429 lines
9.6 KiB
HTML
429 lines
9.6 KiB
HTML
|
<HTML
|
||
|
><HEAD
|
||
|
><TITLE
|
||
|
>NNTP and thenntpd Daemon</TITLE
|
||
|
><META
|
||
|
NAME="GENERATOR"
|
||
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.57"><LINK
|
||
|
REL="HOME"
|
||
|
TITLE="Linux Network Administrators Guide"
|
||
|
HREF="index.html"><LINK
|
||
|
REL="PREVIOUS"
|
||
|
TITLE="Maintenance Tools and Tasks"
|
||
|
HREF="x-087-2-cnews.maint.html"><LINK
|
||
|
REL="NEXT"
|
||
|
TITLE="The NNTP Protocol"
|
||
|
HREF="x-087-2-nntp.protocol.html"></HEAD
|
||
|
><BODY
|
||
|
CLASS="CHAPTER"
|
||
|
BGCOLOR="#FFFFFF"
|
||
|
TEXT="#000000"
|
||
|
LINK="#0000FF"
|
||
|
VLINK="#840084"
|
||
|
ALINK="#0000FF"
|
||
|
><DIV
|
||
|
CLASS="NAVHEADER"
|
||
|
><TABLE
|
||
|
WIDTH="100%"
|
||
|
BORDER="0"
|
||
|
CELLPADDING="0"
|
||
|
CELLSPACING="0"
|
||
|
><TR
|
||
|
><TH
|
||
|
COLSPAN="3"
|
||
|
ALIGN="center"
|
||
|
>Linux Network Administrators Guide</TH
|
||
|
></TR
|
||
|
><TR
|
||
|
><TD
|
||
|
WIDTH="10%"
|
||
|
ALIGN="left"
|
||
|
VALIGN="bottom"
|
||
|
><A
|
||
|
HREF="x-087-2-cnews.maint.html"
|
||
|
>Prev</A
|
||
|
></TD
|
||
|
><TD
|
||
|
WIDTH="80%"
|
||
|
ALIGN="center"
|
||
|
VALIGN="bottom"
|
||
|
></TD
|
||
|
><TD
|
||
|
WIDTH="10%"
|
||
|
ALIGN="right"
|
||
|
VALIGN="bottom"
|
||
|
><A
|
||
|
HREF="x-087-2-nntp.protocol.html"
|
||
|
>Next</A
|
||
|
></TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
><HR
|
||
|
ALIGN="LEFT"
|
||
|
WIDTH="100%"></DIV
|
||
|
><DIV
|
||
|
CLASS="CHAPTER"
|
||
|
><H1
|
||
|
><A
|
||
|
NAME="X-087-2-NNTP"
|
||
|
>Chapter 22. NNTP and thenntpd Daemon</A
|
||
|
></H1
|
||
|
><DIV
|
||
|
CLASS="TOC"
|
||
|
><DL
|
||
|
><DT
|
||
|
><B
|
||
|
>Table of Contents</B
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1. <A
|
||
|
HREF="x-087-2-nntp.protocol.html"
|
||
|
>The NNTP Protocol</A
|
||
|
></DT
|
||
|
><DD
|
||
|
><DL
|
||
|
><DT
|
||
|
>22.1.1. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17812"
|
||
|
>Connecting to the News Server</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.2. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17825"
|
||
|
>Pushing a News Article onto a Server</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.3. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17849"
|
||
|
>Changing to NNRP Reader Mode</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.4. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17863"
|
||
|
>Listing Available Groups</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.5. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17880"
|
||
|
>Listing Active Groups</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.6. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17892"
|
||
|
>Posting an Article</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.7. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17912"
|
||
|
>Listing New Articles</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.8. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17932"
|
||
|
>Selecting a Group on Which to Operate</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.9. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17948"
|
||
|
>Listing Articles in a Group</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.10. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17962"
