|
|
|
|
|
|
|
| |
|
|||||
| |
|
|
|
|
|
|
| |
||||||
Global settings
Note: Most 'matching' settings take wild card lists as parameters, for example "fred*" will match "freddy" and "Fred@bob". And "1.2.*,2.3.*" will match 1.2.4.4 and 2.3.99.100. Many settings will also accept a ! as a "not", and are processed from left to right. eg "!*,127.*,10.*" would first "deny all" then try and match on any 127.* or 10.* domains.
g_access_allow - List of ip addresses to allow access to
This is the simplist level of access you can provide, simply list ip addresses using wild cards that the server should permit to read news.
Syntax: g_access_allow string
See also: access_groups, g_access_deny, g_access_deny_msg, g_access_msg, g_access_feed, g_access_header
g_access_deny - List of deny IP addresses
List of ip addresses/wild cards to deny access to. Use this to specifically disallow problem users/abusers.
Syntax: g_access_deny string
See also: access_groups, g_access_allow, g_access_deny_msg, g_access_msg, g_access_feed, g_access_header
g_access_deny_msg - String to give to denied IP addresses
The message to give when the access setting bans access to the user.
Syntax: g_access_deny_msg string
See also: access_groups, g_access_allow, g_access_deny, g_access_msg, g_access_feed, g_access_header
g_access_feed - List of sites to allow to send us ihave/full feeds
This setting should be used to grant access to your incoming IHAVE, traditional news feeds.
Syntax: g_access_feed string
See also: access_groups, g_access_allow, g_access_deny, g_access_deny_msg, g_access_msg, g_access_header
g_access_header - List of sites which are sending us diablo format 'header' feeds
This permits a special form of header feed used by Diablo systems.
Syntax: g_access_header string
See also: access_groups, g_access_allow, g_access_deny, g_access_deny_msg, g_access_msg, g_access_feed
g_access_msg - String to send when group is protected/private
This message is sent when the user tries to read a protected news group
Syntax: g_access_msg string
See also: access_groups, g_access_allow, g_access_deny, g_access_deny_msg, g_access_feed, g_access_header
g_admin_ip - Admin IP access
Mask of valid IP addresses for admin users (default *), this is a security setting you can use to restrict remote web admin access to trusted IP addresses, example setting would be "127.0.0.1,10.0.0.*"
Syntax: g_admin_ip string
g_admin_localhost - Allow localhost admin without user/pass
Allows a localhost connection to access the web admin port without using the administrator username / password. This is good if you keep forgetting the admin password like I do.
Syntax: g_admin_localhost bool
See also: g_admin_ip
g_authent_cachelife - Time in seconds to cache authent lookups, default 3600 seconds
Set this very low if your authent module is doing something cleaver :-)
Syntax: g_authent_cachelife int
See also: g_authent_process, g_authent_domain, g_authent_number, g_authent_info, g_authent_setused, g_authent_setdelay, g_authent_setauto, g_authent_ip, g_rss_auth
g_authent_domain - Authent domain
If this is 'true', the virtual domain name is appended to the username before it is passed to the authent process. This lets the authent process deal with virtual domains. As a general rule, this should ALWAYS be true.
Syntax: g_authent_domain string
g_authent_info - Authent info
Defines a piece of information to store about the user in the user database (phone number, name, address, etc). Each piece of information is given a name, a field and an access mode. The name defines what appears in the web management display, the field is what is sent to the authent_process and the access mode can be one of the following: none, createonly, user, domadmin, or admin.
An access mode of 'admin' means that only the system admin can see the information, 'domadmin' means the sysadmin and any domain admin can see the information, 'user' means the user can see the information, 'createonly' means the user sets the information at creation time but cannot see it after that and 'none' ensures that no-one can see or modify the information (used for information that is handled by SurgeNews itself, either through the interface or otherwise) e.g.
g_authent_info name="Phone Number" field="phone" access="user"Syntax: g_authent_info name=string field=string access=string
g_authent_ip - Send ip number on end of authent lookups
This allows you to check a user is connecting from the right ip address
Syntax: g_authent_ip bool
See also: g_authent_cachelife, g_authent_process, g_authent_domain, g_authent_number, g_authent_info, g_authent_setused, g_authent_setdelay, g_authent_setauto, g_rss_auth
g_authent_number - Authent number
The number of concurrent authent processes to run. If you are using a slow external authent module (e.g. sql) then it is probably worth running 3-4, there is no need to have more than 1 when using nwauth.exe. (Default = 1)
Syntax: g_authent_number int
g_authent_process - Authent process
The command line of a NetWin authentication module. You can use one of our standard modules for LDAP, ODBCAuth, MYSQL etc or write your own, for more information on these modules see the authentication section of the manual
Syntax: g_authent_process string
g_authent_setauto - Minutes between setused for all users
If set this runs a tellnews setused_all every 'x' minutes
Syntax: g_authent_setauto int
g_authent_setdelay - Min time between sending newsused to database, e.g. 600 seconds
To prevent overloading a backend database with sets this stops the set command being used too often.
Syntax: g_authent_setdelay int
See also: g_authent_cachelife, g_authent_process, g_authent_domain, g_authent_number, g_authent_info, g_authent_setused, g_authent_setauto, g_authent_ip, g_rss_auth
g_authent_setused - Set 'newsused=NNNk' in authent module
Records the users 'usage' in your authent module/database, this is 'write only' information for your records/accounting only
Syntax: g_authent_setused bool
See also: g_authent_cachelife, g_authent_process, g_authent_domain, g_authent_number, g_authent_info, g_authent_setdelay, g_authent_setauto, g_authent_ip, g_rss_auth
g_back_mem - Memory to use for feeding buffer, default is 20mb
This controls how much buffering to use in memory for feeding, on a feed server you might set this to 500mb
Syntax: g_back_mem int
g_back_throttle - Millisecond delay between each send from back store, default 300
This throttles the back feed, it should not normally be adjusted, set to 1 to speed up the back feed.
