1INN.CONF(5) InterNetNews Documentation INN.CONF(5)
2
6 inn.conf - Configuration data for InterNetNews programs
7
9 inn.conf in pathetc is the primary general configuration file for all
10 InterNetNews programs. Settings which control the general operation of
11 various programs, as well as the paths to all portions of the news
12 installation, are found here. The INNCONF environment variable, if
13 set, specifies an alternate path to inn.conf.
14 This file is intended to be fairly static. Any changes made to it will
16 generally not affect any running programs until they restart. Unlike
17 nearly every other configuration file, inn.conf cannot be reloaded
18 dynamically using ctlinnd(8); innd(8) must be stopped and restarted for
19 relevant changes to inn.conf to take effect ("ctlinnd xexec innd" is
20 the fastest way to do this.)
21 Blank lines and lines starting with a number sign ("#") are ignored.
23 All other lines specify parameters, and should be of the following
24 form:
25 <name>: <value>
27 (Any amount of whitespace can be put after the colon and is optional.)
29 If the value contains embedded whitespace or any of the characters
30 "[]<""\:>, it must be enclosed in double quotes (""). A backslash
31 ("\") can be used to escape quotes and backslashes inside double
32 quotes. <name> is case-sensitive; "server" is not the same as "Server"
33 or "SERVER". (inn.conf parameters are generally all in lowercase.)
34 If <name> occurs more than once in the file, the first value is used.
36 Some parameters specified in the file may be overridden by environment
37 variables. Most parameters have default values if not specified in
38 inn.conf; those defaults are noted in the description of each
39 parameter.
40 Many parameters take a boolean value. For all such parameters, the
42 value may be specified as "true", "yes", or "on" to turn it on and may
43 be any of "false", "no", or "off" to turn it off. The case of these
44 values is significant.
45 This documentation is extremely long and organized as a reference
47 manual rather than as a tutorial. If this is your first exposure to
48 INN and these parameters, it would be better to start by reading other
49 man pages and referring to this one only when an inn.conf parameter is
50 explicitly mentioned. Those parameters which need to be changed when
51 setting up a new server are discussed in INSTALL.
52
54 General Settings
55 These parameters are used by a wide variety of different components of
56 INN.
57 domain
59 This should be the domain name of the local host. It should not
60 have a leading period, and it should not be a full host address.
61 It is used only if the inn_getfqdn() routine in libinn(3) cannot
62 get the fully qualified domain name by using either the
63 gethostname(3) or getaddrinfo(3) calls. The check is very simple;
64 if either routine returns a name with a period in it, then it is
65 assumed to have the full domain name. As this parameter is rarely
66 used, do not use it to affect the righthand side of autogenerated
67 Message-IDs; see instead virtualhost and domain in readers.conf(5).
68 The default value is unset.
69 innflags
71 The flags to pass to innd on startup. See innd(8) for details on
72 the possible flags. The default value is unset.
73 Note that these flags are only used when innd is started from
75 rc.news or nntpsend.
76 mailcmd
78 The path to the program to be used for mailing reports and control
79 messages. The default is pathbin/innmail. This should not
80 normally need to be changed.
81 mta The command to use when mailing postings to moderators and for the
83 use of innmail(1). The message, with headers and an added To:
84 header, will be piped into this program. The string %s, if
85 present, will be replaced by the e-mail address of the moderator.
86 It's strongly recommended for this command to include %s on the
87 command line rather than use the addresses in the To: and Cc:
88 headers of the message, since the latter approach allows the news
89 server to be abused as a mechanism to send mail to arbitrary
90 addresses and will result in unexpected behavior. There is no
91 default value for this parameter; it must be set in inn.conf or a
92 fatal error message will be logged via syslog.
93 For most systems, "/usr/lib/sendmail -oi -oem %s" (adjusted for the
95 correct path to sendmail, and between double quotes) is a good
96 choice.
97 pathhost
99 What to put into the Path: header to represent the local site.
100 This is added to the Path: header of all articles that pass through
101 the system, including locally posted articles, and is also used
102 when processing some control messages and when naming the server in
103 status reports. There is no default value; this parameter must be
104 set in inn.conf or INN will not start. A good value to use is the
105 fully qualified hostname of the system.
106 runasgroup
108 The group under which the news server will run. The default is
109 "news" (or the group specified at configure time) and should not
110 normally need to be changed.
111 runasuser
113 The user under which the news server will run. The default is
114 "news" (or the user specified at configure time) and should not
115 normally need to be changed.
116 server
118 The name of the default NNTP server. If nnrpdposthost is not set
119 and UNIX domain sockets are not supported, nnrpd(8) tries to hand
120 off locally-posted articles through an INET domain socket to this
121 server. actsync(8), nntpget(8), and getlist(8) also use this value
122 as the default server to connect to. In the latter cases, the
123 value of the NNTPSERVER environment variable, if it exists,
124 overrides this. The default value is unset.
125 syntaxchecks
127 A list of values controlling the level of checks performed by innd
128 and nnrpd. For instance:
129 syntaxchecks: [ no-laxmid ]
131 The last occurrence of a given value takes precedence, that is to
133 say if "no-laxmid laxmid" is listed, laxmid takes precedence.
134 Only one check can currently be enabled/disabled:
136 laxmid / no-laxmid
138 When laxmid is set, Message-IDs containing ".." in the left
139 part are accepted, as well as Message-IDs with two "@". Some
140 non-compliant news posters generate such syntactically invalid
141 Message-IDs, especially in binary newsgroups. The default is
142 no-laxmid, that is to say INN strictly follows the standard
143 regarding syntax checks.
144 Feed Configuration
146 These parameters govern incoming and outgoing feeds: what size of
147 articles are accepted, what filtering and verification is performed on
148 them, whether articles in groups not carried by the server are still
149 stored and propagated, and other similar settings.
150 artcutoff
152 Articles older than this number of days are dropped. The default
153 value is 10, which means that an incoming article will be rejected
154 if its posting date is farther in the past than ten days.
155 In order to disable that check on date, you can set this parameter
157 to 0.
158 The number on the "/remember/" line in expire.ctl should probably
160 be one more than that number in order to take into account articles
161 whose posting date is one day into the future.
162 bindaddress
164 Which IP address innd(8) should bind itself to. This must be in
165 dotted-quad format (nnn.nnn.nnn.nnn). If set to "all" or not set,
166 innd defaults to listening on all interfaces. The value of the
167 INND_BIND_ADDRESS environment variable, if set, overrides this
168 setting. The default value is unset.
169 bindaddress6
171 Like bindaddress but for IPv6 sockets. If only one of the
172 bindaddress and bindaddress6 parameters is used, then only the
173 socket for the corresponding address family is created. If both
174 parameters are used then two sockets are created. If neither of
175 them is used, the list of sockets to listen on will be determined
176 by the system library getaddrinfo(3) function. The value of the
177 INND_BIND_ADDRESS6, if set, overrides this setting. The default
178 value is unset.
179 Note that you will generally need to put double quotes ("") around
181 this value if you set it, since IPv6 addresses contain colons.
182 dontrejectfiltered
184 Normally innd(8) rejects incoming articles when directed to do so
185 by any enabled article filters (Perl or Python). However, this
186 parameter causes such articles not to be rejected; instead
187 filtering can be applied on outbound articles. If this parameter
188 is set, all articles will be accepted on the local machine, but
189 articles rejected by the filter will not be fed to any peers
190 specified in newsfeeds with the "Af" flag. The default value is
191 false.
