![]() ![]() |
||||
![]() |
![]() |
![]() |
![]() |
![]() |
Apart from the site specific information you provide during setup DNEWS is set to work "straight out of the box". You can install it and virtually forget it. Despite this simplicity DNEWS is highly configurable and offers the news administrator an advanced and powerful range of options and features, allowing the server to be easily configured or tuned to meet specific needs. This manual provides an overview to managing DNEWS and its many features and options.
This section introduces DNEWS Manager Graphical User Interface (GUI) , tellnews commands and the six configuration files.
DNEWS Manager
DNEWS manager allows you to perform two major tasks, it lets you configure the common settings in the configuration files described below as a nice GUI rather than editing the files directly, and it lets you send tellnews commands to the running news server. A detailed overview of the DNEWS Manager is provided in DNEWS Manager (Windows) Section for Windows and the Tellnews Control (MAC) section for Mac's.
TELLNEWS Commands
Tellnews commands are just typed in on the command line, or with the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" and then select the tellnews command.
Tellnews commands are used to control and query a running dnews news server, they are actually handled by dnews itself, the tellnews or DNEWS manager process simply creates an NNTP connection to the server and sends through the tellnews command and then listens for DNEWS to send back a response. Tellnews commands are used to:
Stop the server
Initiate background tasks like expires or database rebuilds
Inform the server that it should reload it's configuration files from disk
Create new local news groups etc...
A complete list of tellnews commands with explanations is provided in the tellnews section of this manual.
Configuration Files
There are six configuration (".conf") files that together provide all the information and rules your news server uses. The *conf files are simple text files and can be edited directly, or on the Windows and Macintosh versions common changes can be made via the GUI interface. The following provides a very brief introduction to the configuration files.
File Name | Description |
---|---|
dnews.conf | This is the main configuration file (found in /etc. or \winnt\system32). Syntax: setting value access.conf Access rules in access.conf control nntp (user) access to news groups on your server. Syntax: host:perm:user:pass:groups[:extension settings] |
newsfeeds.conf | Defines feeds out of your news system and what news groups to accept and propagate. |
expire.conf | Specifies how long to keep news items on your server. Syntax: UPTO x% GROUPS wild KEEP n DEFAULT n PURGE n MAXITEMS n MINITEMS n UNREAD n |
moderators.conf | Defines where to email items for moderated news group Syntax: group(s) moderators_email_address control.conf Defines how to process control messages for auto creation and deletion of news groups . Syntax:message_type:email_address:groups:action |
Finding the configuration files
dnews.conf is the main configuration file, and you can't move it from it's built in directory which is:
Windows NT - /winnt35/system32/dnews.conf (system dir)
Unix - /etc./dnews.conf
All other configuration files will be in the config directory defined in dnews.conf
Dnews.conf
This is the main configuration file. When you first install DNEWS you are prompted for some site specific information which is added to dnews.conf . The file includes the name(s) of your feed site(s), the path to send mail on your system, when to run expires etc. All lines in the dnews.conf file follow the same syntax:
Newsfeeds.conf
This file controls feeds out of DNEWS to other sites, it defines the sites to feed news to, what news groups to feed to each site (including the sites you receive news from), the type of feed (e.g. builtin, live, uucp or program) and the NNTP command used to send items (e.g. post or IHAVE).You can also exclude news received from one site from being sent to any specific site. For your main feed DNEWS will automatically set the exclude setting to prevent the system trying to send every article that comes in back to the feeder site.
The newsfeeds.conf file also controls what groups will be allowed 'into' DNEWS via the special "ME feed" parameter. This must be the first entry in newsfeeds.conf. and defines which groups will be accepted from any feed(s) into DNEWS. Also in this file you can set specific accept/reject rules to automatically identify and remove Spam articles. A complete list of settings in newsfeeds.conf with explanations is provided in the *.conf section.
Access.conf - Powerful and tricky!
The access.conf file is very powerful, it can be used to control access to your server in many different ways and as a result it is also tricky to use. The main source of confusion comes because of two features, first the file is passed twice, once when a user connects, and a second time when/if they supply a password. The second tricky bit is that the 'last' matching rule in the file is used. So the order of rules is very significant.
Access.conf allows you to do all of the following:
- Allow ip numbers/names access
- Allow users name and password access
- Allow read and post protection separately
- Allow DNEWS Manager/Tellnews commands
- Allow incoming IHAVE feed
All access rules in access.conf have the following Syntax:
Syntax:
host:perm:user:pass:groups [:extension settings]
Parameter | Value (Example) | Description |
---|---|---|
host | *.my.domain 161.29.4.* | A wildcard (*), name or number, this rule is only used if the connection matches this address. |
perm | Read, Post, Ihave,logoff | Allow any combination of reading posting or IHAVE feeding from this site. |
user | chrisp | Some news readers can send a user name, if so then it will be matched here, and the password can be checked. |
pass | rumplestiltskin | The password in plain text. |
groups | *,!*.erotic.* | Allow access to groups matching this wild card. |
extensions | con=3 | Limit individual ip addresses to 3 simultaneous connections |
extensions | users=20 | Limit the users in this domain to 20 concurrent users. |
extensions | con=3,users=20 | If both settings are set separate with a comma, not a colon |
Example _Extract access.conf file:
*:logoff:::* (Read - Immediately close a connection from anyone )
*netwin.co.nz:read,post::*,!*sex* (read - Allows users from our domain "*netwin.co.nz" read and post access to any newsgroup except ones with the word anythingsexanything in the name. Note: There is no username, password or extentions in this example.
Expire.conf - Intelligent Expire settings
Expire.conf contains the expiration rules which together determine how the server will expire news items. DNEWS allows intelligent and flexible expiration rules, so more news is deleted as free disk space shrinks. Groups can be limited by number of articles rather than age, busy news groups are trimmed and manageable. Light news groups become useful again. The Result is Management time is reduced and the news service is improved. A detailed description of the settings in expire.conf with explanations is provided in the *.conf section. of this manual.
Control.conf - How newsgroups get created
The control.conf file defines how your server will deal with control messages.
Who really runs NEWS? Who creates news groups, once a new group is approved how is it created on 10,000 news servers all over the world?. The control.conf file is the key to this. It specifies who else in the world is allowed to create newsgroups on your news server.
Control messages are just like normal news messages, except they have a special header:
Control: newgroup rec.humor.really.funny
When DNEWS receives a control message it is checked against the control.conf file. The last matching rule is used to decide what to do. The possible actions include logging the message to a file, for editing and batch processing, emailing it to the news administrator, throwing it away or actioning it. The action will normally vary depending on who the control message is sent by and what news groups it relates to. PGP (Pretty Good Privacy) may be implemented to confirm the integrity and identity of the message and sender respectively. A detailed review of settings in control.conf with explanations is provided in the *.conf section of this manual
Control Update of News Groups (Dynamic Suck Feed Option Only)
A Dynamic Sucking Feed periodically fetches the news articles in those news groups that are actively read by your users and updates its listing of available news groups. This section explains how to manage the timing and frequency of this update process.
Control Frequency of Updating Groups List?
Your Suck feed will obtain a list of groups from your upstream server automatically and display these to your users to select from. As new groups are being added and deleted on an ongoing basis DNEWS by default updates this list daily. To change the frequency of update amend the groups_at setting in dnews.conf.
The groups_at setting defines when the server will get the names of any new news groups and add them to its list of available news groups.
Basic Syntax: groups_at minutes hours
Examples:
groups_at 45 1 (This is the default setting and gets the names of any new group once per day at 1:45am)
groups_at 45 1,13 (This setting would get the names of any new group twice per day at 1:45am and 1:45pm)
groups_at *5 5-10 (This setting would get the names of new groups every five minutes between 5 and 10 am)
If you don't have a permanent connection to the Internet you should disable the automatic update by entering an invalid time in the groups_at command, as it can take some time to update the groups over a modem.
Example: groups_at 999 999 (999 999 being an invalid minutes and hours)
You can manually get DNEWS to update its list using the command tellnews getgroups to ensure DNEWS has an uptodate listing.
USENET News Groups provide a valuable resource. However there will be many USENET News Groups that you do not need or possibly want on your server. This section explains how to control which news groups appear on your server.
Control which Internet News Groups are available on your server There are a very large number of Internet news groups ( A list of the top level hierarchies is maintained on the web at http:/home.magmacom.com/~leisen/master_list.html). While some people think more is better the reality is having thousands of foreign or local or inane news groups listed doesn't help your users read news.
To exclude news groups amend the "site me" setting in newsfeeds.conf
Essentially you list the group names you want or use wildcard * to select multiple groups. And list those you don't want by putting ! = don't allow or @ = don't allow this or anything cross posted to it. Using @ instead of ! is useful as it will stop some innappropriate cross posts. Frequently if you don't want particular groups you don't want to see articles posted to them even if they have been crossposted to other groups you do want.
The default setting in newsfeeds.conf is:
site me
*,!*.binaries.* ( read - accept all news groups, but don't accept news groups with
that match anything.binaries.anything )
Examples:
* (Allow all news groups)
*,!*.binaries.* (This is the default - Allow all groups but don't allow those matching anything.binaries.anything)
*,!alt.*,@*.binaries.* (Allow all groups, don't allow those matching alt.anything and don't allow those matching anything.binaries.anything and don't allow articles crossposted to anything.binaries.anything)
groups rec.*,alt.*,news.*,comp.*,biz.*,misc.*,sci.*,soc.*,talk.* (Allow only the groups matching this listing)
We recommend that you use something like the last option which picks up most of the standard news trees.
