The INN software lets you turn your Red Hat Linux system into a news server. INN is the most popular news server software for Red Hat Linux and other UNIX systems. All the daemon processes, commands, and configuration files that are needed to run a news server in INN come with your distribution of Red Hat Linux.
The option to install news services is given to you during the Red Hat Linux installation process. If you did not install the news server software during the Linux installation, you can always install it later from the INN RPM file. You must install the cleanfeed RPM, because the INN RPM depends on cleanfeed, and then install the INN package (both are on CD #2).
Red Hat Linux does a lot of the initial INN setup for you. Your main tasks are to edit a few configuration files and turn on the service. (Though there isn't much configuration needed at first, you will find yourself tuning it over time.)
One thing you might need to do is run the makehistory command to create a history.hash file. This initializes the INN history database.
Rich Salz created the INN software package. In recent years, its development was taken over by the Internet Software Consortium (at www.isc.org/products/INN). From ISC's home page, you can get other documentation and the latest software updates for INN.
Because so much of the INN software package that comes with Red Hat Linux is already set up for you, it helps to find out first what you are starting with. Here is a quick rundown of how INN is set up for you after you install it from the Red Hat Linux distribution:
News user:???A news user is created in your /etc/passwd file. Ownership of news components (configuration files, spool files, and commands) is assigned to this user. The group name is also news. The news user's home directory is the news spool directory (/var/spool/news).
Configuration directory:???Configuration files for INN are contained in the /etc/news directory. Sample files that you can use with INN are contained in the /usr/share/doc/inn*/samples directory.
Spool directories:???The INN spool directory structure, created in /var/spool/news, contains these directories: archive, articles, incoming, innfeed, outgoing, and overview.
cron:???Three entries exist for cron (one daily and two hourly). The one daily entry, in /etc/cron.daily, cleans up the news service (removes old entries) and checks that the news service is working once a day. The two hourly cron entries send news articles to other NNTP sites either over the Internet (using nntpsend) or over a UUCP connection (using rnews), depending on how the news service is configured.
Mail command:???The Mail Transfer Agent (MTA) used by news is set to the sendmail command in the inn.conf file.
Reading access:???As delivered, INN enables only users from the local host to read and post articles through your news server. Other hosts would have to be added to definitions in the INN server's /etc/news/readers.conf file.
Although a lot of the INN configuration is preset for you, some configuration is required before you can use the server. In particular, you must make some changes to the inn.conf (for general news server information), newsfeeds (to decide where your news articles are sent), and incoming.conf (to choose where the articles you receive come from).
If you use nontraditional storage methods (discussed later), some other files must also be configured. The inn.conf file is discussed in the next section, "Configuring the INN server." Where your news articles are sent (newsfeeds) and where the articles you receive come from (incoming.conf) are discussed in "Setting Up News Feeds" later in the chapter. The information in these files is used by the innd daemon to manage incoming news feeds and by the nnrpd daemon to control which users can access the news server.
This chapter frequently refers to headers that appear in the news articles. A news server often reacts to the information in these headers or puts information in these headers. The following is an example of some of the headers that can be contained in a news article:
Path: news.cwix.com!newsfeed.cwix.com!184.108.40.206! From: Caleb Hollatz <news.handsonhistory.com> Newsgroups: comp.os.linux.misc,comp.os.linux.networking Subject: Re: Getting a newsgroup server working Date: 15 Sep 2003 18:37:16 +0100 Organization: Hands on History Message-ID: <firstname.lastname@example.org> References: <email@example.com> NNTP-Posting-Host: crafts.handsonhistory.com X-Complaints-To: firstname.lastname@example.org Content-Type: text/plain; charset=us-ascii NNTP-Posting-Date: 15 Sep 2003 17:37:19 GMT
In most newsreaders, you see only the contents of some of the headers, such as the From and Subject headers. To see all the headers, you would have to open the news article in a text editor or choose some sort of view header function. See Chapter 9 for discussions of newsreaders.
