Newsreader with anti-spam? - Suse

This is a discussion on Newsreader with anti-spam? - Suse ; On Sun, 10 Jun 2007 19:02:51 +0000, Ron Gibson wrote: > I've used Pan for so long now and I hate this version (and hated it when > I've run across it on other distros also). I want version 0.14.2.91 ...

+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
Results 21 to 35 of 35

Thread: Newsreader with anti-spam?

  1. Re: Newsreader with anti-spam?

    On Sun, 10 Jun 2007 19:02:51 +0000, Ron Gibson wrote:

    > I've used Pan for so long now and I hate this version (and hated it when
    > I've run across it on other distros also). I want version 0.14.2.91 which
    > I can't get to install. I can't even find filters and rules in this new
    > one and that is a must have.
    >
    > With mandrivia I was able to get it to install on 2007.1 by using a rpm
    > built for 2007.
    >
    > Tried to compile the older version from source but it would appear I will
    > have to do something drastic to get it working.
    >
    > I haven't tried to use an old Suse rpm, yet.
    >
    > Any other ideas?


    I tried installing a couple of old rpms of Pan on 10.2 and they wouldn't
    install. I tried pan-0.14.2.tar and had no luck. I finally got
    pan-0.14.2-101.src.rpm from one of the 10.1 repositories to rebuild and
    install on suse 10.2 (64 bit).

    Karen


  2. Re: Newsreader with anti-spam?

    On Sun, 10 Jun 2007 17:57:57 -0700, Karen wrote:

    > I tried installing a couple of old rpms of Pan on 10.2 and they
    > wouldn't
    > install. I tried pan-0.14.2.tar and had no luck. I finally got
    > pan-0.14.2-101.src.rpm from one of the 10.1 repositories to rebuild and
    > install on suse 10.2 (64 bit).


    Well that's good to know. I see I'm not the only one underwhelmed with
    this newer Pan release.

    I can put up my precompiled binary on my ftp server if anyone wants it.
    All you have to do is, remove the old pan, put the binary I speak of
    in the path and delete (better to backup and then delete) your old
    ~/.pan2 file.

    You can start it from a terminal in X but I'd add it to the menus which
    is easy enough.

    Good work, BTW.

    --
    Linux Help: http://rsgibson.com/linux.htm
    Email - rsgibson@verizon.borg
    Replace borg with net


  3. Re: Newsreader with anti-spam?

    On Sun, 10 Jun 2007 15:03:49 -0500, Moe Trin wrote:

    > You have to look at the headers of posts you don't think are worth
    > seeing.
    > Some things are obvious, some not. Don't like posters from google? The
    > obvious header would be "User-Agent:" but that's "expensive" scoring. A
    > better one is to kill on the "Message-ID:". It does help if you (and your
    > news client) understand "regular expressions" and "wild cards".


    > Old guy


    Is that the same Old Guy I've seen about? Good to see your still kicking
    if so.

    --
    Linux Help: http://rsgibson.com/linux.htm
    Email - rsgibson@verizon.borg
    Replace borg with net


  4. Re: Newsreader with anti-spam?

    On Sun, 10 Jun 2007 22:53:11 +0200, Chris Maaskant wrote:

    > I think just not worth the effort to figure out how to filter spam.
    > Spammers are smart, they change, and i don't want to keep up.


    I set a rule and filter in Pan to delete any post crossposted to more
    than 3 NG's.

    Usually it's either spam or some nut that crossposted to 20 NG's.

    Still few get through though, maybe 4-5 a week per NG.

    --
    Linux Help: http://rsgibson.com/linux.htm
    Email - rsgibson@verizon.borg
    Replace borg with net


  5. Re: Newsreader with anti-spam?

    Ron Gibson wrote:
    >On Sun, 10 Jun 2007 06:28:39 +0000, Chris wrote:


    >> I use knode and setup filters. I can filter on any header field.

