I've had a few reports of select users posts not getting out to all
servers, and experienced it myself in a group last night, running one of
my scripts that checks open servers, verified my suspicions, there seems
to be something in the cleanfead script inn servers not liking (all?)
ipv6 addresses.

I resent my message 3 times, and inn servers declined the takethis every
time, I removed only the ipv6 address in it, and the message was taken by
the peers who operate inn, I asked 2 of who complained about this I know
are not dummies to try it, same exact message, resend, wait an hour then
resend removing only ipv6 address, they reported back to me this morning
there ipv6-less messages can be seen on the inn based servers.

all the ipv6 addresses -mine and the examples they sent me, were all
different, nowhere near each other entirely. Now I know I've seen some in
the past, I've sent some in the past that have propogated, perhaps its
not all address es that trigger this.

I know I was shown inns cleanfeed few years back and its totally
different from dnews's cleanfeed which dnews has had internally since day
dot, I'm suspecting since the peers who accepted it, do binaries, it
might be in the detection of such messages, and is misclassifying ipv6 addresses - but as not an inn operator, I'm only guessing.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 8 Apr 2025 11:32:21 +1000
noel <deletethis@invalid.lan> wrote:

I've had a few reports of select users posts not getting out to all
servers, and experienced it myself in a group last night, running one
of my scripts that checks open servers, verified my suspicions, there
seems to be something in the cleanfead script inn servers not liking
(all?) ipv6 addresses.

I resent my message 3 times, and inn servers declined the takethis
every time, I removed only the ipv6 address in it, and the message
was taken by the peers who operate inn, I asked 2 of who complained
about this I know are not dummies to try it, same exact message,
resend, wait an hour then resend removing only ipv6 address, they
reported back to me this morning there ipv6-less messages can be seen
on the inn based servers.

all the ipv6 addresses -mine and the examples they sent me, were all different, nowhere near each other entirely. Now I know I've seen
some in the past, I've sent some in the past that have propogated,
perhaps its not all address es that trigger this.

I know I was shown inns cleanfeed few years back and its totally
different from dnews's cleanfeed which dnews has had internally since
day dot, I'm suspecting since the peers who accepted it, do binaries,
it might be in the detection of such messages, and is misclassifying
ipv6 addresses - but as not an inn operator, I'm only guessing.

Some message id's might help?

--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 8 Apr 2025, Nigel Reed wrote:

On 8 Apr 2025 11:32:21 +1000
noel <deletethis@invalid.lan> wrote:

I've had a few reports of select users posts not getting out to all
servers, and experienced it myself in a group last night, running one
of my scripts that checks open servers, verified my suspicions, there
seems to be something in the cleanfead script inn servers not liking
(all?) ipv6 addresses.

I resent my message 3 times, and inn servers declined the takethis
every time, I removed only the ipv6 address in it, and the message
was taken by the peers who operate inn, I asked 2 of who complained
about this I know are not dummies to try it, same exact message,
resend, wait an hour then resend removing only ipv6 address, they
reported back to me this morning there ipv6-less messages can be seen
on the inn based servers.

all the ipv6 addresses -mine and the examples they sent me, were all
different, nowhere near each other entirely. Now I know I've seen
some in the past, I've sent some in the past that have propogated,
perhaps its not all address es that trigger this.

I know I was shown inns cleanfeed few years back and its totally
different from dnews's cleanfeed which dnews has had internally since
day dot, I'm suspecting since the peers who accepted it, do binaries,
it might be in the detection of such messages, and is misclassifying
ipv6 addresses - but as not an inn operator, I'm only guessing.

Some message id's might help?

Since I don't peer with you, and unless you peer with a few binary
services, you wont have any log records so MID's will be useless.
This is just a heads up and anyone who knows inn's cleanfeed rule
detection, might see where it happens, I've advised my people and users to
not use ipv6 addresses in usenet.

