Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

RoadRunner Co-Opting "Organization" Headers 311

Dusty Rhodes writes: "AOL-Time Warner cable Internet Provider RoadRunner has begun co-opting the 'Organization' line of Usenet headers, replacing whatever information a user enters with 'Organization: Road Runner - (location).' All RoadRunner customers nationwide, including business customers, have had their organization identity hijacked with no disclosure whatsoever, much less an opt-in or even an opt-out. Nothing in their TOS or AUP. Nada."
This discussion has been archived. No new comments can be posted.

RoadRunner Co-Opting "Organization" Headers

Comments Filter:
  • by warmcat ( 3545 )
    My ISP's Usenet Server (NTL in the UK) is set up to add NNTP-Posting-Host: with your IP to every post. So much for Usenet being an anonymous media.
    • If they didn't add the IP address, it'd be too easy to abuse their server and spam through it. Who says Usenet should be anonymous anyway?

      If you do want almost anonymous access, sign up with a pay-for news provider such as EasyNews [easynews.com]. They don't add an IP address to messages posted through their system, so it's effectively anonymous. However, they still add a special encoded header line that lets them determine which user account sent the message, but it's only of internal use to them, and someone would probably require a court order to force them to identify the poster.

      It's been a long time since anything on the Internet has been truly anonymous...
    • Nothing on the Internet is anonymous. Even "anonymizers" just make it difficult to find the source, not impossible. If you want anonymity, stay the hell off the Internet. Everything you do can be traced to you. If you hadn't figured this out before, wake up. There is no right to anonymity. There shouldn't be.
      • Actually, it is fairly easy to be anonymous, all you have to do is use the account of someone else, and post via a public telephone or your local public library or internet coffee shop.

        When the next round of AOL CD's hit, do some trolling on trash day in the neighborhood and you should have several anonymous accounts for your use.

    • by stevey ( 64018 )

      Google's posting service does this also.

  • Run your smtp server (Score:2, Informative)

    by linzeal ( 197905 )
    Qmail [qmail.org] is great for unixes.

    Argosoft [argosoft.com]is an awesome win32 one.

    If they are blocking port 25 outbound, you can do what I used to do when the fuckers at earthlink did that. I setup a qmail/proxy machine at work running on port 5000 something and sent all my mail through that, hell if they are to the point of scanning the packets themselves you could always tunnel in as well. The problem is that the majority of people out there are screwed by this and do not have enough knowledge to take recourse against it.

    • Yeah, I did that myself, but alot of places will drop your mail if you're in DUL blocks, like my cable network is.
    • by Phroggy ( 441 )
      If they are blocking port 25 outbound, you can do what I used to do when the fuckers at earthlink did that.

      Keep in mind that the reason Earthlink does this is to prevent stupid people from sending spam that doesn't go through Earthlink's servers, and from running open relays that spammers can use. Yes, it's inconvenient for some people, but you can configure Sendmail or whatever to relay everything through smtp.earthlink.net, or do what you've done and relay through an outside server on a different port.

      What exactly does smtp.earthlink.net add to the headers that you find objectionable?

      The problem is that the majority of people out there are screwed by this and do not have enough knowledge to take recourse against it.

      The firewall was set up exactly because the majority of people out there do not have enough knowledge to prevent others from abusing their systems to send spam. So, what would you propose as another solution to the spam problem? Keep in mind that Earthlink has over 200,000 DSL customers and several million dialup customers.
      • What exactly does smtp.earthlink.net add to the headers that you find objectionable?

        Blockage of the elegant STARTTLS protocol, forcing use of the alternate-port-kluge smtps for folks who want to do authenticated relaying through my mail server. I would rather my users not have to monkey with their outgoing SMTP server settings depending on where they are, or have to switch mail agents to one that supports smtps.

        As always, spammers are making life miserable for everyone else. Earthlink firewalling off SMTP is likely the easiest option for them; other methods would probably cost Earthlink more.