|
||
|
>Retrieving an Article Header Only</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.11. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17982"
|
||
|
>Retrieving an Article Body Only</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.1.12. <A
|
||
|
HREF="x-087-2-nntp.protocol.html#AEN17994"
|
||
|
>Reading an Article from a Group</A
|
||
|
></DT
|
||
|
></DL
|
||
|
></DD
|
||
|
><DT
|
||
|
>22.2. <A
|
||
|
HREF="x-087-2-nntp.nntpd.html"
|
||
|
>Installing the NNTP Server</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.3. <A
|
||
|
HREF="x-087-2-nntp.access.html"
|
||
|
>Restricting NNTP Access</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.4. <A
|
||
|
HREF="x-087-2-nntp.authorize.html"
|
||
|
>NNTP Authorization</A
|
||
|
></DT
|
||
|
><DT
|
||
|
>22.5. <A
|
||
|
HREF="x-087-2-nntp.interact.html"
|
||
|
>nntpd Interaction with C News</A
|
||
|
></DT
|
||
|
></DL
|
||
|
></DIV
|
||
|
><P
|
||
|
>Network News Transfer Protocol (NNTP) provides for a vastly different
|
||
|
approach to news exchange from C News and other news servers without native
|
||
|
NNTP support. Rather than rely on a batch technology like UUCP to transfer
|
||
|
news articles between machines, it allows articles to be exchanged via an
|
||
|
interactive network connection. NNTP is not a particular software package,
|
||
|
but an Internet standard described in RFC-977. It is based on a
|
||
|
stream-oriented connection, usually over TCP, between a client anywhere in
|
||
|
the network and a server on a host that keeps Netnews on disk storage. The
|
||
|
stream connection allows the client and server to interactively negotiate
|
||
|
article transfer with nearly no turnaround delay, thus keeping the number of
|
||
|
duplicate articles low. Together with the Internet's high-transfer rates,
|
||
|
this adds up to a news transport that surpasses the original UUCP networks by
|
||
|
far. While some years ago it was not uncommon for an article to take two
|
||
|
weeks or more before it arrived in the last corner of Usenet; it is now often
|
||
|
less than two days. On the Internet itself, it is even within the range of
|
||
|
minutes.</P
|
||
|
><P
|
||
|
>Various commands allow clients to retrieve, send, and post articles. The
|
||
|
difference between sending and posting is that the latter may involve articles
|
||
|
with incomplete header information; it generally means that the user has just
|
||
|
written the article.<A
|
||
|
NAME="X-087-2-FNNN01"
|
||
|
HREF="#FTN.X-087-2-FNNN01"
|
||
|
>[1]</A
|
||
|
>
|
||
|
Article retrieval may be used by news transfer clients as well as newsreaders.
|
||
|
This makes NNTP an excellent tool for providing news access to many clients on
|
||
|
a local network without going through the contortions that are necessary when
|
||
|
using NFS.</P
|
||
|
><P
|
||
|
>
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
NNTP also provides for an active and a passive way to transfer news,
|
||
|
colloquially called “pushing” and “pulling.” Pushing
|
||
|
is basically the same as the ihave/sendme protocol used by C News (described in
|
||
|
<A
|
||
|
HREF="x-087-2-cnews.html"
|
||
|
>Chapter 21</A
|
||
|
>). The client offers an article to the server