Of the headers shown in the preceding example, several should be of interest to a news server administrator. The Path: header indicates where the article has already been sent. This lets your news server know that it doesn't need to forward an article to a host that appears there. The Newsgroups: header shows the newsgroup or newsgroups that the article is posted to. The Organization: is something that you need to set in your inn.conf file to identify your organization. Likewise, you need to set an X-Complaints-To value so that problems encountered by users of your server can be forwarded to you (or to whomever's e-mail the complaints related to your server are to be forwarded).
The inn.conf file is where most of the general news server information is configured. For your INN news server to work, you must make several changes to this file. Most of the required changes are associated with identifying your server. However, you need to consider other changes that will have a major impact on how your server performs, what and how information is logged and stored, and the location of the directories that have newsgroup information. You add or change parameters in this file to configure INN.
After making a backup copy of the /etc/news/inn.conf file, open it in any text editor and make changes based on the following descriptions.
In general, you shouldn't remove parameters from the inn.conf file. If you aren't sure how to set a parameter, leave the default value, if one is given. More than 100 parameters are in the inn.conf file. For more on inn.conf parameters, see the inn.conf man page (type man inn.conf).
The inn.conf parameters described in this section identify your news server. They define the names of your organization and news server that appear in the header of local posts, the host path name that identifies how to get to your computer on the network, and the domain your computer is in. The following is a list of the inn.conf parameters along with a description of the values that you can set for each of these parameters:
The mta parameter sets the particular mail transfer agent that is used by your news server to transfer messages. The following default setting causes the sendmail command to be used:
mta: /usr/sbin/sendmail -oi -oem %s
The organization parameter identifies the name of your organization. When someone in your organization sends a news article, this name appears in the Organization: header of the article. The organization may be something similar to Customer of Hands on History, or Member of the Salt Lake Bird Club, or simply an organization name, such as Acme Realtors. Here is an example:
organization: Hands on History
The ovmethod parameter sets the overview storage method to use, if enableoverview is true (which it is by default). The default is tradindexed, a method that is fast for reading news and slow for writing it. Each newsgroup is stored in two files (a data and an index file). A value of buffindexed causes data and index information to be stored in buffers (based on values set in the /etc/news/buffindexed.conf file). A value of ovdb causes newsgroups to be stored in a Berkeley DB database format. Here is the default:
The pathhost parameter must be set to a name that represents the local site. Each article that passes through your INN server has this name added to its Path header. The fully-qualified host name of the computer is a good choice to use at the pathhost. A value for pathhost is required; there is no default value. Here is an example:
The pathnews parameter sets the root of the news storage hierarchy as well as the news user's home directory. By default, the pathnews parameter is set to /usr/lib/news:
The domain parameter determines the domain name used for your news server. Usually, this parameter is blank, and your computer's domain name is picked up automatically. You can set this option manually if your computer doesn't use a fully-qualified domain name (FQDN) for other services. For example:
The innflags parameter lets you add flags to pass to the innd daemon process when the server starts up. The flags are the options to the innd daemon. (Type man innd 8 to see available flags.)
The mailcmd parameter indicates the command that is used by the INN server to send messages. The default (innmail) is a simple script that calls the value you set for mta earlier in this file to do the actual mail delivery. The default value is as follows:
The server parameter identifies the name of your news server. It can be a fully-qualified domain name or an IP address. The server name is added to the Path: header, so that other news servers know not to forward the message to your server again. You can override the server parameter by setting the NNTPSERVER environment variable. Here is an example of a server parameter:
This set of parameters relates to how INN allocates resources to handle news feeds.
To limit how long an article can be stored on your server, set the artcutoff parameter. By default, it is set to 10 days. Articles older than that are dropped. Here's an example of the artcutoff parameter with a cutoff date of 14 days:
The bindaddress parameter sets which interface (IP address) the INN server listens on. The default is to listen on all network interfaces on the computer. Setting bindaddress to All also results in INN listening on all interfaces.