I have a test script I wrote years ago to disprove to others our server
was eating their posts, it comes in handy for uses like this too, it
checks 10 or 11 open servers and only ours had the article, as I'm away
for 10 days I can really run it and paste the outputs.

Cheers

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

* nb wrote:

On Tue, 8 Apr 2025, Nigel Reed wrote:

I know I was shown inns cleanfeed few years back and its totally
different from dnews's cleanfeed which dnews has had internally since
day dot, I'm suspecting since the peers who accepted it, do binaries,
it might be in the detection of such messages, and is misclassifying
ipv6 addresses - but as not an inn operator, I'm only guessing.

JFTR: Cleanfeed is not part of INN (INN provides just provides a Perl hook
that can be used for filtering incoming articles.
Cleanfeed is just one implementation of such a filter and is available
on the internet in several versions. In addition, Cleanfeed can be heavily
customized outside the distributed executable, so the behaviour of the
filter may vary considerably between servers claiming to use Cleanfeed.

Some message id's might help?

Since I don't peer with you, and unless you peer with a few binary
services, you wont have any log records so MID's will be useless.
This is just a heads up and anyone who knows inn's cleanfeed rule
detection, might see where it happens, I've advised my people and users to not use ipv6 addresses in usenet.

Do you mean the IPv6 protocol or just string representations of bare
IPv6 addresses contained somewhere in the article's headers?

If it's the former, example headers might be useful for testing this
issue locally.

I have a test script I wrote years ago to disprove to others our server
was eating their posts, it comes in handy for uses like this too, it
checks 10 or 11 open servers and only ours had the article, as I'm away
for 10 days I can really run it and paste the outputs.

Does your script print the error code and reason it receives from the misbehaving servers in response to the TAKETHIS command? That might indeed
shed some light on this issue.

The peers that reject your articles should have entries in their logs
showing the reason for rejecting the article (e.g. "439 Misplaced binary").

--
Пу́тін — хуйло́
https://www.eternal-september.org

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

noel wrote:

I've had a few reports of select users posts not getting out to all
servers, and experienced it myself in a group last night, running one of
my scripts that checks open servers, verified my suspicions, there seems
to be something in the cleanfead script inn servers not liking (all?)
ipv6 addresses.

This is excerpted from cleanfeed

if ($hdr{'Injection-Info'} =~ /^$hws*($Hostname)[ \t;]/) {
$state{injection_host} = "$1"
} elsif ($hdr{'X-Trace'} =~ /^$hws*($Hostname)$hws/) {
$state{injection_host} = "$1"
} else {
$state{injection_host} = first_path_host($hdr{Path});
};

The pattern defined in $Hostname is designed to match traditional hosts
– composed of letters, numbers and dots – or IPv4 addresses.

However, IPv6 addresses, which include hexadecimal characters and the
“:” character, do not fall into this set.

So, if an Injection-Info header contains an IPv6 address (e.g. “2a01:4f8:c0c:2f94::1”), the regex will not match it correctly.

Gabx

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Gabx wrote:
o, if an Injection-Info header contains an IPv6 address (e.g.

“2a01:4f8:c0c:2f94::1”), the regex will not match it correctly.

I'm in the realm of hypotheses, let's be clear.

Gabx

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

* Gabx wrote:

This is excerpted from cleanfeed

if ($hdr{'Injection-Info'} =~ /^$hws*($Hostname)[ \t;]/) {
$state{injection_host} = "$1"
} elsif ($hdr{'X-Trace'} =~ /^$hws*($Hostname)$hws/) {
$state{injection_host} = "$1"
} else {
$state{injection_host} = first_path_host($hdr{Path});
};

The pattern defined in $Hostname is designed to match traditional hosts
– composed of letters, numbers and dots – or IPv4 addresses.

However, IPv6 addresses, which include hexadecimal characters and the
“:” character, do not fall into this set.