  • by Arcturax ( 454188 ) on Sunday May 12, 2002 @08:55AM (#3505607)
    I've noticed this for a long time now. A lot of ISP's are doing that. I don't mind too much since my organization is "Crime" but it is a bit annoying yes. However if you want much better news service at not too much a year, try Newsguy [newsguy.com]. I used them back when I did a lot of usenet posting and for like $25/year (its gone up a bit since then) I was able to get non-binary access to all my favorite newsgroups. If you want access to binaries you have to pay a bit more, but the service is very customizable to fit your needs. They filtered out 95% of the spam and kept articles for a month, while roadrunner is lucky to keep them a week and seems to have cut corners on spam filtering. So I'd suggest if you are serious about usenet, buy your access (its less then $5/month for basic access) and get higher quality news feed with less spam and full control over those important headers.
    • "since my organization is "Crime"" - despite reading this bit through a few times I still didn't understand it. Is it a joke on the phrase organized crime?
    • by dattaway ( 3088 ) on Sunday May 12, 2002 @10:52AM (#3506017) Homepage Journal
      I have used newsguy since they were named zippo.com [zippo.com] (guess the evil company that sued for the name) and can say their usenet service is very reliable. Binaries are complete and you have a choice of the NNTP protocol or a fancy point and click web based interface that automates multipart decoding. RR may run a good newsserver, but I still keep newsguy to suppliment the spool.

      Newsguy also has impressive spam fighting filters. Even my newsguy email account hasn't had one spam email since I signed up since 1997.
  • So? (Score:3, Insightful)

    by nuggz ( 69912 ) on Sunday May 12, 2002 @08:56AM (#3505611) Homepage
    Companies aren't there to serve customers.

    Companies are there to serve the owners/shareholders. Most of them just want to get the best return on investment they can.

    Most people vote for "returns at any cost" with their money, and the companies act accordingly.

    When is the last time you've heard people say "oh you can lose a few million this year, just be nice to everyone", until they put a dollar value on satisfied customers, they are going to continue to behave this way because WE make them.

    And I don't really care how much RoadRunner screws with their customers, as long as they make money and build my retirement fund for me. Yes it is selfish, but I think that is the way it is.
    • "oh you can lose a few million this year, just be nice to everyone", until they put a dollar value on satisfied customers, they are going to continue to behave this way because WE make them


      True, but for most companies it is a choice between "We can make 10 million and have a few customers hate us (but keep giving us money because we are the only game in town)" and "We can make 8 million and get good press and have the most satisfied customers."

    • Re:So? (Score:5, Funny)

      by Waffle Iron ( 339739 ) on Sunday May 12, 2002 @09:43AM (#3505759)
      And I don't really care how much RoadRunner screws with their customers, as long as they make money and build my retirement fund for me.

      Unfortunately for you, AOL/TW's brilliant scheme to pad your retirement account by manipulating usenet headers has failed miserably. Last quarter, they posted the largest net loss in U.S. history ($54 billion).

      Last week they announced that the SMTP and NNTP Header Development Division will be axed to save costs; this is expected to result in massive layoffs.

    • When is the last time you've heard people say "oh you can lose a few million this year, just be nice to everyone"

      Explain how *NOT* swapping the Organization header would lose them money? They are changing something that they didn't do previously - at best, they may speculatively make a bit more money. It certainly cost them something to do this (maybe only $50 to have someone change something on their NNTP software, and maybe another $100,000 in executive salaries to have meetings about it) but it's at best an unknown amount of money they may generate because of this.

      I'd have thought it would have made more sense to add an extra X-header, or tack on RoadRunner at the end of the existing X-header info.

      X-Organization: Joe's Place (via RoadRunner)

      or something similar. To just replace it full stop is strange, to say the least.

      My theory is they are doing this because of the way search engines archive news postings has a ranking on what posts contains links to what URLs and names, this will make RoadRunner appear much more 'popular' in services like google and teoma. However, this will also have a detrimental search engine effect on the very customers RR is supposedly serving, and should cause them to leave (at least a few who realize what's going on). Again, if this is the case, is it worth losing a few customers to potentially gain more (short v long term)? Probably.
    • Companies are there to serve the owners/shareholders. Most of them just want to get the best return on investment they can.