192 hiscachesize
194 If set to a value other than 0, a hash of recently received
195 Message-IDs is kept in memory to speed history lookups. The value
196 is the amount of memory to devote to the cache in kilobytes. The
197 cache is only used for incoming feeds and a small cache can hold
198 quite a few Message-IDs, so large values aren't necessarily useful
199 unless you have incoming feeds that are badly delayed. innreport
200 can provide useful statistics regarding the use of the history
201 cache, especially when it misses. A good value for a system with
202 more than one incoming feed is 256; systems with only one incoming
203 feed should probably set this to 0. The default value is 256.
204 ignorenewsgroups
206 Whether newsgroup creation control messages (newgroup and rmgroup)
207 should be fed as if they were posted to the newsgroup they are
208 creating or deleting rather than to the newsgroups listed in the
209 Newsgroups: header. If this parameter is set, the newsgroup
210 affected by the control message will be extracted from the Control:
211 header and the article will be fed as if its Newsgroups: header
212 contained solely that newsgroup. This is useful for routing
213 control messages to peers when they are posted to irrelevant
214 newsgroups that shouldn't be matched against the peer's desired
215 newsgroups in newsfeeds. This is a boolean value and the default
216 is false.
217 immediatecancel
219 When using the timecaf storage method, article cancels are normally
220 just cached to be cancelled, not cancelled immediately. If this is
221 set to true, they will instead by cancelled as soon as the cancel
222 is processed. This is a boolean value and the default is false.
223 This setting is ignored unless the timecaf storage method is used.
225 linecountfuzz
227 If set to something other than 0, the line count of the article is
228 checked against the Lines: header of the article (if present) and
229 the article is rejected if the values differ by more than this
230 amount. A reasonable setting is 5, which is the standard maximum
231 signature length plus one (some injection software calculates the
232 Lines: header before adding the signature). The default value is
233 0, which tells INN not to check the Lines: header of incoming
234 articles.
235 maxartsize
237 The maximum size of article (headers and body) that will be
238 accepted by the server, in bytes. A value of 0 allows any size of
239 article, but note that innd will crash if system memory is
240 exceeded. The default value is 1000000 (approximately 1 MB). This
241 is checked against the article in wire format (CRLF at the end of
242 each line, leading periods protected, and with the trailing
243 "\r\n.\r\n" at the end). See also localmaxartsize.
244 maxconnections
246 The maximum number of incoming NNTP connections innd(8) will
247 accept. The default value is 50.
248 pathalias
250 If set, this value is prepended to the Path: header of accepted
251 posts (before pathhost) if it doesn't already appear in the Path:
252 header. The main purpose of this parameter is to configure all
253 news servers within a particular organization to add a common
254 identity string to the Path: header. The default value is unset.
255 pathcluster
257 If set, this value is appended to the Path: header of accepted
258 posts (after pathhost) if it isn't already present as the last
259 element of the Path: header. The main purpose of this parameter is
260 to make several news servers appear as one server. The default
261 value is unset.
262 Note that the Path: header reads right to left, so appended means
264 inserted at the leftmost side of the Path: header.
265 pgpverify
267 Whether to enable PGP verification of control messages other than
268 cancel. This is a boolean value and the default in the inn.conf
269 sample file is based on whether configure found pgp, pgpv, pgpgpg,
270 gpgv, gpgv1, gpgv2, gpg, gpg1 or gpg2. Note that if the parameter
271 is not present in the configuration file, it defaults to false.
272 port
274 What TCP port innd(8) should listen on. The default value is 119,
275 the standard NNTP port.
276 refusecybercancels
278 Whether to refuse all articles whose message IDs start with
279 "<cancel.". This message ID convention is widely followed by spam
280 cancellers, so the vast majority of such articles will be cancels
281 of spam. This check, if enabled, is done before the history check
282 and the message ID is not written to the history file. This is a
283 boolean value and the default is false.
284 This is a somewhat messy, inefficient, and inexact way of refusing
286 spam cancels. A much better way is to ask all of your upstream
287 peers to not send to you any articles with "cyberspam" in the Path:
288 header (usually accomplished by having them mark "cyberspam" as an
289 alias for your machine in their feed configuration). The filtering
290 enabled by this parameter is hard-coded; general filtering of
291 message IDs can be done via the embedded filtering support.
292 remembertrash
294 By default, innd(8) records rejected articles in history so that,
295 if offered the same article again, it can be refused before it is
296 sent. If you wish to disable this behavior, set this to false.
297 This can cause a substantial increase in the amount of bandwidth
298 consumed by incoming news if you have several peers and reject a
299 lot of articles, so be careful with it. Even if this is set to
300 true, INN won't log some rejected articles to history if there's
301 reason to believe the article might be accepted if offered by a
302 different peer, so there is usually no reason to set this to false
303 (although doing so can decrease the size of the history file).
304 This is a boolean value and the default is true.
305 sourceaddress
307 Which local IP address to bind to for outgoing NNTP sockets (used
308 by innxmit(8) among other programs, as well as innfeed(8) as long
309 as not overridden by bindaddress in innfeed.conf(5)). This must be
310 in dotted-quad format (nnn.nnn.nnn.nnn). If set to "all", the
311 operating system will choose the source IP address for outgoing
312 connections. The default value is unset.
313 sourceaddress6
315 Like sourceaddress but for IPv6 sockets. Note that you will
316 generally need to put double quotes ("") around this value if you
317 set it, since IPv6 addresses contain colons.
318 verifycancels
320 Set this to true to enable a simplistic check on all cancel
321 messages, attempting to verify (by simple header comparison) that
322 at least one newsgroup in the cancel message can be found in the
323 article to be cancelled. This check can't be done if the cancel
324 arrives before the article does. This is a boolean value, and the
325 default is false.
326 Note that RFC 5537 (USEPRO) mentions that "cancel control messages
328 are not required to contain From: and Sender: header fields
329 matching the target message. This requirement only encouraged
330 cancel issuers to conceal their identity and provided no security".
331 This check is therefore not done as it is extremely easy to spoof.
332 verifygroups
334 Set this to true to reject incoming articles which contain an
335 unknown newsgroup in the whole list of newsgroups to which they are
336 posted. In case wanttrash is set to true, such articles will still
337 be rejected. This is a boolean value, and the default is false.
338 wanttrash
340 Set this to true if you want to file articles posted to unknown
341 newsgroups (newsgroups not in the active file) into the "junk"
342 newsgroup rather than rejecting them. This is sometimes useful for
343 a transit news server that needs to propagate articles (according
344 to the setting of "Aj" in the newsfeeds feed pattern) in all
345 newsgroups regardless if they're carried locally. This is a
346 boolean value and the default is false.
347 The logtrash parameter specifies whether such articles should be
349 logged as posted to unwanted newsgroups in the news log file.
350 wipcheck
352 If INN is offered an article by a peer on one channel, it will
353 return deferral responses (code 436) to all other offers of that
354 article for this many seconds. (After this long, if the peer that
355 offered the article still hasn't sent it, it will be accepted from
356 other channels.) The default value is 5 and probably doesn't need
357 to be changed.