    >
    >> don't think automagic spam detection would work with newsgroups like it
    >> does with email addressed specifically to you. I think it would be close
    >> to impractical perhaps even impossible due to the nature of usenet? I
    >> would like to be prove wrong though What do mailinglists do to prevent
    >> the spam?


    >I've used Pan for so long now and I hate this version (and hated it when
    >I've run across it on other distros also). I want version 0.14.2.91 which
    >I can't get to install. I can't even find filters and rules in this new
    >one and that is a must have.


    >With mandrivia I was able to get it to install on 2007.1 by using a
    >rpm built for 2007.


    >Tried to compile the older version from source but it would appear I
    >will have to do something drastic to get it working.


    >I haven't tried to use an old Suse rpm, yet.


    >Any other ideas?


    Contact the authors?

    --
    --- Paul J. Gans

  6. Re: Newsreader with anti-spam?

    David Bolt wrote:
    > On Mon, 11 Jun 2007, houghi wrote:-
    >
    >
    >
    >>I think I am goig to make a script `Sort` that just contains `sort|uniq
    >>-c|sort -nr`, because I use it a lot, or is there a better way to do
    >>that?

    >
    > Maybe adding an alias to .bashrc?


    No, that would not work with scripts and such. I was actualy looking for
    a way to do it with e.g. `sort -NR` or anything else undocumented.

    houghi
    --
    The blue light suddenly flashed on my horrified face. What a disaster!
    Oh, the humanity! I never thought it would happen to me. How terrifying
    it is to see for yourself "*The Blue Screen of Death*".

  7. Re: Newsreader with anti-spam?

    Paul J Gans wrote:
    > Ron Gibson wrote:
    >>On Sun, 10 Jun 2007 06:28:39 +0000, Chris wrote:

    >
    >>> I use knode and setup filters. I can filter on any header field.

    >>
    >>> don't think automagic spam detection would work with newsgroups like it
    >>> does with email addressed specifically to you. I think it would be close
    >>> to impractical perhaps even impossible due to the nature of usenet? I
    >>> would like to be prove wrong though What do mailinglists do to prevent
    >>> the spam?

    >
    >>I've used Pan for so long now and I hate this version (and hated it when
    >>I've run across it on other distros also). I want version 0.14.2.91 which
    >>I can't get to install. I can't even find filters and rules in this new
    >>one and that is a must have.

    >
    >>With mandrivia I was able to get it to install on 2007.1 by using a
    >>rpm built for 2007.

    >
    >>Tried to compile the older version from source but it would appear I
    >>will have to do something drastic to get it working.

    >
    >>I haven't tried to use an old Suse rpm, yet.

    >
    >>Any other ideas?

    >
    > Contact the authors?


    Compile the newer version and tell what is going wron/on.

    houghi
    --
    The blue light suddenly flashed on my horrified face. What a disaster!
    Oh, the humanity! I never thought it would happen to me. How terrifying
    it is to see for yourself "*The Blue Screen of Death*".

  8. Re: Newsreader with anti-spam?

    On Sun, 10 Jun 2007 19:02:51 +0000, Ron Gibson typed this message:

    > On Sun, 10 Jun 2007 06:28:39 +0000, Chris wrote:
    >
    >> I use knode and setup filters. I can filter on any header field.

    >
    >> don't think automagic spam detection would work with newsgroups like
    >> it
    >> does with email addressed specifically to you. I think it would be
    >> close to impractical perhaps even impossible due to the nature of
    >> usenet? I would like to be prove wrong though What do mailinglists
    >> do to prevent the spam?

    >
    > I've used Pan for so long now and I hate this version (and hated it when
    > I've run across it on other distros also). I want version 0.14.2.91
    > which I can't get to install. I can't even find filters and rules in
    > this new one and that is a must have.
    >
    > With mandrivia I was able to get it to install on 2007.1 by using a rpm
    > built for 2007.
    >
    > Tried to compile the older version from source but it would appear I
    > will have to do something drastic to get it working.
    >
    > I haven't tried to use an old Suse rpm, yet.
    >
    > Any other ideas?