      Then how can a company expect to make money if their customers run and go to another service?

      Notice my e-mail address above. I haven't had problems with RR so far - but if your idea is right then the first time I do I'll remember you.

      There is a dollar value attached to a satisfied customers - it's called revenue.

      When a company can stomp on it's customers (i.e. Microsoft) and not take a loss (again...) then they should be investigated.
  • by Anonymous Coward
    big whoop..is this intentional or just RR's mistake? either way, this doesn't belong in YRO section.

    there's absolutely no "rights" issue here. stop confusing rights with privileges.. you will only dilute this section further.

    • "there's absolutely no "rights" issue here. stop confusing rights with privileges..

      Privileges are something you don't have to do anything for. Rights are something you have to pay for, such as the rights granted to you by a service agreement (ie. "contract") for a certain price.
      • Privileges are something you don't have to do anything for. Rights are something you have to pay for

        Erm, what are they teaching in the schools these days? In the words of Mr. Locke, as channeled through Mr. Jefferson:

        We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.--That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed...

        Rights are something you are born with buddy. Priviledges are something you are granted and can be taken away, like Daddy loaning the old family car to you as long as you maintain a 'B' average. You can lose rights for the commission of crimes, but that is seen as a punishment.

        And what happens when someone takes away those rights? Reading a bit further in the same document:

        --That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness...

        Of course exercising that Right might get your sorry ass killed. Live Free or Die, as they say.

        The full thing is here [nara.gov], in case anyone wants to accuse me of selective quotation.

        • Um, yeh.

          These are property rights. We bought (or leased, depending on how you look at it) the internet access, and them skimming away parts they thought we wouldn't notice violates those rights.

          Then, on top of that, we have creative rights to our usenet posts. Copyright, for instance. For them to edit this, without our approval, is another violation of our rights. They can't even make the claim that it is a technical necessity.

          Or are these just privileges?
          • Yes, these are just priviliges. More accurately, it's a product that you've bought and it's crappy.

            Your RIGHT is to go buy Usenet service elsewhere. You were born with the ability to do that. Of course, it's not protected as thoroughly as some other rights.

            And, it's RR's right to sell whatever product they want... again, this isn't absolutely protected, they have to observe all kinds of regulations.

            You were boren with the ability to post to Usenet; that's a right. You were not born with the ability to post through RoadRunner.

            Anything that mandates what somebody else must do for you is NOT a right. It may be a good idea, it may be justifiable, but it's not an inalienable right. You have an inalienable right to food, housing, medicine, and porn, but you don't have a right to make somebody provide it for you.
            • Yes, I have the right to buy something. I paid, yet RR doesn't deliver.

              The way you view things, every right would be reduced to a privilege. I don't care to play semantic games.
              • SO stop paying. Maybe you can recover some of the money you paid for past service. But this is a matter for small claims court, not the Supreme Court.

                If it helps, I'll join you in lobbying to remove the cable/DSL companies' monopoly protection, so that you have a real choice. You should have the right to buy service from whomever wants to sell it to you. You don't have that right, but you should.
  • Legal Issue? (Score:3, Insightful)

    by suwain_2 ( 260792 ) on Sunday May 12, 2002 @09:04AM (#3505635) Journal
    I think RoadRunner is getting themselves into more trouble then they think.

    Let's say I post something to Usenet trolling, blasting Microsoft and making wild accusations against them. However, my "Organization" is "RoadRunner." While it may not mean anything legally, doesn't that at least partially imply that I'm speaking on behalf of RoadRunner, and, thus, making it seem like RoadRunner's official corporate stance is whatever nonsense I just accused Microsoft of?

