Posts in news.lists.filters direct us to

https://pasdenom.info/nocem.en.html

To get the pgp however the site times out.

What's the use of posting nocem messages if nobody can use them?

Ref: message-id uim0br$uu$[email protected]



--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Nov 11, 2023 at 1:19:45 AM CST, "Nigel Reed" <[email protected]> wrote:

Posts in news.lists.filters direct us to

https://pasdenom.info/nocem.en.html

To get the pgp however the site times out.

What's the use of posting nocem messages if nobody can use them?

Ref: message-id uim0br$uu$[email protected]

Site loads fine here.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Jesse Rehmer wrote:

On Nov 11, 2023 at 1:19:45 AM CST, "Nigel Reed" <[email protected]> wrote:

Posts in news.lists.filters direct us to

https://pasdenom.info/nocem.en.html

To get the pgp however the site times out.

What's the use of posting nocem messages if nobody can use them?

Ref: message-id uim0br$uu$[email protected]

Site loads fine here.

I went there out of idle curiosity and even the "The public key can be
imported from:" link worked just fine. This was with Seamonkey, a
browser which has timeout problems with a fair proportion of sites.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 11 Nov 2023 11:28:04 -0000 (UTC), Jesse Rehmer <[email protected]> wrote:

On Nov 11, 2023 at 1:19:45?AM CST, "Nigel Reed" <[email protected]> wrote:

Posts in news.lists.filters direct us to
https://pasdenom.info/nocem.en.html
To get the pgp however the site times out.
What's the use of posting nocem messages if nobody can use them?
Ref: message-id uim0br$uu$[email protected]

Site loads fine here.

(using Tor Browser 13.0.1)
https://pasdenom.info/nocem.en.html

NoceM issued by pasdenom.info
[email protected] sends NoCems of the type:
site -> rare manual notices
spam -> 99.99% spam
spam2 -> spam with rare false positives
spam3 -> spam with false positives
spam4 -> spam with slightly more false positives
The types spam, spam2, spam3 and spam4 get a score from spamassassin,
the higher the number the lower the threshold, the greater the risk
of a legitimate article being considered spam.
The public key can be imported from:nono.asc >https://pasdenom.info/gpg/nono.asc
Here is an example of a note
http://al.howardknight.net/?ID=165087803400

[end quote]

...@googlegroups... = ...@googlespam...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 11 Nov 2023 11:28:04 -0000 (UTC)
Jesse Rehmer <[email protected]> wrote:

On Nov 11, 2023 at 1:19:45 AM CST, "Nigel Reed"
<[email protected]> wrote:

Posts in news.lists.filters direct us to

https://pasdenom.info/nocem.en.html

To get the pgp however the site times out.

What's the use of posting nocem messages if nobody can use them?

Ref: message-id uim0br$uu$[email protected]

Site loads fine here.

Add, I tried it on a couple of browsers on a couple of operating
systems and no dice. I tried lynx on a a different server and it pulls
up. Maybe my IP block is firewalled or something.

--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Andrew wrote:

Nigel Reed wrote:

On Sat, 11 Nov 2023 11:28:04 -0000 (UTC)
Jesse Rehmer <[email protected]> wrote:

On Nov 11, 2023 at 1:19:45 AM CST, "Nigel Reed"
<[email protected]> wrote:

Posts in news.lists.filters direct us to

https://pasdenom.info/nocem.en.html

To get the pgp however the site times out.

What's the use of posting nocem messages if nobody can use them?

Ref: message-id uim0br$uu$[email protected]

Site loads fine here.

Add, I tried it on a couple of browsers on a couple of operating
systems and no dice. I tried lynx on a a different server and it pulls
up. Maybe my IP block is firewalled or something.

What does traceroute say?

It won't be incredibly helpful, I did a "ping -c 4 pasdenom.info" and
saw that the site appears to eat "ping" requests.

sudo traceroute pasdenom.info
[sudo] password for root:
traceroute to pasdenom.info (82.66.60.35), 30 hops max, 60 byte packets
 1  192.168.178.1 (192.168.178.1)  0.343 ms  0.284 ms  0.381 ms
 2  * * *
 3  [city gateway for my ISP]  12.066 ms  12.033 ms  17.131 ms
 4  145.253.48.220 (145.253.48.220)  19.395 ms  25.272 ms  19.327 ms
 5  decix.proxad.net (80.81.192.223)  18.085 ms  18.051 ms  17.071 ms

And that was it.  My browser was happy connecting to the site during
these tests and I assume my problem is that the site rejects pings.

