Re: Newsgroup filtering with host server software

On Mon, 24 Dec 2007, in the Usenet newsgroup comp.security.firewalls, in
article <N%%bj.2693$lo5.220@xxxxxxxxxxxxxxxxxxxxxxxxxx>, Victek wrote:

Holiday Season Greetings.

I'd like to setup something like Hamster to filter NG's since Windows
Live Mail filtering is pretty inept. Hamster may be fine, but I only
saw the German site when I went looking to download it.

Seeing as how Hamster was created by a German author - that's sort of
expected, isn't it?

Can someone recommend an app that is well supported in English (site
and/or download link appreciated)?

http://www.dmoz.org/Computers/Software/Internet/Servers/Usenet/

However, if you insist on using windoze, you will be somewhat limited in
your choices.

Why not use a real, actual, Usenet client instead of the broken email
clients that MS provides?

That's certainly good advice - there are dozens of real news readers
with more adequate filtering capabilities, although most of them do
expect you to have some idea of how filtering works - that is, what
headers you can most easily filter on (those in an NNTP XOVER list,
which is "From:", "Subject:", "References:", "Date:", "Bytes:",
"Lines:", "Message-ID:" and "Xref:") and how to make the mail reader
display these headers.

If you provided a little more information - what are you wanting to
filter?

A number of public NG's that I frequent are being spammed so bad they
are unusable. alt.comp.freeware is a good example.

I don't look at that newsgroup, and a quick glance suggests it is of
little possible interest to me, but even looking at the last 100
articles posted suggests several types of posts that might be
objectionable. Advertisements: subject keywords, posting name or
domain, message-ID components. Religious postings: same as
advertisements (which in a way, they are). Trolls and troll feeders:
posting name or domain, message-ID components - subject keywords may
also be useful. Sporge, also called Hip-crime attacks: best dealt
with by screaming at the news provider to have them reject the spew,
(many do this automatically) and if necessary, de-peer with the idiot
news provider that is being used as an injection port.

Users and domains can be blocked in Windows Live Mail (WLM), but then
the message store has to be reset to actually remove the blocked
messages.

Sounds like a pretty useless application.

I'd like to be able to filter all this crap so that it doesn't reach
the newsreader at all, but if I can't do that I'd like to use a reader
that immediately removes messages after the senders are marked as
blocked. Outlook Express worked this way, but WLM doesn't.

A problem about blocking "by sender" is the fact that frequently the
sender name is false and may change several times a minute. Most
users are not aware of other possibilities. Reading the RFCs that
define how USENET works (RFC0977, RFC1036, RFC2980, and RFC3977) may
be helpful in this understanding.

I thought that a local server like Hamster might be a good way to exert
more control, but perhaps a better reader would be enough?

Another possibility is to use a News Provider that doesn't have their
head up and locked and actually has a real live person (or more) who
monitors what's going on and filters the obvious crap before your
news reader (or news downloading tool) even has a chance to see it.
None the less, you are correct that a local server can exert a lot more
control over what your reader sees.

[compton ~]$ grep -vE '^([%\[ ]|Score|$)' /var/spool/slrnpull/score |
cut -d' ' -f1 | sort | uniq -c | column
923 From: 12 References: 2 ~Subject:
2 Lines: 305 Subject:
15 Message-ID: 78 Xref:
[compton ~]$

No, I don't expect you to understand UNIX command line, but this shows
that my news spooler (slrnpull) has been told to ignore "From:" lines
(you call this "Sender") with 923 different rules. It filters on the
"Message-ID:" headers to (FOR EXAMPLE) ignore spam posted from google
in several newsgroups. Several trolls in the groups I read have unique
"Message-ID:" headers, and the "References:" rules are used to filter
replies to the trolls. As noted, you need to look at those headers,
and then you can make simple filtering rules.

Old guy
.

Relevant Pages
Quantcast