newbie question: state of the art/practice for private newsgroups?

Julien ÉLIE julien at trigofacile.com
Mon Feb 7 21:15:25 UTC 2011


Hi Miles,

See Raphaël and Todd's answers.


> What I'm wondering is the current state of the art/practice. What
> would be a good starting point for building something along the lines
> of:
> - 3-5 replicated servers

You can do it with INN (see the xrefslave parameter in inn.conf
to achieve a "replication" with the same article numbers).
    http://www.eyrie.org/~eagle/software/inn/docs/inn.conf.html

Suggestions of architecture here:
    http://web.inter.NL.net/users/Elena.Samsonova/unix/INN/v2.3/architectures.html

But it is maybe too much for your needs (?)


> - 15-20 groups
> - 3-5000 users

No problem.


> - peer-to-peer authentication among servers

You can authenticate the servers (password sent in plain text between
innd and innfeed).  See stunnel, as Todd recommended, if you need to
encrypt the transfer.
Usually, it is not necessary to authenticate the servers.  Rights are
granted per IP.


> - crypto-based authentication of users, with access control on a user-
> newsgroup level (ideally using kerberos or LDAP for central user
> administration)

    http://www.eyrie.org/~eagle/software/inn/docs/readers.conf.html
    http://www.eyrie.org/~eagle/software/inn/docs/ckpasswd.html
    http://www.eyrie.org/~eagle/software/inn/docs/hook-perl.html
    http://www.eyrie.org/~eagle/software/inn/docs/hook-python.html


> - encryption and signing of messages

This feature is client-based.
PGP is usually used.

-- 
Julien ÉLIE

« C'est sûrement des pirates ! Ils peuvent nous emmener comme
  captifs, nous tuer ou pire encore, nous voler la marchandise ! »
  (Astérix)



More information about the inn-workers mailing list