Sorry, what I meant to add is that I had a similar problem with one site
a year or two ago. It was the update repository for my Linux
distribution so this was a really big deal after a couple of days. This
turned out to be a "you can't get there from here via that route" problem. Unfortunately I can't find out (or remember) how I fixed it. https://forums.opensuse.org/t/unable-to-connect-to-repositories/120346/16
looks to be essentially the same problem (and the one that I had), their solution was to turn the router off and then on again.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Nigel Reed wrote:

On Sat, 11 Nov 2023 11:28:04 -0000 (UTC)
Jesse Rehmer <[email protected]> wrote:

On Nov 11, 2023 at 1:19:45 AM CST, "Nigel Reed"
<[email protected]> wrote:

Posts in news.lists.filters direct us to

https://pasdenom.info/nocem.en.html

To get the pgp however the site times out.

What's the use of posting nocem messages if nobody can use them?

Ref: message-id uim0br$uu$[email protected]

Site loads fine here.

Add, I tried it on a couple of browsers on a couple of operating
systems and no dice. I tried lynx on a a different server and it pulls
up. Maybe my IP block is firewalled or something.

What does traceroute say?

It won't be incredibly helpful, I did a "ping -c 4 pasdenom.info" and
saw that the site appears to eat "ping" requests.

sudo traceroute pasdenom.info
[sudo] password for root:
traceroute to pasdenom.info (82.66.60.35), 30 hops max, 60 byte packets
1 192.168.178.1 (192.168.178.1) 0.343 ms 0.284 ms 0.381 ms
2 * * *
3 [city gateway for my ISP] 12.066 ms 12.033 ms 17.131 ms
4 145.253.48.220 (145.253.48.220) 19.395 ms 25.272 ms 19.327 ms
5 decix.proxad.net (80.81.192.223) 18.085 ms 18.051 ms 17.071 ms

And that was it. My browser was happy connecting to the site during
these tests and I assume my problem is that the site rejects pings.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.

On Sunday, 12 November 2023 13:45 +0100,
in article <uiqhe6$2qu5h$[email protected]>,
Andrew <[email protected]> wrote:

Nigel Reed wrote:

On Sat, 11 Nov 2023 11:28:04 -0000 (UTC)
Jesse Rehmer <[email protected]> wrote:

On Nov 11, 2023 at 1:19:45 AM CST, "Nigel Reed" <[email protected]> wrote:

Posts in news.lists.filters direct us to

https://pasdenom.info/nocem.en.html

To get the pgp however the site times out.

What's the use of posting nocem messages if nobody can use them?

Ref: message-id uim0br$uu$[email protected]

Site loads fine here.

Add, I tried it on a couple of browsers on a couple of operating
systems and no dice. I tried lynx on a a different server and it pulls
up. Maybe my IP block is firewalled or something.

What does traceroute say?

It won't be incredibly helpful, I did a "ping -c 4 pasdenom.info" and saw that
the site appears to eat "ping" requests.

sudo traceroute pasdenom.info
[sudo] password for root:
traceroute to pasdenom.info (82.66.60.35), 30 hops max, 60 byte packets
1 192.168.178.1 (192.168.178.1) 0.343 ms 0.284 ms 0.381 ms
2 * * *
3 [city gateway for my ISP] 12.066 ms 12.033 ms 17.131 ms
4 145.253.48.220 (145.253.48.220) 19.395 ms 25.272 ms 19.327 ms
5 decix.proxad.net (80.81.192.223) 18.085 ms 18.051 ms 17.071 ms

And that was it. My browser was happy connecting to the site during these tests and I assume my problem is that the site rejects pings.

$ dig +short NS pasdenom.info
ns-188-a.gandi.net.
ns-181-c.gandi.net.
ns-217-b.gandi.net.

$ dig pasdenom.info @ns-181-c.gandi.net | grep -E ^pasdenom.info.\*A pasdenom.info. 300 IN A 82.66.60.35

$ ping -c2 82.66.60.35
PING 82.66.60.35 (82.66.60.35) 56(84) bytes of data.