|
||
|
through the <B
|
||
|
CLASS="COMMAND"
|
||
|
>IHAVE msgid</B
|
||
|
>
|
||
|
command, and the server returns a response code that indicates whether
|
||
|
it already has the article or if it wants it. If the server wants the
|
||
|
article, the client sends the article, terminated by a single dot on a
|
||
|
separate line.</P
|
||
|
><P
|
||
|
>Pushing news has the single disadvantage that it places a heavy load on
|
||
|
the server system, since the system has to search its history database for
|
||
|
every single article.</P
|
||
|
><P
|
||
|
>
|
||
|
The opposite technique is pulling news, in which the client requests a
|
||
|
list of all (available) articles from a group that have arrived after a
|
||
|
specified date. This query is performed by the
|
||
|
<B
|
||
|
CLASS="COMMAND"
|
||
|
>NEWNEWS</B
|
||
|
> command. From the returned
|
||
|
list of message IDs, the client selects those articles it does not yet have,
|
||
|
using the <B
|
||
|
CLASS="COMMAND"
|
||
|
>ARTICLE</B
|
||
|
> command for
|
||
|
each of them in turn.</P
|
||
|
><P
|
||
|
>Pulling news needs tight control by the server over which groups and
|
||
|
distributions it allows a client to request. For example, it has to make
|
||
|
sure that no confidential material from newsgroups local to the site is sent
|
||
|
to unauthorized clients.</P
|
||
|
><P
|
||
|
>There are also a number of convenience commands for newsreaders that
|
||
|
permit them to retrieve the article header and body separately, or even
|
||
|
single header lines from a range of articles. This lets you keep all
|
||
|
news on a central host, with all users on the (presumably local) network
|
||
|
using NNTP-based client programs for reading and posting. This is an
|
||
|
alternative to exporting the news directories via NFS, as described
|
||
|
in <A
|
||
|
HREF="x-087-2-cnews.html"
|
||
|
>Chapter 21</A
|
||
|
>.</P
|
||
|
><P
|
||
|
>
|
||
|
An overall problem of NNTP is that it allows a knowledgeable person to insert
|
||
|
articles into the news stream with false sender specification. This is
|
||
|
called <I
|
||
|
CLASS="EMPHASIS"
|
||
|
>news faking</I
|
||
|
> or
|
||
|
<I
|
||
|
CLASS="EMPHASIS"
|
||
|
>spoofing</I
|
||
|
>.<A
|
||
|
NAME="X-087-2-FNNN02"
|
||
|
HREF="#FTN.X-087-2-FNNN02"
|
||
|
>[2]</A
|
||
|
>
|
||
|
An extension to NNTP allows you to require user authentication for
|
||
|
certain commands, providing some measure of protection against people abusing
|
||
|
your news server in this way.</P
|
||
|
><P
|
||
|
>
|
||
|
|
||
|
There are a number of NNTP packages. One of the more widely known is
|
||
|
the NNTP daemon, also known as the
|
||
|
<I
|
||
|
CLASS="EMPHASIS"
|
||
|
>reference implementation</I
|
||
|
>.
|
||
|
Originally, it was written by Stan Barber and Phil Lapsley to illustrate the
|
||
|
details of RFC-977. As with much of the good software available today, you may
|
||
|
find it prepackaged for your Linux distribution, or you can obtain the source
|
||
|
and compile it yourself. If you choose to compile it yourself, you will need to
|
||
|
be quite familiar with your distribution to ensure you configure all of the
|
||
|
file paths correctly.</P
|
||
|
><P
|
||
|
>The <B
|
||
|
CLASS="COMMAND"
|
||
|
>nntpd</B
|
||
|