Syntax: g_back_throttle int
g_backstore_path (and size)- Path to back store for outgoing feeds.
This area is used when items cannot be sent upstream or downstream immediately. On a normal system 10-100 mb is approriate. But if you are relaying a news feed then you probably want a larger backstore. Ideally any feed should have a 'backup' mechanism (a pull feed for example, or a delayed feed), in which case a small backstore is again reasonable.
Syntax: g_backstore_path string
g_con_perip - Connections per IP
Maximum number of connections allowed per IP address. Primarily this is used to prevent simple denial of service attacks where one user could otherwise use up all the channels your system can support and then do nothing with them.
Syntax: g_con_perip int
g_con_perip_webnews - Global concurrent connection limit per ip address from webnews
Connection limit for webnews sessions per ip. This needs to be higher than the nntp limit as web browsers often open multiple connections for images.
Syntax: g_con_perip_webnews int
See also: g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_create_allow - List of characters allowed in usernames/passwords
Defaults to A-Za-z0-9\-_. meaning usernames/password may contain letters, numbers, -, _ and . and nothing else. Only takes effect if g_create_strict is checked.
Syntax: g_create_allow string
g_create_badnames - List of illegal usernames
Comma separated list of illegal usernames, may contain wild cards, if username contains part of a non-wild card or matches a wildcard it is disallowed.
Syntax: g_create_badnames string
g_create_dictionary - File containing dictionary words to compare passwords to
Text file containing one word per line, passwords are compared to all words longer than 4 characters in this file, if a username or password contains a word in this file it is not allowed. Only takes effect if g_create_strict is checked.
Syntax: g_create_dictionary string
g_create_strict - Whether to apply strict rules to usernames/passwords
Checking this causes SurgeNews to check usernames/passwords only contain characters in g_create_allow, passwords do not contain words longer than 4 characters from g_create_dictionary, as well as requiring the password to be 6+ characters, and usernames/passwords to contain more than 1 character.
Syntax: g_create_strict bool
g_crosspost_max - Limit crossposts, e.g. 3
Limits cross posts for all incoming items
Syntax: g_crosspost_max int
See also: g_expire_nobody, g_expire_replicate, g_expire_hour, g_expire_range, g_pull_expire_slow
g_db_break - Break file writes to see what will happen
This setting is for debugging.
Syntax: g_db_break bool
g_db_nostore - Don't store messages (for feed server)
When using surgenews as a news router there is no need to store messages so this setting improves performance
Syntax: g_db_nostore bool
g_db_repair - Delete items that appear corrupt on disk
This is a little risky but can tidy up faults that may be reducing performance
Syntax: g_db_repair bool
g_domain_separator - Separator character for virtual domains
Strongly not recommended
Syntax: g_domain_separator string
See also: g_authent_cachelife, g_authent_process, g_authent_domain, g_authent_number, g_authent_info, g_authent_setused, g_authent_setdelay, g_authent_setauto, g_authent_ip, g_rss_auth
g_empty_hide - Hide empty groups from 'list' command
Many groups are empty, this setting hides them so your users time is not wasted looking through or downloading lists of groups that are empty.
Syntax: g_empty_hide bool
See also: g_hide_domain, g_hide_days, g_hide_port, g_hide_key, g_hide_allow, g_hide_userip, g_webnews_hide_partial, g_webnews_hideprot
g_expire_hour - Hour of day to start the expire
For example to start at 6a.m. set it to 6.
Syntax: g_expire_hour int
See also: g_expire_nobody, g_expire_replicate, g_expire_range, g_pull_expire_slow
g_expire_nobody - Expire items if body doesn't exist
On a non pull/header feed if item bodies expire, then the header should be expired, in which case this setting must be on.
Syntax: g_expire_nobody bool
See also: g_expire_replicate, g_expire_hour, g_expire_range, g_pull_expire_slow
g_expire_range - Expire items outside nitems*2
This can tidy up groups with big 'gaps' in the numbering
Syntax: g_expire_range bool
See also: g_expire_nobody, g_expire_replicate, g_expire_hour, g_pull_expire_slow
g_expire_replicate - Expire based on host we replicate from
This attempts to expire local items if they dont exist on the host we got the header feed from. It judges which is the primary host for a group based on the percent of items it holds, so if the upstream server holds less than half of the items it doesn't use it to expire
Syntax: g_expire_replicate bool
See also: g_expire_nobody, g_expire_hour, g_expire_range, g_pull_expire_slow
g_feed - List of outgoing news feeds.
Paramter Description host Host name to send items to. groups News groups to send, e.g. "rec.humor,netwin.*,alt.*" user Username to authenticate on upstream site pass Password to authenticxate on upstream site bind Local ip address to bind to when sucking from this site min Only send items larger than this max Only send items smaller than this exclude Don't send to sites if this name is in the 'path' header type Type of feed (normal,mixed,header,posting) In the 'status' output is a summary of each outgoing news feed:
See feed.htm for examples:
Syntax: g_feed name=string host=string groups=string user=string pass=string bind=string min=int max=int exclude=string type=string hash=int maxchan=int only=string
g_feed_debug - Write 'feed.log' of all outgoing feed articles
Used for debugging only
Syntax: g_feed_debug bool
See also: g_spam_allow
g_feed_delay - Delay ALL outgoing feeds this many seconds
Please note this delays all outgoing feeds, it is not intended for normal use but for specialised machines sending a delayed feed across an expensive network link
Syntax: g_feed_delay int
See also: g_access_feed, g_feed, g_feed_hash, g_feed_hash_me, g_feed_debug, g_feed_strip, g_feed_once, g_feed_noback, g_filter_feed, g_log_feed_size, g_log_feedout_size
g_feed_hash - (EXPERIMENTAL) Split up feed into this many equal parts, use hash=0-->n-1 to specify where each one should go
To distribut the feed over 3 servers use use a value of 3, then set the hash value for each of the 3 feeds to 0, 1 and 2, then send a 'header' only feed from each backend system to all the front end systems. Each front end system must be set to do replicate numbering as well.