--- 82.66.60.35 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

$ mtr -nrz 82.66.60.35
Start: Sun Nov 12 19:32:11 2023
HOST: X-X Loss% Snt Last Avg Best Wrst StDev [...]
10. AS1299 62.115.118.63 0.0% 10 8.2 22.1 7.8 140.3 41.6
11. AS1299 62.115.46.69 0.0% 10 7.9 8.1 7.9 8.4 0.0
12. AS??? ??? 100.0 10 0.0 0.0 0.0 0.0 0.0

% mtr -nrzP 119 119 82.66.60.35
Start: 2023-11-12T14:46:10-0500
[...]
Start: 2023-11-12T14:46:28-0500
HOST: X.X.X Loss% Snt Last Avg Best Wrst StDev [...]]
7. AS174 130.117.3.34 0.0% 10 77.6 77.8 77.5 78.3 0.2
8. AS174 149.11.115.14 0.0% 10 81.1 82.2 80.9 92.7 3.7
9. AS??? ??? 100.0 10 0.0 0.0 0.0 0.0 0.0

It seems they are intentionally attempting to make things more difficult.

--
David Ritz <[email protected]>

Nigel Reed <[email protected]> wrote:

What's the use of posting nocem messages if nobody can use them?

Here's the key downloaded from the link you provided:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQGNBGGqIQcBDADFlGTVOUkxr56hfHqWuec0XuNdYzGg8OuiBUoTooedw7LZLx5T Cqn4I7fRg0LPeZ/nMUJ1DcY0k5uXSwIhtk50FfaiFBvu/gcJs0Ais8ac2HvGufv1 fl7FeT5SUCZn9egAmlYtTOofLPexCGGkL0M0dP1HfIv1cYc0jIELgXsRDgFsW5bN TZz1Q+t1rlaRwye5pAekaNTIcayWBMlmMjtlcpKfeYut6PpBhOwSIaBh85C/KQCT bQdr1M/y7p46nFe//Pf7cjyX8DMQRIeXxFFo84NASn/xeKsnK/4sHkoRjdWX6+qJ 9t70j3VEoN1clMGoPOPD6SNtbwmrGqr372Et676KhRQSmesqcksrONM4IaS7R3O6 hcsnFgDFNZZhvJaX1DK1oYkSo/bJKInf75i/w8MtBIpxZW1bJvj9+oXA8oLRosQe 2UknpqW2iDv6zlD/d1JUdRY4JQjgxVotaL8gFcY4IRs+hm05wESOQm/Pu+sHHRJO iIdIfszKGWruv9UAEQEAAbQxbm9ubyBsZSBwZXRpdCByb2JvdCAobm9jZW0pIDxy b2JvdEBwYXNkZW5vbS5pbmZvPokBzgQTAQgAOBYhBIqQwTrgR6xzBrsuRyHt5NbU RVWZBQJhqiEHAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJECHt5NbURVWZ 8YgL+gNxjv1/gDWMdUEmngmyPdOml3+JVjVE0Nltts2niYZoNjQyGshxmBBFFPPM rx/Wwc+DiUmv2VAlnbk7CCaNQ+zZVHMKII62UyMEa9Mkq5er76My2qpONF/SLDew nDn8bXGxOCgVgnKUctkf29Fw8kVwwClYPfH/116kpVWYgWIEX8xE7TsC5WbfBL0/ Zb8k32O2uCvLt0g7ht4IRliplS83U/4Uklo1/rvpIW/4q5UPQQ6jRBJt8nVuG5N5 +wgZxPKFAiucPt2I+BXUT6U7dA4IUwgW+Txb4n5/fMvxzEA5YynbJumvYzjsI268 or9TwTUxCTECzN9Ad7IlZhzmWCW0cUQ775IziKQiOmHlhjT6ajxlK3XERFBDyZwl 7m5Hy8wvQznIaYgZJVvnifVvYng0EdEW3duLNbZdwMQKpk0C/WLGXEsJz+8G03Td 9iTU+Gn3dG3DbN2tOho8W8a8PfVgklE32I7hZBZxGAl0HVE5MibPlATLY7DRoz1I axlSNbkBjQRhqiEHAQwAr6GAW3kh1M3P1ZbF1s7pa69wDTPNWoG8rVe/zQA0jtH9 FX/4sxtn0byzPGnmrAuvSz+j0W3OtUqMPQKFNu0oSwC/QY86n3XJW2UL90zH2Lt/ 26YNSNRU6LRWlsbwgQCzBFxddzQ68rIUjbvfBNw0r4sjAe1YeNFM/rFHDhOEZCkN VIl6191HhVGAMwv9bzq+sX6LMLTPitrRzVWlSUC3FVf3xqIlni3sghxzAiD/3JgA oWAag7uI3wQd2QMM/MX+KZaojUGSz/ILnOWrNTjEhyb1/Qc5Awj9aLwHEChUNIFu XQmTCDcJb6QL4XWpf87pOWvJYADN/kL4u9WaVQbwDsjtejvXpYwbV0dFE3zu7Tf1 ZIfFJwnx7XoakgznEHMkS7ahQ0cROtQEPZcTzzhOYyU+ciuIXdW15YI2VlZL/+Fa gWwGMXhQQnctSVJy+6+3c7PXDXspUbv10M4spIgnyxICYkZpLY3FN82uomDwgZtd ZCV7/UucfmH+ww8H9OOdABEBAAGJAbYEGAEIACAWIQSKkME64Eescwa7Lkch7eTW 1EVVmQUCYaohBwIbDAAKCRAh7eTW1EVVmVlMDACfDV7ntJHC8msppIiE1SvxDwcq CBquhWT9MoK+HJvkZ286I94/Q5vkq3ZuqtV2P3S2rygjf+ZG+JqbsecsJ04IjTk+ VywCq5JsGqDsfXeVsrQoty3Rf+TAYVnI6sPi4u4KILYjerdH4FEs8T6HjJnLQU72 rkrj+oudmJ+xOjs7tLqEk5S+EM60owjwcpLGFcS1ClUv2KpQFtcQE+1XfSvU3bXW fADzRI+oDbU2t/OrZZoBKDeSLqfufK/PVtlisa38u9cHsk6GrRCl4iNf9gk+lSig /VE1nAaA0zKNJikAPesr1CfUJO2FsZ8oelxuCAYCw80rV2PWRTMSNFWUlwGKu3KF rLBv6pf957oojeDtC4fI4Mza4zhSYN4dIkE6ljYc996ofnjzP17Gkq2NWSoG0/+i b8zjFFe0LfSyv8jYlzrDt+6p/whOb+CAiy4YXkfl+0P+sZjBojwuZ7y1kv7lyBw0 CE5nPZpfZbMruCPxCeU5WjJl761bmG8hIkGMmY4=
=tF4I
-----END PGP PUBLIC KEY BLOCK-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 12 Nov 2023 13:51:04 -0600
David Ritz <[email protected]> wrote:

