.COM (Jeff Janock) (07/10/87)
In article <404@acornrc.UUCP> bob@acornrc.UUCP (Bob Weissman) writes: >Why are these bogus "newgroup comp.sources.unix unmoderated" control >messages propagating all over the world? Look at the path it took to >reach me; surely some news admin somewhere in this chain should have >noticed and cancelled the article before it got farther, n'est-ce pas? > >We've all got to stay on our toes with randoms like news@pbinfo.uucp around! > ><Path: acornrc!ames!sdcsvax!nosc!humu!islenet!dual!seismo!mcvax!unido!pbinfo!news Where could this control message have been stopped. Once the article reaches seismo, in fifteen minutes or less, it is too late to stop it. The use of NNTP makes propagation simply too quick to expect to stop an errant control message. Path: necntc!ames!sdcsvax!nosc!humu!islenet!dual!seismo!mcvax!unido!pbinfo!news You can see that the article arrived here via a similar path - by the time this article reached ames, it had leaked off to many uucp sites all the way down the line as it did with ames uucp connections. (lest we not forget uunet, the seismo twin :-) This is a difficult problem to solve, but thanks to root@bloom-beacon for countering with a correct newgroup so soon after the bogus on arrived. It would appear that the message may have been caught at the overseas link mcvax <--> seismo - I mention this because I notice that munnari is calling using uunet; uunet will carry everything, so this could happen via that link virtually anytime with the same problem. Should control message via the overseas link be monitored? This is like asking every admin to do newgroups by hand after receiving the email containing the newgroup directive. You can ask, but let's be real. So, this explains the 'why propagate' question. Now, what to do? -jj ps. Sites that do not carry the 'noise groups' do so for a reason; this incident indirectly relates to a problem that occured just recently. [see <425@gordon.UUCP> in news.config and the arbitron stats this month] -- Jeff Janock - NEC Electronics +1 617 655 8833 jeff@necntc.NEC.COM {ames, decvax, harvard, linus, mit-eddie}!necntc!jeff