On Windows from DNEWS Manager select "Feeds Out", select "ME feed" ,and amend the "groups" field.
Local News Groups or Discussion Forums are today widely used by organizations for internal communications and document sharing. The efficiency with which they open communications, support collaboration and overcome geographical constraints of time and distance are making them an increasingly common place element of organizations communication systems. Local News Groups are often a more efficient solution than mailing lists, and often used in conjunction with mail and web technology. This section describes how to create and control your local discussion groups with ease.
Creating a Local News Group
To create a new group you use the tellnews newgroup command.
Syntax: tellnews newgroup <groupname> [y |m] [creator] [description]
Example: tellnews newgroup here.chat y myname Local group for chatting
Here is a detailed breakdown of each of the parts of the above command.
here.chat = name of group
y = Normal group (m = moderated)
myname = Just a record of who created the group (one word)
Local group for chatting = description for active.names file.
On Windows from DNEWS Manager select "COMMANDS" then select the "NEWGROUP" command and complete the appropriate fields.
Preventing posts to local groups being posted to the Internet
To ensure local news postings don't get transferred to the Internet you would want to exclude all local groups from being posted to your feeder site. To do this you should change the groups line in your newsfeeds.conf file to exclude the local groups. For example to stop the groups here.chat and all the groups here.secret.anything or any articles cross posted to here.secret.anything from being sent to your feed site in newsfeeds.conf we would change:
site $nntp_feeder
groups *
to
site $nntp_feeder
groups *,!here.chat,@here.secret.*
(note: ! means "not this" while @ means "not this or anything cross posted to this")
On Windows from DNEWS Manager select "Feeds Out" and select $nntp_feeder and amend the groups field as above.
Preventing DNEWS from trying to suck your local groups from your feed site
This is not critical but it is recommended you prevent your server from trying to suck your local groups from your feed site. It is more efficient and allows you to use the Matchgroups command properly without having to undelete your local groups.
In dnews.conf modify your nntp_feeder line to exclude local groups. In this example we have assumed all local groups match "here.chat" or "here.secret.anything"
nntp_feeder myfeedsite
to
nntp_feeder myfeedsite *,!here.chat,!here.secret.*
(This is read suck all groups from my feed site but not groups with names that match here.chat or here.secret.anything)
Windows from DNEWS Manager select "Main Options" and select "Sucks"and amend the "These groups" field as above.
Naming Local News Groups
You can name your local groups however you like. It is useful to adopt a single convention so your local group names are unique, easily identifiable as local and identifiable with the section of the organization they will be used by.
Syntax: xxx.yyy.zzz.aaa.bbb. etc.
Examples:
netwin.usa.ho.directors
netwin.usa.ho.sales
netwin.usa.ny.sales
netwin.product.support
Creating a Local Moderated News Groups
Where a group is moderated all articles posted to that group are emailed by DNEWS to the moderator who then if he deems it appropriate posts them to the news group. You must tell dnews the news group name and email address of the moderator.
Lets say your company name is 'Genesis' and you want a local moderated group for announcing major company decisions, lets call the group "genesis.announce"
First create the moderated group using tellnews (or dnews manager)
tellnews newgroup genesis.announce m theboss Company Announcements
Then add one line to moderators.conf to send any messages posted to this group to the person who is going to 'moderate' this group. The new line must go above the default rule.
Example - Extract moderators.conf
genesis.announce:secretary@genesis.com (read - for articles posted to the group genesis.announce email them to the moderator at secretary@genesis.com)
*:%s@uunet.uu.net
Lastly you MUST have an SMTP gateway defined in your newsfeeds.conf, you should already have this as it was entered during the setup process, but check in newsfeeds.conf to make sure you do. It should look like this:
Example - Extract newsfeeds.conf:
site name_of_your_mail_server
smtp
To add an SMTP Gateway On Windows from DNEWS Manager select "Feeds Out" select "Add" in the "Feed Name" field enter the name of your mail server and then select the "this is really the smtp gateway" indicator
Now you are all set, the moderator will receive all posts via email, he must then add an Approved: header line to the message before re-posting it to the news group. This can be done with FreeAgent, see the FAQ for details.
This section describes how to add and delete news groups, and how to delete news articles.
Add a News Group - Newgroup Command
Your News server will only accept articles for news groups it knows about. The Newgroup command is used to manually add a new group to the list of news groups on your server. This can be a local group or a new group from another feed site, or a group from the upstream feed. The optional y or m field is to set the group as normal (y) or moderated (m), the optional creator field is a one word name of the groups creator, the optional description field is a few words describing the group.
Syntax: tellnews newgroup <groupname> [y |m][creator][description]
Example: tellnews newgroup local.bicycle.rides y eddym Info about bike rides in our vicinity
Tellnews commands are just typed in on the command line, with the Windows from the DNEWS Manager interface select "commands" and select the "newgroup" command.
Delete a News Group - Rmgroup Command
The Rmgroup command allows you to remove news groups from your servers groups list. Rmgroup Command flags the specified group(s) as deleted. This is a clean way to delete a group and if you make a mistake, you can undelete it. The expire process will delete the items in the now deleted groups in accord with your normal expire rules, so this may take several days or weeks.
Deleted groups will remain deleted unless a control message is received to recreate them or you undelete them using the undelete command.
Syntax: tellnews rmgroup <group name>
Example: tellnews rmrgroup "local.secret*"
Tellnews commands are just typed in on the command line, with the Windows and Macintosh versions from the DNEWS Manager interface select "commands" and select the "rmgroup" command.
Undelete a News Group - Undelete Command
This command is used to undelete a group previously flagged as deleted using the rmgroup command.
Syntax: tellnews undelete <group wildcard>
Example: tellnews undelete "local.secret*"
Tellnews commands are just typed in on the command line, with the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" and select the "undelete" command.
Purge "Deleted" News Groups -purgegroups command
This command allows you to purge from your system records all those groups that have been flagged "delete" in the system with the rmgroup command. You must stop and start dnews after using this command. If you use this on a sucking feed and the deleted groups exist on the site you are sucking from, then the groups will re-appear.
Syntax: tellnews purgegroups
Delete an Article - Killitem Command
This command allows you to delete an item in a news group. The item is difined either by its message ID or by a combination of its number and the group it is in. This information can be found by using a news reader (eg WinVN) that shows the article numbers. Killitem is usually used for removing inappropriate postings from private local groups. The Message-ID of a message can be found by clicking on 'show all headers' in any news reader.
Example: tellnews killitem "<234532.34@netwin.co.nz>"
Tellnews commands are just typed in on the command line, with the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" and select the "killitem" command.
Controlling Access to the Server and News Groups
DNEWS supports a full range of options to manage user access. This section describes how to control who has access to which news groups on your server and the type of access they will have.
Control third party access to your server
Access to your server is controlled by the access.conf file.
The Syntax for access rules in access.conf:
address:access_type:username:password:groups
DNEWS will by default try and put an appropriate rule in access.conf to prevent outsiders from accessing your server as follows:
The entry should look like this:
Example - Extract access.conf file:
*:logoff:::!*
161.29.2*:Read,Post:::*
*netwinsite.com:Read,Post:::*
"*:logoff:::!*" is read - any address log them off and don't allow access to any newsgroups. There is no user name or password requirement.
The next two lines have the same effect, and are read - allow anyone from the address 161.29.2.* (or Domain Name- netwinsite.com) to read and post articles to all groups. Both lines are put in incase your DNS is not working. Again there is no user name or password specification in this example. On NT the reverse DNS translation is disabled by default so you might want to enable it if you want access.conf to work for 'names' as well as numbers.
The order of the rules in the access.conf file is important, the server applies the last matching rule to decide if it will allow access or not.
On Windows from DNEWS Manager, select "Users & Feeds In" to view, select "add" to add a new access rule or select a feed them select "modify" to modify an exiting rule or "delete" to delete a rule.
Control User Access to News Groups
DNEWS allows you to control access to your to news groups by IP name, IP number and/or user name and password.
Unlike other news implementations, you can permit reading and posting to different combinations of newsgroups; for example, you may want a group of employees to be able to read all news groups but to only be able to post to local newsgroups.
On most operating systems you can user the Operating Systems Authorization mechanism to validate users. For instance on Windows NT you can use NT Authorization to look up users via the NT user database. See the setting $lookup$ for details. This is often the best approach if you have a lot of users and you want to use individual usernames and passwords.
You can limit the number of concurrent users from a particular domain or number of simultaneous connections from individual IP addresses within a domain.
The access.conf file controls access to your server. The syntax for all access rules in the access.conf file is as follows:
Syntax:
IP Names or Numbers:Access types:UserName:Password:Groups:Extention Settings
(read- for these IP names or numbers: provide this access:if they provide this username and this password: to these groups: and apply these extentions)
"IP Name or Number" - List IP Names or Numbers separated by ","or Use wildcard "*" to specify a group of IP Names or Addresses to apply the access rule to. e.g. 161.29.2.*
"Access Type" - Specify Type of Access to allow, Read and/or Post or
Logoff. eg Read,Post
"UserName" - Specify UserName (if any)
"Password" - Specify Password (if any)
"Groups" - List the groups you want to allow access to separated by
"," and list the groups you want to exclude access to using "!" in
front of the group name. Use the wildcard "*" to match ranges of groups. e.g.
