1INN.CONF(5) InterNetNews Documentation INN.CONF(5)
2
6 inn.conf - Configuration data for InterNetNews programs
7
9 inn.conf in pathetc is the primary general configuration file for all
10 InterNetNews programs. Settings which control the general operation of
11 various programs, as well as the paths to all portions of the news
12 installation, are found here. The INNCONF environment variable, if
13 set, specifies an alternate path to inn.conf.
14 This file is intended to be fairly static. Any changes made to it will
16 generally not affect any running programs until they restart. Unlike
17 nearly every other configuration file, inn.conf cannot be reloaded
18 dynamically using ctlinnd(8); innd(8) must be stopped and restarted for
19 relevant changes to inn.conf to take effect ("ctlinnd xexec innd" is
20 the fastest way to do this.)
21 Blank lines and lines starting with a number sign ("#") are ignored.
23 All other lines specify parameters, and should be of the following
24 form:
25 <name>: <value>
27 (Any amount of whitespace can be put after the colon and is optional.)
29 If the value contains embedded whitespace or any of the characters
30 "[]<""\:>, it must be enclosed in double quotes (""). A backslash
31 ("\") can be used to escape quotes and backslashes inside double
32 quotes. <name> is case-sensitive; "server" is not the same as "Server"
33 or "SERVER". (inn.conf parameters are generally all in lowercase.)
34 If <name> occurs more than once in the file, the first value is used.
36 Some parameters specified in the file may be overridden by environment
37 variables. Most parameters have default values if not specified in
38 inn.conf; those defaults are noted in the description of each
39 parameter.
40 Many parameters take a boolean value. For all such parameters, the
42 value may be specified as "true", "yes", or "on" to turn it on and may
43 be any of "false", "no", or "off" to turn it off. The case of these
44 values is significant.
45 This documentation is extremely long and organized as a reference
47 manual rather than as a tutorial. If this is your first exposure to
48 INN and these parameters, it would be better to start by reading other
49 man pages and referring to this one only when an inn.conf parameter is
50 explicitly mentioned. Those parameters which need to be changed when
51 setting up a new server are discussed in INSTALL.
52
54 General Settings
55 These parameters are used by a wide variety of different components of
56 INN.
57 domain
59 This should be the domain name of the local host. It should not
60 have a leading period, and it should not be a full host address.
61 It is used only if the inn_getfqdn() routine in libinn(3) cannot
62 get the fully qualified domain name by using either the
63 gethostname(3) or getaddrinfo(3) calls. The check is very simple;
64 if either routine returns a name with a period in it, then it is
65 assumed to have the full domain name. As this parameter is rarely
66 used, do not use it to affect the righthand side of autogenerated
67 Message-IDs; see instead virtualhost and domain in readers.conf(5).
68 The default value is unset.
69 innflags
71 The flags to pass to innd on startup. See innd(8) for details on
72 the possible flags. The default value is unset.
73 Note that these flags are only used when innd is started from
75 rc.news or nntpsend.
76 mailcmd
78 The path to the program to be used for mailing reports and control
79 messages. The default is pathbin/innmail. This should not
80 normally need to be changed.
81 mta The command to use when mailing postings to moderators and for the
83 use of innmail(1). The message, with headers and an added To:
84 header, will be piped into this program. The string %s, if
85 present, will be replaced by the e-mail address of the moderator.
86 It's strongly recommended for this command to include %s on the
87 command line rather than use the addresses in the To: and Cc:
88 headers of the message, since the latter approach allows the news
89 server to be abused as a mechanism to send mail to arbitrary
90 addresses and will result in unexpected behavior. There is no
91 default value for this parameter; it must be set in inn.conf or a
92 fatal error message will be logged via syslog.
93 For most systems, "/usr/lib/sendmail -oi -oem %s" (adjusted for the
95 correct path to sendmail, and between double quotes) is a good
96 choice.
97 pathhost
99 What to put into the Path: header to represent the local site.
100 This is added to the Path: header of all articles that pass through
101 the system, including locally posted articles, and is also used
102 when processing some control messages and when naming the server in
103 status reports. There is no default value; this parameter must be
104 set in inn.conf or INN will not start. A good value to use is the
105 fully qualified hostname of the system.
106 runasgroup
108 The group under which the news server will run. The default is
109 "news" (or the group specified at configure time) and should not
110 normally need to be changed.
111 runasuser
113 The user under which the news server will run. The default is
114 "news" (or the user specified at configure time) and should not
115 normally need to be changed.
116 server
118 The name of the default NNTP server. If nnrpdposthost is not set
119 and UNIX domain sockets are not supported, nnrpd(8) tries to hand
120 off locally-posted articles through an INET domain socket to this
121 server. actsync(8), nntpget(8), and getlist(8) also use this value
122 as the default server to connect to. In the latter cases, the
123 value of the NNTPSERVER environment variable, if it exists,
124 overrides this. The default value is unset.
125 syntaxchecks
127 A list of values controlling the level of checks performed by innd
128 and nnrpd. For instance:
129 syntaxchecks: [ no-laxmid ]
131 The last occurrence of a given value takes precedence, that is to
133 say if "no-laxmid laxmid" is listed, laxmid takes precedence.
134 Only one check can currently be enabled/disabled:
136 laxmid / no-laxmid
138 When laxmid is set, Message-IDs containing ".." in the left
139 part are accepted, as well as Message-IDs with two "@". Some
140 non-compliant news posters generate such syntactically invalid
141 Message-IDs, especially in binary newsgroups. The default is
142 no-laxmid, that is to say INN strictly follows the standard
143 regarding syntax checks.
144 Feed Configuration
146 These parameters govern incoming and outgoing feeds: what size of
147 articles are accepted, what filtering and verification is performed on
148 them, whether articles in groups not carried by the server are still
149 stored and propagated, and other similar settings.
150 artcutoff
152 Articles older than this number of days are dropped. The default
153 value is 10, which means that an incoming article will be rejected
154 if its posting date is farther in the past than ten days.
155 In order to disable that check on date, you can set this parameter
157 to 0.
158 The number on the "/remember/" line in expire.ctl should probably
160 be one more than that number in order to take into account articles
161 whose posting date is one day into the future.
162 bindaddress
164 Which IP address innd(8) should bind itself to. This must be in
165 dotted-quad format (nnn.nnn.nnn.nnn). If set to "all" or not set,
166 innd defaults to listening on all interfaces. The value of the
167 INND_BIND_ADDRESS environment variable, if set, overrides this
168 setting. The default value is unset.
169 This parameter has no effect when systemd socket activation is
171 used.
172 bindaddress6
174 Like bindaddress but for IPv6 sockets. If only one of the
175 bindaddress and bindaddress6 parameters is used, then only the
176 socket for the corresponding address family is created. If both
177 parameters are used then two sockets are created. If neither of
178 them is used, the list of sockets to listen on will be determined
179 by the system library getaddrinfo(3) function. The value of the
180 INND_BIND_ADDRESS6, if set, overrides this setting. The default
181 value is unset.
182 Note that you will generally need to put double quotes ("") around
184 this value if you set it, since IPv6 addresses contain colons.
185 This parameter has no effect when systemd socket activation is
187 used.
188 dontrejectfiltered
190 Normally innd(8) rejects incoming articles when directed to do so
191 by any enabled article filters (Perl or Python). However, this
192 parameter causes such articles not to be rejected; instead
193 filtering can be applied on outbound articles. If this parameter
194 is set, all articles will be accepted on the local machine, but
195 articles rejected by the filter will not be fed to any peers
196 specified in newsfeeds with the "Af" flag. The default value is
197 false.
