usefor-article-04 April 2001

9.2.1.  Denial of Service

   The proper functioning of individual newsgroups can be disrupted by
   the massive posting of "noise" articles, by the repeated posting of
   identical or near identical articles, by posting followups unrelated
   to their precursors, or which quote their precursors in full with the
   addition of minimal extra meterial (especially if this process is
   iterated), and by crossposting to, or setting followups to, totally
   unrelated newsgroups.
   Many have argued that "spam", massively multiposted (and to a lesser
   extent massively crossposted) articles, usually for advertising
   purposes, also constitutes a DoS attack in its own regard.  This may
   be so.

   Such articles intended to deny service, or other articles of an
   inflammatory nature, may also have their From or Reply-To addresses
   set to valid but incorrect email addresses, thus causing large
   volumes of mail to descend on the true owners of those addresses.

   It is a violation of this standard for a poster to use as his address
   a mailbox which he is not entitled to use.  Even addresses with an
   invalid local-part but a valid domain can cause disruption to the
   administrators of such domains.  Posters who wish to remain anonymous
   or to prevent automated harvesting of their addresses, but who do not
   care to take the additional precautions of using more sophisticated
   anonymity measures, should avoid that violation by the use of
   addresses ending in the ".invalid" top-level-domain (see 5.2).

   A malicious poster may also prevent his article being seen at a
   particular site by preloading that site into the Path header (5.6.1)
   and may thus prevent the true owner of a forged From or Reply-To
   addresse from ever seeing it.

   Administrative agencies with responsibility for establishing policies
   in particular hierarchies can and should set bounds upon the
   behaviour that is considered acceptable within those hierarchies (for
   example by promulgating charters for individual newsgroups, and other
   codes of conduct).

   Whilst this standard places an onus upon injecting agents to bear
   responsibility for the misdemeanours of its posters, (which include
   non-adherence to established policies of the relevant hierarchies as
   provided in section 8.2), and to provide assistance to the rest of
   the network by making proper use of the Injector-Info (6.19) and
   Complaints-To (6.20) headers, it makes no provision for enforcement,
   which may in consequence be patchy. Nevertheless, injecting sites
   which persistently fail to honour their respobsibilities or to comply
   with generally accpted standards of behaviour are likely to find
   themselves blacklisted, with their articles refused progagation and
   even subject to cancellation, and other relaying sites would be well
   advised to withdraw peering arrangements from them.