INTERNET-DRAFT Charles H. Lindsey
Usenet Format Working Group University of Manchester
January
November 2006
News Article Architecture and Protocols
<draft-ietf-usefor-usepro-05.txt>
<draft-ietf-usefor-usepro-06.txt>
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
.QP Internet-Drafts are working documents of the Internet
Engineering Task Force (IETF), its areas, and its working groups.
Note that other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-Drafts
as reference material or to cite them other than as "work in
progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.html.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire in July 2006. May 2007.
Abstract
This Draft, together with its companion draft [USEFOR], are
intended as standards track documents, together obsoleting RFC
1036, which itself dates from 1987.
This Standard defines the architecture of Netnews systems and
specifies the requirements to be met by software which originates,
distributes, stores and displays Netnews articles.
Backward compatibility has been a major goal of this endeavour, but
where this standard and earlier documents or practices conflict, this
standard should be followed. In most such cases, current practice is
already compatible with these changes.
A companion Best Current Practice document [USEAGE], addressing
requirements which are present for Social rather than Normative
reasons is in preparation.
[This is the latest in the line of USEPRO drafts. However, the USEFOR
Working Group is currently considering the possibility of a complete
rewrite of this document.]
[The use of the words "this standard" within this document when
referring to itself does not imply that this draft yet has pretensions
to be a standard, but rather indicates what will become the case if and
when it is accepted as an RFC with the status of a proposed or draft
standard.]
[Remarks enclosed in square brackets and aligned with the left margin,
such as this one, are not part of this draft, but are editorial notes to
explain matters amongst ourselves, or to point out alternatives, or to
assist the RFC Editor.]
[In this draft, references to [NNTP] are to be replaced by references to
the RFC arising from the series of drafts draft-ietf-nntpext-base-*.txt,
which has now passed its IETF last call.]
Table of Contents
1. Introduction .................................................. 0
1.1. Basic Concepts ............................................ 0
1.2. Objectives ................................................ 0
1.3. Historical Outline ........................................ 0
2. Definitions, Notations and Conventions ........................ 0
2.1. Definitions ............................................... 0
2.2. Defining the Architecture ................................. 0
2.3. Identification of news servers ............................ 0
2.4. Variant Header Fields ..................................... 0
2.5. Textual Notations ......................................... 0
3. Changes to the existing protocols ............................. 0
3.1. Protocol Changes .......................................... 0
3.2. Transitional Arrangements ................................. 0
4. Transport ..................................................... 0
5.
4. Definition of new Media Types ................................. 0
5.1.
4.1. Application/news-transmission ............................. 0
5.2.
4.2. Message/news obsoleted .................................... 0
5.3.
4.3. Application/news-groupinfo ................................ 0
5.4.
4.4. Application/news-checkgroups .............................. 0
6.
5. Control Messages .............................................. 0
6.1.
5.1. Digital Signature of Header Fields ........................ 0
6.2.
5.2. Group Control Messages .................................... 0
6.2.1.
5.2.1. The 'newgroup' Control Message ........................ 0
6.2.1.1.
5.2.1.1. The Body of the 'newgroup' Control Message ........ 0
6.2.1.2.
5.2.1.2. Initial Articles .................................. 0
6.2.1.3.
5.2.1.3. Example ........................................... 0
6.2.2.
5.2.2. The 'rmgroup' Control Message ......................... 0
6.2.2.1.
5.2.2.1. Example ........................................... 0
6.2.3.
5.2.3. The 'mvgroup' Control Message ......................... 0
6.2.3.1.
5.2.3.1. Example ........................................... 0
6.2.4.
5.2.4. The 'checkgroups' Control Message ..................... 0
6.3.
5.3. Cancel .................................................... 0
6.4.
5.4. Ihave, sendme ............................................. 0
6.5.
5.5. Obsolete control messages. ............................... 0
7.
6. Duties of Various Agents ...................................... 0
7.1.
6.1. General principles to be followed ......................... 0
7.2.
6.2. Duties of an Injecting Agent .............................. 0
7.2.1.