198 hiscachesize
200 If set to a value other than 0, a hash of recently received
201 Message-IDs is kept in memory to speed history lookups. The value
202 is the amount of memory to devote to the cache in kilobytes. The
203 cache is only used for incoming feeds and a small cache can hold
204 quite a few Message-IDs, so large values aren't necessarily useful
205 unless you have incoming feeds that are badly delayed. innreport
206 can provide useful statistics regarding the use of the history
207 cache, especially when it misses. A good value for a system with
208 more than one incoming feed is 256; systems with only one incoming
209 feed should probably set this to 0. The default value is 256.
210 ignorenewsgroups
212 Whether newsgroup creation control messages (newgroup and rmgroup)
213 should be fed as if they were posted to the newsgroup they are
214 creating or deleting rather than to the newsgroups listed in the
215 Newsgroups: header. If this parameter is set, the newsgroup
216 affected by the control message will be extracted from the Control:
217 header and the article will be fed as if its Newsgroups: header
218 contained solely that newsgroup. This is useful for routing
219 control messages to peers when they are posted to irrelevant
220 newsgroups that shouldn't be matched against the peer's desired
221 newsgroups in newsfeeds. This is a boolean value and the default
222 is false.
223 immediatecancel
225 When using the timecaf storage method, article cancels are normally
226 just cached to be cancelled, not cancelled immediately. If this is
227 set to true, they will instead by cancelled as soon as the cancel
228 is processed. This is a boolean value and the default is false.
229 This setting is ignored unless the timecaf storage method is used.
231 linecountfuzz
233 If set to something other than 0, the line count of the article is
234 checked against the Lines: header of the article (if present) and
235 the article is rejected if the values differ by more than this
236 amount. A reasonable setting is 5, which is the standard maximum
237 signature length plus one (some injection software calculates the
238 Lines: header before adding the signature). The default value is
239 0, which tells INN not to check the Lines: header of incoming
240 articles.
241 maxartsize
243 The maximum size of article (headers and body) that will be
244 accepted by the server, in bytes. A value of 0 allows any size of
245 article, but note that innd will crash if system memory is
246 exceeded. The default value is 1000000 (approximately 1 MB). This
247 is checked against the article in wire format (CRLF at the end of
248 each line, leading periods protected, and with the trailing
249 "\r\n.\r\n" at the end). See also localmaxartsize.
250 maxconnections
252 The maximum number of incoming NNTP connections innd(8) will
253 accept. The default value is 50.
254 pathalias
256 If set, this value is prepended to the Path: header of accepted
257 posts (before pathhost) if it doesn't already appear in the Path:
258 header. The main purpose of this parameter is to configure all
259 news servers within a particular organization to add a common
260 identity string to the Path: header. The default value is unset.
261 pathcluster
263 If set, this value is appended to the Path: header of accepted
264 posts (after pathhost) if it isn't already present as the last
265 element of the Path: header. The main purpose of this parameter is
266 to make several news servers appear as one server. The default
267 value is unset.
268 Note that the Path: header reads right to left, so appended means
270 inserted at the leftmost side of the Path: header.
271 pgpverify
273 Whether to enable PGP verification of control messages other than
274 cancel. This is a boolean value and the default in the inn.conf
275 sample file is based on whether configure found pgp, pgpv, pgpgpg,
276 gpgv, gpgv1, gpgv2, gpg, gpg1 or gpg2. Note that if the parameter
277 is not present in the configuration file, it defaults to false.
278 port
280 What TCP port innd(8) should listen on. The default value is 119,
281 the standard NNTP port.
282 refusecybercancels
284 Whether to refuse all articles whose message IDs start with
285 "<cancel.". This message ID convention is widely followed by spam
286 cancellers, so the vast majority of such articles will be cancels
287 of spam. This check, if enabled, is done before the history check
288 and the message ID is not written to the history file. This is a
289 boolean value and the default is false.
290 This is a somewhat messy, inefficient, and inexact way of refusing
292 spam cancels. A much better way is to ask all of your upstream
293 peers to not send to you any articles with "cyberspam" in the Path:
294 header (usually accomplished by having them mark "cyberspam" as an
295 alias for your machine in their feed configuration). The filtering
296 enabled by this parameter is hard-coded; general filtering of
297 message IDs can be done via the embedded filtering support.
298 remembertrash
300 By default, innd(8) records rejected articles in history so that,
301 if offered the same article again, it can be refused before it is
302 sent. If you wish to disable this behavior, set this to false.
303 This can cause a substantial increase in the amount of bandwidth
304 consumed by incoming news if you have several peers and reject a
305 lot of articles, so be careful with it. Even if this is set to
306 true, INN won't log some rejected articles to history if there's
307 reason to believe the article might be accepted if offered by a
308 different peer, so there is usually no reason to set this to false
309 (although doing so can decrease the size of the history file).
310 This is a boolean value and the default is true.
311 sourceaddress
313 Which local IP address to bind to for outgoing NNTP sockets (used
314 by innxmit(8) among other programs, as well as innfeed(8) as long
315 as not overridden by bindaddress in innfeed.conf(5)). This must be
316 in dotted-quad format (nnn.nnn.nnn.nnn). If set to "all", the
317 operating system will choose the source IP address for outgoing
318 connections. The default value is unset.
319 sourceaddress6
321 Like sourceaddress but for IPv6 sockets. Note that you will
322 generally need to put double quotes ("") around this value if you
323 set it, since IPv6 addresses contain colons.
324 verifycancels
326 Set this to true to enable a simplistic check on all cancel
327 messages, attempting to verify (by simple header comparison) that
328 at least one newsgroup in the cancel message can be found in the
329 article to be cancelled. This check can't be done if the cancel
330 arrives before the article does. This is a boolean value, and the
331 default is false.
332 Note that RFC 5537 (USEPRO) mentions that "cancel control messages
334 are not required to contain From: and Sender: header fields
335 matching the target message. This requirement only encouraged
336 cancel issuers to conceal their identity and provided no security".
337 This check is therefore not done as it is extremely easy to spoof.
338 In order not to actually process any cancel or supersedes messages,
340 you can start innd with the -C flag, or add this flag to the
341 innflags parameter.
342 verifygroups
344 Set this to true to reject incoming articles which contain an
345 unknown newsgroup in the whole list of newsgroups to which they are
346 posted. In case wanttrash is set to true, such articles will still
347 be rejected. This is a boolean value, and the default is false.
348 wanttrash
350 Set this to true if you want to file articles posted to unknown
351 newsgroups (newsgroups not in the active file) into the "junk"
352 newsgroup rather than rejecting them. This is sometimes useful for
353 a transit news server that needs to propagate articles (according
354 to the setting of "Aj" in the newsfeeds feed pattern) in all
355 newsgroups regardless if they're carried locally. This is a
356 boolean value and the default is false.
357 The logtrash parameter specifies whether such articles should be
359 logged as posted to unwanted newsgroups in the news log file.
360 wipcheck
362 If INN is offered an article by a peer on one channel, it will
363 return deferral responses (code 436) to all other offers of that
364 article for this many seconds. (After this long, if the peer that
365 offered the article still hasn't sent it, it will be accepted from
366 other channels.) The default value is 5 and probably doesn't need
367 to be changed.