    Yep, not happy with the filtering in the new Pan 0.12x but I have to
    admit the memory problems are gone. I've asked for some of the old
    filtering but for now one has to select what to keep (score) and then
    delete what's not scored.

  9. Re: Newsreader with anti-spam?

    On Mon, 11 Jun 2007, in the Usenet newsgroup alt.os.linux.suse, in article
    , Ron Gibson wrote:

    >On Sun, 10 Jun 2007 22:53:11 +0200, Chris Maaskant wrote:


    >> I think just not worth the effort to figure out how to filter spam.
    >> Spammers are smart, they change, and i don't want to keep up.


    Spammers are NOT smart - they typically lack the intelligence of a rock.
    I don't have much trouble with them. As for filtering, it's the same
    concept for your home firewall. I don't know about you, but I don't
    offer SSH to everyone in the world. For SSH at home, I accept
    connections from exactly 1545 IP addresses (a /22. two /24s, and nine
    specific hosts) ONLY. If I'm going on a trip and need to allow access
    from other addresses, I can do so - but for now - 1545 addresses.

    >I set a rule and filter in Pan to delete any post crossposted to more
    >than 3 NG's.


    Mine is set to five groups, BUT I also kill articles cross-posted to
    inappropriate groups - *.advocacy, *microsoft*, *windows* and a lot
    of alt.* in addition to "humanities*, rec.* s* (grabs a lot more than
    sci.* or soc.*), talk.* and the like. Regular expressions and wild
    cards work wonders.

    >Usually it's either spam or some nut that crossposted to 20 NG's.


    The news servers I use seem to have their own killfiles, and I rarely
    see articles with crosspostings to more than four groups. See the
    "FAQ: Current Usenet spam thresholds and guidelines" that is posted
    to various news.admin.net-abuse.* groups on a weekly basis (or see
    http://www.killfile.org/faqs/spam.html). Another one is the "Cancel
    Messages: Frequently Asked Questions" - a four part article posts to
    the same groups monthly (http://www.killfile.org/faqs/cancel.html).

    >Still few get through though, maybe 4-5 a week per NG.


    Most of the crap I see is multi-posted, mainly from google.groups.
    I've set a killfile on my news READER (as opposed to the local
    spooler) that searches for identical posts and scores them down.
    I also have it set to kill on posting IP address - and that is
    intentionally broad (I have some /12s listed as spam sources).

    Old guy

  10. Re: Newsreader with anti-spam?

    Moe Trin wrote:
    > I don't know about you, but I don't
    > offer SSH to everyone in the world. For SSH at home, I accept
    > connections from exactly 1545 IP addresses (a /22. two /24s, and nine
    > specific hosts) ONLY. If I'm going on a trip and need to allow access
    > from other addresses, I can do so - but for now - 1545 addresses.


    I do accept it, but you get 4 tries and then I block you. The reason is
    that I do not want to be at some place with an IP I forgot.
    Either ssh is safe, or it isn't. The reason I vlock after 4 is not due
    to safety, it is due to the fact that I do not want to polute my
    logfile.

    What it is is security through obscurity and that doesn't work.

    > Mine is set to five groups, BUT I also kill articles cross-posted to
    > inappropriate groups - *.advocacy, *microsoft*, *windows* and a lot
    > of alt.* in addition to "humanities*, rec.* s* (grabs a lot more than
    > sci.* or soc.*), talk.* and the like. Regular expressions and wild
    > cards work wonders.


    The best is just to kill ALL crossposts.

    > Most of the crap I see is multi-posted, mainly from google.groups.


    Mmm. I never see multiposts from google.

    houghi
    --
    You tried, and you failed, so the lesson is, never try. - Homer J. Simpson.

