RFC 5536 and the O flag in INN's newsfeeds

Julien ÉLIE julien at trigofacile.com
Thu Dec 31 19:40:18 UTC 2009


Hi Ray,

> Next, I will integrate the information of
> Eternal-September's X-Auth-User header into Injection-Info.

I will also add a parameter to inn.conf (addinjectionpostingaccount,
set to FALSE by default) to generate a posting-account parameter
in the Injection-Info: header field.  I think it will be the value of
PERMuser (the authenticated user, if set -- otherwise, whatever is
set by the matched access block in readers.conf).
Unless there is another better thing to add?

It is set to FALSE by default because we do not follow the SHOULD
of RFC 5536:

   The "posting-account" <parameter> identifies the source from which
   that news server received the article, in a notation that can be
   interpreted by the news server administrator.  This notation can
   include any information the administrator deems pertinent.  In order
   to limit the exposure of personal data, it SHOULD be given in a form
   that cannot be interpreted by other sites.  However, to make it
   useful for rate limiting and abuse detection, two messages posted
   from the same source SHOULD have the same value of "posting-account",
   and two messages from different sources SHOULD have differing values
   of "posting-account".  The exact definition of "source" is left to
   the discretion of the news server administrator.


> Thanks for all your work.

You're welcome, and I apologize for the nasty bugs I did not see before
committing.  Correctly parsing headers appears to be trickier than
I thought.

-- 
Julien ÉLIE

« En vérité, le chemin importe peu, la volonté d'arriver suffit à tout. » 




More information about the inn-workers mailing list