*,!*.binaries.*,!netwin.secret.*
"Extensions" - These are optional and allow you to limit the number of
concurrent users and or connections allowed.
Remember: The order of the rules in access.conf is important, as the server applies the last matching rule to determine if a user has access, so remember to put defaults at the top not the bottom:
On Windows from DNEWS Manager select "Users and Feeds In", select "Add" to add a new rule or select a rule and select "Modify" to modify the rule or "delete" to delete the rule.
Example 1: This example illustrates how to control access to specific groups by utilizing IP names or address's. In this case we give all our users access to all groups except our secret local groups. And we give IP number 161.29.2.10 access to all groups including our secret local groups. Entries in access.conf:
*:logoff:::!* (This is a General default rule. Read - any address log them off and
don't allow access to any news groups)
161.29.2*:Read,Post:::*,!netwin.secret*
*netwinsite.com:Read,Post:::*,!netwin.secret*
(This is a General default rule. As noted above these two lines have the same effect. Read - for any of our users identified by matching the first part of the IP name or number allow access to all groups , in this case we have modified it by adding ,!netwin.secret* to the groups field, which the server reads - but don't allow these addresses access to groups with netwin.secretanything in the name header)
161.29.2.10:Read,Post:::* (This is a Specific rule. Read for IP 161.29.2.10 allow access to all groups including secret ones)
On Windows from DNEWS Manager on NT,
Step1: select "Users and Feeds In", select the general default to modify, select "Modify" to modify the rule. In the "Groups" field add ,!netwin.secret* modify the rule. Modify both the IP name and IP number defaults .
Step2: select "Users and Feeds In", select "Add" to add a new rule. In "User/Feeds" field enter 161.29.2.10, in the "Groups" field enter *, Select the "Read" and "Post" access boxes.
Example2:
This example illustrates how to restrict access by utilizing user names and passwords. In this case all our users are given access to all groups except the local secret groups. Access to all groups including secret groups is provided to users supplying the username "steve" and password "secret".
Entries In access.conf file:
*:logoff:::!* (General Default Rule. Read - any address log them off and don't allow access to any news groups)
161.29.2.*:Read.Post:steve:secret:* (Specific Access Rule. Read - for any IP that matches161.29.2.anything allow access to all news groups if the username "steve" and password "secret" are supplied)
161.29.2*:Read,Post:::*,!netwin.secret*
*netwinsite.com:Read,Post:::*,!netwin.secret* (General Default Rules. Read - for users with IP name or numbers matching allow access to all groups except local secret groups)
Important Note: there is a bug in Netscape 1-3 New Reader Software that requires an additional modification to the above. If you specify in any access rule a group of IP numbers with a user name and password. Netscape will require a user name and password to be entered by every IP number included in the specified group.Netscape reads the last rule "For every IP address matching 161.29.2.anything I must have a user name and password, if the user name and password is "steve" and "secret" then I will give access to all groups if they don't provide a user name and password I won't provide access at all..
To allow for this behavior for Netscape, you need to add an additional access rule and provide your users with a general username and password. In this example General Username = netwin and General Password = news
Example:
*:logoff:::!* (General Default Rule. Read - any address log them off and don't allow access to any news groups)
161.29.2.*:Read.Post:steve:secret:* (Specific Access Rule. Read - for any IP that matches161.29.2.anything allow access to all news groups if the username "steve" and password "secret" are supplied)
161.29.2*:Read,Post:netwin:news:*,!netwin.secret*
*netwinsite.com:Read,Post:netwin:news:*,!netwin.secret* (General Default Rules. Read - for users with IP name or numbers matching allow access to all groups except local secret groups)
Eample 3: In this case lets assume we want to set up access.conf to:
Extract access.conf:
*:logoff:::!* (This line is read - log off anyone and don't give access to anygoups. It is not required at all in this example and only left in here to highlight that because DNEWS applies the last matching rule it would ignore this line anyway as the next line *:read:::*,!local.* becomes the general default rule.)
*:read:::*,!local.* (Read - give everyone read access to everything except local groups)
161.29.2*:Read,Post:netwin:news:*,!local.*
*netwinsite.com:Read,Post:netwin:news:*,!netwin.* (General Default Rules. Read -
for local users with IP name or numbers matching allow access to all groups except local
secret groups. Note they need to supply the username "netwin" and password
"news")
161.29.2*:Read,Post:jane:jelly:*,!local.secret* (Read - for local users with username "jane" and password "jelly" give read and post access to everything except any groups with the name local.anything.)
161.29.2*:Read,Post:mrtop:secret::* (Read - Give Local users with the username "mrsecret" and password "top" read post access to all groups)
Using Operating System Authorization database to Control User Access:
To use your operating system Authorization database to Control User access in your access rules set <user> as "$lookup$" and <password> as "$lookup$" then your operating system Authorization is used to lookup users via the Operating systems Database.
In access.conf you should add an access rule like this:
Example: your.ip.range.*:read,post:$lookup$:$lookup$:*
(read - for your ip range allow read and post access if user name and password are correct to all groups)
At the same time you must add to dnews.conf the line:
auth_case true
This tells DNEWS to be case sensitive when testing user names and passwords as NT username/passwords are case sensitive and by default DNEWS is not case sensitive.
Using external authorization database on unix. V4.5d
DNEWS provides external authentication support for Linux, FREEBSD, Solaris. See the file libauth.c - this file provides a Sample dynamic link library for Unix authorization. Use the procedure libauth.sh to build the shared library.
In dnews.conf you need to define:
auth_dll true
You need to implement a function that accepts these parameters
Inputs: ipname, ipnum, user, pass
Output: postgrps, readgrps, msg, int auth_user(char *ipname, char *ipnum, char *user, char *pass ,char *postgrps, char *readgrps, char *msg, int bfsz);
Example Skeleton code:
*/
#include
#include
#include
#include
#include
int auth_user(char *ipname, char *ipnum, char *user, char *pass ,char *postgrps, char
*readgrps, char *msg, int bfsz);
#ifndef TRUE
#define FALSE 0
#define TRUE (!FALSE)
#endif
int auth_user(char *ipname, char *ipnum, char *user, char *pass ,char *postgrps, char
*readgrps, char *msg, int bfsz)
{
strcpy(msg,"");
if (strcmp(user,"chrisp")!=0) return FALSE;
if (strcmp(pass,"test")!=0) return FALSE;
strncpy(postgrps,"*",bfsz); /* Give full access to all users */
strncpy(readgrps,"*",bfsz); /* Give full posting access */
/* The msg paramter is used to return any error information */
/* postgrps and readgrps are bfsz bytes long (about 1500 bytes)*/
return TRUE;
}
Access Extentions: Limiting the number of concurrent connections or simultaneous users
These extentions to access rules in access.conf allow you to limit the number of simultaneous connections from one IP and/or concurrent users from one domain. This can be useful to control users where you a selling a user or group of users a specific service.
The basic syntax for all access rules in access.conf is:
IP Names or Numbers:Access types:UserName:Password:Groups:Extention Settings
Extensions:
con=n (read - limit the number of concurrent connections from this IP to n)
users=m (read - limit the number of simultaneous users from this domain to m)
con=n,users=m (read - limit the number of concurrent connections from an IP address to n
and limit the number of simultaneous users from this domain to m)
Example:
161.29.2*:Read,Post:::*,!netwin.secret*:con=3,users=20
(read - for the domain 161.29.2.* allow read and post access, there is no user name or
password required, to all news groups except netwin.secret.anything but don't allow any
single IP number in this domain to have more than three concurrent connections and don't
allow more than 20 users from this domain to connect at any one time.)
The extension settings can get complex because they are not applied strictly by order like other settings. This is because in both cases the extension rule is affected by other users so the logic cannot be worked out by a single parse of the file. As a result you cannot limit the number of concurrent users to overlapping ip ranges, for example:
*:read,post:::*:users=2
*netwinsite.com:read,post:::*:users=10
Would NOT work, because the limit of '2' would apply to everyone not just netwinsite.com users.
Complex access.conf example
Here is a more complex example that would work: In this example we have two domains, 161.29.3.* and 161.29.4.*, one of which can have 50 concurrent users, the other 10, both are limited to 5 connections per reader to prevent a single reader hogging the system. We also have a username and password for the 'sex' groups. "naughty,secret", and two users have access to a private news group "netwin.private"
*:logoff:::*
161.29.*:read,post:naughty:secret:*,!netwin.private
161.29.*:read,post:joe:secret2:*,!*sex*
161.29.*:read,post:fred:secret3:*,!*sex*
161.29.3.*:read,post:::*,!*sex*,!netwin.private:users=50,con=5
161.29.4.*:read,post:::*,!*sex*:!netwin.private:users=10,con=5
DNEWS expire capabilities are very flexible and allow the server to respond intelligently to large fluctuations in news volumes, changes in available disk space, and the numbers of articles in groups. Different expire rules can be set for different news groups. This section describes how to control what and how news articles are expired.
Control the Number of Days to Keep Caching a News Group not being read - suck feed
The number of days your server will continue to cache a news group so that it will continue fetch the group from the upstream server after someone reads an article in it is set in dnews.conf. It is a global setting in dnews.conf and applies to all groups. A common mis conception is that this is how many days items will be kept for IT IS NOT, this setting is how many days the group will be fetched.