    For example, if you work at IBM (arbitrarily chosen company), and routinely send out mail voicing *your* opinion, you'll likely have something to the effect of "These opinions are my own, and not that IBM," so that people don't twist mail you send to your friend into IBM's official position on the issue.

    Again, I don't know if this carries any legal weight, but I think RoadRunner is getting themselves into more than they bargained for. (Picture swarms of angry people blaming RoadRunner for whatever their customers post.)

    • I agree. I view the "Organization" header as stating the legal entity to which I have pledged some sort of allegiance, in most cases meaning I work for them in exchange for money. This carries the assumption that, since I am posting in the identity of someone that "belongs" to said organization, I have some legal right to speak for them unless I apply a disclaimer.

      While I assume they are overriding the "Organization" header as a marketing tactic, I believe they are ignoring the internet cultural norms for how that field is used. I hope they come to understand what they have done, perhaps inadvertantly, and change their policy. However, given the current climate, I suspect this will continue unnoticed (save the /. crowd) for years to come with no ramifications.

    • I was gonna parent up, but I feel a comment would be more fitting.

      We need people who have access to RoadRunner accounts to start making wild accusations about well-known, established, and notoriously litigious companies. After the first wave of defamation suits hits, they will reconsider the position.

      By placing their name by defualt on every Usenet communication as the Organization, they are endorsing that comment to some degree.

      Of course, IANAL, so YMMV.

  • by Evil Al ( 7496 ) on Sunday May 12, 2002 @09:10AM (#3505653) Homepage
    Not to pour water on a good conspiracy theory, but are people sure this isn't just a misconfigured nnrpd.conf (or equivalent)? It's pretty easy to do; many nntp sites already add an Organization line if there isn't one present -- all it would take is for some admin to foul up a config line.

    Not to downplay the significance of companies doing stuff like this, but this may be unintentional. The article doesn't look like it's double-checked the motive.
    • Blockquoth the poster:

      Not to pour water on a good conspiracy theory, but are people sure this isn't just a misconfigured nnrpd.conf (or equivalent)? ... all it would take is for some admin to foul up a config line.

      The same mistake, made everywhere at once? From the article:

      replacing whatever information a user enters with "Organization: Road Runner - (location)."
      All RoadRunner customers nationwide, including business customers, have apparently had their organization identity hijacked

    • Almost certainly (Score:3, Interesting)

      by cirby ( 2599 )
      The guys who run RoadRunner mail hosts seem to be a bit out of it when it comes to how "the Internet" works. Sure, they can figure out some of the stuff, but they get clueless really fast.

      For example: They used to have the "From:" header screwed up. When you sent some mail, it said that the sender was "username at the machine that handled all of the mail for the area," not "username at the real address." So for six months or so, when some folks tried to reply to my RR address, their replies bounced. I had to add a "Reply-to" line just to get mail back.

  • Correct me if I'm wrong but isn't this a perfectly correct implementation of organization? Whose NNTP server was used? Roadrunner's server. Whose name should be listed under organization, well I can make a strong argument for roadrunner. I fail to see what harm this does to the consumer, and more importantly what "right" is lost. Most clients don't display the header by defualt. It might help someone report spam. The only downside is if you used public usenet to reply to support postings, and wanted to look profesional, and then a private server would be a much more sensible solution(no propagation time, complete control, etc.)
  • The bottom line here is that, if like the article says, there is nothing in the ToS that guarantees that this wont happen (I start to twitch if I actually read ToS or EULA documents) then I'd say you're at the mercy of the owner of the servers that you use. When I load slashdot, it gives me slashdot content. When I send mail through my ISPs SMTP servers, it adds a header. While the co-opting aspect of this is disturbing, the bottom line is that if you don't like it, run your own NNTP server, or simply use Google Groups or any other alternative news service that delivers what you want, in the way you want it. A lot of people seem to think that Roadrunner is going to get in trouble for this. I just don't see that happenning. I can't even conceive of a way that this could be illegal. But I'm not a lawyer ;)
    • I don't think people are upset because something is being added to the headers (such as the SMTP server does), but that a field in the headers is being changed. I think there's a big difference between adding a notation saying the poster is using RoadRunner at a certain location and changing the poster's identity.