  11. Re: Newsreader with anti-spam?

    John Bowling wrote:
    > Given the amount of recent spam on the group, is there a newsreader that
    > has a good working spam filter?
    >
    > John


    Thunderbird works great. It has a junk mail feature that learns as you
    select what is junk. Then next time it automatically handles the junk as
    you specified; to the junk folder or immediately delete. It also has
    logging to keep track of what is deleted. You can also un-junk something
    which you change your mind about.
    It has an e-mail scam analyzer and you an have automatic quarantining
    for anti-virus. One of the best mail and news programs I've found for Linux.

  12. Re: Newsreader with anti-spam?

    On Tue, 12 Jun 2007, in the Usenet newsgroup alt.os.linux.suse, in article
    , houghi wrote:

    >Moe Trin wrote:


    >> I don't know about you, but I don't offer SSH to everyone in the
    >> world. For SSH at home, I accept connections from exactly 1545 IP
    >> addresses (a /22. two /24s, and nine specific hosts) ONLY. If I'm
    >> going on a trip and need to allow access from other addresses, I
    >> can do so - but for now - 1545 addresses.

    >
    >I do accept it, but you get 4 tries and then I block you. The reason is
    >that I do not want to be at some place with an IP I forgot.


    Do you honestly wander about the globe with no notice? Must be nice
    to be able to go to any country in the world without needing to get
    something silly like a visa.

    I allow those 1545 addresses, because I know that is all I normally
    need, but if I did decide to "block" unwanted addresses rather than
    "allow" acceptable addresses, it takes just eight rules in my firewall
    setup to block the majority of hosts on six continents. When I do
    travel, a simple port-knocking setup will allow me to access the
    server while avoiding the wasted bandwidth. If you don't get the
    knock sequence, then you don't get a chance to try to log in - it's a
    very simple addition to the layers without being overly complex.

    >Either ssh is safe, or it isn't. The reason I vlock after 4 is not due
    >to safety, it is due to the fact that I do not want to polute my
    >logfile.


    Why bother to log? Does a entry in your log file that some zombie
    box in North Spamistan tried several times really have any use?

    >What it is is security through obscurity and that doesn't work.


    And exactly how do you feel that this is "security through obscurity"?
    Those 1545 hosts still have to have the appropriate credentials in
    order authenticate - or are you expecting that I'd allow anyone from
    those IPs to connect without authentication? Are you really missing
    the whole concept of "layers of security"?

    >> Most of the crap I see is multi-posted, mainly from google.groups.

    >
    >Mmm. I never see multiposts from google.


    I have to support several Linux distributions, as well as several of
    the "branded" UNIX, so I at least scan more than one newsgroup. I also
    follow a number of security newsgroups - both directly related to *nix
    and of the more general type, as well as a few networking groups like
    comp.os.linux.networking, comp.protocols.tcp-ip, comp.dcom.sys.* and
    comp.dcom.lans.ethernet. There really is more than alt.os.linux.suse
    out there.

    Old guy

  13. Re: Newsreader with anti-spam?

    Moe Trin wrote:
    > Do you honestly wander about the globe with no notice? Must be nice
    > to be able to go to any country in the world without needing to get
    > something silly like a visa.


    The last many countries I visited, I indeed did not need a visa. No idea
    how this is related to anything, but there you go.

    > I allow those 1545 addresses, because I know that is all I normally
    > need, but if I did decide to "block" unwanted addresses rather than
    > "allow" acceptable addresses, it takes just eight rules in my firewall
    > setup to block the majority of hosts on six continents. When I do
    > travel, a simple port-knocking setup will allow me to access the
    > server while avoiding the wasted bandwidth.


    I accept that. Great. I do something else to limit access. I just do not
    do it because of securety, because I do not believe my system is
    suddenly safe that way.

    > If you don't get the
    > knock sequence, then you don't get a chance to try to log in - it's a
    > very simple addition to the layers without being overly complex.


    I do not accept that. It is security through obscurity. Yes, it makes
    the amount of attempts lesser. However I am only interested in the one
    that might get through, not the ones that don't. I look at the weakest
    link.