Syntax: g_feed_hash int
g_feed_hash_me - If hash of message id doesn't match 'n' then don't store locally
Use this if the surgenews is acting as the central feed as well as one of the hash back ends
Syntax: g_feed_hash_me int
g_feed_noback - Disable backfeed
Just drop messages if we can't send them right away
Syntax: g_feed_noback bool
See also: g_access_feed, g_feed, g_feed_hash, g_feed_hash_me, g_feed_debug, g_feed_strip, g_feed_delay, g_feed_once, g_filter_feed, g_log_feed_size, g_log_feedout_size
g_feed_once - Only send cross posts to one outgoing feed
This allows you to split an incoming feed without duplicating crossposts to backends, it is a global setting so applies to all feeds
Syntax: g_feed_once bool
See also: g_access_feed, g_feed, g_feed_hash, g_feed_hash_me, g_feed_debug, g_feed_strip, g_feed_delay, g_feed_noback, g_filter_feed, g_log_feed_size, g_log_feedout_size
g_feed_strip - Strip dubious headers from outgoing feed articles (xref)
Use if sending to non surgenews servers
Syntax: g_feed_strip bool
See also: g_spam_allow
g_filter_feed - Filter incoming feed using body_filter.dat
Filter all incoming messages using the file body_filter.dat, each line in the file is a word/string that if found will result in the incoming message being rejected. Each line must be at least 3 characters long.
Syntax: g_filter_feed bool
See also: g_spam_allow
g_filter_post - Filter incoming local posts using body_filter.dat
Filter posts using the file body_filter.dat, each line in the file is a word/string that if found will result in the incoming message being rejected. Each line must be at least 3 characters long.
Syntax: g_filter_post bool
See also: g_spam_allow
g_fts_all - Index all messages not just ones with attachments
Turns on FTS indexing for ALL words in the subject of the message in all news groups. This could affect performance. The FTS index is used for searching groups via webnews.
Syntax: g_fts_all bool
See also: g_fts_disable
g_fts_disable - Turns off FTS
Disables the FTS indexing system.
Syntax: g_fts_disable bool
See also: g_fts_all
g_getmail - Get mail from a pop server into a news group
Paramter Description host Host name to fetch email messages from group News groups to send, e.g. "rec.humor,netwin.*,alt.*" user Username to authenticate on upstream site pass Password to authenticxate on upstream site header If specified then use the header specified as the news group to send the item to. Typically "to". The domain name is trimmed.
Syntax: g_getmail host=string user=string pass=string group=string header=string
g_getmail_add - Add headers to mail from pop server before posting locally.
This setting adds headers to a local post before submitting to the news group.
Syntax: g_getmail_add string
g_getmail_every - Minutes between checks, default is 10
Normally the default is sufficient, the units is 'minutes'
Syntax: g_getmail_every int
g_getmail_keep_to - Keep to and cc headers (with prefix of x-original-)
Normally to/cc headers are stripped, with this setting they are kept with the prefix x-original- added.
Syntax: g_getmail_keep_to bool
g_group_auto - Create groups automatically if they don't exist (not recommended)
This can result in a lot of news groups on your server, many of which may be foreign or generally useless. You should only use this for a feeding server.
Syntax: g_group_auto bool
See also: access_groups, g_groups, g_groups_block
g_groups - Global mask of visible groups, can be a file name
This settings lets you block unwanted groups in a simple global manner
Syntax: g_groups string
g_groups_block - Block messages even cross posted to these groups
This can help to stop in appropriate cross posts from porno news groups.
Syntax: g_groups_block string
g_hdr_add - Add header(s) to local posts
This only affects 'posts' not incoming feeds.
Syntax: g_hdr_add string
See also: post_add, g_crosspost_max, g_filter_post, g_postlimit, g_postlimit_silent, g_post_rec_days, g_post_rec_disabled, g_post_rec_nosubject, g_post_replace_date, g_replicate_post
g_hdr_strip - Strip header(s) from local posts
This only affects local posts. This is useful for removing headers that cause some problem upstream.
Syntax: g_hdr_strip string
See also: post_add, g_crosspost_max, g_filter_post, g_postlimit, g_postlimit_silent, g_post_rec_days, g_post_rec_disabled, g_post_rec_nosubject, g_post_replace_date, g_replicate_post
g_hide_allow - Email address to allow incoming gatewaying from
Sometimes you'll want to define some trusted addresses from which you will accept gatewayed messages, normally any address must be listed as an address that the server sends to
Syntax: g_hide_allow string
g_hide_days - Days to allow responses to a post via email (default 30)
This setting limits any spammy use of the email address by expiring the address after that many days.
Syntax: g_hide_days int
g_hide_domain - Domain to use when hiding users email addresses
Spammers routinely harvest your users email addresses from newsgroups. SurgeNews includes a unique technology to replace email addresses in headers with ever changing addresses. It then acts as a mail server firewall and only allows responses to the actual news messages to go through to the real email addresses (and only for a fixed time period)
This is the domain to use when hiding a users email address, lets say the users original header is:
From: joe@xyz.comThen if 'g_hide_doman' is set to "newsmail.netwin.co.nz" the post will be modified to
From: joe_N@newsmail.netwin.co.nzThe number 'n' is replaced by an integer.
Note: You must ensure there is an mx and a record for the 'g_hide_domain' pointing to your news server.
Note: Also define the g_hide_port setting to be "25"
Syntax: g_hide_domain string
g_hide_key - Key for authenticated user header encryption, set to a number on all cluster members
When set the authenticated users name is encrypted, and can be decrypted using the tellnews unhide command.