Syntax: life n
Example:
life 30 (Where n= 30 days) Read - continue fetching a news group for 30 days after someone reads an article in it.
Control Number of Days to Remember News Articles
The number of days your server will remember it had an article is set in expire.conf . It is a global setting and applies to all groups on the server. The value of this setting is that it ensures if you receive the same article a second time, even if it has already been expired on your system, the server will not accept it. This setting is in expire.conf not dnews.conf
Syntax: REMEMBER d
remember d (Where d = number of days) Read - Remember we 'had' an article for d days. The default is 7 days. i.e. remember 7
Control Expiration Rules for news groups
A feature of DNEWS is the flexibility it allows in specifying how and when articles will be expired and the ability to create rules that respond "intuitively" to available disk space and/or numbers of articles.
DNEWS allows you to set expire rules separately for different news groups and to have different rules applying depending on currently available disk space. So as space becomes short rules can be automatically modified to become more stringent. It also allows you to specify maximum and minimum article numbers this allows separate rules to apply to low volume or high volume groups.
All Expiration Rules are contained in the expire.conf file
The default expiration rules should be general enough to work on any system, but you may need to tune them if you have specific needs or want to add different rules for some groups.This can be done by Editing the expire.conf file.
Expire rules have the following syntax:
DISKUSE x GROUPS list KEEP d DEFAULT d PURGE d MAXITEMS n MINITEMS n
diskuse x (where x =%of_total diskspace DNEWS is allowed Measured in megabytes. )
This Must start each line. Read - while disk use is less than x % of available space apply
this expiration rule.
groups list (where list = list of news groups these rules apply to. You can use the
* Wildcard to indicate all news or a selection of groups eg alt.*. Where you list news
groups they should be separated by comma's with no spaces eg alt.*,*.binaries.*. Read -
apply this rule to news groups matching this list of group names.)
keep d (Where d = number of days) Read - keep articles for n days even if expired
header disagrees.
default d (Where d = number of days) Read - keep items for n days unless expire
header sais otherwise. This is the main setting you should adjust together with 'maxitems'
below.
purge d (Where d= number of days) Read - delete after n days even if expired header
disagrees
maxitems n (Where n = number of items)Read - delete oldest items until there are
less than n items in each of these groups.
minitems n (Where n= number of items) Read - don't apply date rules until there are
more than n items in each of these groups
The following shows the default rules in your expire.conf .
Note: For a full feed, you need to have gaps between normal and panic which are AT LEAST as big as one days feed. (e.g. 300-1200 Megabytes.)
Example: Expire.conf
# How many days to keep entries in the history file:
remember 7
# If we are way over. (this must be here or no rules match past 90%!!!. For example this
might occur # if you change your total diskspace allocated for dnews from 1000MB to
100MB):
upto 10000% groups * keep 0 default 1 purge 10 maxitems 0 minitems 0
#(The server reads this - if none of the following diskuse rules apply maxitems sais
delete all items in #all groups.)
# Start to panic a lot
upto 110% groups * keep 0 default 1 purge 2 maxitems 2 minitems 0
upto 99% groups * keep 0 default 1 purge 10 maxitems 10 minitems 0
#The first line is read - when disk use is less than 110% but more than 99% for all
groups.By default #keep all items for one day unless the expire header disagrees. Purge
all items after two days even if #the expire header disagrees. Delete oldest items until
there are less than 2 items in all groups.
# Start to panic a little
upto 90% groups * keep 0 default 2 purge 33 maxitems 100 minitems 0
# The above expire settings deal with situations where available memory is getting very
short.
#The following settings deal with Normal operating conditions.
#Settings for min and max items are a matter of taste, remember some older news readers
don't deal #with large numbers of items very well.
upto 85% groups * keep 0 default 5 purge 33 maxitems 200 minitems 5
upto 80% groups * keep 0 default 10 purge 33 maxitems 500 minitems 5
upto 75% groups * keep 5 default 20 purge 33 maxitems 1000 minitems 20
#The server reads the last line - if the disk is between less than 75% but more than 60%
apply these #rules to all groups. ie keep all items for 5 days even if the expire header
sais otherwise,default sais #keep all items for 20 days unless expire header sais
otherwise. Purge sais delete all items after 33 #days even if expire header sais
otherwise. Delete oldest items in these groups until there are less than #1000 items. In
groups with less than 20 items don't apply date expire rules.
upto 60% groups * keep 5 default 30 purge 33 maxitems 2000 minitems 100
# The following rules deal with the the situation where there is lots of space available
and we just stop # things getting silly (e.g. 10000 items in...)
upto 30% groups * keep 5 default 30 purge 33 maxitems 3000 minitems 200
upto 20% groups * maxitems 2000
# The following rule might be added for local groups which you may want to to keep forever
for #example:
upto 1000% groups local.* keep 9999 minitems 99999 maxitems 999999
Control When Expiration Process is Run?
The expire_at setting in dnews.conf defines when the server will run the expire process, to expire articles in accordance with the expiration rules.
Syntax: expire_at mins hours
Examples: In dnews.conf
expire_at 12 2 (This is the default setting: Read - Run Expire once a day at
2:12 a.m.)
expire_at 10 2,14 (Read - Run Expire at 2:10 am and 2:10 pm)
expire_at *5 2-5 (Read - Run Expire Every 10 minutes between 2 and 5 am)
Expire Now - Expire Command
This command is used to force an expire run. This might be necessary if something had prevented normal expire runs from working and after fixing the problem you wish to start an expire run immediately to free up disk space. The expire run will begin as soon as the current entry in the sucking queue has completed.
Syntax: tellnews expire
Tellnews commands are just typed in on the command line, with the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" then select the "expire" command.
This section describes DNEWS log.
Control Log level - loglvl command
The loglvl command in the dnews.conf file allows you to change the level of logging as desired. There are four log levels:
Error - The log shows serious errors only.
Warn - The log shows serious errors and provides warning messages.
Info - In addition to warning and error messages the log provides useful
information about what the server is doing. This is the default setting.
Debug - Used for debugging
Flush - This is the same as debug except the log file is flushed with every single
line written; this is useful if the system is crashing but not providing a stack dump.
Syntax: tellnews loglvl error/warn/info/debug/flush
Example: tellnews loglvl warn
Tellnews commands are just typed in on the command line. With the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" then select the "loglvl" command.
View Log Now - log command
The log command returns the last 50 lines of the dnews.log file which contains all log information.
Syntax: tellnews log
Tellnews commands are just typed in on the command line. With the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" and select the "log" command.
DNEWS provides a variety of operating and performance information. This section describes how to obtain and read operating reports.
Email address to send daily reports - manager setting: The manager setting in dnews.conf gives the server the email address you want the daily report emailed to. DNEWS asks for this during the setup process.
Syntax: manager system@here.this.place
(On Windows from the dnews manager select Main Options and enter email address. Then
select write changes and reload)
The Daily Expire Report Shows all the informations from the tellnews status, tellnews stats_groups and tellnews stats_in reports discussed below.
View DNEWS Status Report Now - Status Command
The status command returns the DNEWS Status Report which details the status of the system.
Syntax: tellnews status
Tellnews commands are just typed in on the command line. With the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" and then select the "report" command.
Understanding DNEWS Status Report
The following shows a typical status report and includes explanatory comments
General Section:
200 161.29.2.10 DNEWS Version 4.2j, S0, posting OK
"200" - This is the NNTP response received from the server.200 means
the server is ready #and posting is allowed.
"161.29.2.10" - This is the IP address of the server running DNEWS.
"DNEWS Version 4.2j " - This is the Version of DNEWS running.
"S0" - If you are running DMULTI this tells you which slave you are
talking to e.g. 0,1,2,3,... # slave 0 is the DNEWS Master.
"posting ok" This tells you posting from your IP address is ok.
License Section:
483 Temporary license expires after 31-Aug-97
483 Please read LICENSE.TXT for registration information
This Tells you when your evaluation period will end and where to find registration instructions.
Feeds Section:
Feed[0]: me *,!alt.*,!*.binaries.*,@news.*,news.software.*
Feed[1]: 161.29.2.5 Posting Builtin Posts=0 0/s Rej=0 Req=0 Dup=0 R=100:0:0 Tot=0/s 0k/s *
Live cache misses 0/0
#This section povides a list of the feeds in newsfeeds.conf file. The newsfeeds.conf
controls the feed into your server and the feeds out of your server . Each line specifies
the rules currently applying to each feed.
"Feed[0]: me" - this is the feed into your server or me feed.
"*,!alt.*,!*.binaries.*,@news.*,news.software.* " - this defines which
news groups will appear on your server and is read ; accept articles for all groups except
those with alt.anything and those with anything.binaries.anything in the Newsgroups
header. Do not accept articles with news.anything in the Newsgroup header , but do accept
articles with news.software.anything in the newsgroup header."
note 1: the order of the rules is important.
note2: "!" or "@" :"!" is used to prevent articles
from being accepted to a specified newsgroup. If the article has been crossposted to other
groups not specifically excluded it will be accepted to those groups. "@" is
used to prevent an article posted to a specified group from being accepted to the
specified group or any other group it may be cross posted to.)
Feed[1]: 161.29.2.5 Posting = Posting like a news reader. If Posting is not here it means it is sending using IHAVE Builtin = DNEWS has two mechanisms builtin for sending feeds to other servers. The normal mechanism is called "builtin" and the other is called "live" for live feeds. If neither built in or live is specified dnews simply creates a file of the list of things to be sent.