    >>Either ssh is safe, or it isn't. The reason I vlock after 4 is not due
    >>to safety, it is due to the fact that I do not want to polute my
    >>logfile.

    >
    > Why bother to log? Does a entry in your log file that some zombie
    > box in North Spamistan tried several times really have any use?


    Why not log? It is default and I have no reason to turn it of. Also the
    attempt has no real use, so that is the reason I kill it after 4
    attempts.

    >>What it is is security through obscurity and that doesn't work.

    >
    > And exactly how do you feel that this is "security through obscurity"?


    Because if your system is unsafe, then it is still unsafe. When it is
    safe, it is safe. A bit like either being pregnant or not. You can't be
    a bit pregant.

    > Those 1545 hosts still have to have the appropriate credentials in
    > order authenticate - or are you expecting that I'd allow anyone from
    > those IPs to connect without authentication? Are you really missing
    > the whole concept of "layers of security"?


    I do not. I just do not see lesser people more security.

    >>> Most of the crap I see is multi-posted, mainly from google.groups.

    >>
    >>Mmm. I never see multiposts from google.

    >
    > I have to support several Linux distributions, as well as several of
    > the "branded" UNIX, so I at least scan more than one newsgroup. I also
    > follow a number of security newsgroups - both directly related to *nix
    > and of the more general type, as well as a few networking groups like
    > comp.os.linux.networking, comp.protocols.tcp-ip, comp.dcom.sys.* and
    > comp.dcom.lans.ethernet.


    So? I do not see any multiposts from google groups.

    > There really is more than alt.os.linux.suse
    > out there.


    No ****. So you think this is the only group I ever post or posted in?
    Wow. Also no idea why you get so defensive. My opinion is that
    security through obscurity does not work and that blocking some people
    is security through obscurity. You have and other opinion.

    Also I do not see multiposts from google and you do.

    Great. Different oppinions.

    houghi
    --
    You tried, and you failed, so the lesson is, never try. - Homer J. Simpson.

  14. Re: Newsreader with anti-spam?

    On Tue, 12 Jun 2007, in the Usenet newsgroup alt.os.linux.suse, in article
    , houghi wrote:

    >Moe Trin wrote:


    >> Why bother to log? Does a entry in your log file that some zombie
    >> box in North Spamistan tried several times really have any use?

    >
    >Why not log? It is default and I have no reason to turn it of. Also the
    >attempt has no real use, so that is the reason I kill it after 4
    >attempts.
    >
    >>>What it is is security through obscurity and that doesn't work.

    >>
    >> And exactly how do you feel that this is "security through obscurity"?

    >
    >Because if your system is unsafe, then it is still unsafe. When it is
    >safe, it is safe. A bit like either being pregnant or not. You can't be
    >a bit pregant.


    In that case, why are you blocking after the fourth attempt? Don't you
    feel THAT is as much "security through obscurity" as my not letting
    them attempt to connect in the first place?

    Old guy

  15. Re: Newsreader with anti-spam?

    Moe Trin wrote:
    > In that case, why are you blocking after the fourth attempt?


    If I do it after the first attempt, I can not make any mistakes myself,
    so four attempts seem like a good number to me. One because the other
    keyboard has a different layout then I am used to. One because the
    numlock is on. One because I can make a mistake and a last one I need to
    be able to log in.

    > Don't you feel THAT is as much "security through obscurity" as my not
    > letting them attempt to connect in the first place?


    No, because I do not do it because of security. I thought I was pretty
    clear in why I do it and it ain't a security reason.

    I have even described it here:
    http://www.novell.com/coolsolutions/tip/18080.html
    Problem:
    Many attempts to connect to SSH are done, polluting the log files.

    The only thing about security there is to use only ssh2. All the rest is
    about the logfiles and keeping them clean.

    houghi
    --
    You are about to enter another dimension, a dimension not only of
    sight and sound but of mind. A journey into a wondrous land of
    imagination. Next stop, Usenet!

+ Reply to Thread
Page 2 of 2 FirstFirst 1 2