> package has a server, two clients for
|
||
|
pulling and pushing news, and an <B
|
||
|
CLASS="COMMAND"
|
||
|
>inews</B
|
||
|
>
|
||
|
replacement. They live in a B News environment, but with a little
|
||
|
tweaking, they will be happy with C News, too. However, if you plan to
|
||
|
use NNTP for more than offering newsreaders access to your news server,
|
||
|
the reference implementation is not really an option. We will therefore
|
||
|
discuss only the NNTP daemon contained in the <B
|
||
|
CLASS="COMMAND"
|
||
|
>nntpd</B
|
||
|
> package
|
||
|
and leave out the client programs.</P
|
||
|
><P
|
||
|
>
|
||
|
If you wish to run a large news site, you should look at
|
||
|
the <I
|
||
|
CLASS="EMPHASIS"
|
||
|
>InterNet News</I
|
||
|
> package, or INN, that was written by
|
||
|
Rich Salz. It provides both NNTP and UUCP-based news transport. News transport is definitely better than
|
||
|
<B
|
||
|
CLASS="COMMAND"
|
||
|
>nntpd</B
|
||
|
>. We discuss INN in detail in
|
||
|
<A
|
||
|
HREF="x-087-2-inn.html"
|
||
|
>Chapter 23</A
|
||
|
>.</P
|
||
|
></DIV
|
||
|
><H3
|
||
|
CLASS="FOOTNOTES"
|
||
|
>Notes</H3
|
||
|
><TABLE
|
||
|
BORDER="0"
|
||
|
CLASS="FOOTNOTES"
|
||
|
WIDTH="100%"
|
||
|
><TR
|
||
|
><TD
|
||
|
ALIGN="LEFT"
|
||
|
VALIGN="TOP"
|
||
|
WIDTH="5%"
|
||
|
><A
|
||
|
NAME="FTN.X-087-2-FNNN01"
|
||
|
HREF="x-087-2-nntp.html#X-087-2-FNNN01"
|
||
|
>[1]</A
|
||
|
></TD
|
||
|
><TD
|
||
|
ALIGN="LEFT"
|
||
|
VALIGN="TOP"
|
||
|
WIDTH="95%"
|
||
|
><P
|
||
|
> When posting an
|
||
|
article over NNTP, the server always adds at least one header field, <TT
|
||
|
CLASS="LITERAL"
|
||
|
>NNTP-Posting-Host:</TT
|
||
|
>. The field contains the client's hostname.</P
|
||
|
></TD
|
||
|
></TR
|
||
|
><TR
|
||
|
><TD
|
||
|
ALIGN="LEFT"
|
||
|
VALIGN="TOP"
|
||
|
WIDTH="5%"
|
||
|
><A
|
||
|
NAME="FTN.X-087-2-FNNN02"
|
||
|
HREF="x-087-2-nntp.html#X-087-2-FNNN02"
|
||
|
>[2]</A
|
||
|
></TD
|
||
|
><TD
|
||
|
ALIGN="LEFT"
|
||
|
VALIGN="TOP"
|
||
|
WIDTH="95%"
|
||
|
><P
|
||
|
>The same problem exists with the Simple Mail Transfer Protocol (SMTP), although
|
||
|
most mail transport agents now provide mechanisms to prevent spoofing.</P
|
||
|
></TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
><DIV
|
||
|
CLASS="NAVFOOTER"
|
||
|
><HR
|
||
|
ALIGN="LEFT"
|
||
|
WIDTH="100%"><TABLE
|
||
|
WIDTH="100%"
|
||
|
BORDER="0"
|
||
|
CELLPADDING="0"
|
||
|
CELLSPACING="0"
|
||
|
><TR
|
||
|
><TD
|
||
|
WIDTH="33%"
|
||
|
ALIGN="left"
|
||
|
VALIGN="top"
|
||
|
><A
|
||
|
HREF="x-087-2-cnews.maint.html"
|
||
|
>Prev</A
|
||
|
></TD
|
||
|
><TD
|
||
|
WIDTH="34%"
|
||
|
ALIGN="center"
|
||
|
VALIGN="top"
|
||
|
><A
|
||
|
HREF="index.html"
|
||
|
>Home</A
|
||
|
></TD
|
||
|
><TD
|
||
|
WIDTH="33%"
|
||
|
ALIGN="right"
|
||
|
VALIGN="top"
|
||
|
><A
|
||
|
HREF="x-087-2-nntp.protocol.html"
|
||
|
>Next</A
|
||
|
></TD
|
||
|
></TR
|
||
|
><TR
|
||
|
><TD
|
||
|
WIDTH="33%"
|
||
|
ALIGN="left"
|
||
|
VALIGN="top"
|
||
|
>Maintenance Tools and Tasks</TD
|
||
|
><TD
|
||
|
WIDTH="34%"
|
||
|
ALIGN="center"
|
||
|
VALIGN="top"
|
||
|
> </TD
|
||
|
><TD
|
||
|
WIDTH="33%"
|
||
|
ALIGN="right"
|
||
|
VALIGN="top"
|
||
|
>The NNTP Protocol</TD
|
||
|
></TR
|
||
|
></TABLE
|
||
|
></DIV
|
||
|
></BODY
|
||
|
></HTML
|
||
|
>
|