6.2.1. Proto-articles ........................................ 0
7.2.2.
6.2.2. Procedure to be followed by Injecting Agents .......... 0
7.2.3.
6.2.3. Procedure for Forwarding to a Moderator ............... 0
7.3.
6.3. Duties of a Relaying Agent ................................ 0
7.3.1.
6.3.1. Path Header Field Example ............................. 0
7.4.
6.4. Duties of a Serving Agent ................................. 0
7.5.
6.5. Duties of a Posting Agent ................................. 0
7.6.
6.6. Duties of a Followup Agent ................................ 0
7.6.1.
6.6.1. Construction of the References header field ........... 0
7.7.
6.7. Duties of a Reading Agent ................................. 0
7.8.
6.8. Duties of a Moderator ..................................... 0
7.9.
6.9. Duties of a Gateway ....................................... 0
7.9.1.
6.9.1. Duties of an Outgoing Gateway ......................... 0
7.9.2.
6.9.2. Duties of an Incoming Gateway ......................... 0
7.9.3.
6.9.3. Example ............................................... 0
8.
7. Security and Related Considerations ........................... 0
8.1.
7.1. Leakage ................................................... 0
8.2.
7.2. Attacks ................................................... 0
8.2.1.
7.2.1. Denial of Service ..................................... 0
8.2.2.
7.2.2. Compromise of System Integrity ........................ 0
8.3.
7.3. Liability ................................................. 0
9.
8. IANA Considerations ........................................... 0
10.
9. References ................................................... .................................................... 0
10.1.
9.1. Normative References ..................................... ...................................... 0
10.2.
9.2. Informative References ................................... .................................... 0
11.
10. Acknowledgements ............................................. 0
12.
11. Contact Address .............................................. 0
Appendix A - Obsolete Control Messages ............................ 0
Appendix B - Differences from the Protocols in RFC 1036 and its
derivatives ....................................................... 0
Appendix C - Transitional Arrangements ............................ 0
Appendix D - Notices .............................................. 0
Appendix C E - Change Log ........................................... 0
1. Introduction
1.1. Basic Concepts
"Netnews" is a set of protocols for generating, storing and
retrieving news "articles" (which resemble email messages) and for
exchanging them amongst a readership which is potentially widely
distributed. It is organized around "newsgroups", with the
expectation that each reader will be able to see all articles posted
to each newsgroup "articles", as introduced in which he participates. These protocols most
commonly use a flooding algorithm which propagates copies throughout
a network of participating servers. Typically, only one copy is
stored per server, and each server makes it available on demand to
readers able to access that server. F-1.1.
"Usenet" is a particular worldwide publicly accessible network based
upon the Netnews protocols, with the newsgroups being organized into
recognized "hierarchies". Anybody can join (it is simply necessary
to negotiate an exchange of articles with one or more other
participating hosts).
An important characteristic of Usenet is the lack of any requirement
for a central administration or for the establishment of any
controlling host to manage the network. Nevertheless, administrative
agencies do exists with varying degrees of authority to establish
"policies" applicable to particular parts of Usenet.
A "policy" is a rule intended to facilitate the smooth operation of a
network by establishing parameters which restrict behaviour that,
whilst technically unexceptionable, would nevertheless contravene
some accepted standard of "Good Netkeeping". Since the ultimate
beneficiaries of a network are its human readers, who will be less
tolerant of poorly designed interfaces than mere computers, articles
in breach of established policy can cause considerable annoyance to
their recipients.
[Could omit that last sentence.] sentence, and perhaps even the whole paragraph?]
1.2. Objectives
The purpose of this present standard is to define the overall
architecture and the protocols to be used for Netnews in general, and
for Usenet in particular, and to set standards to be followed by
software that implements those protocols. A The companion standard
[USEFOR] sets out the canonical format of news articles exchanged
between the various agents comprising that architecture. In this
standard, references to individual sections in the companion [USEFOR]
are prefixed with "F-".
A set of hosts within a network which, by mutual arrangement,
operates some variant (whether more or less restrictive) of the
Netnews protocols is a "cooperating subnet".