358 wipexpire
360 How long, in seconds, to keep track of message IDs offered on a
361 channel before expiring articles that still haven't been sent. The
362 default value is 10 and probably doesn't need to be changed.
363 History Settings
365 The following parameter affect the history database.
366 hismethod
368 Which history storage method to use. The only currently supported
369 value is "hisv6". There is no default value; this parameter must
370 be set.
371 "hisv6"
373 Stores history data in the INN history v6 format: history(5)
374 text file and a number of dbz(3) database files; this may be in
375 true history v6 format, or tagged hash format, depending on the
376 build options. Separation of these two is a project which has
377 not yet been undertaken.
378 Article Storage
380 These parameters affect how articles are stored on disk.
381 cnfscheckfudgesize
383 If set to a value other than 0, the claimed size of articles in
384 CNFS cycbuffs is checked against maxartsize plus this value, and if
385 larger, the CNFS cycbuff is considered corrupt. This can be useful
386 as a sanity check after a system crash, but be careful using this
387 parameter if you have changed maxartsize recently. The default
388 value is 0.
389 enableoverview
391 Whether to write out overview data for articles. If set to false,
392 INN will run much faster, but reading news from the system will be
393 impossible (the server will be for news transit only). If this
394 option is set to true, ovmethod must also be set. This is a
395 boolean value and the default is true.
396 extraoverviewadvertised
398 Besides the seven standard overview fields (which are in order
399 "Subject:", "From:", "Date:", "Message-ID:", "References:",
400 ":bytes" and ":lines") and the eighth "Xref:full" field required by
401 INN in order to handle crossposts, it is possible to add other
402 fields in the overview database. This parameter expects a list of
403 such header names. Overview data for these additional headers will
404 be generated for each new article at the time of arrival. For
405 instance, if you specify:
406 extraoverviewadvertised: [ Path Injection-Info ]
408 it implies that nnrpd will advertise "Path:full" and
410 "Injection-Info:full" as the ninth and tenth fields in response to
411 LIST OVERVIEW.FMT and that these two headers will be stored in the
412 overview database for each new article.
413 The default value is an empty list (no additional fields are
415 stored). Owing to optimizations when innd parses the articles it
416 receives, it is possible that all the values in the list are not
417 recognized by innd as standard headers. In such cases, innd will
418 log an error in news.err at startup and the unrecognized fields
419 will be discarded.
420 You should advertise only fields for which the overview database is
422 consistent, that is to say it records the content or absence of
423 these fields for all articles, including those already existing in
424 the news spool. Consequently, if you decide to add or remove a
425 field from your overview database, you should either modify
426 extraoverviewadvertised and rebuild your overview database with
427 makehistory(8) after removing all existing overview files, or
428 implement a transition period by first using extraoverviewhidden as
429 described below.
430 Use of a transition period can accommodate most overview
432 reconfigurations, but certain drastic changes may still require a
433 complete overview rebuild.
434 If for instance you want to store the content of the To: header in
436 addition to the fields already stored above, you should use:
437 extraoverviewadvertised: [ Path Injection-Info ]
439 extraoverviewhidden: [ To ]
440 This way, "To:full" will not be advertised by nnrpd but will be
442 stored for each new article. Once you know that all articles in
443 your overview database record the content or absence of that new
444 field (if expire.ctl(5) is parametered so that all your articles
445 expire within 30 days, you can assume the database is in such a
446 state after 30 days -- however, note that time to expiration can be
447 unpredictable with CNFS and you then have to use "cnfsstat -a" for
448 checking on when buffers have rolled over), you should put:
449 extraoverviewadvertised: [ Path Injection-Info To ]
451 extraoverviewhidden: [ ]
452 The "To" value must be added at the end of the list because order
454 matters and fields mentioned in extraoverviewhidden are generated
455 after those mentioned in extraoverviewadvertised. nnrpd will now
456 advertise "To:full" in response to the LIST OVERVIEW.FMT command
457 ("full" indicates that the header appears followed by its value).
458 Now suppose you want to remove the content of the Injection-Info:
460 header from the overview. As order matters, the overview database
461 will no longer be consistent for the To: header. Therefore, you
462 need to specify:
463 extraoverviewadvertised: [ Path ]
465 extraoverviewhidden: [ To ]
466 And once overview data is accurate for all articles, you should
468 use:
469 extraoverviewadvertised: [ Path To ]
471 extraoverviewhidden: [ ]
472 Note that you have to restart nnrpd if it runs as a daemon whenever
474 you change the value of extraoverviewadvertised; a mere "ctlinnd
475 xexec innd" is not enough.
476 extraoverviewhidden
478 This parameter should be used in conjunction with
479 extraoverviewadvertised (see above for more details). It expects a
480 list of headers names. Overview data for these headers will be
481 generated for each new article at the time of arrival but, contrary
482 to the fields mentioned in extraoverviewadvertised, nnrpd will not
483 advertise them in response to the LIST OVERVIEW.FMT command. It
484 also implies that nnrpd will not look in the overview database for
485 fields mentioned in extraoverviewhidden when it handles HDR, XHDR
486 and XPAT requests; nnrpd will have to parse the headers of the
487 requested articles in the news spool, which is slower than directly
488 querying the overview database.
489 The default value is an empty list (no additional fields are
491 stored). Owing to optimizations when innd parses the articles it
492 receives, it is possible that all the values in the list are not
493 recognized by innd as standard headers. In such cases, innd will
494 log an error in news.err at startup and the unrecognized fields
495 will be discarded.
496 groupbaseexpiry
498 Whether to enable newsgroup-based expiry. If set to false, article
499 expiry is done based on storage class of storing method. If set to
500 true (and overview information is available), expiry is done by
501 newsgroup name. This affects the format of expire.ctl. This is a
502 boolean value and the default is true.
503 mergetogroups
505 Whether to file all postings to "to.*" groups in the
506 pseudonewsgroup "to". If this is set to true, the newsgroup "to"
507 must exist in the active file or INN will not start. (See the
508 discussion of "to." groups in innd(8) under CONTROL MESSAGES.)
509 This is a boolean value and the default is false.
510 nfswriter
512 For servers writing articles, determine whether the article spool
513 is on NFS storage. If set, INN attempts to flush articles to the
514 spool in a more timely manner, rather than relying on the operating
515 system to flush things such as the CNFS article bitmaps. You
516 should only set this parameter if you are attempting to use a
517 shared NFS spool on a machine acting as a single writer within a
518 cluster. This is a boolean value and the default is false.
519 overcachesize
521 How many cache slots to reserve for open overview files. If INN is
522 writing overview files (see enableoverview), ovmethod is set to
523 "tradindexed", and this is set to a value other than 0, INN will
524 keep around and open that many recently written-to overview files
525 in case more articles come in for those newsgroups. Every overview
526 cache slot consumes two file descriptors, so be careful not to set
527 this value too high. You may be able to use the "limit" command to
528 see how many open file descriptors your operating system allows.
529 innd(8) also uses an open file descriptor for each incoming feed
530 and outgoing channel or batch file, and if it runs out of open file
531 descriptors, it may throttle and stop accepting new news. The
532 default value is 128 (which is probably still too low if you have a
533 large number of file descriptors available).