Posts=0 0/s Rej=0 Req=0 Dup=0 R=100:0:0 Tot=0/s 0k/s * This shows for the feed1 since startup; the number of articles posted, the number of articles Rejected by the downstream server, the number of articles the downsteam server could not accept immediatly and were Reque'd for sending later and the number of Duplicate messages that had already been received by the downstream server. The R=n:n:n is for debugging purposes. Tot=0/s 0k/s shows the total number of items sent per second and the total K bytes sent per second.
Live cache misses 0/0 = This shows the number of times the live feed had to read
an item from disk because it was not in it's local cache when it tried to send it.
If there is a queue of articles waiting then the size of the queued files is also shown.
Del= If the queued files grow larger than 10mb, they are deleted, and this figure keeps a record of the total size of deleted queue files. This allows dnews to keep operating when a site is down for days or weeks, the backlog could otherwise quickly fill up your entire disk.
Currently Connected Sessions:
Chan[0:140] o=0 in=0/s out=0/s 0 161.29.2.10 161.29.2.10 C_CMD
Chan[1:108] B o=130 in=15000/s out=1193/s 0 161.29.2.10 test.netwin.co.nz C_IHAVE
This is a listing of the currently connected sessions, and shows both their IP number and name. In this case the IP number is shown twice as reverse translation is disabled.
"B" This means the channel is blocked, dnews is waiting for the other
end to take all the output
"o=130" This means the output buffer has 130 Bytes
"in=15000/s" This means the input speed has been 15KBytes/second for the
last 30 seconds
"out=1193/s" This means output speed has been 1193Bytes/second for the
last 30 secinds
"C_CMD" this means the channel is waiting for a normal NNTP command
"C_IHAVE" this means the channel is part way thru an IHAVE transaction
Expire Section:
Expire started at Mon Jul 21 02:00:05 1997 Done, start 44% end 44%
Processed 12482 removed 0 deleting 2372/-1/372 speed 1282.93
Expire finished at: Mon Jul 21 02:00:32 1997, Elapsed 0 hours, 0 minutes
# This shows the start and finish times of the last expire and the % of diskspace available to DNEWS used at the start and end of the expire. Normally the second number would be smaller but in this case nothing was expired.
"Processed 12482" - This is the number of history lines in your
history file.
"removed 0" - This is the number of history lines removed
"deleting 2372/-1/372" - This is the number of items being deleted, total
and actual.(of 2372 items deleted 2000 were cross posts so don't count as real deletes)
speed 1282.93 -This is the number of history articles processed per second
"Expire finished at: Mon Jul 21 02:00:32 1997, Elapsed 0 hours, 0 minutes"
- time expire ran and time taken to complete.
Current Job:
Nothing is being sucked at present.
Group news.software.nntp completed, got 0 items
This sections reports on the status of the current background job if any. In this case there is nothing in the sucking que.
Statistics Section:
DB used 44.48MB, Slack 3.92MB 8.82%, DBI Misses 0/0, blocks 0=0k
History: disk 1598k memory 149k/360k, Str 74k/1572k/200k Malloc 5123k/6445k/3327k
Used 44MB=44%, Free work 26Mb, hist 26Mb, spool 26Mb, log 26Mb
This section provides overview statistics
The Data Base:
"DB Used 44.48MB" = The data base is currently using 44.48 MB
"Slack 3.92MB8.82%" = Gaps in the data base total 3.92 MB or 8.82% of the
data base. Note - DNEWS does not bother to compress the data base further when under 5-10%
by default.
History File:
"disk 1598k" - the history file is currently 1.598 Mbytes on disk.
"Used 44MB=44%" - DNEWS is using 44% of available space allocated to it.
"Free work 26Mb" - Free space on disk with Work Area
" hist 26Mb" - Free space on disk with history file
" spool 26Mb" - Free space on disk with spool file
"log 26Mb" - Free space on disk with log file
note: in this case the work area, history file, spool and log are on the same disk.
Groups Xover 5 Cached 1 of 25594, GID 25594, Uptime 0 day(s) 22 hour(s), XOver Cache 66.58%
"Xover 5 = 5" - Groups with more than 10 items read using Xover in the
last week
"Cached 1 of 25594" - Of a total 25594 available groups 1 is currently
being read
"GID 25594" - Number of groups IDs allocated
"Uptime 0 days 22 hours" - the system has been up for 22 hours.
"XOver Cache" - % of Xover records found in Cache therefore not required
to be read off disk.
Status Report Now - Report command
The report command forces DNEWS to generate the status report and mail it to the manager address set in the dnews.conf file. Reports are normally sent automatically on a daily basis but the command is useful if you are not getting these reports as it allows you to check the log file and see why the report isn't successfully sent.
Syntax: tellnews report
Tellnews commands are just typed in on the command line. With the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" and select the "report" command.
View Stats on Top 40 groups Now - Stats_groups command
The Stats_groups command reports the top 40 groups by the number of times they have been read by users and by the volume of articles received into that group. This allows you to spot groups that are gobbling up diskspace and bandwidth but are not being read by a significant number of users.
Syntax: tellnews stats_groups
Tellnews commands are just typed in on the command line. With the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" and then select the "stats_groups" command.
This information is also included in the Daily Expire Report
View Statistics on Articles Accepted since expire - stats_in command
The stats_in command provides statistics about what DNEWS has sucked/accepted since the last expire:
Syntax: tellnews stats_in
Example Stats_in report with explanations:
200 161.29.2.5 DNEWS Version 4.5b2, S0, posting OK
Sites that have sent us articles since the last expire:
Site Posts Rejects Dup Total Articles/S Kbytes/s K
news.iconz.co.nz 2875 0 0 2875 0.75 1.54 5870k
The report shows news.iconz.co.nz sent 2875 items, 5.8MB at 1.54K per second, no items
were rejected,
Tellnews commands are just typed in on the command line. With the Windows NT and Macintosh versions from the DNEWS Manager interface select "commands" and select the "stats_groups" command.
This information is also included in the Daily Expire Report
Confirmation of Posts to Users - the confirm setting
You can configure DNEWS to send a confirmation message by email to users to confirm their post has been transmitted to the Internet successfully. This is normally set at the time you install DNEWS. The "confirm" setting is in dnews.conf.
Syntax: confirm *.this.domain,*.second.domain
The following example sets "*.this.domain" to match our local email addresses. i.e. *netwinsite.com.
Example - Extract dnews.conf:
confim *netwinsite.com (read - send email confirmation of post on successful transmission to users posting from anythingnetwinsite.com)
On Windows from DNEWS Manager select "Main Options" and in the "Confirm Postings" field enter the domains you want to confirm postings for.
Censoring News Articles - Spam Protection
A feature of DNEWS is the advanced set of methods for detecting and automatically removing inappropriate or nuisance articles (SPAM) from news groups on your server . You may reject articles based on: The number of cross posts, the identity of the poster, words used in article headers or anything in the content of articles. You can apply different rejection rules to different news groups. You can set the maximum number of articles per hour from any user or host and the maximum number of duplicate bodies.
In brief, adding spam_stop true to dnews.conf will allow dnews to reject messages that it determines are 'spam'
Reject Rules Cross Posting
A common type of Spam is where a single article is cross posted to many news groups. Genuine news articles should only be posted to one or a very small number of news groups relevant to the article subject.
To prevent this kind of Spam you can set the maximum number of cross posts on your server so that any article that is cross posted to more than the specified number of news groups will be deleted. The maxcross is set in the newfeeds.conf file and has the following syntax.
Syntax: maxcross n
(where n = maximum number of news groups an article may be cross posted to without being rejected)
Example: The following example shows the entries in newsfeeds.conf to exclude binary groups and articles cross posted to them and reject any article cross posted to more than 10 groups)
Example - Extract newsfeeds.conf:
site me (site me is your main news feed)
groups *,@*.binaries.* (This line tells the server which news groups to accept.
"*" = accept all groups; "@*.binaries.*"= don't accept those matching
anything.binaries.anything or articles cross posted to anything.binaries.anything)
maxcross 10 (This line tells the server to reject items cross posted to more than
10 groups )
(On NT in DNEWS Manager select "Feeds Out", select "ME Feed" (This is your feed in) and enter the maximum number of cross posts to allow in the "Max Cross" feild .)
Reject Control by Article Headers
With any feed in 'newsfeeds.conf' you can add accept/reject rules based on words or expressions used in article headers to control which news items the server accepts into news groups.
The rules have the following syntax:
Syntax: accept/reject article_header "key words in header"
The following example illustrates how you might edit newsfeeds.conf file to reduce Spam getting onto your server, by adding rules on the 'me' feed, using key words in the subject, newsgroup and from article headers.
Example - Extract newsfeeds.conf:
site me
groups * (read - accept articles for all groups)
accept default ( read - accept the article unless one of the following matches)
reject subject "sex" ( read - reject the article if the word sex is in
the subject header)
accept newsgroups "sex" ( read - accept the article if the word
"sex" is in the news group header)
reject from "baduser@badsite" ( read - reject articles from
baduser@badsite)
reject subject "make money fast" (read - reject the article if the phrase
"make money fast" is in the subject header)
This example rejects any message with 'make money fast' anywhere in it's subject header, and all articles from baduser@badsite, and also rejects articles that contain the word 'sex' in the subject unless they are in a news group that also contains the word 'sex'.