368 wipexpire
370 How long, in seconds, to keep track of message IDs offered on a
371 channel before expiring articles that still haven't been sent. The
372 default value is 10 and probably doesn't need to be changed.
373 History Settings
375 The following parameter affect the history database.
376 hismethod
378 Which history storage method to use. The only currently supported
379 value is "hisv6". There is no default value; this parameter must
380 be set.
381 "hisv6"
383 Stores history data in the INN history v6 format: history(5)
384 text file and a number of dbz(3) database files; this may be in
385 true history v6 format, or tagged hash format, depending on the
386 build options. Separation of these two is a project which has
387 not yet been undertaken.
388 Article Storage
390 These parameters affect how articles are stored on disk.
391 cnfscheckfudgesize
393 If set to a value other than 0, the claimed size of articles in
394 CNFS cycbuffs is checked against maxartsize plus this value, and if
395 larger, the CNFS cycbuff is considered corrupt. This can be useful
396 as a sanity check after a system crash, but be careful using this
397 parameter if you have changed maxartsize recently. The default
398 value is 0.
399 enableoverview
401 Whether to write out overview data for articles. If set to false,
402 INN will run much faster, but reading news from the system will be
403 impossible (the server will be for news transit only). If this
404 option is set to true, ovmethod must also be set. This is a
405 boolean value and the default is true.
406 extraoverviewadvertised
408 Besides the seven standard overview fields (which are in order
409 "Subject:", "From:", "Date:", "Message-ID:", "References:",
410 ":bytes" and ":lines") and the eighth "Xref:full" field required by
411 INN in order to handle crossposts, it is possible to add other
412 fields in the overview database. This parameter expects a list of
413 such header names. Overview data for these additional headers will
414 be generated for each new article at the time of arrival. For
415 instance, if you specify:
416 extraoverviewadvertised: [ Path Injection-Info ]
418 it implies that nnrpd will advertise "Path:full" and
420 "Injection-Info:full" as the ninth and tenth fields in response to
421 LIST OVERVIEW.FMT and that these two headers will be stored in the
422 overview database for each new article.
423 The default value is an empty list (no additional fields are
425 stored). Owing to optimizations when innd parses the articles it
426 receives, it is possible that all the values in the list are not
427 recognized by innd as standard headers. In such cases, innd will
428 log an error in news.err at startup and the unrecognized fields
429 will be discarded.
430 You should advertise only fields for which the overview database is
432 consistent, that is to say it records the content or absence of
433 these fields for all articles, including those already existing in
434 the news spool. Consequently, if you decide to add or remove a
435 field from your overview database, you should either modify
436 extraoverviewadvertised and rebuild your overview database with
437 makehistory(8) after removing all existing overview files, or
438 implement a transition period by first using extraoverviewhidden as
439 described below.
440 Use of a transition period can accommodate most overview
442 reconfigurations, but certain drastic changes may still require a
443 complete overview rebuild.
444 If for instance you want to store the content of the To: header in
446 addition to the fields already stored above, you should use:
447 extraoverviewadvertised: [ Path Injection-Info ]
449 extraoverviewhidden: [ To ]
450 This way, "To:full" will not be advertised by nnrpd but will be
452 stored for each new article. Once you know that all articles in
453 your overview database record the content or absence of that new
454 field (if expire.ctl(5) is parametered so that all your articles
455 expire within 30 days, you can assume the database is in such a
456 state after 30 days -- however, note that time to expiration can be
457 unpredictable with CNFS and you then have to use "cnfsstat -a" for
458 checking on when buffers have rolled over), you should put:
459 extraoverviewadvertised: [ Path Injection-Info To ]
461 extraoverviewhidden: [ ]
462 The "To" value must be added at the end of the list because order
464 matters and fields mentioned in extraoverviewhidden are generated
465 after those mentioned in extraoverviewadvertised. nnrpd will now
466 advertise "To:full" in response to the LIST OVERVIEW.FMT command
467 ("full" indicates that the header appears followed by its value).
468 Now suppose you want to remove the content of the Injection-Info:
470 header from the overview. As order matters, the overview database
471 will no longer be consistent for the To: header. Therefore, you
472 need to specify:
473 extraoverviewadvertised: [ Path ]
475 extraoverviewhidden: [ To ]
476 And once overview data is accurate for all articles, you should
478 use:
479 extraoverviewadvertised: [ Path To ]
481 extraoverviewhidden: [ ]
482 Note that you have to restart nnrpd if it runs as a daemon whenever
484 you change the value of extraoverviewadvertised; a mere "ctlinnd
485 xexec innd" is not enough.
486 extraoverviewhidden
488 This parameter should be used in conjunction with
489 extraoverviewadvertised (see above for more details). It expects a
490 list of headers names. Overview data for these headers will be
491 generated for each new article at the time of arrival but, contrary
492 to the fields mentioned in extraoverviewadvertised, nnrpd will not
493 advertise them in response to the LIST OVERVIEW.FMT command. It
494 also implies that nnrpd will not look in the overview database for
495 fields mentioned in extraoverviewhidden when it handles HDR, XHDR
496 and XPAT requests; nnrpd will have to parse the headers of the
497 requested articles in the news spool, which is slower than directly
498 querying the overview database.
499 The default value is an empty list (no additional fields are
501 stored). Owing to optimizations when innd parses the articles it
502 receives, it is possible that all the values in the list are not
503 recognized by innd as standard headers. In such cases, innd will
504 log an error in news.err at startup and the unrecognized fields
505 will be discarded.
506 groupbaseexpiry
508 Whether to enable newsgroup-based expiry. If set to false, article
509 expiry is done based on storage class of storing method. If set to
510 true (and overview information is available), expiry is done by
511 newsgroup name. This affects the format of expire.ctl. This is a
512 boolean value and the default is true.
513 mergetogroups
515 Whether to file all postings to "to.*" groups in the
516 pseudonewsgroup "to". If this is set to true, the newsgroup "to"
517 must exist in the active file or INN will not start. (See the
518 discussion of "to." groups in innd(8) under CONTROL MESSAGES.)
519 This is a boolean value and the default is false.
520 nfswriter
522 For servers writing articles, determine whether the article spool
523 is on NFS storage. If set, INN attempts to flush articles to the
524 spool in a more timely manner, rather than relying on the operating
525 system to flush things such as the CNFS article bitmaps. You
526 should only set this parameter if you are attempting to use a
527 shared NFS spool on a machine acting as a single writer within a
528 cluster. This is a boolean value and the default is false.
529 overcachesize
531 How many cache slots to reserve for open overview files. If INN is
532 writing overview files (see enableoverview), ovmethod is set to
533 "tradindexed", and this is set to a value other than 0, INN will
534 keep around and open that many recently written-to overview files
535 in case more articles come in for those newsgroups. Every overview
536 cache slot consumes two file descriptors, so be careful not to set
537 this value too high. You may be able to use the "limit" command to
538 see how many open file descriptors your operating system allows.
539 innd(8) also uses an open file descriptor for each incoming feed
540 and outgoing channel or batch file, and if it runs out of open file
541 descriptors, it may throttle and stop accepting new news. The
542 default value is 128 (which is probably still too low if you have a
543 large number of file descriptors available).
544 This setting is ignored unless ovmethod is set to "tradindexed".
546 ovgrouppat
548 If set, restricts the overview data stored by INN to only the
549 newsgroups matching this comma-separated list of uwildmat(3)
550 expressions. Newsgroups not matching this setting may not be
551 readable, and if groupbaseexpiry is set to true and the storage
552 method for these newsgroups does not have self-expire
553 functionality, storing overview data will fail. The default is
554 unset.