534 This setting is ignored unless ovmethod is set to "tradindexed".
536 ovgrouppat
538 If set, restricts the overview data stored by INN to only the
539 newsgroups matching this comma-separated list of uwildmat(3)
540 expressions. Newsgroups not matching this setting may not be
541 readable, and if groupbaseexpiry is set to true and the storage
542 method for these newsgroups does not have self-expire
543 functionality, storing overview data will fail. The default is
544 unset.
545 ovmethod
547 Which overview storage method to use. Currently supported values
548 are "tradindexed", "buffindexed", and "ovdb". There is no default
549 value; this parameter must be set if enableoverview is true (the
550 default).
551 "buffindexed"
553 Stores overview data and index information into buffers, which
554 are preconfigured files defined in buffindexed.conf.
555 "buffindexed" never consumes additional disk space beyond that
556 allocated to these buffers.
557 "tradindexed"
559 Uses two files per newsgroup, one containing the overview data
560 and one containing the index. Fast for readers, but slow to
561 write to.
562 "ovdb"
564 Stores data into a Berkeley DB database. See the ovdb(5) man
565 page.
566 storeonxref
568 If set to true, articles will be stored based on the newsgroup
569 names in the Xref: header rather than in the Newsgroups: header.
570 This affects what the patterns in storage.conf apply to. The
571 primary interesting effect of setting this to true is to enable
572 filing of all control messages according to what storage class the
573 control pseudogroups are filed in rather than according to the
574 newsgroups the control messages are posted to. This is a boolean
575 value and the default is true.
576 If the tradspool article storage method is used, storeonxref must
578 be true.
579 useoverchan
581 Whether to innd(8) should create overview data internally through
582 libstorage(3). If set to false, innd creates overview data by
583 itself. If set to true, innd does not create; instead overview
584 data must be created by overchan(8) from an appropriate entry in
585 newsfeeds. Setting to true may be useful, if innd cannot keep up
586 with incoming feed and the bottleneck is creation of overview data
587 within innd. This is a boolean value and the default is false.
588 wireformat
590 Only used with the tradspool storage method, this says whether to
591 write articles in wire format. Wire format means storing articles
592 with "\r\n" at the end of each line and with periods at the
593 beginning of lines doubled, the article format required by the NNTP
594 protocol. Articles stored in this format are suitable for sending
595 directly to a network connection without requiring conversion, and
596 therefore setting this to true can make the server more efficient.
597 The primary reason not to set this is if you have old existing
598 software that looks around in the spool and doesn't understand how
599 to read wire format. Storage methods other than tradspool always
600 store articles in wire format. This is a boolean value and the
601 default is true.
602 xrefslave
604 Whether to act as the slave of another server. If set, INN
605 attempts to duplicate exactly the article numbering of the server
606 feeding it by looking at the Xref: header of incoming articles and
607 assigning the same article numbers to articles as was noted in the
608 Xref: header from the upstream server. The result is that clients
609 should be able to point at either server interchangeably (using
610 some load balancing scheme, for example) and see the same internal
611 article numbering. Servers with this parameter set should
612 generally only have one upstream feed, and should always have
613 nnrpdposthost set to hand locally posted articles off to the master
614 server. The upstream should be careful to always feed articles in
615 order (innfeed(8) can have problems with this in the event of a
616 backlog). This is a boolean value and the default is false.
617 Reading
619 These parameters affect the behavior of INN for readers. Most of them
620 are used by nnrpd(8). There are some special sets of settings that are
621 broken out separately after the initial alphabetized list.
622 Note that the two parameters nnrpperlauth and nnrppythonauth are now
624 obsolete; see "Changes to Perl Authentication Support for nnrpd" in
625 doc/hook-perl and "Changes to Python Authentication and Access Control
626 Support for nnrpd" in doc/hook-python for more information.
627 allownewnews
629 Whether to allow use of the NEWNEWS command by clients. This
630 command used to put a heavy load on the server in older versions of
631 INN, but is now reasonably efficient, at least if only one
632 newsgroup is specified by the client. This is a boolean value and
633 the default is true. If you use the access parameter in
634 readers.conf, be sure to read about the way it overrides
635 allownewnews.
636 articlemmap
638 Whether to attempt to mmap() articles. Setting this to true will
639 give better performance on most systems, but some systems have
640 problems with mmap(). If this is set to false, articles will be
641 read into memory before being sent to readers. This is a boolean
642 value and the default is true.
643 clienttimeout
645 How long (in seconds) a client connection can be idle before it
646 exits. When setting this parameter, be aware that some newsreaders
647 use the same connection for reading and posting and don't deal well
648 with the connection timing out while a post is being composed. If
649 the system isn't having a problem with too many long-lived
650 connections, it may be a good idea to increase this value to 3600
651 (an hour). The default value is 1800 (thirty minutes).
652 initialtimeout
654 How long (in seconds) nnrpd will wait for the first command from a
655 reader connection before dropping the connection. This is a
656 defensive timeout intended to protect the news server from badly
657 behaved reader clients that open and abandon a multitude of
658 connections without every closing them. The default value is 10
659 (ten seconds), which may need to be increased if many clients
660 connect via slow network links.
661 msgidcachesize
663 How many cache slots to reserve for message-IDs to storage token
664 translations. When serving overview data to clients (NEWNEWS,
665 OVER, etc.), nnrpd(8) can cache the storage token associated with a
666 message-ID and save the cost of looking it up in the history file;
667 for some configurations, setting this parameter can save more than
668 90% of the wall clock time for a session. The default value is
669 64000.
670 nfsreader
672 For servers reading articles, determine whether the article spool
673 is on NFS storage. If set, INN will attempt to force articles and
674 overviews to be read directly from the NFS spool rather than from
675 cached copies. You should only set this parameter if you are
676 attempting to use a shared NFS spool on a machine acting as a
677 reader within a cluster. This is a boolean value and the default
678 is false.
679 nfsreaderdelay
681 If nfsreader is set, INN will use the value of nfsreaderdelay to
682 delay the apparent arrival time of articles to clients by this
683 amount. Note that only answers to GROUP and NEWNEWS commands are
684 affected. This value should be tuned based on the NFS cache
685 timeouts locally. The default is 60, that is to say one minute.
686 nnrpdcheckart
688 Whether nnrpd should check the existence of an article before
689 listing it as present in response to an NNTP command. The primary
690 use of this setting is to prevent nnrpd from returning information
691 about articles which are no longer present on the server but which
692 still have overview data available. Checking the existence of
693 articles before returning overview information slows down the
694 overview commands, but reduces the number of "article is missing"
695 errors seen by the client. This is a boolean value and the default
696 is true.
697 nnrpdflags
699 When nnrpd(8) is spawned from innd(8), these flags are passed as
700 arguments to the nnrpd process. This setting does not affect
701 instances of nnrpd that are started in daemon mode, or instances
702 that are started via another listener process such as inetd(8) or
703 xinetd(8). Shell quoting and metacharacters are not supported.
704 This is a string value and the default is unset.
705 nnrpdloadlimit
707 If set to a value other than 0, connections to nnrpd will be
708 refused if the system load average is higher than this value. The
709 default value is 16.
710 noreader
712 Normally, innd(8) will fork a copy of nnrpd(8) for all incoming
713 connections from hosts not listed in incoming.conf. If this
714 parameter is set to true, those connections will instead be
715 rejected with a 502 error code. This should be set to true for a
716 transit-only server that doesn't support readers, or if nnrpd is
717 running in daemon mode or being started out of inetd. This is a
718 boolean value and the default is false.
