Section 8.9. Network News Services

8.9. Network News Services

The Network News Transport Protocol (NNTP) is a staple of the old-style Internet that continues to be useful today. The most popular newsgroup service, USENET, contains tens of thousands of groups dedicated to almost every subject imaginable, including car repair, hunting, computers, child development, travel, and the like. Some corporations have even begun establishing operations involving technical support for their products on private news servers. Microsoft has quite an extensive assisted community thriving on its news server at msnews.microsoft.com.

IIS 6 includes an NNTP server that you can install to create your own newsgroups for internal or external use. In this section I'll walk you through installing, configuring, and using your NNTP server.

8.9.1. Creating a Newsgroup Server

You can choose to install the newsgroup portion of IIS when you install IIS itself, so a default news server has already been created. But if you need a separate server, perhaps one for testing, the procedure is as follows:

1. Open IIS Manager.

2. Open the Action menu, and from the New menu, select NNTP Virtual Server.

3. The New NNTP Virtual Server Wizard appears. Click Next to skip the introductory text.

4. Enter a friendly name for the new news server that will appear on all administrative pages. Click Next.

5. Select the IP address on which the virtual server will live, and enter the port number on which the server will run. The defaults are All Unassigned and 119, respectively, unless you're creating a second server where the first server has already accepted the default settings, in which case the default port won't be available.

6. In this step, tell IIS where to put and from where to read the files associated with the newsgroups carried on this virtual server. On the first screen, you tell IIS where it needs to store control and configuration information (called internal server files) for the news server.

7. On the next screen, you tell IIS where to store the actual contents of the newsgroups; this latter bit is called the storage medium. The default is c:\inetpub\nntpfile. This also can be a network directory; enter a UNC network path to take advantage of this. Click Next to continue.

8. Click Finish to confirm your choices on the wizard.

You have now created an NNTP server .

8.9.2. Modifying NNTP Server Properties

Once you've created a news server, you might find it helpful to customize its settings to suit your environment. In this section, I'll walk through the specific options available to mold your virtual news server into something that fits your business needs.

To get started, right-click the virtual NNTP server within IIS Manager, and select Properties from the context menu. The screen shown in Figure 8-38 will appear.

Let's step through each tab and discuss the available settings.

8.9.2.1. General

Figure 8-39 shows the General tab.

On the General tab, you can specify the IP address and port assignment of the news server. (You can use the Advanced button to specify multiple IP address assignments for this site.) You also can limit the number of inbound TCP connections to the server, and specify a path header, which is a string of data intended to allow upstream and downstream news servers to determine how to post a message. In addition, you can enable logging, which works in the same manner as the web and FTP logging that I covered earlier in this chapter.

8.9.2.2. Access

Figure 8-40 shows the Access tab.

The Access tab enables you to control who has access to your news server, and in what context that person has accessin other words, how to authenticate non-anonymous (authenticated) users to the web site. Click the Edit button under the Access Control section of the tab. You'll see a screen, called Authentication Methods. Anonymous access to your news server is enabled here by default, so anyone

Figure 8-38. NNTP virtual server properties

can view the newsgroups on your server. You also can configure the user account under which anonymous users will automatically connect by clicking the Anonymous button on the appropriate tab.

The functionality on this tab is nearly identical to the properties sheet for the other types of services I covered in this chapter. See those other sections for information on the configuration options for this tab.

Specially, the Secure Communications section provides a way to ensure that data transmission sessions between a host and a client are created with proof that the server is who it says it is. This is done with certificates. See the web site portion of this chapter for more on using certificates to authenticate various entities.

8.9.2.3. Settings

Figure 8-41 shows the Settings tab.

The Settings tab includes options that pertain strictly to newsgroups and postings. You can enable or disable posting to the newsgroups from clients and set a limit on the size of a post the server will accept. You also can limit the size of a connectionactually, the bandwidth that a user will use when postingso that he or she doesn't overload your machine with multiple small messages at small intervals.

Figure 8-39. The General tab

Figure 8-40. The Access tab

Figure 8-41. The Settings tab

The feed options currently have no function because the feature has yet to be implemented. This is definitely a limitation of the NNTP service in IIS. If you need newsfeed functionalitythe pushing and pulling of articles from servers across the Internetyou should investigate Microsoft Exchange or another third-party solution.

The preceding paragraph isn't entirely true: you can use a script called rfeed.vbs in system32\inetsrv to configure push and pull feeds with USENET servers. However, the mechanisms to allow the GUI to be used to administer newsfeeds certainly haven't been implemented yet, and on a personal basis, that makes me loathe to use the functionality in a production environment. It smacks of an un- or under-tested feature. Your mileage may vary, however.