555 ovmethod
557 Which overview storage method to use. Currently supported values
558 are "buffindexed", "ovdb" and "tradindexed". There is no default
559 value; this parameter must be set if enableoverview is true (the
560 default).
561 "buffindexed"
563 It stores overview data and index information into
564 preconfigured large files like CNFS. Fast at writing, the
565 "buffindexed" overview storage method can keep up with a large
566 feed more easily and never consumes additional disk space
567 beyond that allocated to these buffers. The downside is that
568 these buffers are hard to recover in case of corruption and
569 somewhat slower for readers and the expiry process. See the
570 buffindexed.conf(5) man page for more details, and notably how
571 to create the buffers.
572 "ovdb"
574 It stores overview information into a Berkeley DB database,
575 whose development pace has stalled these last years. This
576 method is fast and very robust, but may require more disk
577 space, unless compression is enabled. See the ovdb(5) man page
578 for more details.
579 "tradindexed"
581 It uses two files per newsgroup, one containing the overview
582 data and one containing the index. Fast for readers, but slow
583 to write to because it has to update two files for each
584 incoming article. Its main advantage is to be the best tested,
585 the most reliable and the method with the best recovery tools.
586 storeonxref
588 If set to true, articles will be stored based on the newsgroup
589 names in the Xref: header rather than in the Newsgroups: header.
590 This affects what the patterns in storage.conf apply to. The
591 primary interesting effect of setting this to true is to enable
592 filing of all control messages according to what storage class the
593 control pseudogroups are filed in rather than according to the
594 newsgroups the control messages are posted to. This is a boolean
595 value and the default is true.
596 If the tradspool article storage method is used, storeonxref must
598 be true.
599 useoverchan
601 Whether to innd(8) should create overview data internally through
602 libstorage(3). If set to false, innd creates overview data by
603 itself. If set to true, innd does not create; instead overview
604 data must be created by overchan(8) from an appropriate entry in
605 newsfeeds. Setting to true may be useful, if innd cannot keep up
606 with incoming feed and the bottleneck is creation of overview data
607 within innd. This is a boolean value and the default is false.
608 wireformat
610 Only used with the tradspool storage method, this says whether to
611 write articles in wire format. Wire format means storing articles
612 with "\r\n" at the end of each line and with periods at the
613 beginning of lines doubled, the article format required by the NNTP
614 protocol. Articles stored in this format are suitable for sending
615 directly to a network connection without requiring conversion, and
616 therefore setting this to true can make the server more efficient.
617 The primary reason not to set this is if you have old existing
618 software that looks around in the spool and doesn't understand how
619 to read wire format. Storage methods other than tradspool always
620 store articles in wire format. This is a boolean value and the
621 default is true.
622 xrefslave
624 Whether to act as the slave of another server. If set, INN
625 attempts to duplicate exactly the article numbering of the server
626 feeding it by looking at the Xref: header of incoming articles and
627 assigning the same article numbers to articles as was noted in the
628 Xref: header from the upstream server. The result is that clients
629 should be able to point at either server interchangeably (using
630 some load balancing scheme, for example) and see the same internal
631 article numbering. Servers with this parameter set should
632 generally only have one upstream feed, and should always have
633 nnrpdposthost set to hand locally posted articles off to the master
634 server. The upstream should be careful to always feed articles in
635 order (innfeed(8) can have problems with this in the event of a
636 backlog). This is a boolean value and the default is false.
637 Reading
639 These parameters affect the behavior of INN for readers. Most of them
640 are used by nnrpd(8). There are some special sets of settings that are
641 broken out separately after the initial alphabetized list.
642 Note that the two parameters nnrpperlauth and nnrppythonauth are now
644 obsolete; see "Changes to Perl Authentication Support for nnrpd" in
645 doc/hook-perl and "Changes to Python Authentication and Access Control
646 Support for nnrpd" in doc/hook-python for more information.
647 allownewnews
649 Whether to allow use of the NEWNEWS command by clients. This
650 command used to put a heavy load on the server in older versions of
651 INN, but is now reasonably efficient, at least if only one
652 newsgroup is specified by the client. This is a boolean value and
653 the default is true. If you use the access parameter in
654 readers.conf, be sure to read about the way it overrides
655 allownewnews.
656 articlemmap
658 Whether to attempt to mmap() articles. Setting this to true will
659 give better performance on most systems, but some systems have
660 problems with mmap(). If this is set to false, articles will be
661 read into memory before being sent to readers. This is a boolean
662 value and the default is true.
663 clienttimeout
665 How long (in seconds) a client connection can be idle before it
666 exits. When setting this parameter, be aware that some newsreaders
667 use the same connection for reading and posting and don't deal well
668 with the connection timing out while a post is being composed. If
669 the system isn't having a problem with too many long-lived
670 connections, it may be a good idea to increase this value to 3600
671 (an hour). The default value is 1800 (thirty minutes).
672 initialtimeout
674 How long (in seconds) nnrpd will wait for the first command from a
675 reader connection before dropping the connection. This is a
676 defensive timeout intended to protect the news server from badly
677 behaved reader clients that open and abandon a multitude of
678 connections without every closing them. The default value is 10
679 (ten seconds), which may need to be increased if many clients
680 connect via slow network links.
681 msgidcachesize
683 How many cache slots to reserve for message-IDs to storage token
684 translations. When serving overview data to clients (NEWNEWS,
685 OVER, etc.), nnrpd(8) can cache the storage token associated with a
686 message-ID and save the cost of looking it up in the history file;
687 for some configurations, setting this parameter can save more than
688 90% of the wall clock time for a session. The default value is
689 64000.
690 nfsreader
692 For servers reading articles, determine whether the article spool
693 is on NFS storage. If set, INN will attempt to force articles and
694 overviews to be read directly from the NFS spool rather than from
695 cached copies. You should only set this parameter if you are
696 attempting to use a shared NFS spool on a machine acting as a
697 reader within a cluster. This is a boolean value and the default
698 is false.
699 nfsreaderdelay
701 If nfsreader is set, INN will use the value of nfsreaderdelay to
702 delay the apparent arrival time of articles to clients by this
703 amount. Note that only answers to GROUP and NEWNEWS commands are
704 affected. This value should be tuned based on the NFS cache
705 timeouts locally. The default is 60, that is to say one minute.
706 nnrpdcheckart
708 Whether nnrpd should check the existence of an article before
709 listing it as present in response to an NNTP command. The primary
710 use of this setting is to prevent nnrpd from returning information
711 about articles which are no longer present on the server but which
712 still have overview data available. Checking the existence of
713 articles before returning overview information slows down the
714 overview commands, but reduces the number of "article is missing"
715 errors seen by the client. This is a boolean value and the default
716 is true.
717 nnrpdflags
719 When nnrpd(8) is spawned from innd(8), these flags are passed as
720 arguments to the nnrpd process. This setting does not affect
721 instances of nnrpd that are started in daemon mode, or instances
722 that are started via another listener process such as inetd(8) or
723 xinetd(8). Shell quoting and metacharacters are not supported.
724 This is a string value and the default is unset.
725 nnrpdloadlimit
727 If set to a value other than 0, connections to nnrpd will be
728 refused if the system load average is higher than this value. The
729 default value is 16.