So, if an Injection-Info header contains an IPv6 address (e.g. “2a01:4f8:c0c:2f94::1”), the regex will not match it correctly.

1. What happens if the regex doesn't match?
2. How do you set a reverse DNS name for your IPv6 IP address with Hetzner?
3. What happens when the IPv6 address of your peer has a reverse DNS name?


--
Пу́тін — хуйло́
https://www.eternal-september.org

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 09.04.2025 11:05 Uhr nb wrote:

This is just a heads up and anyone who knows inn's cleanfeed rule
detection, might see where it happens, I've advised my people and
users to not use ipv6 addresses in usenet.

I've already seen posts that include IPv6 addresses in Path or
Injection-Info headers.
They properly arrived at E-S.

IIRC it was a French one.

--
kind regards
Marco

Send spam to 1744189529muell@stinkedores.dorfdsl.de

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Ray Banana wrote:

1. What happens if the regex doesn't match?
2. How do you set a reverse DNS name for your IPv6 IP address with Hetzner? 3. What happens when the IPv6 address of your peer has a reverse DNS name?

Risolto !
Ops! in italian !!!

Gabx

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Gabx wrote:

Ray Banana wrote:

1. What happens if the regex doesn't match?
2. How do you set a reverse DNS name for your IPv6 IP address with
Hetzner?
3. What happens when the IPv6 address of your peer has a reverse DNS
name?

Risolto !
Ops! in italian !!!

Gabx

wrong post sorry !!!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

greetings from Basse Terre


On Wed, 9 Apr 2025, Ray Banana wrote:

* nb wrote:

On Tue, 8 Apr 2025, Nigel Reed wrote:

I know I was shown inns cleanfeed few years back and its totally
different from dnews's cleanfeed which dnews has had internally since
day dot, I'm suspecting since the peers who accepted it, do binaries,
it might be in the detection of such messages, and is misclassifying
ipv6 addresses - but as not an inn operator, I'm only guessing.

JFTR: Cleanfeed is not part of INN (INN provides just provides a Perl hook

I'm aware, but everyone who runs inn seems to use, AFAIK, Steve's version,
I might be wrong tho.

Do you mean the IPv6 protocol or just string representations of bare
IPv6 addresses contained somewhere in the article's headers?

In article body, not headers. our news server does not use "6"


I know I've put a "6" address in posts before and no issues, perhaps it
just didn't like that one, or the localhost version, together in same
post /shrugs/

I have a test script I wrote years ago to disprove to others our server
was eating their posts, it comes in handy for uses like this too, it
checks 10 or 11 open servers and only ours had the article, as I'm away
for 10 days I can really run it and paste the outputs.

Does your script print the error code and reason it receives from the misbehaving servers in response to the TAKETHIS command? That might indeed shed some light on this issue.

no, the script only tests in reader mode, the takethis errors I get from
dnews' logs.

The peers that reject your articles should have entries in their logs
showing the reason for rejecting the article (e.g. "439 Misplaced binary").

I was planning when I get back to email one of the text inn peers I know responds to email, and ask what inn logs say for the MID


anyways, off trekking out of range for a few days, good to see Gabx seems
to have fixed his problem now by what he's posted, does inn really not
default to listen to "6", and that you have to quote the address specifically, I find that strange, when we were looking at inn to replace dnews I don't recall that, anyway, until we can convert the backend to an inn cnfs format, that transition wont be happening :)
cheers

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 9 Apr 2025, Ray Banana wrote:

Does your script print the error code and reason it receives from the misbehaving servers in response to the TAKETHIS command? That might indeed shed some light on this issue.

The peers that reject your articles should have entries in their logs
showing the reason for rejecting the article (e.g. "439 Misplaced binary").

My reply was...

439 Binaries are not permitted

the article in question, was sent by ipv4, since that server is not ipv6

copy of article body @ https://members.ausics.net/noelb/439.txt

nothing sinister in that
cheers

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)