[Coco] Re: Thanks for the Princeton Bit.Listserv.CoCo Mail
John E. Malmberg
wb8tyw at qsl.net
Tue Feb 3 14:25:56 EST 2004
In article <002301c3ea37$eb8eefe0$33cef7a5 at bosie>,
"Stephen H. Fischer" writes:
>> If you look from the newsgroup postings that may not be evident until
>> you look to see the posting address. If it is "dex.pathlink", then the
>> posting came from the mailing list. If that text is missing, it came
>> from the newsgroup.
> I did not find the "dex.pathlink", in the first message I looked at. I did
> find something just as damming!
I should have checked that more carefully. The dex.pathlink.com show up in
e-mail headers from the listserv, not in the newsgroup.
The newsgroup has "newsguy.com!mdrn" for postings that came from the mailing
I should know better, I am automatically copying the non-spam posts from the
bit.listserv.coco on to the Color_Computer notes conference on
If you post to bit.listserv.coco, then almost no checks are done, and the
message gets posted. At less than 5 direct spams a year from that source,
it is not worth spending the cycles checking the direct news postings for spam.
Most of the normal spam is detected by the auto-moderator program, and ignored.
The troll subscriptions usually end up in the moderator queue, as do 419 scams
and stock pump and dump scams, viruses, and broken virus scanners, until those
sources are set to be ignored.
The auto-moderator automatically manages a whitelist of valid senders that no
spam checks need to be made on. If someone is replying to a subject posted by
a previously whitelisted person, they are automatically whitelisted, unless
they are on the ignore list.
If the person is unknown to the list, the posting is checked for keywords that
are likely unique to the COCO.
When the auto-moderator can not make a determination, it holds the posting until
it can, or I override it.
The auto-moderator program only looks at content for three things when to
determine if the message is real. The first is for COCO related keywords. an
in the last 6 months, that has allowed two spammers through. The second for
links that either do not resolve, or resolve to I.P. addresses known to be
controlled by spammers. There have been zero false positives by that check.
SpamAssasin can not do that check presently, but there is a project in the
works. The third item is if there is no plain-text portion, or the presence
of BASE64 in the message. No false positives on that test either.
Membership to Encompasserve.org is currently free, all you have to do is Telnet
to it and sign up if you want to read the bit.listserv.coco postings with the
spam removed. Due to the low volume of real postings, the auto-moderator
program is only running once a day.
If the newsguy gateway put correct information in the source header field,
then I would not see most of the 419 scams and the stock pump and dump scams
either. They all come from systems previously identified as sending only
The troll subscriptions would still need to be added to the manual block lists.
> "newsgate.newsguy.com!newsp.newsguy.com" was way to the right on the "Path:"
That is probably meaningless as it does not specifically identify where the
message was injected from. I do not think it can not be used to positively
identify the message origin. All it says is that it came from or passed
through newsguy.com news server.
If the you find "newsguy.com!mdrn", then the post came from the listserv which
is operated by Princeton.edu.
With out the "newsguy.com!mdrn", that other information that you showed
could come from any news poster that used the newsguy.com service or peered
> It will take getting down to a intense investigation, but I believe that the
> error that you suggest is caused by the B.L.CoCo owner not doing any of his
> duties for a long time. Things changed and no one was at the controls. I bet
> that if you looked you would find other errors that are occurring. You may
> be amazed at the power and micro managing level commands used by the list
> owners for the headers. Yes, the list owners! No one else has the
> responsibility or the capability to do this.
I do not know who owns the Bit.listserv.coco newsgroup. But there should be a
charter statement associated with it.
But it very well may turn out that the bit.listserv.coco is effectively
owned by the same people who sponser the Princton based coco mailing list,
and those sponsers are no longer present.
This is implied because the bit.listserv newsgroups were meant to be mirrors of
existing mailing lists of bitnet.
In that case ownership of the newsgroup would need to be transferred if it
was abandoned. And I do not know the procedure for that.
>> But as we have no official standing with Princeton, we can not request
>> that they start operating their mail server or even the mailing list in
>> a way that reliably keeps the spam out with out blocking real e-mail.
> Please Please Please! Do not keep saying Princeton this or Princeton that.
> Princeton has no one doing anything that we are talking about.
Princeton is the entity in control of the mailing list that is gated to
bit.listserv.coco. That mailing list is known as the LISTSERV.
The mailing list came first, the newsgroup was created as a mirror for it.
The whole bit.listserv.* is intended to be mirrors of bitnet member mailing
> Again I state. The List Owner has the power and the responsibility to
> correctly manage their list.
And currently the List Owner is Princeton.edu. The "bit.listserv" by
definition is a mirror of mailing lists hosted by bitnet members, not
originally a separate entity.
The bit.listserv.coco may be a separate entity now, or it may not be.
> The list owner can set up helpers to do the job, but the responsibility is
> the list owners.
The list owner is Princeton.edu and according to their published criteria,
the mailing list should have been shutdown as soon as the list sponser
either stopped being a faculty or student at Princeton.
The newgroup owner is unknown, but because of the naming convention it, there
is a strong possiblity that it is also tied directly to the mailing list.
> The bad news that I have just now is that the list owner for the CoCo list
> has moved onto other places and interests.
That news has already been posted on the old Coco mailing list/newsgroup at
least a few years back, and has been since re-posted a few times.
> Getting Princeton, and in this case I clearly wish to state that I mean the
> person at Princeton who has the title of Master List Owner, to accept a new
> list owner for our list is the only possible path. Short of some hacker
> breaking into the listserver there is no way with out the Master List Owner
> accepting a new CoCo list owner to ever change anything.
According to the Princeton requirements, that list owner must be faculty or
staff of Princeton.edu. They do not host mailing lists for anyone else.
They have a public web site with information, but I do not have the URL handy.
So unless they make an exception to their policies, you must find someone
inside of Princeton to be a sponser.
Otherwise your actions if they change anything at all, it will result in the
listserv that is hosted by Princeton being shutdown. And depending on the
charter for the newsgroup bit.listserv.coco, that could result in it being
removed along with it.
I think you need to do some more research before you take any action.
wb8tyw at qsl.net
Personal Opinion Only
More information about the Coco