730 noreader
732 Normally, innd(8) will fork a copy of nnrpd(8) for all incoming
733 connections from hosts not listed in incoming.conf. If this
734 parameter is set to true, those connections will instead be
735 rejected with a 502 error code. This should be set to true for a
736 transit-only server that doesn't support readers, or if nnrpd is
737 running in daemon mode or being started out of inetd. This is a
738 boolean value and the default is false.
739 readerswhenstopped
741 Whether to allow readers to connect even if the server is paused or
742 throttled. This is only applicable if nnrpd(8) is spawned from
743 innd(8) rather than run out of inetd or in daemon mode. This is a
744 boolean value and the default is false.
745 readertrack
747 Whether to enable the tracking system for client behavior. Tracked
748 information is recorded to pathlog/tracklogs/log-ID, where ID is
749 determined by nnrpd's PID and launch time. Currently the
750 information recorded includes initial connection and posting; only
751 information about clients listed in nnrpd.track is recorded. In
752 addition, every posted article will be saved in
753 pathlog/trackposts/track.message-id, where message-id is the
754 message ID of the post. This is a boolean value and the default is
755 false.
756 tradindexedmmap
758 Whether to attempt to mmap() tradindexed overviews articles.
759 Setting this to true will give better performance on most systems,
760 but some systems have problems with mmap(). If this is set to
761 false, overviews will be read into memory before being sent to
762 readers. This is a boolean value and the default is true.
763 INN has optional support for generating keyword information
765 automatically from article body text and putting that information in
766 overview for the use of clients that know to look for it (HDR, OVER and
767 XPAT commands). The following parameters control that feature.
768 This may be too slow if you're taking a substantial feed, and probably
770 will not be useful for the average news reader; enabling this is not
771 recommended unless you have some specific intention to take advantage
772 of it.
773 keywords
775 Whether the keyword generation support should be enabled. This is
776 a boolean value and the default is false.
777 If an article already contains a Keywords: header, no keyword
779 generation is done and the original Keywords: header is kept
780 untouched.
781 In order to use this feature, the regex library should be available
783 and INN configured with the --enable-keywords flag. Otherwise, no
784 keywords will be generated, even though this boolean value is set
785 to true. You also have to add the integration of the Keywords:
786 header into the overview with extraoverviewadvertised or
787 extraoverviewhidden.
788 keyartlimit
790 Articles larger than this value in bytes will not have keywords
791 generated for them (since it would take too long to do so). The
792 default value is 100000 (approximately 100 KB).
793 keylimit
795 Maximum number of bytes allocated for keyword data. If there are
796 more keywords than will fit into this many bytes when separated by
797 commas, the rest are discarded. The default value is 512.
798 keymaxwords
800 Maximum number of keywords that will be generated for an article.
801 (The keyword generation code will attempt to discard "noise" words,
802 so the number of keywords actually written into the overview will
803 usually be smaller than this even if the maximum number of keywords
804 is found.) The default value is 250.
805 Posting
807 These parameters are only used by nnrpd(8), inews(1), and other
808 programs that accept or generate postings. There are some special sets
809 of settings that are broken out separately after the initial
810 alphabetized list.
811 addinjectiondate
813 Whether to add an Injection-Date: header field to all local posts.
814 This is a boolean value and the default is true.
815 Note that no Injection-Date: header fields will be added to local
817 posts already containing both a Message-ID: header field and a
818 Date: header field. This is done in conformance with standards, to
819 help minimize the possibility of a loop in e-mail gatewaying and
820 ensure that a newly injected article is not treated as a new,
821 separate article in case of multiple injection of the same article
822 to different injecting agents.
823 addinjectionpostingaccount
825 Whether to add a posting-account attribute to the Injection-Info:
826 header to all local posts giving the username assigned to the user
827 at connection time or after authentication. This is a boolean
828 value and the default is false. There is no intrinsic support for
829 obfuscating the value. That has to be done with a user-written
830 Perl filter, if desired.
831 addinjectionpostinghost
833 Whether to add a posting-host attribute to the Injection-Info:
834 header to all local posts giving an FQDN (when known, by reverse
835 lookup of the client IP address) and IP address of the system from
836 which the post was received. This is a boolean value and the
837 default is true. Note that INN either does not add this attribute
838 or adds the name (when known) and IP address of the client. There
839 is no intrinsic support for obfuscating the name of the client.
840 That has to be done with a user-written Perl filter, if desired.
841 When this parameter is set to true, an FQDN (obtained by reverse
843 lookup of the client IP address or, if unknown, the IP address
844 itself) of the client is also added to the Path: header, after the
845 "!.POSTED" diagnostic.
846 checkincludedtext
848 Whether to check local postings for the ratio of new to quoted text
849 and reject them if that ratio is under 50%. Included text is
850 recognized by looking for lines beginning with ">", "|", or ":".
851 This is a boolean value and the default is false.
852 complaints
854 The value of the mail-complaints-to attribute of the Injection-
855 Info: header added to all local posts. The default is the
856 newsmaster's e-mail address. (If the newsmaster, selected at
857 configure time and defaulting to "usenet", doesn't contain "@", the
858 address will consist of the newsmaster, a "@", and the value of
859 fromhost.)
860 fromhost
862 Contains a domain used to construct e-mail addresses. The address
863 of the local news administrator will be given as <user>@fromhost,
864 where <user> is the newsmaster user set at compile time ("usenet"
865 by default). This setting will also be used by mailpost(8) to
866 fully qualify addresses and by inews(1) to generate the Sender:
867 header (and From: header if missing). The value of the FROMHOST
868 environment variable, if set, overrides this setting. The default
869 is the fully qualified domain name of the local host.
870 localmaxartsize
872 The maximum article size (in bytes) for locally posted articles.
873 Articles larger than this will be rejected. A value of 0 allows
874 any size of article, but note that nnrpd and innd will crash if
875 system memory is exceeded. See also maxartsize, which applies to
876 all articles including those posted locally. The default value is
877 1000000 (approximately 1 MB).
878 moderatormailer
880 The address to which to send submissions for moderated groups. It
881 is only used if the moderators file doesn't exist, or if the
882 moderated group to which an article is posted is not matched by any
883 entry in that file, and takes the same form as an entry in the
884 moderators file. In most cases, "%s@moderators.isc.org" is a good
885 value for this parameter (%s is expanded into a form of the
886 newsgroup name). See moderators(5) for more details about the
887 syntax. The default is unset. If this parameter isn't set and an
888 article is posted to a moderated group that does not have a
889 matching entry in the moderators file, the posting will be rejected
890 with an error.
891 nnrpdauthsender
893 Whether to generate a Sender: header based on reader
894 authentication. If this parameter is set, a Sender: header will be
895 added to local posts containing the identity assigned by
896 readers.conf. If the assigned identity does not include an "@",
897 the reader's hostname is used. If this parameter is set but no
898 identity is assigned, the Sender: header will be removed from all
899 posts even if the poster includes one. This is a boolean value and
900 the default is false.
901 nnrpdposthost
903 If set, nnrpd(8) and rnews(1) will pass all locally posted articles
904 to the specified host rather than trying to inject them locally.
905 See also nnrpdpostport. This should always be set if xrefslave is
906 true. The default value is unset.
907 nnrpdpostport
909 The port on the remote server to connect to to post when
910 nnrpdposthost is used. The default value is 119.
911 organization
913 What to put in the Organization: header if it is left blank by the
914 poster. The value of the ORGANIZATION environment variable, if
915 set, overrides this setting. The default is unset, which tells INN
916 not to insert an Organization: header.