The list of rules is processed in order, and if the rule 'matches' then the 'result' is changed to accept or reject accordingly. So you must have a default rule first and the order of the rules is important.
Accept/Reject Control by article Content
With any feed in in 'newsfeeds.conf' file you can edit the file to add rules to detect and reject articles by matching keywords or phrases against the entire body of the article.
These rules follow the same syntax as above - but utilize the fake news article headers; 'body' meaning everything except the headers, and 'article' meaning everything including the headers.
Syntax: accept/reject body/article "keywords"
Note: The matching is NOT case sensitive. If the header CONTAINS the specified text then the rule is applied, rules are applied in order, if no rule matches then the item is accepted, unless there were any 'accept' rules in which case the item is rejected.
Example - Extract newsfeeds.conf:
site me
groups *
reject subject "sex"
reject from "baduser@badsite"
reject body "naughtyword"
reject article "make money fast"
site local.interest
groups *
reject subject "boring thread"
accept body "netwin.co.nz"
accept body "dnews"
Read - from my main feed site accept all groups, reject any article with "sex" in the subject header, reject articles from baduser@badsite; reject articles with "naughtyword" anywhere in the body; rejects articles with "make money fast" in the header or body.
From my local.interest feed site reject articles with "boring thread" in the subject header unless they have "netwin.co.nz" or "dnews" in the body.
For performance reasons it is best to only use headers rather than body and article, and it is also best to minimize the number of rules. A more efficient way to implement this type of control over content is to use a file as described under the heading Serious Spam Protection below.
Accept/Reject Articles - Special - Mime Attachment etc
There is one special character allowed '\n' which can be used to match 'beginning of line' in the body or article option.
To reject items containing Mime attachments you might add something like the following line to newsfeeds.conf:
reject body "\nContent-Transfer-Encoding: x-uue"
Serious Spam Protection V4.5
The following will provide some automatic protection from spam. These settings can be added to dnews.conf, you can just set 'spam_stop true' to enable the the default settings. You can fiddle with all these settings and thus tune your system differently to other peoples which may be an advantage as 'spammers' will try and get past some of these rules.
Setting Default Description
spam_stop false Enables spam protection
spam_test false Enables spam protection but doesn't reject anything, just logs what
it would do.
spam_keepn 5 Number of rejected items to store in spam_n.tmp files (for reviewing)
spam_dup_total 5000 Number of items to 'remember' in our history of 'duplicate'
bodies. Uses about 30 bytes per entry.
spam_dup_hits 6 Number of duplicate bodies (not cross posted) to allow
spam_dup_cross 400 Number of duplicate bodies counting cross posts to allow
spam_from_hits 60 Number of messages from any single user per hour
spam_from_cross 1000 Number of messages counting cross posts from any single user
per hour
spam_from_total 5000 Number of users to keep tabs on in our history of duplicate
users, uses about 100 bytes per user.
spam_host false Use 'nntp-posting-host' instead of 'from' for the above 3 rules.
In addition to fiddling with all the above settings, you can create a file "filta.dat" in the WORKAREA as defined by dnews.conf and add lines to the file, any message containing text matching the lines in the file will be rejected.
The idea is to use things that common spammers place in the body of their messages, this allows you to stop anyone who manages to get past the automatic mechanisms above.
e.g. c:\dnews\spool\filter.dat
Example - filter.dat file:
sex
1-800-3333-4343
1-800-SEXYPHONE
www.sex.
Make money fast
We intend to create a second file "filter.net" which will be made available from these web pages, this will be a list that is updated regurlarly to stop well known spammers. DNEWS will use both files (filter.dat and filter.net) you should place your own settings in the filter.dat file.
DNEWS uses a 'super' efficient mechanism to test matches in this file so that you can have several hundred lines in the file without performance suffering, each line must be at least 3 characters long. The matching is not case sensitive and is only in the 'body' of the message.
Dynamic Suck/Pull Feeds Only
As the popularity of USENET has grown many sites using old news server software have found themselves struggling to support increasing numbers of concurrent users, a larger news spool and to keep up with a full news feed.
The DNEWS News Server's is significantly faster at taking a news feed than any other news server software. DNEWS has no difficulty keeping up with a full news feed. DNEWS's efficiency and scalability allow sites to provide a high quality news service and maximize benefits from their investment in hardware by supporting more users per server with high performance. This section describes strategies for larger sites.
DMULTI Installation and use
DMULTI is a mechanism for running multiple DNEWS processes on a single server utilizing a Master Slave architecture and allows you to get more out of your machine. With DMULTI you start 2-5 DNEWS processes, each one dealing with 50-400 concurrent users, this allows it to scale well and make use of multiple CPU's etc. DMULTI will start to be worthwhile when you have more than about 50 concurrent news readers on your system, and/or if you have people reading 24 hours a day and the expire process is causing performance problems. Generally it will give reasonable results if you have sufficient memory and multiple disk drives. If you have more than 200 - 500 concurrent users it is recommended that you configure your server with the DMULTI option. Because, disk IO is often a bottleneck we recommend multiple servers after a certain point, (around 500-1000 concurrent users as a rough guide) for best performance and this gives the added advantage of 100% hardware fail over for emergencies.
DMULTI installation
Configure your system to startup DMULTI instead of DNEWS:
On Unix: Use dmulti_start.sh, instead of dnews_start.sh
On NT:
addsvc -del dnewssvc
addsvc -add dnewssvc dmulti.exe "DNEWS Multi Process Manager"
Configure the new slave parameters in dnews.conf
slave_restart 5 # The hour at which to restart the slaves (5a.m.)
slave_ports 7500 # TCPIP port to start dnews slaves processes on
slave_n 3 # Number of dnews processes to run 2-4
slave_feed 202.37.150.84,161.29.2.* # Ip NUMBER of this host and feeds
The slave_feed setting MUST include 'this machine' and any machine that is sending you a news feed, ONLY ip numbers or wild cards will work (ip names will not work)
Add your own machine to the list of hosts that can take an IHAVE feed, add this in access.conf, if you miss this step out local posts will fail.
your.ip.number:ihave:::*
Startup the dmulti process:
NT: net start dnewssvc (or click on start in dnews manager)
UNIX: /usr/local/dnews/dmulti_start.sh
There is a log file dmulti.log which will show you if anything goes wrong.
How dmulti works
DMULTI starts up 'slave_n' dnews processes (typically 2 or 3) the first one S0, is the master process, this is the one that accepts incoming news feeds, and this is the one your tellnews commands will go to. The others, S1-Sn, are reader processes, each one might have 30 news readers on it. DMULTI acts as a gateway, routing the incoming connections to the correct dnews process, this is why your slave_feed parameter must be set correctly, this is how dmulti knows whether the connecting session is a reader, or a feed.
You can communicate with each slave individually using a new tellnews option. The first status line shows which process s0-sn is talking to you:
(Master process) tellnews -s 0 status
(First reader) tellnews -s 1 status
You should always ensure that all the processes have closed before re-starting dnews/dmulti
If a problem develops, establish 'which' slave is not responding using 'tellnews -s n' and then copy the dnews.log_n from the faulty slave before restarting DNEWS.
To uninstall DMULTI
Remove the slave parameters from dnews.conf and then replace the original dnews service (or startup script)
Uninstall NT: addsvc -del dnewssvc
Uninstall NT: addsvc -add dnewssvc dnews.exe "DNEWS News Server"
Multiple Servers
Multiple servers give better performance and a good backup mechanism, with the price of PC's and Disks it's probably better to budget for 4 cheap servers than to try and build 1 super server.
If you use more than one news server, you can configure DNEWS to send out an xreplic feed, this means that item 23 in 'rec.humor' on the master DNEWS machine will be the same as item 23 in 'rec.humor' on the slaves system. This enables you to have 'n' news servers, each handling 100-500 concurrent users and you can use a DNS to 'rotate' the users between the servers randomly balancing the load. This also gives you a 'backup' as any server can be removed or made the 'master' in a minimum of time.
However, another option is to simply configure several news servers and use normal feeds between them and then spread your users by simply telling them to use different news servers, this is simpler and therefore slightly more reliable. But this does prevent you from any load balancing.
Hardware:
A typical 'large' system would look like this:
Single or Dual Pentium 200
128-256MB RAM
8-50Gig SCSI disks (or raid array)
Operating System for large servers
We don't want to get into an OS war, but basically the following OS's (in no particular order) make good news servers with DNEWS, this only becomes an issue when you are trying to pack as much news and as many users as possible onto one server: Windows NT, Linux, Solaris, AIX, HPUX, FreeBSD, BSDI
With most of these systems it is important to configure them with at least 200MB swap partitions when you install the system as NEWS uses a lot of memory and changing the swap partition can be difficult.
Putting News On the Web - DNewsWeb
DNEWSWEB is a web to news gateway, it lets you merge your web pages and your news groups. By displaying usenet and local news groups on your web pages users can read and post news directly using their favourite web browser.
DNEWSWEB is provided FREE with your DNEWS News Server and is quick and simple to set-up.