719 readerswhenstopped
721 Whether to allow readers to connect even if the server is paused or
722 throttled. This is only applicable if nnrpd(8) is spawned from
723 innd(8) rather than run out of inetd or in daemon mode. This is a
724 boolean value and the default is false.
725 readertrack
727 Whether to enable the tracking system for client behavior. Tracked
728 information is recorded to pathlog/tracklogs/log-ID, where ID is
729 determined by nnrpd's PID and launch time. Currently the
730 information recorded includes initial connection and posting; only
731 information about clients listed in nnrpd.track is recorded. In
732 addition, every posted article will be saved in
733 pathlog/trackposts/track.message-id, where message-id is the
734 message ID of the post. This is a boolean value and the default is
735 false.
736 tradindexedmmap
738 Whether to attempt to mmap() tradindexed overviews articles.
739 Setting this to true will give better performance on most systems,
740 but some systems have problems with mmap(). If this is set to
741 false, overviews will be read into memory before being sent to
742 readers. This is a boolean value and the default is true.
743 INN has optional support for generating keyword information
745 automatically from article body text and putting that information in
746 overview for the use of clients that know to look for it (HDR, OVER and
747 XPAT commands). The following parameters control that feature.
748 This may be too slow if you're taking a substantial feed, and probably
750 will not be useful for the average news reader; enabling this is not
751 recommended unless you have some specific intention to take advantage
752 of it.
753 keywords
755 Whether the keyword generation support should be enabled. This is
756 a boolean value and the default is false.
757 If an article already contains a Keywords: header, no keyword
759 generation is done and the original Keywords: header is kept
760 untouched.
761 In order to use this feature, the regex library should be available
763 and INN configured with the --enable-keywords flag. Otherwise, no
764 keywords will be generated, even though this boolean value is set
765 to true. You also have to add the integration of the Keywords:
766 header into the overview with extraoverviewadvertised or
767 extraoverviewhidden.
768 keyartlimit
770 Articles larger than this value in bytes will not have keywords
771 generated for them (since it would take too long to do so). The
772 default value is 100000 (approximately 100 KB).
773 keylimit
775 Maximum number of bytes allocated for keyword data. If there are
776 more keywords than will fit into this many bytes when separated by
777 commas, the rest are discarded. The default value is 512.
778 keymaxwords
780 Maximum number of keywords that will be generated for an article.
781 (The keyword generation code will attempt to discard "noise" words,
782 so the number of keywords actually written into the overview will
783 usually be smaller than this even if the maximum number of keywords
784 is found.) The default value is 250.
785 Posting
787 These parameters are only used by nnrpd(8), inews(1), and other
788 programs that accept or generate postings. There are some special sets
789 of settings that are broken out separately after the initial
790 alphabetized list.
791 addinjectiondate
793 Whether to add an Injection-Date: header field to all local posts.
794 This is a boolean value and the default is true.
795 Note that no Injection-Date: header fields will be added to local
797 posts already containing both a Message-ID: header field and a
798 Date: header field. This is done in conformance with standards, to
799 help minimize the possibility of a loop in e-mail gatewaying and
800 ensure that a newly injected article is not treated as a new,
801 separate article in case of multiple injection of the same article
802 to different injecting agents.
803 addinjectionpostingaccount
805 Whether to add a posting-account attribute to the Injection-Info:
806 header to all local posts giving the username assigned to the user
807 at connection time or after authentication. This is a boolean
808 value and the default is false. There is no intrinsic support for
809 obfuscating the value. That has to be done with a user-written
810 Perl filter, if desired.
811 addinjectionpostinghost
813 Whether to add a posting-host attribute to the Injection-Info:
814 header to all local posts giving an FQDN (when known, by reverse
815 lookup of the client IP address) and IP address of the system from
816 which the post was received. This is a boolean value and the
817 default is true. Note that INN either does not add this attribute
818 or adds the name (when known) and IP address of the client. There
819 is no intrinsic support for obfuscating the name of the client.
820 That has to be done with a user-written Perl filter, if desired.
821 When this parameter is set to true, an FQDN (obtained by reverse
823 lookup of the client IP address or, if unknown, the IP address
824 itself) of the client is also added to the Path: header, after the
825 "!.POSTED" diagnostic.
826 checkincludedtext
828 Whether to check local postings for the ratio of new to quoted text
829 and reject them if that ratio is under 50%. Included text is
830 recognized by looking for lines beginning with ">", "|", or ":".
831 This is a boolean value and the default is false.
832 complaints
834 The value of the mail-complaints-to attribute of the Injection-
835 Info: header added to all local posts. The default is the
836 newsmaster's e-mail address. (If the newsmaster, selected at
837 configure time and defaulting to "usenet", doesn't contain "@", the
838 address will consist of the newsmaster, a "@", and the value of
839 fromhost.)
840 fromhost
842 Contains a domain used to construct e-mail addresses. The address
843 of the local news administrator will be given as <user>@fromhost,
844 where <user> is the newsmaster user set at compile time ("usenet"
845 by default). This setting will also be used by mailpost(8) to
846 fully qualify addresses and by inews(1) to generate the Sender:
847 header (and From: header if missing). The value of the FROMHOST
848 environment variable, if set, overrides this setting. The default
849 is the fully qualified domain name of the local host.
850 localmaxartsize
852 The maximum article size (in bytes) for locally posted articles.
853 Articles larger than this will be rejected. A value of 0 allows
854 any size of article, but note that nnrpd and innd will crash if
855 system memory is exceeded. See also maxartsize, which applies to
856 all articles including those posted locally. The default value is
857 1000000 (approximately 1 MB).
858 moderatormailer
860 The address to which to send submissions for moderated groups. It
861 is only used if the moderators file doesn't exist, or if the
862 moderated group to which an article is posted is not matched by any
863 entry in that file, and takes the same form as an entry in the
864 moderators file. In most cases, "%s@moderators.isc.org" is a good
865 value for this parameter (%s is expanded into a form of the
866 newsgroup name). See moderators(5) for more details about the
867 syntax. The default is unset. If this parameter isn't set and an
868 article is posted to a moderated group that does not have a
869 matching entry in the moderators file, the posting will be rejected
870 with an error.
871 nnrpdauthsender
873 Whether to generate a Sender: header based on reader
874 authentication. If this parameter is set, a Sender: header will be
875 added to local posts containing the identity assigned by
876 readers.conf. If the assigned identity does not include an "@",
877 the reader's hostname is used. If this parameter is set but no
878 identity is assigned, the Sender: header will be removed from all
879 posts even if the poster includes one. This is a boolean value and
880 the default is false.
881 nnrpdposthost
883 If set, nnrpd(8) and rnews(1) will pass all locally posted articles
884 to the specified host rather than trying to inject them locally.
885 See also nnrpdpostport. This should always be set if xrefslave is
886 true. The default value is unset.
887 nnrpdpostport
889 The port on the remote server to connect to to post when
890 nnrpdposthost is used. The default value is 119.
891 organization
893 What to put in the Organization: header if it is left blank by the
894 poster. The value of the ORGANIZATION environment variable, if
895 set, overrides this setting. The default is unset, which tells INN
896 not to insert an Organization: header.