917 spoolfirst
919 If true, nnrpd(8) will spool new articles rather than attempting to
920 send them to innd(8). If false, nnrpd will spool articles only if
921 it receives an error trying to send them to innd. Setting this to
922 true can be useful if nnrpd must respond as fast as possible to the
923 client; however, when set, articles will not appear to readers
924 until they are given to innd. nnrpd won't do this; "rnews -U" must
925 be run periodically to take the spooled articles and post them.
926 This is a boolean value and the default is false.
927 strippostcc
929 Whether to strip To:, Cc:, and Bcc: headers out of all local posts
930 via nnrpd(8). The primary purpose of this setting is to prevent
931 abuse of the news server by posting to a moderated group and
932 including To: or Cc: headers in the post so that the news server
933 will send the article to arbitrary addresses. INN now protects
934 against this abuse in other ways provided mta is set to a command
935 that includes %s and honors it, so this is generally no longer
936 needed. This is a boolean value and the default is false.
937 nnrpd(8) has support for controlling high-volume posters via an
939 exponential backoff algorithm, as configured by the following
940 parameters.
941 Exponential posting backoff works as follows: news clients are indexed
943 by IP address (or username, see backoffauth below). Each time a post
944 is received from an IP address, the time of posting is stored (along
945 with the previous sleep time, see below). After a configurable number
946 of posts in a configurable period of time, nnrpd(8) will begin to sleep
947 for increasing periods of time before actually posting anything
948 (posting backoff is therefore activated). Posts will still be
949 accepted, but at an increasingly reduced rate.
950 After backoff has been activated, the length of time to sleep is
952 computed based on the difference in time between the last posting and
953 the current posting. If this difference is less than backoffpostfast,
954 the new sleep time will be 1 + (previous sleep time * backoffk). If
955 this difference is less than backoffpostslow but greater than
956 backoffpostfast, then the new sleep time will equal the previous sleep
957 time. If this difference is greater than backoffpostslow, the new
958 sleep time is zero and posting backoff is deactivated for this poster.
959 (Note that this does not mean posting backoff cannot be reactivated
960 later in the session.)
961 Exponential posting backoff will not be enabled unless backoffdb is set
963 and backoffpostfast and backoffpostslow are set to something other than
964 their default values.
965 Here are the parameters that control exponential posting backoff:
967 backoffauth
969 Whether to index posting backoffs by user rather than by source IP
970 address. You must be using authentication in nnrpd(8) for a value
971 of true to have any meaning. This is a boolean value and the
972 default is false.
973 backoffdb
975 The path to a directory, writeable by the news user, that will
976 contain the backoff database. There is no default for this
977 parameter; you must provide a path to a creatable or writeable
978 directory to enable exponential backoff.
979 backoffk
981 The amount to multiply the previous sleep time by if the user is
982 still posting too quickly. A value of 2 will double the sleep time
983 for each excessive post. The default value is 1.
984 backoffpostfast
986 Postings from the same identity that arrive in less than this
987 amount of time (in seconds) will trigger increasing sleep time in
988 the backoff algorithm. The default value is 0.
989 backoffpostslow
991 Postings from the same identity that arrive in greater than this
992 amount of time (in seconds) will reset the backoff algorithm.
993 Another way to look at this constant is to realize that posters
994 will be allowed to generate at most 86400/backoffpostslow posts per
995 day. The default value is 1.
996 backofftrigger
998 This many postings are allowed before the backoff algorithm is
999 triggered. The default value is 10000.
1000 TLS/SSL Support for Reading and Posting
1002 Here are the parameters used by nnrpd(8) to provide TLS/SSL support.
1003 The parameters related to certificates are:
1005 tlscafile
1007 The path to a file containing certificate authority root
1008 certificates, used to present a trust chain to a TLS client. This
1009 parameter is only used if nnrpd is built with TLS/SSL support. The
1010 default value is an empty string.
1011 tlscapath
1013 The path to a directory containing certificate authority root
1014 certificates. Each file in the directory should contain one CA
1015 certificate, and the name of the file should be the CA subject name
1016 hash value. See the OpenSSL documentation for more information.
1017 This parameter is only used if nnrpd is built with TLS/SSL support.
1018 The default value is pathetc.
1019 tlscertfile
1021 The path to a file containing the server certificate to present to
1022 TLS clients. This parameter is only used if nnrpd is built with
1023 TLS/SSL support. The default value is pathetc/cert.pem.
1024 Note that unlike Apache's SSLCertificateFile directive, tlscertfile
1026 should not contain a concatenation of certificates. Instead, if
1027 you have a certificate authority root certificate, set tlscafile to
1028 its path.
1029 tlskeyfile
1031 The path to a file containing the encryption key for the server
1032 certificate named in tlscertfile. This may be the same as
1033 tlscertfile if, when you created the certificate, you put the key
1034 in the same file (if, for example, you gave the same file name to
1035 both the -out and -keyout options to "openssl req"). This
1036 parameter is only used if nnrpd is built with TLS/SSL support. The
1037 default value is pathetc/key.pem.
1038 This file must only be readable by the news user or nnrpd will
1040 refuse to use it.
1041 Finally, here are the parameters that can be used to tighten the level
1043 of security provided by TLS/SSL in case new attacks exploitable in NNTP
1044 on the TLS protocol or some supported cipher suite are discovered:
1045 tlsciphers
1047 The string describing the cipher suites OpenSSL will support for
1048 TLS 1.2 and below. See OpenSSL's ciphers(1) command documentation
1049 for details. The default is unset, which uses OpenSSL's default
1050 cipher suite list.
1051 tlsciphers13
1053 The string describing the cipher suites OpenSSL will support for
1054 TLS 1.3. See OpenSSL's ciphers(1) command documentation for
1055 details. The default is unset, which uses OpenSSL's default cipher
1056 suite list.
1057 Note that a separate cipher suite configuration parameter is needed
1059 for TLS 1.3 because TLS 1.3 cipher suites are not compatible with
1060 TLS 1.2, and vice-versa. In order to avoid issues where legacy
1061 TLS 1.2 cipher suite configuration configured in the tlsciphers
1062 parameter would inadvertently disable all TLS 1.3 cipher suites,
1063 the inn.conf configuration has been separated out.
1064 tlscompression
1066 Whether to enable or disable TLS/SSL-level compression support, if
1067 the negotiated protocol supports it (notably, TLS 1.3 no longer
1068 supports it). This is a boolean and the default is false, that is
1069 to say compression is disabled, so as to follow the best current
1070 practices for a secure use of TLS in application protocols (see
1071 RFC 8143 for NNTP).
1072 Note that enabling TLS/SSL-level compression will be possible only
1074 if the OpenSSL library INN has been built with, supports that
1075 feature.
1076 tlseccurve
1078 The name of the elliptic curve to use for ephemeral key exchanges.
1079 To see the list of curves supported by OpenSSL, use "openssl
1080 ecparam -list_curves".
1081 The default is unset, which means an appropriate curve is auto-
1083 selected (if your OpenSSL version is at least 1.0.2) or the NIST
1084 P-256 curve is used.
1085 This option is only effective if your OpenSSL version has ECDH
1087 support.
1088 tlspreferserverciphers
1090 Whether to let the client or the server decide the preferred cipher
1091 suite, signature algorithm or elliptic curve to use for an incoming
1092 connection. This is a boolean and the default is true, that is to
1093 say the server will choose following its own preferences.