      Your point about running your own NNTP server is good though, but that's about the only thing you can do. Since RoadRunner has a monopoly whereever it is, it's not like you can switch to a different ISP. Personally, I think if the cable ISPs keep behaving this way, they're going to be headed towards governmental regulation. I hate to think that's necessary, but without competition, I'm not sure what else would work...
    • Well, if your service provider does in fact provide bad service - e.g. messing up headers in Usenet posts - why wouldn't you complain?

      It seems that complaining about problems is a perfectly reasonable thing to do, even if there is no way to legally force the ISP to remedy them. Service companies which stay in business tend to pay attention to complaints, occassionally. :)

      As far as RoadRunner getting trouble: I think that wouldn't necessarily have to be legal trouble. Lots of customers complaining or going somewhere else is trouble, too.

  • by JabbaKosh ( 578865 ) on Sunday May 12, 2002 @09:41AM (#3505750)
    I wonder how RoadRunner would feel if some unscrupulous person put Roadrunners email addresses in their reply fields for the spambots to harvest? Gee, I hope no one does that. That would be just awful. Roadrunner receiving tons of unsolicited mail because someone changed some information that they were not asked to. The horror...the horror....
  • by ben_degonzague ( 222715 ) on Sunday May 12, 2002 @09:56AM (#3505799)
    For the last year (probably even longer) I have noticed RR putting Road Runner in the Organization field on the header. I've never seen them put the actual city name however in the header. This is not late breaking news.

    I can't beleive this made the front page on slashdot. First of all the story is false (at least in the upstate New York RR service) second, what's the big deal? For me, I use my full name when posting to newsgroups. Plus with RR you get a fairly static IP address (mine hasn't changed in the last year), how can you be anonymous with that?
  • Spam (Score:3, Interesting)

    by Tim Ward ( 514198 ) on Sunday May 12, 2002 @09:57AM (#3505805) Homepage
    Doesn't this make it harder for RR "customers" to send out Usenet spam with totally forged headers and remain undetected?

    Isn't this a Good Thing for everyone?

    In particular it's a Good Thing for all RR customers who don't spam, as it means that other ISPs won't be denying connectivity to RR because of spam.

    What have I misunderstood here?
    • It's not necessarily RR "customers," but those who use the RR SMTP services.

      If you send an email via sendmail or a different STMP server then nothing will be changed. I imagine that the RR SMTP doesn't allow for forged headers as it is so spammers are not likely using their SMTP server to spam.

      A spammer could still use the RR internet service and just use an open relay somewhere to deliver their spam (which is what the majority does).
  • RFC850 (Score:5, Informative)

    by Fastolfe ( 1470 ) on Sunday May 12, 2002 @10:12AM (#3505863)
    From RFC850 [faqs.org]:
    2.2.9 Organization The text of this line is a short phrase describing the organization to which the sender belongs, or to which the machine belongs. The intent of this line is to help identify the person posting the message, since site names are often cryptic enough to make it hard to recognize the organization by the electronic address.
    What exactly is the problem here? You can't use your vanity Organization header with their news servers anymore? This is hardly a "rights" issue as implied by the YRO category, it's just a policy change issue on the part of RoadRunner. If you don't like it, let them know, but I wouldn't expect them to change this policy as it's a perfectly legitimate use of the Organization header. Use another news service or insert your own X-Real-Organization header if you're concerned about what's in the headers. If RoadRunner had been doing this from the start, nobody would be complaining. Many ISP's do this today.

    The bottom line is that from the Internet's point of view, your ISP and network provider is RoadRunner, so it makes perfect sense to label you as being part of that "organization" in this context. It is both within the letter and spirit of NNTP. To allow you to use your own vanity Organization header would only add confusion and defeats the spirit of the header.