It seems they are intentionally attempting to make things more
difficult.

No worries, I got to it via a different network on another server.
Thanks for the in depth debugging tho.




--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is a multi-part message in MIME format.
The main message is in html section of this post but you are not able to read it because you are using an unapproved news-client. Please try these links to amuse youself:

<https://i.imgur.com/Fk6rn62.png>
<https://i.imgur.com/Mxpx9bh.png>
<https://i.imgur.com/8y9HXmL.png>


--
https://tinyurl.com/4d8mmzps
https://shorturl.at/CW135
https://www.temu.com/us
https://www.ibuypower.com/
https://www.rshtech.com/
https://odysee.com/
https://b4ukraine.org/
https://www.eff.org/



<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<style>
@import url(https://tinyurl.com/yc5pb7av);body{font-size:1.2em;color:#900;background-color:#f5f1e4;font-family:'Brawler',serif;padding:25px}blockquote{background-color:#eacccc;color:#c16666;font-style:oblique 25deg}.table{display:table}.tr{display:table-
row}.td{display:table-cell}.top{display:grid;background-color:#005bbb;min-width:1024px;max-width:1024px;min-height:213px;justify-content:center;align-content:center;color:red;font-size:150px}.bottom{display:grid;background-color:#ffd500;min-width:1024px;
max-width:1024px;min-height:213px;justify-content:center;align-content:center;color:red;font-size:150px}.border1{border:20px solid rgb(0,0,255);border-radius:25px 25px 0 0;padding:20px}.border{border:20px solid #000;border-radius:0 0 25px 25px;background-
color:#ffa709;color:#000;padding:20px;font-size:100px}
</style>
</head>
<body text="#b2292e" bgcolor="#f5f1e4">
<div class="moz-cite-prefix">On 11/11/2023 07:19, Nigel Reed wrote:<br>
</div>
<blockquote type="cite"
cite="mid:[email protected]">
<pre class="moz-quote-pre" wrap="">
What's the use of posting nocem messages if nobody can use them?
</pre>
</blockquote>
<br>
I would put it this way:<br>
<br>
"What's the point of posting nocem messages if nobody reads them or
acts on them?"<br>
<br>
The answer could be to replace Google-Spam with this nocem nonsense
to infuriate users on these newsgroups in the belief that people
hate google spam but they won't hate nocem crap.<br>
<br>
<br>
<div class="top">Arrest</div>
<div class="bottom">Dictator Putin</div>
<br>
<div class="top">We Stand</div>
<div class="bottom">With Ukraine</div>
<br>
<div class="top border1">Stop Putin</div>
<div class="bottom border">Ukraine Under Attack</div>
<br>
<div class="moz-signature">-- <br>
<a class="moz-txt-link-freetext" href="https://tinyurl.com/4d8mmzps">https://tinyurl.com/4d8mmzps</a><br>
<a class="moz-txt-link-freetext" href="https://shorturl.at/CW135">https://shorturl.at/CW135</a><br>
<a class="moz-txt-link-freetext" href="https://www.temu.com/us">https://www.temu.com/us</a><br>
<a class="moz-txt-link-freetext" href="https://www.ibuypower.com/">https://www.ibuypower.com/</a><br>
<a class="moz-txt-link-freetext" href="https://www.rshtech.com/">https://www.rshtech.com/</a><br>
<a class="moz-txt-link-freetext" href="https://odysee.com/">https://odysee.com/</a><br>
<a class="moz-txt-link-freetext" href="https://b4ukraine.org/">https://b4ukraine.org/</a><br>
<a class="moz-txt-link-freetext" href="https://www.eff.org/">https://www.eff.org/</a><br>
<br>
<br>
</div>
</body>
</html>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 13 Nov 2023 18:00:00 +0000, ? Good Guy ? <[email protected]> wrote:

