1. Forum
  2. USENET
  3. news.software.nntp

  • Fw: Domain Spoofing (was: any of this...)

    From noreply@noreply@dirge.harmsk.com to news.software.nntp on Thu Jul 24 16:32:16 2025
    From Newsgroup: news.software.nntp

    On Thu, 24 Jul 2025 20:12:35 +0200 (CEST), Nomen Nescio <nobody@dizum.com> wrote:
    Message-ID: <d865d65b6cad977c32f162eb2ec56aaa@dizum.com>
    Path: news..!news.mixmin.net!news2.arglkargh.de!sewer!news.dizum.net!not-for-mail
    Injection-Info: sewer.dizum.com - 2001::1/128'

    headers look correct, @dizum.com, .dizum.net, .dizum.com . . . _looks_ correct, but considering the flood of anti-anonymous remailer propaganda (by tor-mailer promoters) in this and other busy usenet newsgroups especially within the past several years, could these hawkish operatives be using their "mini-mailers" to spoof real domain names, such as appearing in message id and path headers etc.?

    https://duckduckgo.com/?q=domain+spoofing . . . i've been subscribed to usenet newsgroups since 1997, yet i don't recall ever reading about "domain spoofing" in the context of usenet article headers ever before . . . i'll post a copy of this reply to news:news.software.nntp , and perhaps some other relevant groups (not that i would expect any replies, but lurkers abound, and word gets around)

    if domain spoofing is more common than i'd ever heard of, some usenet articles w/message ids might be educational for others reading as well, and furthermore could domain spoofing be used against authentic anonymous remailers, mail2news gateways, that use common top-level domain such as .com, .net, and if so, what about the increasingly common "onion" address *.onion, could tor get "spoofed"?

    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Donald J. Trump@potus@whitehouse.gov to news.software.nntp on Thu Jul 24 17:12:36 2025
    From Newsgroup: news.software.nntp

    In article <20250724.163216.12938883@dirge.harmsk.com> D wrote:

    On Thu, 24 Jul 2025 20:12:35 +0200 (CEST), Nomen Nescio <nobody@dizum.com> wrote:
    Message-ID: <d865d65b6cad977c32f162eb2ec56aaa@dizum.com>
    Path: news..!news.mixmin.net!news2.arglkargh.de!sewer!news.dizum.net!not-for-mail
    Injection-Info: sewer.dizum.com - 2001::1/128'

    headers look correct, @dizum.com, .dizum.net, .dizum.com . . . _looks_ correct,
    but considering the flood of anti-anonymous remailer propaganda (by tor-mailer
    promoters) in this and other busy usenet newsgroups especially within the past
    several years, could these hawkish operatives be using their "mini-mailers" to
    spoof real domain names, such as appearing in message id and path headers etc.?

    https://duckduckgo.com/?q=domain+spoofing . . . i've been subscribed to usenet
    newsgroups since 1997, yet i don't recall ever reading about "domain spoofing"
    in the context of usenet article headers ever before . . . i'll post a copy of
    this reply to news:news.software.nntp , and perhaps some other relevant groups
    (not that i would expect any replies, but lurkers abound, and word gets around)

    if domain spoofing is more common than i'd ever heard of, some usenet articles
    w/message ids might be educational for others reading as well, and furthermore
    could domain spoofing be used against authentic anonymous remailers, mail2news
    gateways, that use common top-level domain such as .com, .net, and if so, what
    about the increasingly common "onion" address *.onion, could tor get "spoofed"?


    If U.S. hardware and software would be "Made in Germany" this would be no issue.

    --- Synchronet 3.21a-Linux NewsLink 1.2