Audit of INN against draft-ietf-nntpext-base-13.txt complete

Heiko Schlichting inn-workers at
Mon Jul 9 10:49:06 UTC 2001

Russ Allbery <rra at> writes:
> Alex Kiernan <alexk at> writes:
>> This is an interesting one... I actually need nnrpd to accept IHAVE (an
>> historical artifact from way back when, when Demon customers really did
>> peer with the news server)
> Heh!  I didn't think anyone would need that.

That's wrong. Some months ago I implemented IHAVE into our nnrpd due to
strong demand by our users. We (=News.CIS.DFN.DE) have about 95,000 users
with a large variety of reading agents.

One reading agent getting more popular in the recent past is Microsoft
Exchange 2000 which requires IHAVE for a "Peer" type of connection which
is the only one acceptable as "Master" and "Slave" are not. "Peer" is in
Microsoft speech a sucking server but it uses IHAVE and not POST to send
articles back. This is a change to Exchange 5.5 which uses POST and works
well with nnrpd; Exchange 2000 can't be used in combination with nnrpd.

I implemented IHAVE into our nnrpd in a special way to handle our needs:

- it checks for duplicates first (difference to POST which does not know
  the Message-ID)
- it checks for correct headers like POST in nnrpd (difference to IHAVE
  implementation in innd)
- If X-Trace, NNTP-Posting-Host etc. headers exists, they are renamed
  to Orig-X-Trace, Orig-NNTP-Posting-Host etc. (special)
- X-Trace, NNTP-Posting-Host etc. are handled like POST in nnrpd, which
  means the server generates them.

Statistics for News.CIS.DFN.DE for yesterday:
	17201 successful POST commands
	  217 POST commands trying to inject an article which is a DUPLICATE
	   90 successful IHAVE commands
	 5635 IHAVE commands trying to inject an article which is a DUPLICATE

So, most articles send this way are duplicates but some are not. I can see
82 of our 95,000 accounts using IHAVE.

We inserted a warning in our documentation of client software that we use a
modified version of INN on our end. This documentation exists only in German
at this time as we have some delay in translating all our documents:

I can't decide if nnrpd really needs an implementation of IHAVE. I have
done it for our server and it fits our needs which may be very special. For
a release to the public it might be more difficult to implement IHAVE in
nnrpd as regeneration of X-Trace and NNTP-Posting-Host is not the normal
behavior for IHAVE and leaving these headers untouched is not acceptable for
an injecting agent because of abuse handling.  But everyone should aware
that without IHAVE nnrpd will not work together with Microsoft Exchange 2000
which can be seen as a problem or a feature depending of the point of view.


Heiko Schlichting        | Freie Universität Berlin
heiko at FU-Berlin.DE       | Zentraleinrichtung für Datenverarbeitung (ZEDAT)
Telefon +49 30 838-54327 | Fabeckstraße 32
Telefax +49 30 838-56721 | 14195 Berlin

More information about the inn-workers mailing list