    • To allow you to use your own vanity Organization header would only add confusion and defeats the spirit of the header.
      What revisionist claptrap, silly ho. ~24 years of precedent flies in the face of that lapdog statement. Common practice is for that user-adjustable header to be optionally filled in by the ISP/news provider with their entity name IF the user leaves it blank! Oy vey. News clients for time immemorial have provided facilities for filling that field user-side, for a reason.

      Make your silly case when the topic/s are the headers: NNTP-Posting-Host, X-Trace, X-Complaints-To.

    • Re:RFC850 (Score:4, Informative)

      by John Hasler ( 414242 ) on Sunday May 12, 2002 @11:56AM (#3506270) Homepage
      "The bottom line is that from the Internet's point of view, your ISP and network provider is RoadRunner, so it makes perfect sense to label you as being part of that "organization" in this context. It is both within the letter and spirit of NNTP."

      Nonsense. My ISP is merely a contractor selling me the service of forwarding my Usenet aricles into the rest of Usenet. I am not in any way part of their "organization".

      "To allow you to use your own vanity Organization header would only add confusion and defeats the spirit of the header."

      To use my own "Organization" header reduces confusion by identifying the organization to which I and my machine belong. Replacing it with one which erroneously identifies me as belonging to my ISP adds confusion.
      • Re:RFC850 (Score:2, Interesting)

        by Thr34d ( 42275 )
        If a network can be considered an organization (that brings up many side topics) then what RR is doing is in fact within the spirit of the RFC.

        I'd like to know if they're doing this on their business acccounts though. One thing RoadRunner touts a lot is that when using one of their business accounts it becomes transparent that you're on RR. If they're doing this to their business accounts then I'd see more of a problem since that transparency is now gone.

        Big deal if you can't have your cutsy wootsy litte Org header. It's hardly worth a YRO category.

        And saying "But, I'm representing my business when posting!" is pointless, if you're running a business over a end user account get a business account.

        If this is going on with a business account then scream and yell to RoadRunner and maybe even slashdot.

        What right is being taken away here?
      • Re:RFC850 (Score:3, Interesting)

        by Fastolfe ( 1470 )
        Read the RFC snippet I quoted. The Organization header is meant to identify the organization the user belogs to or the machine, the news server itself. If you're posting through your ISP's news server, you're probably a low-end business or a single-user individual.

        Still, I used the term organization in the context of a network (or news server) hierarchy, not in the logical business context. I may have been too subtle in my original post regarding this.

        From an NNTP point of view, the "organization" is really the provider hosting the news service, but the description of this header in the RFC doesn't really mandate it one way or the other.

        The point I was trying to make is that RoadRunner is not in violation of any civil laws, any rights you think you have, nor are they really breaking anything at all in the RFC or the intent of this header in the NNTP specification. They're doing exactly what a lot of other providers have been doing for years.

        If you don't like this change in policy, by all means let them know. They could easily reverse it, but I wouldn't necessarily expect them to. If all else fails, use a different news service that lets you specify your own vanity organization header (or even better, set up your own news service).
        • Re:RFC850 (Score:3, Interesting)

          by John Hasler ( 414242 )
          "The Organization header is meant to identify the organization the user belogs to or the machine, the news server itself."

          The machine referred to is the one the article originates from, not the first server it propagates to. Why do you think that news clients insert the "Organization" header to begin with?

          "From an NNTP point of view, the "organization" is really the provider hosting the news service,"

          The organization is clearly intended to be that of the author of the article.

          "They're doing exactly what a lot of other providers have been doing for years."

          A lot of providers have been screwing up news in all sorts of ways for years.
    • "The text of this line is a short phrase describing the organization to which the sender belongs, or to which the machine belongs."

      Okay. They don't belong to RoadRunner, and neither does the machine. If I'm working from home, for example, it would be much, much more accurate to have my business name there, not RoadRunner.

      "The bottom line is that from the Internet's point of view, your ISP and network provider is RoadRunner." I wasn't aware the Internet had a point of view. If it did, I'm pretty sure it would be perfectly happy with my IP.
    • "What exactly is the problem here?"