Syntax: g_hide_key int
g_hide_port - Port for incoming smtp connections (default 6025)
This must be changed to 25 to work, but you can only do this if you do not also have a mail server running on this same system.
Syntax: g_hide_port string
g_hide_userip - Use server ip for x-trace and nntp-posting-host
Helps keep users anonymous
Syntax: g_hide_userip bool
See also: access_groups, g_groups, g_groups_block
g_history_host - Central history server
For news router farms to avoid accepting duplicates
Syntax: g_history_host string
See also: g_history_path, g_history_max
g_history_max - History entries in memory, default 3000000
For very long history retention where you needs lookups by history id to work you could set a number as large as 100,000,000
Syntax: g_history_max int
See also: g_history_path, g_history_host
g_history_path - History file path
The history file is used to store the 'messageid' of every incoming message, this is used for several things, primarily to avoid accepting 'duplicate' messages when multiple incoming news feeds offer the same item. This area will need to be about 1 gig in size for a full news feed.
Syntax: g_history_path string
See also: g_history_max, g_history_host
g_home - Home path of server configs log etc
The main path to the SurgeNews files. This should not generally be changed.
Syntax: g_home string
g_ignore_badindex - Don't auto rebuild_index if index is corrupt
This setting is useful if the server gets into an endless loop rebuilding it's index, this should never happen of course!
Syntax: g_ignore_badindex bool
g_ignore_gaps - Ignore index gaps on restart
This is used for debugging. Best left alone :-), without this setting, sometimes surgenews will compress the indexes during startup.
Syntax: g_ignore_gaps bool
g_index_mask - Wild card mask of groups to fetch from index server
Experimental setting, do not use
Syntax: g_index_mask string
See also: g_ignore_badindex, g_index_path, g_index_server, g_index_servers, g_index_username, g_index_password, g_index_sendall, g_index_nocheck
g_index_nocheck - Skip index block consistency check on startup
Experimental setting, do not use
Syntax: g_index_nocheck bool
g_index_password - Password for index servers
Experimental setting, do not use
Syntax: g_index_password string
g_index_path - Path to index files (message id lookups)
The files in the 'index path' are used to handle messagid-group/item lookups. Some news clients request items by 'messageid' so this index allows the news server to find the relevant item. This index can be 'quite big'. For a full feed consider a partition of 4-8 gig.
Syntax: g_index_path string
g_index_sendall - If true, then request all headers not just 'read' ones
Experimental setting, do not use
Syntax: g_index_sendall bool
g_index_server - True if this is an index server
Experimental setting, do not use
Syntax: g_index_server bool
g_index_servers - List of root index servers
Experimental setting, do not use
Syntax: g_index_servers string
g_index_username - Username for index servers
Experimental setting, do not use
Syntax: g_index_username string
g_limit_domain - Add domain to limits
This lets the limits be applied 'per virtual domain' as if they were seperate servers, not generally useful.
Syntax: g_limit_domain bool
See also: g_limit_nohead, g_postlimit, g_postlimit_silent
g_limit_nohead - Don't count xover or headers against users download limits
Some people like to only count article bodies
Syntax: g_limit_nohead bool
See also: g_limit_domain, g_postlimit, g_postlimit_silent
g_log_date - Log full date in log lines
Log the full date instead of just the month in all log files
Syntax: g_log_date bool
g_log_feed_size - Size of each in.log and send.log file (e.g. 5mb)
You might set this to 500mb while tracking feed completion problems
Syntax: g_log_feed_size int
See also: g_log_flush, g_log_level, g_log_tcp_read, g_log_tcp_write, g_log_ignore, g_log_size, g_log_feedout_size, g_log_date, g_log_today, g_loguse, g_perflog_disable, g_perflog_flush_interval, g_perflog_lowres, g_perflog_logall, g_webnews_require_login
g_log_feedout_size - Size of feedout.log file (e.g. 5mb)
You might set this to 500mb while tracking feed completion problems
Syntax: g_log_feedout_size int
See also: g_log_flush, g_log_level, g_log_tcp_read, g_log_tcp_write, g_log_ignore, g_log_size, g_log_feed_size, g_log_date, g_log_today, g_loguse, g_perflog_disable, g_perflog_flush_interval, g_perflog_lowres, g_perflog_logall, g_webnews_require_login
g_log_flush - Flushing log - flush on every write
This makes the server flush log data after every write to the file. This affects performance but can sometimes be the only way to track down an unusual fault, e.g. if the server dies the log is completely up to date and shows the last thing the server did before dying.
Syntax: g_log_flush bool
g_log_ignore - Comma seperated list of things to NOT log, this is slow, use sparingly if at all, requires restart
A list of log file fragments, if found in the log lines then the log line is not printed to the log file.
Syntax: g_log_ignore string
See also: g_log_flush, g_log_level, g_log_tcp_read, g_log_tcp_write, g_log_size, g_log_feed_size, g_log_feedout_size, g_log_date, g_log_today, g_loguse, g_perflog_disable, g_perflog_flush_interval, g_perflog_lowres, g_perflog_logall, g_webnews_require_login
g_log_level - Set logging level
Set the logging level. This is primarily intended for finding faults with the server. Info level logging is the default. Alternatives are 'error' and 'debug'
Syntax: g_log_level string
g_log_size - Size of each news*.log file (e.g. 5mb)
Not generally useful.
Syntax: g_log_size int
See also: g_log_flush, g_log_level, g_log_tcp_read, g_log_tcp_write, g_log_ignore, g_log_feed_size, g_log_feedout_size, g_log_date, g_log_today, g_loguse, g_perflog_disable, g_perflog_flush_interval, g_perflog_lowres, g_perflog_logall, g_webnews_require_login
g_log_tcp_read,g_log_tcp_write - Log actual data for a specific IP
These settings let you 'trace' the data going 'to' and or 'from' a specific IP address (or list, or wild card) Lets say you have a client on a specific address that has a problem where the fault could be server/client or network related. To track it down add this to surgenews.ini
g_log_tcp_read "2.3.4.5"
g_log_tcp_write "2.3.4.5"Then try whatever if 'failing' and examine 'news.log' to see what was read/written to that client.