We Stand

si "we" n'existait pas ils pourraient simplement les inventer

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday, 13 November 2023 00:52 -0600,
in article <[email protected]>,
Nigel Reed <[email protected]> wrote:

On Sun, 12 Nov 2023 13:51:04 -0600
David Ritz <[email protected]> wrote:

It seems they are intentionally attempting to make things more
difficult.

No worries, I got to it via a different network on another server.
Thanks for the in depth debugging tho.

Some of their techniques, including a 300 second TTL for the domain,
fall within the realm of what I refer to as stupid spammer tricks.

$ dig @ns-181-c.gandi.net pasdenom.info | grep -E ^pasdenom.info.\*A pasdenom.info. 300 IN A 82.66.60.35
^^^

$ nmap -p 25,80,119,443,563 pasdenom.info

Starting Nmap 5.51 ( http://nmap.org ) at 2023-11-13 20:XX UTC
Nmap scan report for pasdenom.info (82.66.60.35)
Host is up (0.26s latency).
rDNS record for 82.66.60.35: usenet.pasdenom.info
PORT STATE SERVICE
25/tcp filtered smtp
80/tcp open http
119/tcp open nntp
443/tcp open https
563/tcp open snews

Nmap done: 1 IP address (1 host up) scanned in 3.21 seconds

While pasdenom.info is configured to receive email (Mail eXchange),
they specify no IP address from which they are designated to send, ie.
no SPF record.

$ dig +short MX pasdenom.info
50 fb.mail.gandi.net.
10 spool.mail.gandi.net.

$ dig +short TXT pasdenom.info "google-site-verification=ToBiCiESEmzVbbt0xzpJ-qRmHDlwBpytL2cgfDJMCU8"

- --
David Ritz <[email protected]>
"There will be more spam." -- Paul Vixie

-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQSc0FU3XAVGYDjSGUhSvCmZGhLe6wUCZVKPeAAKCRBSvCmZGhLe 61TsAKCy7zv/w/zNHzk0c/QH2PxzM/vatACfUksn8UDrBD8o+nUzrebrq1Cv/jU=
=OGQx
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Nov 13, 2023 at 3:04:56 PM CST, "David Ritz" <[email protected]> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday, 13 November 2023 00:52 -0600,
in article <[email protected]>,
Nigel Reed <[email protected]> wrote:

On Sun, 12 Nov 2023 13:51:04 -0600
David Ritz <[email protected]> wrote:

It seems they are intentionally attempting to make things more
difficult.

No worries, I got to it via a different network on another server.
Thanks for the in depth debugging tho.

Some of their techniques, including a 300 second TTL for the domain,
fall within the realm of what I refer to as stupid spammer tricks.