You will have recieved the following DNEWSWEB files when you downloaded DNEWS:
dnews\dnewsweb.exe
dnews\dnewsweb.ini
dnews\dnewsweb.txt
dnews\web\*.tpl (directory of template html files)
templates d:/dnews/web
You must install DNEWSWEB on your WEB server, in a directory that you have already setup on your server as containing CGI programs, you must read your server documentation if you don't currently know how to setup a cgi program, typically you would copy the files to a directory like:
SERVER_ROOT\cgi-bin\
Two files should be copied to this directory
copy \dnews\dnewsweb.exe \SERVER_ROOT\cgi-bin
copy \dnews\dnewsweb.ini \SERVER_ROOT\cgi-bin
In some instances you will have to place the .ini file in a different directory, this is dependent on your server software, sometimes the 'SERVER_ROOT' is the right directory. (DNEWSWEB will give an error if it can't find this file, in which case just try moving it somewhere else).
Now edit dnewsweb.ini and define: your news host, templates directory and news groups to display on your web page.
Example: notepad \SERVER_ROOT\cgi-bin\dnewsweb.ini
Syntax: Parameter Value
Parameter | Value (Example) | Explanation |
---|---|---|
newshost | news.your.domain | The name or number of your DNEWS news server. Use an IP number to speed up the process. |
templates | c:/dnewsweb | The directory where you have copied the *.tpl files |
groups | rec.humor, local.chat,local support | This setting allows you to list the news group who's names you want to appear on the top dnewsweb page. Generally you will want to list some Groups of particular interest or importance. For example you may have a local support news group or want everyone to see the rec.humor group or rec.chat |
allow | local.*,rec.* | Groups to actually let people read: This setting allows you to specify which of all news groups you will allow access to via your website. For example allow rec.* allows all groups matching the rec.anything in the news header. |
Now copy the tpl files from the distribution directory to the directory you have defined for templates in dnewsweb.ini
cd /dnews/web
copy *.tpl /dnewsweb
If you wish, you can tailor the template files to give dnewsweb the same look and feel as your own web pages. It is assumed you know how to edit raw html files, in addition there are some variables that you can use. The list of variables depends on which page dnewsweb is showing. For example the %%h_subject%% variable only works when displaying an item, or directory listing.
Note: If you leave the template files in the /dnews directory, then they will be over-written next time you upgrade dnews, so it is best to move them if you wish to tailor the appearance.
Here is a list of the template files, and a brief description of each. In some cases alternate files have been included in the distribution, you may want to try one of these for an alternate layout, simply copy the alternate file over the top of the original.
File Name | Description |
---|---|
top.tpl | The first/top page shown when dnewsweb is run |
list.tpl | A list of newsgroups at a given level in the tree |
items.tpl | A single news group, listing articles in that group |
item.tpl | A single article within a news group |
follow.tpl | Used when user posts a FOLLOW-UP message |
post.tpl | Used when a user post a NEW message |
posted.tpl | To tell the user that the post was successful |
required.tpl | To tell the user that a required field was not filled in |
search.tpl | For searching the FTS database (if enabled) |
results.tpl | Results of FTS search |
xsearch.tpl | For searching a single news group |
xresults.tpl | Results of searching single news group |
postit.tpl | Template for messages posted using posting form |
post_form.tpl | For posting with extra fields on form (replace post.tpl with this) |
Template Variables
Here is a list of some of the variables that you can use in these templates
Variable | Description | Typically in |
---|---|---|
%%b_action%% | the cgi ref to dnewsweb needed for a form 'action' | - |
%%b_group%% | href to go to an individual group | top.tpl |
%%b_search%% | href to go to the FTS search form | top.tpl |
%%b_allgroups%% | href to go to the list of all news groups | - |
%%begin_dir%% | Starts list of all news groups at this tree level | list.tpl |
%%end_dir%% | Ends list of news groups | list.tpl |
%%ifdef%%var%% | Conditional inclusion if variable is defined | - |
%%b_related%% | List of related message | item.tpl |
%%b_recent%% | Most recent articles in group | item.tpl |
%%b_topgroups%% | Goes to top/main page of dnewsweb | item.tpl |
%%b_allgroups%% | Goes to list of all news groups | item.tpl |
%%b_follow%% | Goes to form for posting followup messages | item.tpl |
%%b_post%% | Post a new message to this group | items.tpl |
%%b_searchgrp%% | Search this group for text | items.tpl |
%%b_next%% | Next page of this group | items.tpl |
%%b_prev%% | Previous page of this group | items.tpl |
%%indent%%1%% | Used to define each indent level for threaded display | items.tpl |
%%begin_item%% | Starts definition of how each item in dir is displayed | items.tpl |
%%end_item%% | Ends definition of each item | items.tpl |
%%b_item%% | Goes to a particular item | items.tpl |
%%h_subject%% | The subject for a given item | items.tpl |
%%h_date%% | The date for a given item | items.tpl |
%%h_date_trim%% | The date trimmed to be readable | items.tpl |
%%h_from%% | The email address of the person who posted it | items.tpl |
%%h_from_trim%% | The email address trimmed to be readable | items.tpl |
%%h_lines%% | The number of lines in this message | items.tpl |
%%h_content-type%% | The value of the mime content type header | items.tpl |
%%h_scores%% | The score an item got in a search | - |
%%h_subject_30%% | The first 30 characters of the subject, also 40 and 60 | items.tpl |
%%summary%% | The summary of a search result | - |
%%quote_body%% | Used in 'followup' to quote a previous message | - |
%%show_item%% | Used to show the actual item | item.tpl |
%%begin_dir%% | Starts the list of items within a group | items.tpl |
%%end_dir%% | Ends item list | - |
%%indent%% | Define the codes to indent and un indent | items.tpl |
%%h_references%% | The references header | - |
%%h_message-id%% | The message id of a message | - |
%%h_newsgroups%% | The newsgroups it is posted to | - |
%%h_group%% | The current group being displayed. | - |
%%include%%file%% | Reads the named file in, (it cannot contain variables) | - |
%%ifgroup%%comp.*%%
The %%ifgroup%%ListOfGroups%% can be used to change the appearance of pages based on the news group being displayed. (e.g. you might want to use a background image of little cars for a newsgroup devoted to cars)
%%include%%advert.htm%% Useful for displaying adverts, you would setup a cron job (or program that runs every 10 minutes) to change the advert file, thus displaying a new advert each time someone reads the group. By only changing the advert every 10 minutes you avoid the problem of people turning off the images because they are too slow.
Table Layout
See the file items_t.tpl (or copy it to items.tpl) to see how a table can be used instead of the standard list format for news items.
DNEWSWEB.INI settings
Symbol | Example | Explanation |
---|---|---|
newshost | news.your.domain | The name or number of your DNEWS news server |
templates | c:/dnewsweb | The directory where you have copied the *.tpl files |
groups | rec.humor, local.chat | Groups that will appear on the top dnewsweb page, this setting is obsolete, use the top.tpl file instead. |
post_groups | local.*,rec.humor | List groups that users may post to using dnewsweb |
post_users | 232.33.2.1,22.44.* | List IP addresses (not numbers) that may post |
debug | True | Enables verbose debug output, (for NetWin use) |
pagesize | 60 | Approx. number of items to show per page |
allow | comp.lang.*,local.* | Groups to allow users read access too. |
content_type | text/html | Used for some web servers which allow fancy features if the content type is changed to something non standard. |
log_file | /var/log/dnewsweb.log | Allows you to specify a directory where dnewsweb has 'write' access to create it's log file. |
sort_rev | true | Puts new messages at the top of each page instead of the bottom. |
wrap_post | 60 | Wraps new posts at 60 characters |
wrap_text | 60 | Wraps current existing articles at 60 characters |
Extended Form Feature
With DNEWSWEB you can define a posting form, with required and optional fields, these will be used to force the user into giving you specific information with every post, for example with a newsgroup that is used for technical support you would require that the user tells you what version of the software they are using etc. To try this out start switch to the example forms:
copy post_form.tpl post.tpl
copy postit_2.tpl postit.tpl
Then try posting a message.
In the post.tpl there are two hidden fields to tell dnewsweb what fields it should look for and which ones are required.
<input type=hidden name="required" value="os,version,reg">
<input type=hidden name="optional" value="keywords">
And then you can use normal form input fields to ask for the extra data, e.g.:
Operating System <input name="os" size=50> (Required)
Software Version <input name="version" size=50> (Required)
Registration Number <input name="reg" size=50> (Required)
Keywords <input name="keywords" size=50> (Optional)
And finally you need to define a file called postit.tpl which dnews will use to construct the actual layout of the message that will be posted to the news server, e.g.
Operating System: %%os%%
DNEWS Version: %%version%%
Customer Registration Code: %%reg%%
Keyword: %%keywords%%
%%message%%
Using frames just like a Windows news reader.
The following example (frame.htm) can be used to run DNEWSWEB inside frames, the http address below needs to be changed to match your server.
<html>
<head>
<Title> DNEWSWEB using frames </title>
</head>
<frameset rows="50%,50%">
<frame src="http://your.web.server/cgi-bin/dnewsweb.exe"
name="items">
<frame src="empty.htm" name="item">
</frameset>
</html>
Then in the templates items.tpl and item.tpl define the targets for buttons that should switch forms, for example the 'show item' href in items.tpl must point to the 'item' frame, e.g.
<li><a href="%%b_item%%" target="item">%%h_subject%%</a> ...<br>
Make similar changes to the href buttons in item.tpl that should jump back to the "items" frame. (see items_f.tpl and item_f.tpl for examples.)
