Network News Transfer Protocol (NNTP) provides for a vastly different approach to news exchange from C News and other news servers without native NNTP support. Rather than rely on a batch technology like UUCP to transfer news articles between machines, it allows articles to be exchanged via an interactive network connection. NNTP is not a particular software package, but an Internet standard described in RFC-977. It is based on a stream-oriented connection, usually over TCP, between a client anywhere in the network and a server on a host that keeps Netnews on disk storage. The stream connection allows the client and server to interactively negotiate article transfer with nearly no turnaround delay, thus keeping the number of duplicate articles low. Together with the Internet’s high-transfer rates, this adds up to a news transport that surpasses the original UUCP networks by far. While some years ago it was not uncommon for an article to take two weeks or more before it arrived in the last corner of Usenet; it is now often less than two days. On the Internet itself, it is even within the range of minutes.
Various commands allow clients to retrieve, send, and post articles. The difference between sending and posting is that the latter may involve articles with incomplete header information; it generally means that the user has just written the article. Article retrieval may be used by news transfer clients as well as newsreaders. This makes NNTP an excellent tool for providing news access to many clients on a local network without going through the contortions that are necessary when using NFS.
NNTP also provides for an active and a passive way to transfer news, colloquially called “pushing” and “pulling.” Pushing is basically the same as the ihave/sendme protocol used by C News (described in Chapter 21). The client offers an article to the server through the IHAVE msgid command, and the server returns a response code that indicates whether it already has the article or if it wants it. If the server wants the article, the client sends the article, terminated by a single dot on a separate line.
Pushing news has the single disadvantage that it places a heavy load on the server system, since the system has to search its history database for every single article.
The opposite technique is pulling news, in which the client requests a list of all (available) articles from a group that have arrived after a specified date. This query is performed by the NEWNEWS command. From the returned list of message IDs, the client selects those articles it does not yet have, using the ARTICLE command for each of them in turn.
Pulling news needs tight control by the server over which groups and distributions it allows a client to request. For example, it has to make sure that no confidential material from newsgroups local to the site is sent to unauthorized clients.
There are also a number of convenience commands for newsreaders that permit them to retrieve the article header and body separately, or even single header lines from a range of articles. This lets you keep all news on a central host, with all users on the (presumably local) network using NNTP-based client programs for reading and posting. This is an alternative to exporting the news directories via NFS, as described in Chapter 21.
An overall problem of NNTP is that it allows a knowledgeable person to insert articles into the news stream with false sender specification. This is called news faking or spoofing. An extension to NNTP allows you to require user authentication for certain commands, providing some measure of protection against people abusing your news server in this way.
There are a number of NNTP packages. One of the more widely known is the NNTP daemon, also known as the reference implementation. Originally, it was written by Stan Barber and Phil Lapsley to illustrate the details of RFC-977. As with much of the good software available today, you may find it prepackaged for your Linux distribution, or you can obtain the source and compile it yourself. If you choose to compile it yourself, you will need to be quite familiar with your distribution to ensure you configure all of the file paths correctly.
The nntpd package has a server, two clients for pulling and pushing news, and an inews replacement. They live in a B News environment, but with a little tweaking, they will be happy with C News, too. However, if you plan to use NNTP for more than offering newsreaders access to your news server, the reference implementation is not really an option. We will therefore discuss only the NNTP daemon contained in the nntpd package and leave out the client programs.
If you wish to run a large news site, you should look at the InterNet News package, or INN, that was written by Rich Salz. It provides both NNTP and UUCP-based news transport. News transport is definitely better than nntpd. We discuss INN in detail in Chapter 23.
We’ve mentioned two NNTP commands that are key to how news articles are pushed or pulled between servers. Now we’ll look at these in the context of an actual NNTP session to show you how simple the protocol is. For the purposes of our illustration, we’ll use a simple telnet client to connect to an INN-based news server at the Virtual Brewery called news.vbrew.com. The server is running a minimal configuration to keep the examples short. We’ll look at how to complete the configuration of this server in Chapter 23. In our testing we’ll be very careful to generate articles in the junk newsgroup only, to avoid disturbing anyone else.
