Re: FAQ postings mistaken for Supersedes (HipCrime) attacks?
Chris Lewis (clewis@ferret.ocunix.on.ca)
Fri, 23 Oct 1998 08:01:22 -0400
On Oct 23, 3:00, Peter_Kappesser@promail.com wrote:
} Subject: FAQ postings mistaken for Supersedes (HipCrime) attacks?
} I run auto-faq to post several FAQs by proxy for a number of authors to
} certain alt. groups and to a private news hierarchy. Recently one of
} the sysadmins redflagged a routine FAQ posting because it used the
} Supersedes line (as they all have for many years now), thinking it a
} possible instance of the "HipCrime" abuse in which legitimate articles
} are superseded by postings of gibberish and spam.
}
} One admin posted: "I submit for public discussion though that using
} Supersedes these days might be counter productive. If those FAQ's are
} posted less often then the average expire time of most servers, the
} Supersedes is redundant and might actually cause the article to be
} thrown away by servers who have gotten fed up with HipCrime and his
} tricks."
}
} Thoughts? My view is that simply dropping articles only because they
} have Supersedes lines is an inappropriate response to the HipCrime
} problem.
It sure is. I'm trying to deal with Hipcrime by cancelling the supersedes
and resurrecting the original. The heuristics I'm using so far make it
(more-or-less) impossible to treat routine FAQ submits as hipcrime. However,
it's becoming harder and harder to detect hipcrime supersedes without
increasing the danger to FAQs. If FAQ posters did not repost within
three days of the original, it would help considerably.
--
Chris Lewis, CyberSheriff (CBC says I am, so it must be true!)
For more information on spam, see http://spam.abuse.net/spam
Fight spam, support Rep. Chris Smith's TCPA extension: http://www.cauce.org
[
Usenet Hypertext FAQ Archive |
Search Mail Archive |
Authors |
Usenet
]
[
1993 |
1994 |
1995 |
1996 |
1997
]
faq-admin@faqs.org
© Copyright The Internet FAQ Consortium, 1997
All rights reserved