<td><a href="%%b_related%%" target="items">Related
Items</a>
<td><a href="%%b_recent%%" target="items">Recent
Items</a>
<td><a href="%%b_topgroups%%" target="items">Standard
Groups</a>
<td><a href="%%b_allgroups%%" target="items">All
Groups</a>
<td><a href="%%b_follow%%">Post Followup</a>
This will display the directory of a group in the top window, and the actual items in the bottom window, just like a regular windows based news reader. This is totally implemented via the flexibility of dnewsweb templates.
HELP, It asked me where to save dnewsweb.exe
This means you have failed to tell your web server that the directory cgi-bin/ contains CGI programs and not WEB pages. Go back to your web server administration window and look for help on CGI directories. (This is the single most common question we get !!)
Do I have to use it with DNEWS
It will run with other news servers, however it is much faster with DNEWS and the 'list all newsgroups' function will only work with DNEWS.
Full text search engine
To enable the full text searching button you need to add search true to dnewsweb.ini (as well as installing the xmit process to build the indexes, see the manual for details on doing this, NOTE: the FTS database is resource intensive, especially if you try and index your entire news spool, plan on doubling your RAM if you want to set this up)
The threading doesn't make sense, is it faulty?
If you are looking at a large news group, then the threading will 'break down' because all you can see are parts of many different threads. You can increase the page size to reduce the extent of this problem. Also the next version will add a visual break to show where one 'thread' finishes and a new 'partial' thread starts.
Upgrading DNEWSWEB
Copy DNEWSWEB.exe into your cgi-bin directory.
NOTE: The old mechanism of header and footer files has been replaced by TEMPLATE files in this version to increase flexibility, this means that when you upgrade you must define a template directory in DNEWSWEB.ini and you must copy all the template files into that directory from the distribution directory.
CAUTION, gatewaying mailing lists to public news groups is a little risky, don't do it lightly.
Two gateways are needed to make a news group and a mailing list 'identical', you must setup both so that a news post gets sent to the mailing list and so a mailing post gets posted to the news group.
Setting up a gateway from a "NEWS group" to a "MAILING LIST"
In newsfeeds.conf add a feed for the group you wish to gateway, the 'site' name can be anything meaningful to you.
site juggling
groups rec.juggling
(This will make dnews create juggling.feed in the workarea directory)
For Windows NT
Now to actually send the items, setup an xmit process for each mailing list. To do this edit addmail.cmd (which will be in /dnews with luck)
notepad addmail.cmd
Change the -name to be the name in newsfeeds.conf
Change SITE.NAME to match the site you have added to newsfeeds.conf
(juggling)
Change MAIL.HERE.COM to point to your mail server
Change JUGLIST@HERE.COM to point to the actual mailing list
addsvc -del dxmail1
addsvc -add dxmail1 xmit.exe "dxmail1 SITE.NAME -smtp MAIL.HERE.COM
-at *5 *
(cont. but should be on one line) -mail JUGLIST@HERE.COM "
addmail.cmd (run the script to add the service) (This is NT only)
Restart things:
tellnews reload
Start the xmit service in Control Panels (for nt)
Test the mailing list, if a loop occurs, disable it quickly and figure out why.
For Unix
In Unix put the following in the startup,
nohup xmit SITE.NAME -smtp MAIL.GATEWAY.COM -at "*5" "*" -mail JUGLIST@HERE.COM &
To get it running the first time just type the command by hand.
Test the mailing list, if a loop occurs, disable it quickly and figure out why.
Setting up a gateway from a MAILING LIST to a NEWS GROUP
For Windows NT
First setup DROBOT to run from NTMAIL, in control panels run the NTMail admin tool. Click on 'executables' and enter a name for this gateway, e.g.
juglist-robot (You will then need to add this user to your juglist mailing list, e.g. juglist-robot@here.com, so that this robot will get all messages that are posted to the mailing list)
In the command line box type in:
drobot -dir c:\ntmail\news -groups rec.juggling
Now, setup the service to post these items.
addsvc -del dposter
addsvc -add dposter dposter.exe "dposter -dir c:\ntmail\news
-to news.here.com"
Now start the services (from control panel) and then test posting a message and mailing a message to the mailing list and see if the newsgroup and mailing list are kept inline.
For Unix
In the .forward file put the path of drobot
|"/usr/local/dnews/drobot -dir /var/spool/mailnews -groups rec.juggling"
Add dposter to the startup, but start it by hand the first time with the same command.
nohup dposter -dir /var/spool/mailnews -to news.here.com &
Run the same test procedure as for windows.
Sending many groups to many mailing lists via one xmit gateway
Lets say you want to mirror 100 news groups into mailing lists, obviously you don't want 100 xmit processes running, here's how to do it:
In newsfeeds.conf
...
site lists
groups comp.lang.*
Then start a single xmit process with parameters like this:
nohup xmit lists -smtp MAIL.GATEWAY.COM -at "*5" "*" -all
"comp.lang.*"
-mail @HERE.COM &
This will send messages to 'comp_lang_c@HERE.COM', and 'comp_lang_basic@HERE.COM' etc, you must define all these locall mail addresses.
See the xmit usage for an explanation of the switches used with xmit
Taking a newsfeed direct from ClariNet
In access.conf you need to add entries for Clarinet, currently DNEWS uses reverse DNS to check who is sending you data, so you need entries which will match all clarinet news hosts. Give the ClariNet tech support READ access to your server as well.
*.clari.net:IHAVE,READ:::*
*.clarinet.com:IHAVE:::*
*.ccnet.com:IHAVE:::*
In dnews.conf, enable reverse DNS lookups:
nodns false
In newsfeeds.conf, prevent any clari groups from being accidentally sent to your normal upstream sites or any outgoing feeds you have (if any). And add an upstream feed for the clarinet discussion group clari.net.talk, be very certain you don't send any other clarinet groups anywhere.
site me
groups *
site $nntp_feeder
groups *,!clari*
site clari.
groups !*,clari.net.talk
builtin
Choose a subscription and fetch a newsgroup list appropriate for it, these are just some of the options. You may find the groups already exist on your server so this step may not be necessary.
newsgroups.1 One-Star Edition
newsgroups.2 Two-Star Edition
newsgroups.3 Three-Star Edition
newsgroups.3c Three-Star Edition with Commerce Business Daily
newsgroups.edu Educational Edition
newsgroups.4 Four-Star/Corporate/Edu+ Edition
ftp ftp.clari.net
ftp> user anonymous
ftp>
ftp> cd help/admin
ftp> get newsgroups.1
Add a dummy header line and one blank line to the newsgroups.1 file so it looks like a real news message, and then use the checkgroups command to merge it in with your current list of news groups.
tellnews checkgroups newsgroups.1 (Note: This only works in DNEWS 4.2m or later)
Add a dummy line to your moderators.conf line as the clarinet groups are not really moderated groups. This should go above the last rule in this file, e.g.
clari.*:modreply@clari.net
*:%s@uunet.uu.net
That's all you need to do, you should now have all the ClariNet news groups and your news items should start arriving as soon as you email/call ClariNet and ask them to turn on your feed.
If you have any problems feel free to contact NetWin Support for advice and assistance. We will usually want to see a section of DNEWS.LOG and your DNEWS.CONF and or NEWSFEEDS.CONF files.
Adding PGP authentication to DNEWS 4
Install PGP software on your computer
For legal reasons we cannot supply PGP directly as this would break certain archaic U.S. laws. However we can tell you how to get it: (apparently non U.S. citizens cannot read English :-)
For Windows NT :- look for a version for '32-bit DOS...' , you don't need the fancy windows front ends (which do not work without also getting the DOS application)
For Unix :- get the source and build it, typically with a command like: make linux
U.S Only. - PGP home page: http://web.mit.edu/network/pgp-form.html
International - PGP home page: http://www.ifi.uio.no/pgp/
We would have liked to give you references to the actual files, but then someone might have accidentally downloaded the wrong one and then ended up being arrested for exporting munitions...and we wouldn't want that happening would we :-)
Add the public keys of the public news administrators Transfer the file http://ftp.sunet.se/pub/news/misc/pgpcontrol/PGPKEYS.gz , gunzip it and then add these public keys to your key ring, e.g.
gunzip PGPKEYS.gz
pgp -ka PGPKEYS
On NT you should define the environment variable PGPPATH for all users (in the system setup) to tell pgp where it can find it's key rings, on UNIX you should run the above commands as the 'NEWS' user and pgp will put the key ring into a directory called, ~news/.pgp/ or you can define PGPPATH in dnews_start.sh
On unix, if you define PGPPATH to point to a directory that is not owned by NEWS then you may find PGP fails because it cannot access the key ring.
In DNEWS.CONF specify the path to the PGP program
This step is only necessary if you have not put 'pgp' into your path.
pgp c:\app\pgp\pgp.exe
In control.conf add ",pgp" to the 'action' field
newgroup:tale@*.uu.net:comp.*,misc.*,news.* ,rec.*,sci.*,soc.*,talk.*:doit,pgp
rmgroup:tale@*.uu.net:comp.*,misc.*,news.*,rec.* ,sci.*,soc.*,talk.*:doit,pgp
Note: currently PGP is only implemented on the Windows NT and UNIX version of DNEWS.
Related useful links
General information on PGP
authentication of Usenet News Messages
Where
to get the latest PGP (Pretty Good Privacy) FAQ
Products | Downloads | Prices | Support | Company |
---|---|---|---|---|
![]() |
![]() |
![]() |
![]() |
![]() |