You can allow control messages, which instruct the server how to post messages and create and delete groups within a hierarchy. Plus, you can specify the SMTP server to be used when a moderated newsgroup is used. In a moderated group, posts are sent to a specific person who then approves the post for publishing to the newsgroup. You need to set an outgoing mail server so that the moderator can be notified via email when a new posting is made. You also can set the default domain for the moderator's email.

8.9.2.4. Security

Figure 8-42 shows the Security tab.

Figure 8-42. The Security tab

On the Security tab, simply add the Windows user accounts that correspond to users that should have operator privileges on this news server. These people can log on to and make configuration changes to the virtual server itself.

8.9.3. Virtual NNTP Directories

Virtual NNTP directories offer a way for you to distribute content among multiple servers in your organization. For example, one server can host the accounting.* groups, while another can hold the sales.* groups. By using virtual directories , you can specify which servers hold what parts of your group hierarchy.

To create a new virtual directory, open IIS Manager, expand the NNTP server node, right-click the server, and select Virtual Directory from the New menu. The New Virtual Directory Creation Wizard appears. On the first screen, enter the part of the hierarchy that the new virtual directory should serve. This can be as far up or down on the tree of groups that you have as you like. Once you've finished, click Next, and then select the storage medium on which the new virtual directory will store its content. Here, select a remote machine that should host these groups by using a network path. You'll also need to provide credentials so that IIS can authenticate to the remote machine. Click Next, and then Finish, and your new virtual directory will be created.

8.9.3.1. Modifying news directory properties

As you'll recall from the news server creation wizard, all news contentthe groups and the postingsare stored within directories on the filesystem. The initial wizard makes a great deal of assumptions about how you want these directories configured, so it might be a good idea to review the settings in force and change them to suit your environment. To view the properties of individual directories, open IIS Manager, and under the NNTP Server node on the tree in the left pane, select the Virtual Directories section, right-click it, and choose Properties.

Now, you can edit the actual directory (which can be on a local or network filesystem) where the content will be stored. You also can require secure communications for only this virtual directory, and not all NNTP sites on the machine. Plus, there are options to enable or disable posting to the groups contained within the directory, to restrict the visibility of certain groups based on their NTFS permissions to the directory, and to log connections to the server. All these options should be familiar, and I've covered them elsewhere in this section or chapter.

8.9.4. Creating Newsgroups and Hierarchies

When IIS is installed, no newsgroups are present on the system by default. Because the feed functionality of the raw NNTP service in IIS is not yet implemented, to make your server really useful you'll need to create a hierarchy of newsgroups. You can do this by department, by division, by office location, or by any other division that makes sense. Some companies have internal help desks through a newsgroup, named losangeles.helpdesk, Chicago.helpdesk, and newyork.helpdesk, and others simply have newsgroups available by departmentfor example, sales.products.widgets.presalequestions and customerservice.warranties.extended.

To define new newsgroups, use the New Newsgroup Wizard, which you can find in IIS Manager under the NNTP Virtual Server node of the left pane. Right-click the node and select Newsgroups from the New menu. Then, follow these steps:

1. Enter the name of your new newsgroup, and then click Next.

2. Enter a description and friendly name for this group, and click Next.

3. Review the information you've entered, and click Finish to create the group.

Now, review the properties for the new group and customize it for your needs. In IIS Manager, right-click the group and select Properties. You can specify whether the group should be read-only, which is useful if you have information that shouldn't be edited or moderated, which is great for controlling the dissemination of information to the group.

8.9.5. Article Expiration

You might find it advantageous to have some articles in groups automatically expire or become unavailable at a certain point in time. The information contained in certain articles might be stale, or you might be concerned with the growing cost of storage for articles that no one reviews anymore. To set an expiration policy, expand the NNTP virtual server node within IIS Manager and select Expiration Policies. Right-click it, and select Expiration Policy from the New menu. Click through the introductory material to get started.

The first screen is where you define the groups to be affected by the policy. By default, the policy affects all configured groups. Click Add to include a specific group or hierarchy in the list, and click Remove to delete a group from the list. You can then move additional items up and down within the list to specify how the expiration policy is inherited. Groups that will be affected by the policy are denoted by a check, and groups that won't receive or enforce the policy have a red X beside them in the list. Move a group up to include it in a policy; move a group down to exclude it.

Next, specify the number of hours after which IIS will remove old articles. The default is 168, which indicates that the server will retain seven days' worth of postings.