Syntax: g_log_tcp_read string
g_log_today - Log each session stats to 'today.rec'
This file is renamed to yesterday.rec at the end of the day
Syntax: g_log_today bool
g_loguse - Enable dnews style loguse u_yyyymmdd.rec log files
These files are only for backward compatibility
Syntax: g_loguse bool
See also: g_log_flush, g_log_level, g_log_tcp_read, g_log_tcp_write, g_log_ignore, g_log_size, g_log_feed_size, g_log_feedout_size, g_log_date, g_log_today, g_perflog_disable, g_perflog_flush_interval, g_perflog_lowres, g_perflog_logall, g_webnews_require_login
g_lookup_names - Lookup names for connecting IP addresses
This is one of those things that you very likely do not want to turn on. It makes the mail server lookup the IP name of any connecting user, however lookups can take 30-90 seconds so it can negatively impact apparent performance. Most of the access rules in the server can accept IP names if this setting is enabled, e.g. instead of specifying local users are 153.2.3.* you can say '*.netwinsite.com"
Syntax: g_lookup_names bool
g_manager - Email address of manager
Email address to send reports to.
Syntax: g_manager string
g_manager_port - Manager port (default 8120)
This is the port the web manager and web mail access will run on. Use the keyword 'disabled' to disable this part of the surgemail service.
Syntax: g_manager_port string
g_manager_secure_port - Manager secure port (default 8119)
This should be the main server management port and provides a secure server management connection. https://your.mail.server:8119. Use the keyword 'disabled' to disable this part of the surgemail service.
Syntax: g_manager_secure_port string
g_manager_smtp - SMTP server for manager Emails about failures
Defines the mail server to send manager reports with, defaults to 127.0.0.1
Syntax: g_manager_smtp string
g_max_gap - Max gap in a group, default 20,000
If a gap is found bigger than this, then the items before the gap are hidden. This fixes various problems that occur when item numbering is messed up and makes news client's happier.
Syntax: g_max_gap int
See also: g_max_items
g_max_items - Max items in a single group, if exceeded old items are expired
This setting is useful for keeping groups to a manageable size, remember a group with a million items in it will be difficult and slow for your users to read with a news client. Default is 10000000
Syntax: g_max_items int
g_moderator_match - Only allow posts to moderated groups if the moderator matches the logged in user
This can make local moderated groups secure, it also means the approved header is not required as surgenews can add it.
Syntax: g_moderator_match bool
See also: g_log_flush, g_log_level, g_log_tcp_read, g_log_tcp_write, g_log_ignore, g_log_size, g_log_feed_size, g_log_feedout_size, g_log_date, g_log_today, g_loguse, g_perflog_disable, g_perflog_flush_interval, g_perflog_lowres, g_perflog_logall, g_webnews_require_login
g_monitor_disable - Disable the monitor process
This allows the monitor process to be completely disabled. The monitor process is the nwatch executable and can be setup to monitor and automatically restart SurgeNews if it crashes. The monitor process is also used to start SurgeNews from the using the web interface if it has been shutdown.
Syntax: g_monitor_disable bool
g_monitor_port - SurgeMail monitor port (default 8121)
The port SurgeMail monitor runs on allowing SurgeMail to be remotely started. Typically you won't need to change this, however you can specify an IP address to bind to or a list of alternate ports, e.g. 10.3.2.3:7027 or 7027,8027 etc...
Syntax: g_monitor_port string
g_msg_max - Max size of a single message (units k) default is 10mb
Increase this limit at your perril, and certainly a setting over 100mb is not advisable.
Syntax: g_msg_max int
g_news_max_sessions - Max users
This setting protects the system from abuse and denial of service attacks. It also protects the system from memory/resource problems. The default is set to be appropriate for most systems, so don't generally set this unless you have an actual problem.
Syntax: g_news_max_sessions int
g_nntp_port - NNTP port(s) to listen for 'news' connections, default is 119
Typically you won't need to change this, however you can specify an IP address to bind to or a list of alternate ports, e.g. 10.3.2.3:119 or 119,2119 etc... By default the news server listens to port 119 on all adapters/addresses.
Syntax: g_nntp_port string
g_nntp_secure_port - port(s) to listen for secure SSL connections, default is 563
This protocol is 'secure' so that no one can 'spy' on the data as it goes past, this also protects your username and password while using this protocol.
Syntax: g_nntp_secure_port string
g_nntp_timeout - Timeout (units is minutes) default 30
On a busy server this could be sensibly set to 5 minutes
Syntax: g_nntp_timeout int
See also: g_nntp_port, g_nntp_secure_port
g_no_proxy_user - If set then doesn't add X-Proxy-User: header
This is useful to hide the identity of your users from upstream machines.
Syntax: g_no_proxy_user bool
See also: g_nntp_port, g_nntp_secure_port, g_nntp_timeout
g_part_dir - Part Directory
Used for part completion, part completion is generally a bad idea, don't use this.
Syntax: g_part_dir string
See also: g_part_size, g_webnews_hide_partial
g_part_size - Part Size e.g. 3gig or 400mb
Not a good idea, don't use this.
Syntax: g_part_size int
See also: g_part_dir, g_webnews_hide_partial
g_path_stamp - Path used in Path header and other appropriate spots
This setting should be the name your host is known, it should also be fully qualified, e.g. host.domain.com
Syntax: g_path_stamp string
g_perflog_disable - Completely disable 'perflog' historical performance logging
This setting has no further documentation currently available
Syntax: g_perflog_disable bool
g_perflog_flush_interval - Interval in seconds to flush the performance log files to disk (default 1hr = 3600)
This setting has no further documentation currently available
Syntax: g_perflog_flush_interval int
g_perflog_logall - Log all counters including the currently undisplayed counters
This setting has no further documentation currently available
Syntax: g_perflog_logall bool
g_perflog_lowres - Do low resolution perflog sampling (hiding hour scale)
This setting has no further documentation currently available
Syntax: g_perflog_lowres bool
g_pile - Expiration rules - for what to keep where, and how long to keep it.
