Home > FAQ

Frequently Asked Questions

Contents

  1. How do I score on bad words in the message body?
  2. Can a filter be done on X-Newsreader?
  3. Can we limit the number of lines in a posting?
  4. How can we preserve posters' privacy?

How do I score on bad words in the message body?

Cleanfeed doesn't usually score bad words in the message body, only in specific headers: Subject, From, Message-ID and Organization. To extend this scoring into the body, add the following to cleanfeed.local.
sub local_filter_scoring {
  my $score = '';
  $score .= "!Body1Pt" while $body =~ /$one_point_words/go;
  $score .= "!!Body2Pt" while $body =~ /$two_point_words/go;
  return $score;
};

Can a filter be done on X-Newsreader?

Yes, this example would reject any articles posted with an X-Newsreader header beginning with "Microsoft".
sub local.filter.last {
    if ($hdr{'X-Newsreader'} =~ /^Microsoft/) {
        return reject('Microsoft Newsreader', 'Bad Reader');
    };
};
Additionally this would log rejects with a short reason of "Bad Reader" to a file called cf.readers.
sub local_filter_reject {
    my ($vr, $sr) = @_;
    logart('cf.readers', $vr) if $sr =~ /^Bad\sReader/;
};

Can we limit the number of lines in a posting?

The following code will reject articles over a given number of lines.
sub local_filter_first {
    if ($state{lines} > 50) {
        return reject('Line limit exceeded', 'Too many lines');
    };
};

How can we preserve posters' privacy?

Usually headers such as NNTP-Posting-Host and X-Trace will reveal information about the originator's hostname or IP address. Deleting these headers or configuring them to not display is the obvious solution but doing so prevents other Usenet users and providers from linking posts to a single source. One alternative is to cryptographically secure this info with a one-way hash.

The following code snippet will hash the NNTP-Posting-Host header and remove the X-Trace header. It should replace or be incorporated into the filter_nnrpd.pl file.
use strict;
use Digest::SHA1;
our (%hdr, $modify_headers);

sub filter_post {
    my $digest = Digest::SHA1->new;
    $digest->add($hdr{'NNTP-Posting-Host'});
    $digest->add("salt"); # Change this string to your own secret
    $hdr{'NNTP-Posting-Host'} = $digest->b64digest;

    undef $hdr{'X-Trace'};
    $modify_headers = 1;
    return "";
};

Alternate version using Digest::SHA

This example uses the newer Perl extension, DIGEST::SHA. The chosen digest is SHA256 but the extension is a complete implementation of the NIST Secure Hash Standard. This also assumes the local server generates the Injection-Info headers rather than the older, depreciated NNTP-Posting-Host.
use strict;
use Digest::SHA;
our (%hdr, $modify_headers);

sub filter_post {
    undef $hdr{'X-Trace'};
    if ($hdr{'Injection-Info'} =~ /(posting-host\s?=\s?"([^"]+)")/) {
        my $sha = Digest::SHA->new('sha256');
        $sha->add("$2");
        $sha->add('Flavour with salt');
        my $digest = $sha->b64digest;
        my $newhdr = "posting-host=\"$digest\"";
        $hdr{'Injection-Info'} =~ s/$1/$newhdr/;
    };

    $modify_headers = 1;
    return '';
};