The hiscachesize parameter can be used to set the amount of memory to make available (in kilobytes) to store message IDs. Storing these incoming messages can speed up history lookup. The default is 0 (no memory allocated) as follows:
The ignorenewsgroups parameter can be used to control routing of newsgroup creation control messages. By default, this feature is off (false) as follows:
If the immediatecancel parameter is set to true, it can be used to immediately cancel articles (and not just set them in cache to be cancelled). This option is only available for timecaf storage methods. By default, the feature is off as follows:
The linecountfuzz parameter rejects messages where the line count doesn't match the value of the Lines header. The default is zero (0), which turns linecountfuzz off. Setting linecountfuzz to a number allows messages that differ up to the number of lines you set. In this example, messages whose line count differs more than five lines is rejected:
With the maxartsize parameter, you can limit the size of the articles that are accepted by your news server. By default, this value is 1,000,000 bytes. To make the value half that size, you could set the parameter as follows:
Use the maxconnection parameter to limit the number of incoming NNTP connections that are allowed from your server at the same time. NNTP connections, which enable users to read articles from and post articles to your news server, are handled by the nnrpd daemon. Limiting NNTP connections is one way to reduce demand on your server, but it can also prevent people from using it effectively. By default, maxconnections is set to 50. To set it to 40, use the following line:
You can use the pathalias parameter to prepend a name to the front of the pathhost value that appears on a news article's Path: line. No value is required.
Control messages are used by Usenet to indicate when newsgroups should be added or removed. To prevent malicious users from faking control messages, INN administrators can now use PGP verification to verify the source of the control messages. (Cancel messages are not verified.) The pgpverify parameter, which can be used to turn on this feature is off by default (false). Here is the default setting:
The port parameter lets you indicate which TCP/IP port to listen on. The default is 119, which is the standard news port.
By setting refusecybercancels to true, you can automatically refuse any article that has a message ID that begins with <cancel. This is one method, though an inefficient one, of refusing cancelled spam messages. This is off by default:
The remembertrash parameter lets your INN server keep a record of rejected articles so that further copies of messages it has received can be refused before they are sent. This is on by default, as follows:
The sourceaddress parameter sets which interface (IP address) the INN server binds to for outgoing traffic. The default is for the INN server to choose which interface to use from the available interfaces. Setting sourceaddress to all also results in INN listening on all interfaces.
The usecontrolchan parameter lets you choose to handle non-cancel control messages with an external program.
There are also several other parameters that let you control news feeds. The verifycancels parameter lets you verify that a cancel message came from the same person that originated the post. The wanttrash parameter, if true, causes messages posted to unknown newsgroups to be sorted into the junk newsgroup. The wipcheck parameter sets a time limit (5 seconds by default) in which the server waits to receive a promised article from a news server peer before accepting the article from another news server. The wipexpire parameter sets how long (10 seconds by default) to keep a message ID for an article that was offered but not yet sent.
Use storage-related parameters to set how newsgroup messages are stored on your hard disk.
The cnfscheckfudgesize parameter causes the size of CNFS cycbuffs articles to be checked against the value plus the value of the maxartsize parameter. If the value is larger, the CNFS cycbuff is assumed to be corrupt. This parameter is off by default, based on the following value:
If the enableoverview parameter is true (default), overview data is written out for articles. When this parameter is true, the ovmethod parameter must be set as well (as described earlier). Here is an example of the default enableoverview parameter:
As the groupbaseexpiry parameter is set to true, expiration of newsgroup messages is done based on newsgroup name. If you change it to false, expiration is done based on the storage method class being used. Here is how the parameter is set by default:
The mergetogroups parameter can be set to true if you want to file articles posted to .to* groups to pseudonewsgroups "to". If true, this parameter requires that the to newsgroup exist in the active file to allow INN to start. This feature is off (false) by default:
The overcachesize parameter sets the number of cache slots that are set aside to hold open overview files. INN will store and open overview files just in case articles are received for those newsgroups. This parameter is used only if enableoverview is true and ovmethod is defined as tradindexed. By default, overcachesize is set to 15, as shown following:
The ovgrouppat parameter can be used to limit overview information stored by the INN server. With the value set to true, overview information is only stored for newsgroups that match a comma-separated list of expressions (in wildmat format).This option is not set by default.