897 spoolfirst
899 If true, nnrpd(8) will spool new articles rather than attempting to
900 send them to innd(8). If false, nnrpd will spool articles only if
901 it receives an error trying to send them to innd. Setting this to
902 true can be useful if nnrpd must respond as fast as possible to the
903 client; however, when set, articles will not appear to readers
904 until they are given to innd. nnrpd won't do this; "rnews -U" must
905 be run periodically to take the spooled articles and post them.
906 This is a boolean value and the default is false.
907 strippostcc
909 Whether to strip To:, Cc:, and Bcc: headers out of all local posts
910 via nnrpd(8). The primary purpose of this setting is to prevent
911 abuse of the news server by posting to a moderated group and
912 including To: or Cc: headers in the post so that the news server
913 will send the article to arbitrary addresses. INN now protects
914 against this abuse in other ways provided mta is set to a command
915 that includes %s and honors it, so this is generally no longer
916 needed. This is a boolean value and the default is false.
917 nnrpd(8) has support for controlling high-volume posters via an
919 exponential backoff algorithm, as configured by the following
920 parameters.
921 Exponential posting backoff works as follows: news clients are indexed
923 by IP address (or username, see backoffauth below). Each time a post
924 is received from an IP address, the time of posting is stored (along
925 with the previous sleep time, see below). After a configurable number
926 of posts in a configurable period of time, nnrpd(8) will begin to sleep
927 for increasing periods of time before actually posting anything
928 (posting backoff is therefore activated). Posts will still be
929 accepted, but at an increasingly reduced rate.
930 After backoff has been activated, the length of time to sleep is
932 computed based on the difference in time between the last posting and
933 the current posting. If this difference is less than backoffpostfast,
934 the new sleep time will be 1 + (previous sleep time * backoffk). If
935 this difference is less than backoffpostslow but greater than
936 backoffpostfast, then the new sleep time will equal the previous sleep
937 time. If this difference is greater than backoffpostslow, the new
938 sleep time is zero and posting backoff is deactivated for this poster.
939 (Note that this does not mean posting backoff cannot be reactivated
940 later in the session.)
941 Exponential posting backoff will not be enabled unless backoffdb is set
943 and backoffpostfast and backoffpostslow are set to something other than
944 their default values.
945 Here are the parameters that control exponential posting backoff:
947 backoffauth
949 Whether to index posting backoffs by user rather than by source IP
950 address. You must be using authentication in nnrpd(8) for a value
951 of true to have any meaning. This is a boolean value and the
952 default is false.
953 backoffdb
955 The path to a directory, writeable by the news user, that will
956 contain the backoff database. There is no default for this
957 parameter; you must provide a path to a creatable or writeable
958 directory to enable exponential backoff.
959 backoffk
961 The amount to multiply the previous sleep time by if the user is
962 still posting too quickly. A value of 2 will double the sleep time
963 for each excessive post. The default value is 1.
964 backoffpostfast
966 Postings from the same identity that arrive in less than this
967 amount of time (in seconds) will trigger increasing sleep time in
968 the backoff algorithm. The default value is 0.
969 backoffpostslow
971 Postings from the same identity that arrive in greater than this
972 amount of time (in seconds) will reset the backoff algorithm.
973 Another way to look at this constant is to realize that posters
974 will be allowed to generate at most 86400/backoffpostslow posts per
975 day. The default value is 1.
976 backofftrigger
978 This many postings are allowed before the backoff algorithm is
979 triggered. The default value is 10000.
980 TLS/SSL Support for Reading and Posting
982 Here are the parameters used by nnrpd(8) to provide TLS/SSL support.
983 The parameters related to certificates are:
985 tlscafile
987 The path to a file containing certificate authority root
988 certificates, used to present a trust chain to a TLS client. This
989 parameter is only used if nnrpd is built with TLS/SSL support. The
990 default value is an empty string.
991 tlscapath
993 The path to a directory containing certificate authority root
994 certificates. Each file in the directory should contain one CA
995 certificate, and the name of the file should be the CA subject name
996 hash value. See the OpenSSL documentation for more information.
997 This parameter is only used if nnrpd is built with TLS/SSL support.
998 The default value is pathetc.
999 tlscertfile
1001 The path to a file containing the server certificate to present to
1002 TLS clients. This parameter is only used if nnrpd is built with
1003 TLS/SSL support. The default value is pathetc/cert.pem.
1004 tlskeyfile
1006 The path to a file containing the encryption key for the server
1007 certificate named in tlscertfile. This may be the same as
1008 tlscertfile if, when you created the certificate, you put the key
1009 in the same file (if, for example, you gave the same file name to
1010 both the -out and -keyout options to "openssl req"). This
1011 parameter is only used if nnrpd is built with TLS/SSL support. The
1012 default value is pathetc/key.pem.
1013 This file must only be readable by the news user or nnrpd will
1015 refuse to use it.
1016 Finally, here are the parameters that can be used to tighten the level
1018 of security provided by TLS/SSL in case new attacks exploitable in NNTP
1019 on the TLS protocol or some supported cipher suite are discovered:
1020 tlsciphers
1022 The string describing the cipher suites OpenSSL will support for
1023 TLS 1.2 and below. See OpenSSL's ciphers(1) command documentation
1024 for details. The default is unset, which uses OpenSSL's default
1025 cipher suite list.
1026 tlsciphers13
1028 The string describing the cipher suites OpenSSL will support for
1029 TLS 1.3. See OpenSSL's ciphers(1) command documentation for
1030 details. The default is unset, which uses OpenSSL's default cipher
1031 suite list.
1032 Note that a separate cipher suite configuration parameter is needed
1034 for TLS 1.3 because TLS 1.3 cipher suites are not compatible with
1035 TLS 1.2, and vice-versa. In order to avoid issues where legacy
1036 TLS 1.2 cipher suite configuration configured in the tlsciphers
1037 parameter would inadvertently disable all TLS 1.3 cipher suites,
1038 the inn.conf configuration has been separated out.
1039 tlscompression
1041 Whether to enable or disable TLS/SSL-level compression support, if
1042 the negotiated protocol supports it (notably, TLS 1.3 no longer
1043 supports it). This is a boolean and the default is false, that is
1044 to say compression is disabled, so as to follow the best current
1045 practices for a secure use of TLS in application protocols (see
1046 RFC 8143 for NNTP).
1047 Note that enabling TLS/SSL-level compression will be possible only
1049 if the OpenSSL library INN has been built with, supports that
1050 feature.
1051 tlseccurve
1053 The name of the elliptic curve to use for ephemeral key exchanges.
1054 To see the list of curves supported by OpenSSL, use "openssl
1055 ecparam -list_curves".
1056 The default is unset, which means an appropriate curve is auto-
1058 selected (if your OpenSSL version is at least 1.0.2) or the NIST
1059 P-256 curve is used.
1060 This option is only effective if your OpenSSL version has ECDH
1062 support.
1063 tlspreferserverciphers
1065 Whether to let the client or the server decide the preferred cipher
1066 suite, signature algorithm or elliptic curve to use for an incoming
1067 connection. This is a boolean and the default is true, that is to
1068 say the server will choose following its own preferences.
1069 tlsprotocols
1071 The list of TLS/SSL protocol versions to support. Valid protocols
1072 are SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. The default
1073 value is to only allow TLS protocols:
1074 tlsprotocols: [ TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 ]
1076 Note that the listed protocols will be enabled only if the OpenSSL
1078 library INN has been built with, supports them. In case OpenSSL
1079 supports protocols more recent than TLSv1.3, they will be
1080 automatically enabled (which anyway is fine regarding security, as
1081 newer protocols are supposed to be more secure).