Each 'pile' rule defines a set of groups, and a percent of your total disk space to use for those groups, as the 'last matching' pile is used you should define the first pile as groups="*" so that the news server can always find somewhere to put an item.
As the pile becomes 'full' the news server picks the 'oldest' 'bucket' file in that pile and deletes it.
The 'days' parameter specifies to keep a pile for a certain number of days and delete buckets older than that. As entire buckets are deleted this method is not exact but should be approximately right.
The bodycache flag if set to true, means this pile should only be used to store the bodies of messages. This is useful when you want to specify an area just for caching bodies for all groups.
Syntax: g_pile groups=string use=string days=int bodycache=bool
g_post_rec_days - If true the post.rec changes to post_DAYOFMONTH.rec
This means the server keeps 30 days of post.rec information.
Syntax: g_post_rec_days bool
g_post_rec_disabled - Disables post.rec
Completely stops logging to post.rec file for local posts
Syntax: g_post_rec_disabled bool
g_post_rec_nosubject - Removes subject from post.rec
Removese the subject from the records.
Syntax: g_post_rec_nosubject bool
g_post_replace_date - Replace date header for local posts
This prevents local users abusing the date header
Syntax: g_post_replace_date bool
g_postlimit - Max posts per hour before messages are blocked
This stops a spammer posting to all of your groups, a limit of about 100 is reasonable for most purposes
Syntax: g_postlimit int
g_postlimit_silent - Silently reject posts if limit exceeded
This stops spammers realizing why their posts don't get through. Be sure to check post_limit.log incase non spammers are being caught
Syntax: g_postlimit_silent bool
g_proxy - Proxy some or all groups to another server
Proxy settings tell surgenews to fetch some or all groups from one or more backend servers.
Paramter Descriptoin host The news host to connect to for these groups groups The groups that this proxy rule applies to, e.g. all binary groups except groups with fred in the name. "*binaries*,!*fred*" user Optional, user name to login to upstream server pass Optional, password. See proxy.htm for more information.
Syntax: g_proxy host=string groups=string user=string pass=string
g_proxy_cache_all - Cache all messages not just popular groups
If you have a large cache this setting might be worth using
Syntax: g_proxy_cache_all bool
g_proxy_entries - Max number of entries in cache
Generally you don't need to set this, a value of 10000 to 10000000 is valid
Syntax: g_proxy_entries int
g_proxy_nocreate - Don't create groups if they don't exist
This lets you limit proxying to groups you've specifically created locally
Syntax: g_proxy_nocreate bool
g_proxy_path - Path to proxy cache files (optional)
When using the proxy settings you can specify a cache for article bodies to improve performance and offload the backend server.
Syntax: g_proxy_path string
g_proxy_size - Size of proxy cache (optional)
The size of the proxy cache. e.g. g_proxy_size 300mb
Syntax: g_proxy_size int
g_proxy_xover - Beta feature, do not use
Not implemented yet.
Syntax: g_proxy_xover bool
g_pull - Sites to 'pull' news items from on request
Each pull setting defines a host surge can pull news from.
Paramter Description host Host name to fetch items from groups News groups to fetch, e.g. "rec.humor,netwin.*,alt.*" user Username to authenticate on upstream site pass Password to authenticxate on upstream site mb Daily 'mb' limit on this site, stop fetching after we have this much. last Max depth of items to fetch, e.g. 10 would only fetch the last '10' items no matter how many were new. connections Number of simultaneous connections we can use. maxbody Items larger than this will be 'header' sucked, and the body will then only be fetched if a user 'reads' the item. fetch_time Time in minutes between fetches, default is 15 minutes expire If 'true' then items are expired if this 'upstream' site doesn't have them. bodyonly If 'true' then this pull site is only used for fetching bodies on the fly, actual pulling of new headers is never done. This lets you specify a host that will only be used to find the body of a message when it is already know but not local xover If "true" then SurgeNews will only use the 'xover' command to pull header information, it will then 'reconstruct' fake headers based on the xover data. This setting is experimental, it is very fast particularly if your upstream server is slow to retrieve headers, but the results are not entirely accurate so use entirely at your own risk :-) See pull.htm for more info.
Syntax: g_pull name=string host=string groups=string mb=int last=int connections=int maxbody=int expire=bool fetch_time=string user=string pass=string bodyonly=bool xover=bool bind=string
g_pull_batchsize - Max bytes to pull from a single group at one time.
This setting helps limit the time spent on very large groups.
Syntax: g_pull_batchsize int
See also: g_pull, g_pull_life, g_pull_speed, g_pull_fast, g_pull_expire_slow, g_pull_upto_manual, g_pull_noxbody, g_pull_tryall
g_pull_expire_slow - Uses xhdr request to expire local items, not a good idea if upstream server has a lot of messages
Best not used.
Syntax: g_pull_expire_slow bool
See also: g_pull, g_pull_life, g_pull_speed, g_pull_batchsize, g_pull_fast, g_pull_upto_manual, g_pull_noxbody, g_pull_tryall
g_pull_fast - Tries to tune TCP to pull faster
You should never need this setting in normal usage.