To have the INN server store articles based on newsgroup name in the Xref header, the storeonxref parameter should be true (it is false by default). If this value is false, newsgroup articles are stored by newsgroup name in the Newsgroups header.
The useoverchan parameter can be used to turn on a feature where overview data are stored internally using the libstorage function. If false, which it is by default, the INN server will handle creation of overview data on its own. Here is how useoverchan is set by default:
You can turn on the wireformat parameter, if you are using the tradspool storage method, to write articles in wire format. With wire format, messages are stored with a \r\n ending each line and periods at the beginning of lines doubled. Articles formatted in this way require no conversion. The INN server can operate more efficiently with wireformat set to true. By default, the value is false as indicated below:
The xrefslave parameter indicates that the INN server should be a slave to another server. In this arrangement, each INN server should have the same article numbering so that the two servers could be used interchangeably. If this value is set to true, you must set the host name of the other server using the nnrpdposthost parameter (described later). By default, this value is false as shown below:
This set of parameters is used to validate newsreaders and features related to the newsreaders.
If the allownewnews parameter is set to true, your users can request the NEWNEWS feature from their newsreaders. The NEWNEWS feature enables a user of a newsreader to request all articles that were posted or received for a particular newsgroup since a particular date. By default, this value is on (true), as recommended by the Network News Transfer Protocol RFC (RFC977). However, overuse of this feature can result in serious performance problems for the server. If you want to turn off NEWNEWS, set the value of the allownewnews parameter to false, as follows:
With the articlemmap parameter on, articles can be mapped into memory using the mmap function. By default, this parameter is off (false) and articles are read into memory before going to the newsreader.
The clienttimeout parameter sets the number of seconds a connection to a client can be idle before it is dropped. By default, it is set to 1800 (30 minutes) as follows:
The nnrpdcheckart parameter sets whether or not the INN server daemon should check if an article is on the server before listing it as so. By default, it is on as follows:
The nnrpperlauth parameter can be used to cause the INN server to use "Perl hook" to check that readers are valid. If nnrpperlauth is true, then the connection is not authenticated using the readers.conf file, as it would be otherwise. This value is false by default, as shown here:
The nnrppythonauth parameter can be used to cause the INN server to use "Python hook" to check that readers are valid. If nnrppythonauth is true, then the connection is not authenticated using the readers.conf file, as it would be otherwise. This value is false by default, as shown here:
With the noreader parameter set to true, incoming connections from unknown hosts (those not listed in incoming.conf), are rejected. With this value set to false, an additional INN server daemon is launched to handle incoming connections from hosts not listed in incoming.conf. The default is false, as follows:
The readerswhenstopped parameter can be used to allow newsreaders to connect to the INN server, even if the server is in a paused or throttled state. This feature is only available if the server is spawned from the innd daemon process (which it is not by default in Red Hat Linux). The default is false, as follows:
The readertrack parameter can be used to enable a system that tracks client reading and posting of articles. Client tracking is off by default (false), as follows:
The INN server supports the feature of creating keyword databases from the body of news articles. For large feeds, this could cause a substantial performance hit on the INN server. Before you set any of these parameters, you should stop the INN server (innd) and remove the current overview database.
The keywords parameter sets whether or not keyword generation should be done at all. By default, a keyword database is not generated based on the following line:
The keyartlimit parameter limits the maximum size of news articles for which keywords are added to the keyword database. The default is 100000, which represents about 100KB maximum size, as follows:
The keylimit parameter sets the maximum amount of space that can be used to store keyword data. The default value is 512 bytes. If that limit is exceeded, further keyword data is discarded. Here is the default value:
The keymaxwords parameter indicates the maximum amount of keywords used from any one article. The default value is 250 words. (Some words that are not significant, such as the or and, are not generated or counted in reaching this maximum.)