1082 Monitoring
1084 These parameters control the behavior of innwatch(8), the program that
1085 monitors INN and informs the news administrator if anything goes wrong
1086 with it.
1087 doinnwatch
1089 Whether to start innwatch(8) from rc.news. This is a boolean
1090 value, and the default is true.
1091 innwatchbatchspace
1093 Free space in pathoutgoing, in inndf(8) output units (normally
1094 kilobytes), at which innd(8) will be throttled by innwatch(8),
1095 assuming a default innwatch.ctl. The default value is 4000.
1096 innwatchlibspace
1098 Free space in pathdb, in inndf(8) output units (normally
1099 kilobytes), at which innd(8) will be throttled by innwatch(8),
1100 assuming a default innwatch.ctl. The default value is 25000.
1101 innwatchloload
1103 Load average times 100 at which innd(8) will be restarted by
1104 innwatch(8) (undoing a previous pause or throttle), assuming a
1105 default innwatch.ctl. The default value is 1000 (that is, a load
1106 average of 10.00).
1107 innwatchhiload
1109 Load average times 100 at which innd(8) will be throttled by
1110 innwatch(8), assuming a default innwatch.ctl. The default value is
1111 2000 (that is, a load average of 20.00).
1112 innwatchpauseload
1114 Load average times 100 at which innd(8) will be paused by
1115 innwatch(8), assuming a default innwatch.ctl. The default value is
1116 1500 (that is, a load average of 15.00).
1117 innwatchsleeptime
1119 How long (in seconds) innwatch(8) will sleep between each check of
1120 INN. The default value is 600.
1121 innwatchspoolnodes
1123 Free inodes in patharticles at which innd(8) will be throttled by
1124 innwatch(8), assuming a default innwatch.ctl. The default value is
1125 200.
1126 innwatchspoolspace
1128 Free space in patharticles and pathoverview, in inndf(8) output
1129 units (normally kilobytes), at which innd(8) will be throttled by
1130 innwatch(8), assuming a default innwatch.ctl. The default value is
1131 25000.
1132 Logging
1134 These parameters control what information INN logs.
1135 docnfsstat
1137 Whether to start cnfsstat(8) when innd(8) is started. cnfsstat
1138 will log the status of all CNFS cycbuffs to syslog on a periodic
1139 basis (frequency is the default for "cnfsstat -l", currently 600
1140 seconds). This is a boolean value and the default is false.
1141 htmlstatus
1143 Whether innd should write the status report as HTML file or in
1144 plain text. The HTML status file goes to pathhttp/inn_status.html,
1145 while the plain text status file is written to pathlog/inn.status.
1146 This is a boolean value and the default is true (an HTML status
1147 file is written). Also see the status parameter.
1148 incominglogfrequency
1150 How many articles to process on an incoming channel before logging
1151 the activity. The default value is 200.
1152 logartsize
1154 Whether the size of accepted articles (in bytes) should be written
1155 to the article log file. This is useful for flow rate statistics
1156 and is recommended. This is a boolean value and the default is
1157 true.
1158 logcancelcomm
1160 Set this to true to log "ctlinnd cancel" commands to syslog. This
1161 is a boolean value and the default is false.
1162 logcycles
1164 How many old logs scanlogs(8) keeps. scanlogs(8) is generally run
1165 by news.daily(8) and will archive compressed copies of this many
1166 days worth of old logs. The default value is 3.
1167 logipaddr
1169 Whether the verified name of the remote feeding host should be
1170 logged to the article log for incoming articles rather than the
1171 last entry in the Path: header. The only reason to ever set this
1172 to false is due to some interactions with newsfeeds flags; see
1173 newsfeeds(5) for more information. This is a boolean value and the
1174 default is true.
1175 logsitename
1177 Whether the names of the sites to which accepted articles will be
1178 sent should be put into the article log file. This is useful for
1179 debugging and statistics. This is a boolean value and the default
1180 is true.
1181 logstatus
1183 Whether innd should write a shortened version of its status report
1184 to syslog every status seconds. This is a boolean value and the
1185 default is true. If set to true, see the status parameter for more
1186 details on how to enable status reporting.
1187 logtrash
1189 Whether innd should add a line in the news log file to report
1190 unwanted newsgroups (that is to say newsgroups not locally carried
1191 by the news server). This is a boolean value and the default is
1192 true. It may be useful to set it to false when wanttrash is set to
1193 true.
1194 nnrpdoverstats
1196 Whether nnrpd overview statistics should be logged via syslog.
1197 This can be useful for measuring overview performance. This is a
1198 boolean value and the default is true.
1199 nntplinklog
1201 Whether to put the storage API token for accepted articles (used by
1202 nntplink) in the article log. This is a boolean value and the
1203 default is false.
1204 stathist
1206 Where to write history statistics for analysis with
1207 contrib/stathist.pl; this can be modified with ctlinnd(8) while
1208 innd is running. Logging does not occur unless a path is given,
1209 and there is no default value.
1210 status
1212 How frequently (in seconds) innd(8) should write out a status
1213 report. The report is written to pathhttp/inn_status.html or
1214 pathlog/inn.status depending on the value of htmlstatus. If this
1215 is set to 0 or "false", status reporting is disabled. The default
1216 value is 600 (that is to say reports are written every 10 minutes).
1217 timer
1219 How frequently (in seconds) innd(8) should report performance
1220 timings to syslog. If this is set to 0, performance timing is
1221 disabled. Enabling this is highly recommended, and innreport(8)
1222 can produce a nice summary of the timings. If set to 0,
1223 performance timings in nnrpd(8) are also disabled, although nnrpd
1224 always reports statistics on exit and therefore any non-zero value
1225 is equivalent for it. The default value is 600 (that is to say
1226 performance timings are reported every 10 minutes).
1227 System Tuning
1229 The following parameters can be modified to tune the low-level
1230 operation of INN. In general, you shouldn't need to modify any of them
1231 except possibly rlimitnofile unless the server is having difficulty.
1232 badiocount
1234 How many read or write failures until a channel is put to sleep or
1235 closed. The default value is 5.
1236 blockbackoff
1238 Each time an attempted write returns EAGAIN or EWOULDBLOCK, innd(8)
1239 will wait for an increasing number of seconds before trying it
1240 again. This is the multiplier for the sleep time. If you're
1241 having trouble with channel feeds not keeping up, it may be good to
1242 change this value to 2 or 3, since then when the channel fills INN
1243 will try again in a couple of seconds rather than waiting two
1244 minutes. The default value is 120.
1245 chaninacttime
1247 The time (in seconds) to wait between noticing inactive channels.
1248 The default value is 600.
1249 chanretrytime
1251 How many seconds to wait before a channel restarts. The default
1252 value is 300.
1253 datamovethreshold
1255 The threshold for deciding whether to move already-read data to the
1256 top of buffer or extend the buffer. The buffer described here is
1257 used for reading NNTP data. Increasing this value may improve
1258 performance, but it should not be increased on Systems with
1259 insufficient memory. Permitted values are between 0 and 1048576
1260 (out of range values are treated as 1048576) and the default value
1261 is 16384.