Connecting to the news server is a simple as opening a TCP connection to
its NNTP port. When you are connected, you will be greeted with a welcome
banner. One of the first commands you might try is
help. The response you get generally depends upon whether
the server believes you are a remote NNTP server or a newsreader, as there are
different command sets required. You can change your operating mode using the
mode command; we’ll look at that in a
telnet news.vbrew.com nntpTrying 172.16.1.1... Connected to localhost. Escape character is '^]'. 200 news.vbrew.com InterNetNews server INN 1.7.2 08-Dec-1997 ready
help100 Legal commands authinfo help ihave check takethis list mode xmode quit head stat xbatch xpath xreplic For more information, contact "usenet" at this machine. .
The responses to NNTP commands always end with a period (.) on a line by itself. The numbers you see in the output listing are response codes and are used by the server to indicate success or failure of a command. The response codes are described in RFC-977; we’ll talk about the most important ones as we proceed.
Subject: test message sent with ihave
Date: 26 April 1999
This is a test message sent using the NNTP IHAVE command.
All NNTP commands are case insensitive, so you may enter them in either upper- or lowercase. The IHAVE command takes one mandatory argument, it being the Message ID of the article that is being pushed. Every news article is assigned a unique message ID when it is created. The IHAVE command provides a way of the NNTP server to say which articles it has when it wants to push articles to another server. The sending server will issue an IHAVE command for each article it wishes to push. If the command response code generated by the receiving NNTP server is in the “3xx” range, the sending NNTP server will transmit the complete article, including it’s full header, terminating the article with a period on a line by itself. If the response code was in the “4xx” range, the receiving server has chosen not to accept this article, possibly because it already has it, or because of some problem, such as running out of disk space.
When the article has been transmitted, the receiving serve issues another response code indicating whether the article transmission was successful.
Newsreaders use their own set of commands when talking to a news server. To activate these commands, the news server has to be operating in reader mode. Most news servers default to reader mode, unless the IP address of the connecting host is listed as a news-forwarding peer. In any case, NNTP provides a command to explicitly switch into reader mode:
mode reader200 news.vbrew.com InterNetNews NNRP server INN 1.7.2 08-Dec-1997 ready/ (posting ok).
help100 Legal commands authinfo user Name|pass Password|generic <prog> <args> article [MessageID|Number] body [MessageID|Number] date group newsgroup head [MessageID|Number] help ihave last list [active|active.times|newsgroups|distributions|distrib.pats|/ overview.fmt|subscriptions] listgroup newsgroup mode reader newgroups yymmdd hhmmss ["GMT"] [<distributions>] newnews newsgroups yymmddhhmmss ["GMT"] [<distributions>] next post slave stat [MessageID|Number] xgtitle [group_pattern] xhdr header [range|MessageID] xover [range] xpat header range|MessageID pat [morepat...] xpath MessageID Report problems to <email@example.com> .
NNTP reader mode has a lot of commands. Many of these are designed to make the life of a newsreader easier. We mentioned earlier that there are commands that instruct the server to send the head and the body of articles separately. There are also commands that list the available groups and articles, and others that allow posting, an alternate means of sending news articles to the server.
list newsgroups215 Descriptions in form "group description". control News server internal group junk News server internal group local.general General local stuff local.test Local test group .
list active shows each supported group and provides information
about them. The two numbers in each line of the output are the high-water
mark and the low-water mark—that is, the highest numbered article and
lowest numbered article in each group. The newsreader is able to form an
idea of the number of articles in the group from these. We’ll talk a little
more about these numbers in a moment. The last field in the output displays flags
that control whether posting is allowed to the group, whether the group is
moderated, and whether articles posted are actually stored or
just passed on. These flags are described in detail in Chapter 23.
An example looks like this:
list active215 Newsgroups in form "group high low flags". control 0000000000 0000000001 y junk 0000000003 0000000001 y alt.test 0000000000 0000000001 y .
We mentioned there was a difference between pushing an article and posting an article. When you are pushing an article, there is an implicit assumption that the article already exists, that it has a message identifier that has been uniquely assigned to it by the server to which it was originally posted, and that it has a complete set of headers. When posting an article, you are creating the article for the first time and the only headers you supply are those that are meaningful to you, such as the Subject and the Newgroups to which you are posting the article. The news server you post the article on will add all the other headers for you and create a message ID that it will use when pushing the article onto other servers.