      Back to the RFC you blockquoted...

      "The text of this line is a short phrase describing the organization to which the sender belongs, or to which the machine belongs."

      Being a customer of AOLTW and being a part of their organization are two very different things. Or am I a part of the USPS because I mail things? Don't tell the union or I might have to start paying dues!

      From the text of that RFC, unless either the user is an AOLTW employee or the terminal PC being used is the property of AOLTW, they're violating the standard. Unless they want to claim responsibility for all kiddie porn posted by AOLTW users...
  • What? (Score:3, Informative)

    by The Asmodeus ( 18881 ) on Sunday May 12, 2002 @10:31AM (#3505942)
    Ok, I'm a RoadRunner customer. I read this and immediately went out to check my posts. Nope, didn't see the text added in any of them. Even posted a new post and still no text.

    So, either it's not happening in all areas are this yet another bogus "It was posted on the web so it has to be true" story.

  • by eschasi ( 252157 ) on Sunday May 12, 2002 @10:44AM (#3505981)
    If this were happening to me, I'd change my netnews .sigfile to read
    --
    If the Organization line on this post says 'RoadRunner', then the opinions expressed here are the official opinions of 'RoadRunner'. They put their name on them, they must approve.
  • Our old ISP did that. I didn't notice for months, until I saw an old posting of mine on Deja News. You know what? I didn't care.

    But think about it logically. You may read USENET postings from anywhere on the Net, but you are posting from their server. In this sense, the tagging of the Organization line with their information seems quite proper. Maybe to qualify for your own Organization tag, you need to run your own qualified NNTP server.

    And then there is a really damn good reason for doing this. Putting their information on that header also correctly indicates the source of the posting, so it is a valuable tool for tracing a culprit of USENET spam, a task for which I would gladly grant the ISP's the use of that silly header.

    • And then there is a really damn good reason for doing this. Putting their information on that header also correctly indicates the source of the posting, so it is a valuable tool for tracing a culprit of USENET spam, a task for which I would gladly grant the ISP's the use of that silly header.

      No, the Organization: line simply cannot be trusted as an accurate indication of where a post came from. Sure, RR users will say "Roadrunner" there, but it's trivial for me to change my Organization: line to Roadrunner before posting through my Supernews account. Anyone trusting that header will then report my (theoretical) abuse to RR instead of the actual service it originated from.

      NNTP-Posting-Host:, Message-ID:, and X-Complaints-To: headers already exist for this purpose. Organization: headers would only be useful if every newsserver, without exception, forces them this way.

  • A good sized business will run their own NNTP server anyway and have a real business ISP. But how many small businesses actually use nntp? For what except spamming newsgroups with penile enlargememt ads?
  • by Blue Neon Head ( 45388 ) on Sunday May 12, 2002 @11:52AM (#3506253)
    All concerned RoadRunner customers should change their organization name to "is a sh*tty ISP."
  • Road Runner, and most other cable ISPs (and the major phone company DSL ISPs, for that matter), don't think the same thing you and I think when they say "Internet Service Provider". They think of it as "Internet (Service Provider)"...that is, a Service Provider who happens to provide the service over the internet. They basically want to be like AOL, controlling the complete internet experience, from connection to content.

    What most people here want is an "(Internet Service) Provider"...someone who gives them a pipe with some IP addresses, and possibly provides DNS, SMTP, POP/IMAP, and NNTP servers, and maybe throws in some web space, and then pretty much gets out of the way.

  • I think it's real sporting of them. By identifying themselves as the organization responsible for the messages (not mereley the source of the messages), do they not open themselves to legal action? Shielding their customers, who are small-fry (anything other than AOL/TW, including most countries) by definition.

    Seriously, this has all the hallmarks of (rather clever) disgruntled employee sabotage. How much attention do you think the higher-ups at rr even pay to their UseNET service? How closely do you think it is monitered? I'm betting very little and not-at-all. It could be weeks before they really notice/understand, even now.