1094 tlsprotocols
1096 The list of TLS/SSL protocol versions to support. Valid protocols
1097 are SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3. The default
1098 value is to only allow TLS protocols:
1099 tlsprotocols: [ TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 ]
1101 Note that the listed protocols will be enabled only if the OpenSSL
1103 library INN has been built with, supports them. In case OpenSSL
1104 supports protocols more recent than TLSv1.3, they will be
1105 automatically enabled (which anyway is fine regarding security, as
1106 newer protocols are supposed to be more secure).
1107 Monitoring
1109 These parameters control the behavior of innwatch(8), the program that
1110 monitors INN and informs the news administrator if anything goes wrong
1111 with it.
1112 doinnwatch
1114 Whether to start innwatch(8) from rc.news. This is a boolean
1115 value, and the default is true.
1116 innwatchbatchspace
1118 Free space in pathoutgoing, in inndf(8) output units (normally
1119 kilobytes), at which innd(8) will be throttled by innwatch(8),
1120 assuming a default innwatch.ctl. The default value is 4000.
1121 innwatchlibspace
1123 Free space in pathdb, in inndf(8) output units (normally
1124 kilobytes), at which innd(8) will be throttled by innwatch(8),
1125 assuming a default innwatch.ctl. The default value is 25000.
1126 innwatchloload
1128 Load average times 100 at which innd(8) will be restarted by
1129 innwatch(8) (undoing a previous pause or throttle), assuming a
1130 default innwatch.ctl. The default value is 1000 (that is, a load
1131 average of 10.00).
1132 innwatchhiload
1134 Load average times 100 at which innd(8) will be throttled by
1135 innwatch(8), assuming a default innwatch.ctl. The default value is
1136 2000 (that is, a load average of 20.00).
1137 innwatchpauseload
1139 Load average times 100 at which innd(8) will be paused by
1140 innwatch(8), assuming a default innwatch.ctl. The default value is
1141 1500 (that is, a load average of 15.00).
1142 innwatchsleeptime
1144 How long (in seconds) innwatch(8) will sleep between each check of
1145 INN. The default value is 600.
1146 innwatchspoolnodes
1148 Free inodes in patharticles at which innd(8) will be throttled by
1149 innwatch(8), assuming a default innwatch.ctl. The default value is
1150 200.
1151 innwatchspoolspace
1153 Free space in patharticles and pathoverview, in inndf(8) output
1154 units (normally kilobytes), at which innd(8) will be throttled by
1155 innwatch(8), assuming a default innwatch.ctl. The default value is
1156 25000.
1157 Logging
1159 These parameters control what information INN logs.
1160 docnfsstat
1162 Whether to start cnfsstat(8) when innd(8) is started. cnfsstat
1163 will log the status of all CNFS cycbuffs to syslog on a periodic
1164 basis (frequency is the default for "cnfsstat -l", currently 600
1165 seconds). This is a boolean value and the default is false.
1166 htmlstatus
1168 Whether innd should write the status report as HTML file or in
1169 plain text. The HTML status file goes to pathhttp/inn_status.html,
1170 while the plain text status file is written to pathlog/inn.status.
1171 This is a boolean value and the default is true (an HTML status
1172 file is written). Also see the status parameter.
1173 incominglogfrequency
1175 How many articles to process on an incoming channel before logging
1176 the activity. The default value is 200.
1177 logartsize
1179 Whether the size of accepted articles (in bytes) should be written
1180 to the article log file. This is useful for flow rate statistics
1181 and is recommended. This is a boolean value and the default is
1182 true.
1183 logcancelcomm
1185 Set this to true to log "ctlinnd cancel" commands to syslog. This
1186 is a boolean value and the default is false.
1187 logcycles
1189 How many old logs scanlogs(8) keeps. scanlogs(8) is generally run
1190 by news.daily(8) and will archive compressed copies of this many
1191 days worth of old logs. The default value is 3.
1192 logipaddr
1194 Whether the verified name of the remote feeding host should be
1195 logged to the article log for incoming articles rather than the
1196 last entry in the Path: header. The only reason to ever set this
1197 to false is due to some interactions with newsfeeds flags; see
1198 newsfeeds(5) for more information. This is a boolean value and the
1199 default is true.
1200 logsitename
1202 Whether the names of the sites to which accepted articles will be
1203 sent should be put into the article log file. This is useful for
1204 debugging and statistics. This is a boolean value and the default
1205 is true.
1206 logstatus
1208 Whether innd should write a shortened version of its status report
1209 to syslog every status seconds. This is a boolean value and the
1210 default is true. If set to true, see the status parameter for more
1211 details on how to enable status reporting.
1212 logtrash
1214 Whether innd should add a line in the news log file to report
1215 unwanted newsgroups (that is to say newsgroups not locally carried
1216 by the news server). This is a boolean value and the default is
1217 true. It may be useful to set it to false when wanttrash is set to
1218 true.
1219 nnrpdoverstats
1221 Whether nnrpd overview statistics should be logged via syslog.
1222 This can be useful for measuring overview performance. This is a
1223 boolean value and the default is true.
1224 nntplinklog
1226 Whether to put the storage API token for accepted articles (used by
1227 nntplink) in the article log. This is a boolean value and the
1228 default is false.
1229 stathist
1231 Where to write history statistics for analysis with
1232 contrib/stathist.pl; this can be modified with ctlinnd(8) while
1233 innd is running. Logging does not occur unless a path is given,
1234 and there is no default value.
1235 status
1237 How frequently (in seconds) innd(8) should write out a status
1238 report. The report is written to pathhttp/inn_status.html or
1239 pathlog/inn.status depending on the value of htmlstatus. If this
1240 is set to 0 or "false", status reporting is disabled. The default
1241 value is 600 (that is to say reports are written every 10 minutes).
1242 timer
1244 How frequently (in seconds) innd(8) should report performance
1245 timings to syslog. If this is set to 0, performance timing is
1246 disabled. Enabling this is highly recommended, and innreport(8)
1247 can produce a nice summary of the timings. If set to 0,
1248 performance timings in nnrpd(8) are also disabled, although nnrpd
1249 always reports statistics on exit and therefore any non-zero value
1250 is equivalent for it. The default value is 600 (that is to say
1251 performance timings are reported every 10 minutes).
1252 System Tuning
1254 The following parameters can be modified to tune the low-level
1255 operation of INN. In general, you shouldn't need to modify any of them
1256 except possibly rlimitnofile unless the server is having difficulty.
1257 badiocount
1259 How many read or write failures until a channel is put to sleep or
1260 closed. The default value is 5.
1261 blockbackoff
1263 Each time an attempted write returns EAGAIN or EWOULDBLOCK, innd(8)
1264 will wait for an increasing number of seconds before trying it
1265 again. This is the multiplier for the sleep time. If you're
1266 having trouble with channel feeds not keeping up, it may be good to
1267 change this value to 2 or 3, since then when the channel fills INN
1268 will try again in a couple of seconds rather than waiting two
1269 minutes. The default value is 120.
1270 chaninacttime
1272 The time (in seconds) to wait between noticing inactive channels.
1273 The default value is 600.
1274 chanretrytime
1276 How many seconds to wait before a channel restarts. The default
1277 value is 300.
1278 datamovethreshold
1280 The threshold for deciding whether to move already-read data to the
1281 top of buffer or extend the buffer. The buffer described here is
1282 used for reading NNTP data. Increasing this value may improve
1283 performance, but it should not be increased on Systems with
1284 insufficient memory. Permitted values are between 0 and 1048576
1285 (out of range values are treated as 1048576) and the default value
1286 is 16384.