All of this means that posting an article is even easier than pushing one. An example posting looks like this:
Subject: test message number 1
This is a test message, please feel free to ignore it.
.240 Article posted
We’ve generated two more messages like this one to give our following examples some realism.
When a newsreader first connects to a new server and the user chooses a
newsgroup to browse, the newsreader will want to retrieve a list of new
articles, those posted or received since the last login by the user. The
newnews command is used for this
purpose. Three mandatory arguments must be supplied: the name of
the group or groups to query, the start date, and the start time from which
to list. The date and time are each specified as six-digit numbers, with the
most significant information first;
newnews junk 990101 000000230 New news follows <firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org> .
When the user selects a newsgroup to browse, the newsreader may tell the
news server that the group was selected. This simplifies the interaction
between newsreader and news server; it removes the need to constantly
send the name of the newsgroup with each command. The
group command simply takes the name of the selected group as
an argument. Many following commands use the group selected as the
default, unless another newsgroup is specified explicitly:
group junk211 3 1 3 junk
group command returns a message
indicating the number of active messages, the low-water mark, the high-water
mark, and the name of the group, respectively. Note that while the number of
active messages and the high-water mark are the same in our example, this is
not often the case; in an active news server, some articles may have expired
or been deleted, lowering the number of active messages but leaving the
high-water mark untouched.
To address newsgroup articles, the newsreader must know
which article numbers represent active articles. The
listgroup command offers a list of the active
article numbers in the current group, or an explicit group if the group name is
listgroup junk211 Article list follows 1 2 3 .
The user must have some information about an article before she can know
whether she wishes to read it. We mentioned earlier that some commands allow the article header and body to be transferred separately. The
head command is used to request that the server transmit
just the header of the specified article to the newsreader. If the user
doesn’t want to read this article, we haven’t wasted time and network
bandwidth transferring a potentially large article body unnecessarily.
Articles may be referenced using either their number (from the
listgroup command) or their message identifier:
head 2221 2 <email@example.com> head Path: news.vbrew.com!not-for-mail From: firstname.lastname@example.org Newsgroups: junk Subject: test message number 2 Date: 27 Apr 1999 21:51:50 GMT Organization: The Virtual brewery Lines: 2 Message-ID: <email@example.com> NNTP-Posting-Host: localhost X-Server-Date: 27 Apr 1999 21:51:50 GMT Body: Xref: news.vbrew.com junk:2 .
If, on the other hand, the user decides she does want to read the article, her
newsreader needs a way of requesting that the message body be transmitted. The
body command is used for this purpose. It operates in much
the same way as the
head command, except that only the message
body is returned:
body 2222 2 <firstname.lastname@example.org> body This is another test message, please feel free to ignore it too. .
While it is normally most efficient to separately transfer the headers and bodies of selected articles, there are occasions when we are better off transferring the complete article. A good example of this is in applications through which we want to transfer all of the artices in a group without any sort of preselection, such as when we are using an NNTP cache program like leafnode.
Naturally, NNTP provides a means of doing this, and not surprisingly, it
operates almost identically to the
head command as well.
article command also accepts an article number or
message ID as an argument, but returns the whole article including its header:
article 1220 1 <email@example.com> article Path: news.vbrew.com!not-for-mail From: firstname.lastname@example.org Newsgroups: junk Subject: test message number 1 Date: 26 Apr 1999 22:08:59 GMT Organization: The Virtual brewery Lines: 2 Message-ID: <email@example.com> NNTP-Posting-Host: localhost X-Server-Date: 26 Apr 1999 22:08:59 GMT Body: Xref: news.vbrew.com junk:1 This is a test message, please feel free to ignore it. .
If you attempt to retrieve an unknown article, the server will return a message with an appropriately coded response code and perhaps a readable text message:
article 4423 Bad article number
We’ve described how the most important NNTP commands are used in this section. If you’re interested in developing software that implements the NNTP protocol, you should refer to the relevant RFC documents; they provide a great deal of detail that we couldn’t include here.
Let’s now look at NNTP in action through the nntpd server.
 When posting an
article over NNTP, the server always adds at least one header field,
NNTP-Posting-Host:. The field contains the client’s hostname.
 The same problem exists with the Simple Mail Transfer Protocol (SMTP), although most mail transport agents now provide mechanisms to prevent spoofing.