Syntax: g_pull_fast bool
See also: g_pull, g_pull_life, g_pull_speed, g_pull_batchsize, g_pull_expire_slow, g_pull_upto_manual, g_pull_noxbody, g_pull_tryall
g_pull_life - Number of days to pull a group after it's read, default is 10
See title
Syntax: g_pull_life int
See also: g_pull, g_pull_speed, g_pull_batchsize, g_pull_fast, g_pull_expire_slow, g_pull_upto_manual, g_pull_noxbody, g_pull_tryall
g_pull_noxbody - Don't use XBODY header to choose site to pull bodies from
Useful if trying to get headers/bodies from different servers
Syntax: g_pull_noxbody bool
See also: g_pull, g_pull_life, g_pull_speed, g_pull_batchsize, g_pull_fast, g_pull_expire_slow, g_pull_upto_manual, g_pull_tryall
g_pull_speed - Global throttle for total pulling speed, bytes/second
See title
Syntax: g_pull_speed int
See also: g_pull, g_pull_life, g_pull_batchsize, g_pull_fast, g_pull_expire_slow, g_pull_upto_manual, g_pull_noxbody, g_pull_tryall
g_pull_tryall - Try all pull hosts even if xbody header found and failed
Searches harder to find the body of a message
Syntax: g_pull_tryall bool
See also: g_pull, g_pull_life, g_pull_speed, g_pull_batchsize, g_pull_fast, g_pull_expire_slow, g_pull_upto_manual, g_pull_noxbody
g_pull_upto_manual - Don't reset upto counter if upstream server numbering changes
This is useful if the upstream server numbering changes every day, this stops surgenews refetching old articles each time the numbering changes
Syntax: g_pull_upto_manual bool
See also: g_pull, g_pull_life, g_pull_speed, g_pull_batchsize, g_pull_fast, g_pull_expire_slow, g_pull_noxbody, g_pull_tryall
g_quota_host - Widearea quota limits, central host
SurgeNews can manage the 'quota' limits over a cluster of several systems. This allows you to add servers for increased load, or specialized servers and still maintain limits across all the systems. The quota host can be any 'surgenews' system, and the quota password must match.
(see 'domain' settings for usergroup and area limits)
Syntax: g_quota_host string
g_replicate - Use XRef numbering but only if host name matches this string
Replication is very dangerous as item numbering can be totally ruined by it. And once ruined you would need to delete the entire spool. This setting lets you specify one, or more hosts to accept replication from. This must match the XREF name of that host.
Syntax: g_replicate string
See also: g_expire_replicate, g_replicate_post
g_replicate_post - Name of host to send local posts to if we are replicating
When replicating item numbering must happen on the master host, so this lets you send local posts to the right place.
Syntax: g_replicate_post string
See also: g_expire_replicate, g_replicate
g_restart - Auto restart server
If turned on nwatch (a spawned second process) checks every 30 seconds to see if the server is still running. If it isn't running but it's pid file still exists (so if it died) this second process restarts the missing server and sends the manager account an Email reporting the fault.
For this to work on NT you need to set Dr Watson NOT to show visual notification of faults:
This sets Dr Watson to be the default debugger) c:/> drwtsn32 /i This brings up the Dr Watson settings, un-tick "Visual Notification" c:/> drwtsn32Syntax: g_restart bool
g_rss_auth - Only allow authenticated users to read rss feeds
This makes RSS only visible to users with a valid username/password
Syntax: g_rss_auth bool
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_rss_body - Characters to fetch from body, set to -1 to disable
This is a fraction slower under heavy load but nice too, so usually worth doing.
Syntax: g_rss_body int
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_rss_page - Size of rss page to generate, last 'n' items
If you set this too large it makes rss slow, but if you set it too small people may miss items. I recommend a setting of about 20 (which is the default), only increase on very busy groups, and probably then rss is an unwise reading choice.
Syntax: g_rss_page int
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_rule_age - Block messages older than this many days
This can help limit duplicates if you are sucking items and have a large number of items.
Syntax: g_rule_age int
See also: g_access_feed, g_feed, g_feed_hash, g_feed_hash_me, g_feed_debug, g_feed_strip, g_feed_delay, g_feed_once, g_feed_noback, g_filter_feed, g_log_feed_size, g_log_feedout_size
g_rule_attach - Block if attachment filename matches, last rule only is used, source=feed,post
Rules for controlling attachement file names. To allow *.jpg, use *,!*.jpg, to block exe files use *.exe,*.com. Only the last rule that matches the group wild card is used. This setting is for blocking files you don't want
Syntax: g_rule_attach groups=string name=string source=string
See also: g_spam_allow
g_send_domain - Domain used for bounce addresses when sending emails.
Sets the from address for messages sent to subscribed users
Syntax: g_send_domain string
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_server_name - SERVER_NAME to set for list of wildcard urls
Used by web interface, probably not relevant to this product.
Syntax: g_server_name url=string name=string
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_slow_bytes - Monthly download to allow before slowing a user down
The idea is to allow users to run at full speed until they have gone above a certain 'reasonable' limit, at which point you realize they aren't reading the stuff so wasting bandwidth on them is a bit pointless.
Syntax: g_slow_bytes string
See also: g_limit_domain, g_limit_nohead, g_postlimit, g_postlimit_silent
g_slow_speed - Speed for links which have downloaded more than x per month
See g_slow_bytes
Syntax: g_slow_speed string
See also: g_limit_domain, g_limit_nohead, g_postlimit, g_postlimit_silent
g_spam_allow - IP Wild card exceptions to spam limits
Matching ip addresses skip most spam checking, in particular. g_dns_require, g_black...,g_con_persubnet,g_spam_bounce_all,g_user_pipe,g_con_perip,g_verify_helo,g_ban_helo,tarpit limits etc...
Syntax: g_spam_allow string
g_spool - Define a spool disk for storage
Each of these settings defines a spool disk / path, you can have a hundred of these if necessary. SurgeNews will try and 'spread' the load over these disks.
Syntax: g_spool path=string mb=int
See also: g_spool_min
g_spool_min - Set min before throttling incoming feed
The default is 100mb, also see g_work_min, setting these values too low can have bad affects, the server may loose items if it runs out of disk space at a bad moment!