1287 icdsynccount
1289 How many article writes between updating the active and history
1290 files. The default value is 10.
1291 keepmmappedthreshold
1293 When using buffindexed, retrieving overview data (that is,
1294 responding to OVER or running expireover) causes mmapping of all
1295 overview data blocks which include requested overview data for
1296 newsgroup. But for high volume newsgroups like control.cancel,
1297 this may cause too much mmapping at once leading to system resource
1298 problems. To avoid this, if the amount to be mmapped exceeds
1299 keepmmappedthreshold (in KB), buffindexed mmap's just one overview
1300 block (8 KB). This parameter is specific to buffindexed overview
1301 storage method. The default value is 1024 (1 MB).
1302 maxcmdreadsize
1304 If set to anything other than 0, maximum buffer size (in bytes) for
1305 reading NNTP command will have this value. It should not be large
1306 on systems which are slow to process and store articles, as that
1307 would lead to innd(8) spending a long time on each channel and
1308 keeping other channels waiting. The default value is BUFSIZ
1309 defined in stdio.h (1024 in most environments, see setbuf(3)).
1310 maxforks
1312 How many times to attempt a fork(2) before giving up. The default
1313 value is 10.
1314 nicekids
1316 If set to anything other than 0, all child processes of innd(8)
1317 will have this nice(2) value. This is usually used to give all
1318 child processes of innd(8) a lower priority (higher nice value) so
1319 that innd(8) can get the lion's share of the CPU when it needs it.
1320 The default value is 4.
1321 nicenewnews
1323 If set to anything greater than 0, all nnrpd(8) processes that
1324 receive and process a NEWNEWS command will nice(2) themselves to
1325 this value (giving other nnrpd processes a higher priority). The
1326 default value is 0. Note that this value will be ignored if set to
1327 a lower value than nicennrpd (or nicekids if nnrpd(8) is spawned
1328 from innd(8)).
1329 nicennrpd
1331 If set to anything greater than 0, all nnrpd(8) processes will
1332 nice(1) themselves to this value. This gives other news processes
1333 a higher priority and can help overchan(8) keep up with incoming
1334 news (if that's the object, be sure overchan(8) isn't also set to a
1335 lower priority via nicekids). The default value is 0, which will
1336 cause nnrpd(8) processes spawned from innd(8) to use the value of
1337 nicekids, while nnrpd(8) run as a daemon will use the system
1338 default priority. Note that for nnrpd(8) processes spawned from
1339 innd(8), this value will be ignored if set to a value lower than
1340 nicekids.
1341 pauseretrytime
1343 Wait for this many seconds before noticing inactive channels. Wait
1344 for this many seconds before innd processes articles when it's
1345 paused or the number of channel write failures exceeds badiocount.
1346 The default value is 300.
1347 peertimeout
1349 How long (in seconds) an innd(8) incoming channel may be inactive
1350 before innd closes it. The default value is 3600 (an hour).
1351 rlimitnofile
1353 The maximum number of file descriptors that innd(8) or innfeed(8)
1354 can have open at once. If innd(8) or innfeed(8) attempts to open
1355 more file descriptors than this value, it is possible the program
1356 may throttle or otherwise suffer reduced functionality. The number
1357 of open file descriptors is roughly the maximum number of incoming
1358 feeds and outgoing batches for innd(8) and the number of outgoing
1359 streams for innfeed(8). If this parameter is set to a negative
1360 value, the default limit of the operating system will be used; this
1361 will normally be adequate on systems other than Solaris. Nearly
1362 all operating systems have some hard maximum limit beyond which
1363 this value cannot be raised, usually either 128, 256, or 1024. The
1364 default value of this parameter is "-1". Setting it to 256 on
1365 Solaris systems is highly recommended.
1366 Paths Names
1368 patharchive
1369 Where to store archived news. The default value is
1370 pathspool/archive.
1371 patharticles
1373 The path to where the news articles are stored (for storage methods
1374 other than CNFS). The default value is pathspool/articles.
1375 pathbin
1377 The path to the news binaries. The default value is pathnews/bin.
1378 pathcontrol
1380 The path to the files that handle control messages. The code for
1381 handling each separate type of control message is located here. Be
1382 very careful what you put in this directory with a name ending in
1383 ".pl", as it can potentially be a severe security risk. The
1384 default value is pathbin/control.
1385 pathdb
1387 The path to the database files used and updated by the server
1388 (currently, active, active.times, history and its indices, and
1389 newsgroups). The default value is pathnews/db.
1390 pathetc
1392 The path to the news configuration files. The default value is
1393 pathnews/etc.
1394 pathfilter
1396 The path to the Perl and Python filters. The default value is
1397 pathbin/filter.
1398 pathhttp
1400 Where any HTML files (such as periodic status reports) are placed.
1401 If the news reports should be available in real-time on the web,
1402 the files in this directory should be served by a web server. The
1403 default value is the value of pathnews/http.
1404 pathincoming
1406 Location where incoming batched news is stored. The default value
1407 is pathspool/incoming.
1408 pathlog
1410 Where the news log files are written. The default value is
1411 pathnews/log.
1412 pathnews
1414 The home directory of the news user and usually the root of the
1415 news hierarchy. There is no default; this parameter must be set in
1416 inn.conf or INN will refuse to start.
1417 pathoutgoing
1419 Default location for outgoing feed files. The default value is
1420 pathspool/outgoing.
1421 pathoverview
1423 The path to news overview files. The default value is
1424 pathspool/overview.
1425 pathrun
1427 The path to files required while the server is running and run-time
1428 state information. This includes lock files and the sockets for
1429 communicating with innd(8). This directory and the control sockets
1430 in it should be protected from unprivileged users other than the
1431 news user. The default value is pathnews/run.
1432 pathspool
1434 The root of the news spool hierarchy. This used mostly to set the
1435 defaults for other parameters, and to determine the path to the
1436 backlog directory for innfeed(8). The default value is
1437 pathnews/spool.
1438 pathtmp
1440 Where INN puts temporary files. For security reasons, this is not
1441 the same as the system temporary files directory (INN creates a lot
1442 of temporary files with predictable names and does not go to
1443 particularly great lengths to protect against symlink attacks and
1444 the like; this is safe provided that normal users can't write into
1445 its temporary directory). The default value is set at configure
1446 time and defaults to pathnews/tmp.
1447
1449 Here is a very minimalist example that only sets those parameters that
1450 are required.
1451 mta: "/usr/lib/sendmail -oi -oem %s"
1453 ovmethod: tradindexed
1454 pathhost: news.example.com
1455 pathnews: /usr/local/news
1456 hismethod: hisv6
1457 For a more comprehensive example, see the sample inn.conf distributed
1459 with INN and installed as a starting point; it contains all of the
1460 default values for reference.
1461
1463 Written by Rich $alz <rsalz@uunet.uu.net> for InterNetNews and since
1464 modified, updated, and reorganized by innumerable other people.
1465 $Id: inn.conf.pod 10523 2021-01-17 21:52:00Z iulius $
1467
1469 inews(1), innd(8), innwatch(8), makehistory(8), nnrpd(8), rnews(1).
1470 Nearly every program in INN uses this file to one degree or another.
1472 The above are just the major and most frequently mentioned ones.
1473INN 2.6.4 2021-01-21 INN.CONF(5)