    If I still had UseNET flamewars^H^H^H^H^H^H^H^H^Hdiscussions, I'd be really pissed; I have roadrunner.
  • Which servers? (Score:3, Interesting)

    by Restil ( 31903 ) on Sunday May 12, 2002 @01:15PM (#3506568) Homepage
    Does this apply only to the RR usenet servers? Or does this apply to ANY usenet server that a RR customer is using?

    Big difference. IF RR owns the server and provides it as part of a package, yes it might suck, but its their server and if they want to alter information, I suppose its their right to do so. You don't HAVE to use it. In fact, most ISP based newsservers suck anyways. It wouldn't be a great loss.

    A lot of companies do things behind the scenes without putting into their terms of service. A great many isps will run httpd traffic through a cacheing proxy to either save on upstream bandwidth or to record information. One of these schemes makes perfect sense, the other is slimy.

    Ok, so they're changing your organization field. Whether this matters or not, you know about it now. If its a problem, use a different news server. However, if they're hijacking nttp packets and "fixing" that information, then you have a BIG problem. At NO point should ANY information I send out be modified. If they want to play games to save bandwidth, fine. But I better get the exact data I request, and the other end better get the same data I send, with no
    modifications. THAT would be entering into the realm of arbitrary censorship without permission.

    They might STILL be within their rights to do that, but if I were a customer of theirs, I would start shopping around.

    -Restil
  • What's the big deal? Come on, lots of companies do stuff like this. Viral marketing works a lot better than full blown ad campaign. Look at Yahoo and Hotmail's mail service. At the bottom of every email they have a "Get your free email account at Yahoo.com" or "Get your free email account at Hotmail.com" Why don't people make a big deal about that? You use their service, you have to deal with those types of things. They could easily not provide a free nntp service to you, but they do as part of your service plan. If you want to use another service, there are plenty on the net.
  • I don't see the problem here. The Organization: field gets set by the NNTP server that carried the message onto the 'net. This is great, it provides quite a bit more authenticity for messages.

    I'm building a little groupware server [citadel.org] that supports SMTP/POP/IMAP (among other things) and I do something even more heinous, to prevent open relaying: if you're not using authenticated SMTP, you can't deliver a message that claims to be from one of the server's own domains -- and if you are using authenticated SMTP, it rewrites the From: header line, forcing the message to appear authored by the user you logged in as.

    Internet tradition and even some RFC's say that it's a sin to alter the message content, but in an era where people on the 'net just can't be trusted anymore, I think that's an obsolete concept.
    • it rewrites the From: header line, forcing the message to appear authored by the user you logged in as.

      Oh great, another piece of software that rewrites my email address to myloginname@ crap.dns.entry.pointing. to.my.computers.ipaddr.myisp.net Where my computer isn't running a mail server, so this makes it so no one can contact me, and when they try, their mail server bangs against my firewall for days.

      Just kidding! I'm sure you wrote it correctly so it doesn't do that--I hope. Unfortunately, there are a lot of programs written for UN*X that do just that. Sucks to have to fix those problems all the time on my computer at home...

      One more on topic comment: back when I was on @home they used to add an Organization: line when your newsreader didn't, however their terms of service said that you shouldn't ever represent yourself as @home in any way. I guess I'm splitting hairs, but that seems a bit contradictory to me...

      • Just kidding! I'm sure you wrote it correctly so it doesn't do that--I hope.
        Of course! If your account on the server is "myname@mydomain.dom" then that's what it stamps on the message. It's controlled by the server admin and doesn't try to figure out who you are based on where you're connecting from -- it figures out who you are based on who you logged in as. Authentication at its best :)
  • Add you own.. (Score:2, Informative)

    by nolife ( 233813 )
    X-Roadrunner-Status: It Sucks today and probably more tommorrow

    or if you want your own organization use:

    X-Organization: [Your company name]

He has not acquired a fortune; the fortune has acquired him. -- Bion

Working...