"Andy Hall" wrote in message
...
On Sun, 26 Dec 2004 19:47:23 GMT, raden wrote:


There seem to be a lot of posts purporting to be from the previous
poster in a thread containing weird recipes

Is everybody else getting them, and does anybody know what's going on ?

Late last night, yes, nothing much today.

They appear to be forged headers created by harvesting name details
and injecting messages into appropriately open news servers.

Some ISPs do address range limitations to prevent their news servers
being used by other than their customers, but there are enough open
ones around and this is before getting into use of trojan plants on
legitimate machines being used to relay posts to look legitimate.

Unfortunately, the Usenet environment doesn't have quite so much
protection as email servers can have. Equally, this type of attack
does not seem to be too prevalent (at least not in the newsgroups I
read).

More at:
http://www.spamfaq.net/terminology.s...sgroup_attacks

Some news servers run software to filter them out, but
not most because, as you say, the attack is an uncommon
one (except on news.admin.net-abuse.email).

Al