Parameters in this section help define how programs that generate and accept postings behave. Many of these parameters relate particularly to how local postings are handled.
The addnntppostingdate parameter indicates whether or not to add the following header to local posts: NNTP-Posting-Date. This is on (true) by default, as follows:
The addnntppostinghost parameter indicates whether to add the following header to local posts: NNTP-Posting-Host. Information in this header is either the IP address or the fully-qualified domain name of the INN server. This is true by default, as follows:
The checkincludedtext parameter restricts how much included text can appear in a news article that is posted from your server. Included text is text from an article the user is responding to (indicated by a > character) that is copied into the current article. By default, this parameter is set to false, so there is no restriction on included text. If you set it to true, however, less than half of the text in a message can contain include lines. Turning this parameter on can result in better performance by not allowing articles that simply repeat previously sent text. Here is an example of having this parameter turned on to restrict articles containing too much included text:
The value of the complaints parameter can be set to define an e-mail address that is placed in the X-Complaints-To: line in articles that originate from your server. Newsgroup participants can use this e-mail address to complain about something your users did. If no value is set, your newsmaster e-mail address is used. Common e-mail addresses are email@example.com or firstname.lastname@example.org. Here is an example:
The fromhost parameter can be used to indicate a domain name to use when the INN server constructs e-mail addresses. If there is no value set for fromhost (which is true by default), then the local host computer's fully-qualified domain name is used.
To limit the size of locally posted articles that your news server accepts, use the localmaxartsize parameter. The default is the same as for maxartsize (1,000,000 bytes). To set that value to half the default, use the following:
The moderatormailer parameter sets the default machine containing aliases for moderated newsgroups. By default, the values in the /etc/news/moderators file are used to identify the list of all public moderated newsgroups as being available from moderators.isc.org, with the newsgroup name prepended (*.%email@example.com). No value is entered for this parameter by default.
The nnrpdauthsender parameter indicates whether a Sender header is generated after the reader is authenticated. The Sender header would contain the reader's host name and authenticated user name. By default, it is off (false) as shown here:
If the nnrpdposthost parameter is set to a host name, all locally posted articles are sent to that host instead of being saved locally. This parameter must be set if xrefslave is true. By default, there is no value set for this parameter.
If your INN server is being used as a slave server, the nnrpdpostport parameter can be set to indicate which port on the master server to connect to. This parameter is only valid if the xrefslave and nnrpdposthost parameters are set. The default port value is 119, as shown in the following line:
The spoolfirst parameter can be used to cause articles to be spooled instead of having them sent to the INN server daemon. The default (false) is to only spool articles when an error is received from sending an article to the INN server daemon. This is how the default value is set:
The strippostcc parameter can be used to cause To, Cc, and Bcc lines to be removed from locally posted articles. The default is to not strip them out (false), as indicated by the following line:
A set of backoff parameters is used to control high-volume news posters. This feature works by indexing news clients by either user name or IP address. After the number of posts from the user or IP address reaches the limit set for the time period you set, posting backoff occurs, which is when your server sleeps for a period of time before posting anything further from that user or IP address. In this way, posts get through at an increasingly slower rate.
The backoff feature is off by default. To turn it on, you need to set the backoffauth parameter to true. The time between postings is used to determine the sleep time. By default, no location is defined for storing backoff information. A common place to put the database of backoff information is in /var/lib/news/backoff (set by backoffdb parameter).
The backoffk parameter lets you set how sleep time is multiplied. If it is set to 3, the sleep time will triple the sleep time for each subsequent post. The backoffpostfast can be used to increase the backoff sleep time when posts from the same identity arrive in less than the backoff time. The backoffpostslow parameter, by default, allows up to 86,400 postings from the same identity (because it is set to 1). Divide 86,400 by the value of backoffpostslow to allow fewer posts per day.