1262 icdsynccount
1264 How many article writes between updating the active and history
1265 files. The default value is 10.
1266 keepmmappedthreshold
1268 When using buffindexed, retrieving overview data (that is,
1269 responding to OVER or running expireover) causes mmapping of all
1270 overview data blocks which include requested overview data for
1271 newsgroup. But for high volume newsgroups like control.cancel,
1272 this may cause too much mmapping at once leading to system resource
1273 problems. To avoid this, if the amount to be mmapped exceeds
1274 keepmmappedthreshold (in KB), buffindexed mmap's just one overview
1275 block (8 KB). This parameter is specific to buffindexed overview
1276 storage method. The default value is 1024 (1 MB).
1277 maxcmdreadsize
1279 If set to anything other than 0, maximum buffer size (in bytes) for
1280 reading NNTP command will have this value. It should not be large
1281 on systems which are slow to process and store articles, as that
1282 would lead to innd(8) spending a long time on each channel and
1283 keeping other channels waiting. The default value is BUFSIZ
1284 defined in stdio.h (1024 in most environments, see setbuf(3)).
1285 maxforks
1287 How many times to attempt a fork(2) before giving up. The default
1288 value is 10.
1289 nicekids
1291 If set to anything other than 0, all child processes of innd(8)
1292 will have this nice(2) value. This is usually used to give all
1293 child processes of innd(8) a lower priority (higher nice value) so
1294 that innd(8) can get the lion's share of the CPU when it needs it.
1295 The default value is 4.
1296 nicenewnews
1298 If set to anything greater than 0, all nnrpd(8) processes that
1299 receive and process a NEWNEWS command will nice(2) themselves to
1300 this value (giving other nnrpd processes a higher priority). The
1301 default value is 0. Note that this value will be ignored if set to
1302 a lower value than nicennrpd (or nicekids if nnrpd(8) is spawned
1303 from innd(8)).
1304 nicennrpd
1306 If set to anything greater than 0, all nnrpd(8) processes will
1307 nice(1) themselves to this value. This gives other news processes
1308 a higher priority and can help overchan(8) keep up with incoming
1309 news (if that's the object, be sure overchan(8) isn't also set to a
1310 lower priority via nicekids). The default value is 0, which will
1311 cause nnrpd(8) processes spawned from innd(8) to use the value of
1312 nicekids, while nnrpd(8) run as a daemon will use the system
1313 default priority. Note that for nnrpd(8) processes spawned from
1314 innd(8), this value will be ignored if set to a value lower than
1315 nicekids.
1316 pauseretrytime
1318 Wait for this many seconds before noticing inactive channels. Wait
1319 for this many seconds before innd processes articles when it's
1320 paused or the number of channel write failures exceeds badiocount.
1321 The default value is 300.
1322 peertimeout
1324 How long (in seconds) an innd(8) incoming channel may be inactive
1325 before innd closes it. The default value is 3600 (an hour).
1326 rlimitnofile
1328 The maximum number of file descriptors that innd(8) or innfeed(8)
1329 can have open at once. If innd(8) or innfeed(8) attempts to open
1330 more file descriptors than this value, it is possible the program
1331 may throttle or otherwise suffer reduced functionality. The number
1332 of open file descriptors is roughly the maximum number of incoming
1333 feeds and outgoing batches for innd(8) and the number of outgoing
1334 streams for innfeed(8). If this parameter is set to a negative
1335 value, the default limit of the operating system will be used; this
1336 will normally be adequate on systems other than Solaris. Nearly
1337 all operating systems have some hard maximum limit beyond which
1338 this value cannot be raised, usually either 128, 256, or 1024. The
1339 default value of this parameter is "-1". Setting it to 256 on
1340 Solaris systems is highly recommended.
1341 Paths Names
1343 patharchive
1344 Where to store archived news. The default value is
1345 pathspool/archive.
1346 patharticles
1348 The path to where the news articles are stored (for storage methods
1349 other than CNFS). The default value is pathspool/articles.
1350 pathbin
1352 The path to the news binaries. The default value is pathnews/bin.
1353 pathcontrol
1355 The path to the files that handle control messages. The code for
1356 handling each separate type of control message is located here. Be
1357 very careful what you put in this directory with a name ending in
1358 ".pl", as it can potentially be a severe security risk. The
1359 default value is pathbin/control.
1360 pathdb
1362 The path to the database files used and updated by the server
1363 (currently, active, active.times, history and its indices, and
1364 newsgroups). The default value is pathnews/db.
1365 pathetc
1367 The path to the news configuration files. The default value is
1368 pathnews/etc.
1369 pathfilter
1371 The path to the Perl and Python filters. The default value is
1372 pathbin/filter.
1373 pathhttp
1375 Where any HTML files (such as periodic status reports) are placed.
1376 If the news reports should be available in real-time on the web,
1377 the files in this directory should be served by a web server. The
1378 default value is the value of pathnews/http.
1379 pathincoming
1381 Location where incoming batched news is stored. The default value
1382 is pathspool/incoming.
1383 pathlog
1385 Where the news log files are written. The default value is
1386 pathnews/log.
1387 pathnews
1389 The home directory of the news user and usually the root of the
1390 news hierarchy. There is no default; this parameter must be set in
1391 inn.conf or INN will refuse to start.
1392 pathoutgoing
1394 Default location for outgoing feed files. The default value is
1395 pathspool/outgoing.
1396 pathoverview
1398 The path to news overview files. The default value is
1399 pathspool/overview.
1400 pathrun
1402 The path to files required while the server is running and run-time
1403 state information. This includes lock files and the sockets for
1404 communicating with innd(8). This directory and the control sockets
1405 in it should be protected from unprivileged users other than the
1406 news user. The default value is pathnews/run.
1407 pathspool
1409 The root of the news spool hierarchy. This used mostly to set the
1410 defaults for other parameters, and to determine the path to the
1411 backlog directory for innfeed(8). The default value is
1412 pathnews/spool.
1413 pathtmp
1415 Where INN puts temporary files. For security reasons, this is not
1416 the same as the system temporary files directory (INN creates a lot
1417 of temporary files with predictable names and does not go to
1418 particularly great lengths to protect against symlink attacks and
1419 the like; this is safe provided that normal users can't write into
1420 its temporary directory). The default value is set at configure
1421 time and defaults to pathnews/tmp.
1422
1424 Here is a very minimalist example that only sets those parameters that
1425 are required.
1426 mta: "/usr/lib/sendmail -oi -oem %s"
1428 ovmethod: tradindexed
1429 pathhost: news.example.com
1430 pathnews: /usr/local/news
1431 hismethod: hisv6
1432 For a more comprehensive example, see the sample inn.conf distributed
1434 with INN and installed as a starting point; it contains all of the
1435 default values for reference.
1436
1438 Written by Rich $alz <rsalz@uunet.uu.net> for InterNetNews and since
1439 modified, updated, and reorganized by innumerable other people.
1440 $Id: inn.conf.pod 10304 2018-12-02 14:05:50Z iulius $
1442
1444 inews(1), innd(8), innwatch(8), makehistory(8), nnrpd(8), rnews(1).
1445 Nearly every program in INN uses this file to one degree or another.
1447 The above are just the major and most frequently mentioned ones.
1448INN 2.6.3 2018-12-02 INN.CONF(5)