Syntax: g_spool_min string
See also: g_spool
g_ssl_allow - IP Wild card list to allow SSL encryption from
Allow ssl connections from these ip addresses
Syntax: g_ssl_allow string
See also: g_ssl_require, g_ssl_per_domain
g_ssl_per_domain - Create/use an SSL certificate for each domain
This setting has no further documentation currently available
Syntax: g_ssl_per_domain bool
g_ssl_require - IP Wild card list to require SSL encryption from
Require ssl connections from these ip addresses
Syntax: g_ssl_require string
See also: g_ssl_allow, g_ssl_per_domain
g_subscrip - Default subscriptions (news groups new users see)
Some news clients will issue the list subscrip nntp command to find the default list of subscribed groups, this setting lets you list your important local groups to help new users find something interesting right away. e.g.
g_subscrip "rec.humor,rec.arts.juggling,alt.humor.puns"
Syntax: g_subscrip string
g_testing - Testing, debugging code do not use
Test feature, do not use
Syntax: g_testing bool
g_thread_reuse - Reuse threads - fixes unix bug
Obsolete, do not use
Syntax: g_thread_reuse bool
g_thumb_path - Path to thumbnail images
This area can grow to a significant size, you can move it at any time, the cache files will just rebuild as needed.
Syntax: g_thumb_path string
g_timezone - Set timezone for posts with no date header
Use this to over-ride the default, only used if the date header is missing.
Syntax: g_timezone string
g_tomail - Send posts from a news group to an email address
Use for sending a newsgroup to an email address or mailing list.
Syntax: g_tomail to=string groups=string from=string subj_add=string
See also: g_webnews_tomail
g_user_keepdomain - Don't strip domain name for user lookup if user specified the domain
This results in a lookup of user@domain@domain, this setting is usually not a good idea but can be good for coping with existing 'odd' usernames that include an 'at'
Syntax: g_user_keepdomain bool
See also: g_authent_cachelife, g_authent_process, g_authent_domain, g_authent_number, g_authent_info, g_authent_setused, g_authent_setdelay, g_authent_setauto, g_authent_ip, g_rss_auth
g_webnews_domain - Map a domain to a different webnews template directory
This allows virtual domains to be setup in webnews templates
Syntax: g_webnews_domain host=string path=string
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_webnews_hide_partial - Hide incomplete multi part items (user can over-ride)
See title
Syntax: g_webnews_hide_partial bool
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_webnews_hideprot - Hide groups not visible to this user
This slows performance slightly.
Syntax: g_webnews_hideprot bool
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_webnews_port - Webnews port, default is 9080
The webnews interface may be more appropriate on port 80 if your server is not already running a web server.
Syntax: g_webnews_port string
See also: g_con_perip_webnews, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_webnews_require_login - If true then don't allow users to browse/read groups without logging in first
Webnews can allow anonymous browsing/reading or it can work in 'logged in only' mode.
Syntax: g_webnews_require_login bool
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_webnews_secure_port - Webnews secure port, default is 9081
The webnews interface may be more appropriate on port 443 if your server is not already running a web server.
Syntax: g_webnews_secure_port string
See also: g_con_perip_webnews, g_webnews_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_webnews_tomail - Show buttons so users can subscribe to a group and get messages via email
Lets users get a news group via email, users must be logged in to see this feature. Also ensure you have defined g_manager_smtp to point to a valid SMTP mail server.
Syntax: g_webnews_tomail bool
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_url, g_webnews_verify
g_webnews_url - Url to use for confirm message
e.g. http://host.name:port this setting may be used at other times when surgenews needs to generate a full web address
Syntax: g_webnews_url string
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_verify
g_webnews_verify - Force local posters to prove they are human
This can be used to stop automated spam robots
Syntax: g_webnews_verify bool
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_xq, g_webnews_domain, g_webnews_tomail, g_webnews_url
g_webnews_xq - Show 'download queue' buttons (not yet implemented)
Show download queue in webmail interface.
Syntax: g_webnews_xq bool
See also: g_con_perip_webnews, g_webnews_port, g_webnews_secure_port, g_webnews_require_login, g_webnews_hide_partial, g_webnews_hideprot, g_webnews_domain, g_webnews_tomail, g_webnews_url, g_webnews_verify
g_work_min - Set min before throttling incoming feed
The default is 100mb, also see g_spool_min, setting these values too low can have bad affects, the server may loose items if it runs out of disk space at a bad moment! This limit applies to all paths other than the 'spool' path
Syntax: g_work_min string
See also: g_work_path
g_work_path - Workarea for misc files
General scratch area for index files of various sorts. A partition of at least 1 gig is recommended for a full feed.
Syntax: g_work_path string
g_xover_max - Limits xover response to last 'n' messages in group
If you have news groups with 10 million items, and a stupid news client asks for all the items in the group, this tends to waste a lot of resources. This setting limits the response to only the last 'n' items in the group, a good setting might be 100000
Syntax: g_xover_max int
g_xover_nhandle - Number of handles to xover files
Typical values 20-400, uses up file handles.
Syntax: g_xover_nhandle int
g_xover_path - Xover index files
The indexes for xover data are stored here, this area may need to be very large on a heavily used system. For a full feed consider a 8-16 gig partition.
Syntax: g_xover_path string
g_xpat_disable - Disable xpat command
The xpat command can cause performance issues and is not required by the rfc, so may be worth disabling
Syntax: g_xpat_disable bool
g_yenc_bounce - Bounces faulty yenc messages
This is for tracking corrupted yenc attachments, not for general use.
Syntax: g_yenc_bounce bool
g_yenc_crc - Does simple check on yenc parts based on crc (Slower)
This is for tracking corrupted yenc attachments, not for general use!
Syntax: g_yenc_crc bool
g_yenc_size - Does simple check on yenc parts based on size
This is for tracking corrupted yenc attachments, not for general use!
Syntax: g_yenc_size bool