The number of postings that are allowed before the backoff feature kicks in is set to 10,000 by the backofftrigger parameter. The following lines are examples of the default settings for the set of backoff commands.
backoffauth: false backoffdb: backoffk: 1 backoffpostfast: 0 backoffpostslow: 1 backofftrigger: 10000
The innwatch program can be set up to log INN server activities. The doinnwatch parameter indicates whether or not to have the innwatch program started from the /etc/rc.news script (which starts automatically when the innd script starts the INN server at boot time). The logging service is off (false) by default.
Other monitoring-related parameters set thresholds for a variety of INN server attributes that the monitoring service looks out for. These include watching for free space running out in the batch (innwatchbatchspace) and database (innwatchlibspace) directories. The innwatchloload and innwatchhiload sets the range of load average, which causes the INN server daemon to be throttled. The following lines contain the default parameters that relate to monitoring:
doinnwatch: false innwatchbatchspace: 800 innwatchlibspace: 25000 innwatchloload: 1000 innwatchhiload: 2000
For other parameters related to monitoring INN resources, refer to the inn.conf man page.
Several parameters in the inn.conf file can be used to change what information is logged and how it is logged. News log information is written to log files in a directory set by the pathlog parameter. By default, the pathlog parameter is set to /var/log/news.
The docnfsstat parameter lets you turn on or off the cnfsstat program. Cnfsstat monitors the usage of cycbuffs if you are using the Cyclic News File System to store your news articles. The parameter is off (false) by default.
To have the size of an article written to the log file, set the logartsize parameter to true. By default, logartsize is on, as follows:
Use the logcancelcomm parameter to log ctlinnd cancel commands to syslog. This parameter is off by default, as follows:
To set the number of logs that news.daily keeps before it overwrites them, set the logcycles parameter. By default, this number is set to 3, as follows:
Use the logippadr parameter to have the IP address of the host logged for a received article. By default, this is on, as follows:
If you want the site names for received articles to be put in the article log file, the logsitename parameter should be on. By default, it is on, as follows:
To have overview statistics related to the nnrpd daemon process logged to syslog, turn on the nnrpdoverstats parameters. By default, this parameter is off, as follows:
The nntpactsync parameter sets the number of articles that can come on an incoming channel before the activity is logged. The default value is 200 articles, as follows:
The nntplinklog parameter indicates whether or not to place accepted articles' storage API token. By default, this parameter is not on (false).
To enable status monitoring, you need to turn on the status parameter by setting the value to a number. By default, this parameter is off (0). To have it turned on, set the value to the number of seconds between which status monitoring statistics are logged. You could set the value to 600 seconds as follows:
To enable performance monitoring, you need to turn on the timer parameter. By default, timer is off (0). To have it turned on, set the value to the number of seconds between which performance statistics are logged. You could set the value to 600 seconds as follows:
A set of low-level tuning parameters is available for tuning your INN server. In most cases, you shouldn't need to change these parameters. These parameters include: badiocount, blockbackoff, chaninacttime, chanretrytime, icdsynccount, maxforks, nicekids, nicenewnews, nicennrpd, pauseretrytime, peertimeout, and rlimitnofile. If you are interested in learning more about the INN system tuning parameters, refer to the inn.conf man page.
The inn.conf file sets the location of directories that contain newsgroup information. Although you shouldn't have a need to change these locations, knowing where they are can be useful. The following text is taken from the inn.conf file, to show where the different news directories are located:
patharchive: /var/spool/news/archive patharticles: /var/spool/news/articles pathbin: /usr/lib/news/bin pathcontrol: /usr/lib/news/bin/control pathdb: /var/lib/news pathetc: /etc/news pathfilter: /usr/lib/news/bin/filter pathhttp: /var/log/news pathincoming: /var/spool/news/incoming pathlog: /var/log/news pathoutgoing: /var/spool/news/outgoing pathoverview: /var/spool/news/overview pathrun: /var/run/news pathspool: /var/spool/news pathtmp: /var/lib/news/tmp