NNTPS pointers
Julien ÉLIE
julien at trigofacile.com
Thu Oct 21 20:37:09 UTC 2021
Responding to myself,
> Do you know news servers implementing TLS for transit?
>
> If that's the case, as nnrpd has TLS support and implements IHAVE, maybe
> you could try to start 2 instances of nnrpd (one listening to port 563
> for readers, and another to port 433 for instance). Remote news servers
> may send you articles to port 433 using TLS and IHAVE.
> I believe it would work. Yet, not as fast as innd would, though.
On second thoughts, and having verified how IHAVE is delt with by nnrpd,
this will not work. Articles from peers will be rejected; nnrpd acts as
an injecting agent, whatever command is used. So articles from peers
will be rejected as they contain header fields showing they have already
been injected.
That's not possible then.
Another secure way to feed articles would be UUCP batches over SSH (with
send-uucp) but it may not fit your needs, Grant.
> And innfeed does not implement TLS either...
At one time we could have the debate of switching innfeed to innduct
https://www.chiark.greenend.org.uk/ucgi/~ian/git-manpage/innduct.git/innduct.8
It will be easier to implement TLS support in innduct, and also to
maintain it. Besides, I doubt all the configuration possibilities
innfeed has to fine-tune its behaviour is really used in practice...
AUTHINFO would be worth adding to innduct though.
And if imapfeed is still used (I don't know if it still works fine), it
could maybe be integrated as imapduct!
--
Julien ÉLIE
« Après la clairière d'attente, on entre dans la hutte de
consultation. » (Astérix)
More information about the inn-workers
mailing list