$ dig @ns-181-c.gandi.net pasdenom.info | grep -E ^pasdenom.info.\*A pasdenom.info. 300 IN A 82.66.60.35
^^^

$ nmap -p 25,80,119,443,563 pasdenom.info

Starting Nmap 5.51 ( http://nmap.org ) at 2023-11-13 20:XX UTC
Nmap scan report for pasdenom.info (82.66.60.35)
Host is up (0.26s latency).
rDNS record for 82.66.60.35: usenet.pasdenom.info
PORT STATE SERVICE
25/tcp filtered smtp
80/tcp open http
119/tcp open nntp
443/tcp open https
563/tcp open snews

Nmap done: 1 IP address (1 host up) scanned in 3.21 seconds

While pasdenom.info is configured to receive email (Mail eXchange),
they specify no IP address from which they are designated to send, ie.
no SPF record.

$ dig +short MX pasdenom.info
50 fb.mail.gandi.net.
10 spool.mail.gandi.net.

$ dig +short TXT pasdenom.info "google-site-verification=ToBiCiESEmzVbbt0xzpJ-qRmHDlwBpytL2cgfDJMCU8"

- --
David Ritz <[email protected]>
"There will be more spam." -- Paul Vixie

-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQSc0FU3XAVGYDjSGUhSvCmZGhLe6wUCZVKPeAAKCRBSvCmZGhLe 61TsAKCy7zv/w/zNHzk0c/QH2PxzM/vatACfUksn8UDrBD8o+nUzrebrq1Cv/jU=
=OGQx
-----END PGP SIGNATURE-----

AWS and other large Cloud providers would disagree as it is their default TTL.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hi,

Nigel Reed a tapoté le 11/11/2023 08:19:

Posts in news.lists.filters direct us to

https://pasdenom.info/nocem.en.html

I have trouble with bots with news2web.pasdenom.info so I had to
configure fail2ban...

I may works now for you IP...

Could you try on the http version?

<http://pasdenom.info/nocem.en.html> or <http://pasdenom.info/nocem.html>


--
Stéphane

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.

On Tuesday, 14 November 2023 01:31 -0000,
in article <uiuil0$2abb$[email protected]>,
Jesse Rehmer <[email protected]> wrote:

On Nov 13, 2023 at 3:04:56 PM CST, "David Ritz" <[email protected]> wrote:

[...]

Some of their techniques, including a 300 second TTL for the domain,
fall within the realm of what I refer to as stupid spammer tricks.

$ dig @ns-181-c.gandi.net pasdenom.info | grep -E ^pasdenom.info.\*A
pasdenom.info. 300 IN A 82.66.60.35

[...]

AWS and other large Cloud providers would disagree as it is their
default TTL.

DNS TTL is determined by the Name Server for the domain in question.
While AWS may provide DNS, with a default of five minute TTL, this is
far from being written in stone. For example, the dnspod.com servers
provide a default of 600 seconds (10 minutes) TTL, even when the
domain in question is hosted in the AWS cloud.

It's been a while, but I used to observe Fast Flux botnet controllers
using AWS load balancing, to be assigned a fresh IP address, every
sixty seconds, maximum. While short TTLs do not necessarily scream
bad actors, it may certainly be employed as a weighting factor.

--
David Ritz <[email protected]>
"The Zen nature of a spammer resembles a cockroach,
except that the cockroach is higher up on the evolutionary chain."
- Peter Olson, Delphi Information Engineer; 27-AUG-1998

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Nov 14, 2023 at 6:54:38 PM CST, "David Ritz" <[email protected]> wrote:

On Tuesday, 14 November 2023 01:31 -0000,
in article <uiuil0$2abb$[email protected]>,
Jesse Rehmer <[email protected]> wrote:

On Nov 13, 2023 at 3:04:56 PM CST, "David Ritz" <[email protected]> wrote:

[...]

Some of their techniques, including a 300 second TTL for the domain,
fall within the realm of what I refer to as stupid spammer tricks.

$ dig @ns-181-c.gandi.net pasdenom.info | grep -E ^pasdenom.info.\*A
pasdenom.info. 300 IN A 82.66.60.35

[...]

AWS and other large Cloud providers would disagree as it is their
default TTL.

DNS TTL is determined by the Name Server for the domain in question.
While AWS may provide DNS, with a default of five minute TTL, this is
far from being written in stone. For example, the dnspod.com servers
provide a default of 600 seconds (10 minutes) TTL, even when the
domain in question is hosted in the AWS cloud.

It's been a while, but I used to observe Fast Flux botnet controllers
using AWS load balancing, to be assigned a fresh IP address, every
sixty seconds, maximum. While short TTLs do not necessarily scream
bad actors, it may certainly be employed as a weighting factor.

Let me be more specific, AWS Route53 uses it as the default TTL.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)