[It is not clear whether we still need that definition.]
It is NOT the purpose of this standard to settle matters of policy,
nor aspects of software behaviour which do not impinge upon the
generation, transmission, storage and reception of articles, nor how
the authority of various agencies to create such policies and to
exercise control or oversight of the various parts of Usenet is
established. For these purposes, a separate Best Current Practice
document [USEAGE] is being provided.
Nevertheless, it is assumed that such agencies with the necessary
authority will exist, and tools are provided within the protocols for
their use.
1.3. Historical Outline
Network news originated as the medium of communication for Usenet,
circa 1980. Since then, Usenet has grown explosively, and many
Internet and non-Internet sites participate in it. In addition, the
news technology is now in widespread use for other purposes, on the
Internet and elsewhere.
For an account of the earlier formats used in Netnews prior to [RFC
1036], see Henry Spencer's 1994 draft, popularly referred to as "Son
of 1036" [Son-of-1036], which has recently been republished as an
Informational RFC.
[That is a tentative statement, which may need revision.]
Although never adopted as a formal standard, [Son-of-1036] had a
considerable effect on the development of Netnews and hence on these
present standards, and it is hoped that we have followed its spirit
and intentions.
.nr H1 1
2. Definitions, Notations and Conventions
2.1. Definitions
All the technical terms defined in F-1.5 are to be considered as
defined also, with the same meaning, in this standard. In addition,
some further terms are defined here, and in the following section.
A "hierarchy" is the set of all newsgroups whose names share a first
<component> (as defined in F-3.1.5). F-3.1.4). The term "sub-hierarchy" is
also used where several initial components are shared.
The "semantic content" (often abbreviated to just "content" when the
context is clear) of a header field is its semantic interpretation;
i.e. what remains after unfolding it and removing its field name with
its colon and any leading and trailing whitespace and, in the case of
structured header fields only, ignoring comments and other
semantically invisible items and replacing white space by a single
SP. See 6.6.1 for the use of this term.
2.2. Defining the Architecture
A Netnews system is a distributed database composed of agents of
various types which, acting together according to the protocols
defined in section 7 6 of this standard, causes articles to be
propagated throughout the system and to be made available to its
readers. The protocols ensure that all copies of a given article,
wherever stored, are identical apart from those header fields defined
as variant (2.4). For explaining the working of the protocols, it is
convenient to define particular sub-categories of agent as follows:
A "posting agent" is the software that assists posters to prepare
proto-articles in compliance with [USEFOR]. The proto-article is
then passed on to an "injecting agent" for final checking and
injection into the news stream. If the article is not compliant, or
is rejected by the injecting agent, then the posting agent informs
the poster with an explanation of the error.
A "reading agent" is software which presents articles to a reader.
A "followup agent" is a combination of reading agent and posting
agent that aids in the preparation and posting of a followup.
An "injecting agent" takes the finished article from the posting
agent (often via the NNTP "POST" command), performs some final checks
and passes it on to a "relaying agent" for general distribution.
A "relaying agent" is software which receives allegedly compliant
articles from injecting agents and/or other relaying agents, and
possibly passes copies on to other relaying agents and "serving "storage
agents".
A "serving "storage agent" receives an article from a relaying agent and files
it in a "news database". It also provides an interface for reading
agents to access the news database.
[There is a suggestion that "serving agent" should be changed to
"storage agent" throughout.]
A "news database" is the set of articles and related structural
information stored by a serving storage agent and made available for access
by reading agents.
A "gateway" is software which receives news articles and converts
them to messages of some other kind (e.g. mail to a mailing list), or
vice versa; in essence it is a translating relaying agent that
straddles boundaries between different methods of message exchange.
The most common type of gateway connects newsgroup(s) to mailing
list(s), either unidirectionally or bidirectionally, but there are
also gateways between news networks using the [USEFOR] news format
and those using other formats.
Posting, reading and followup agents (which are usually just
different services provided by the same piece of software) together
comprise the "user agents" defined in F-1.5.
Likewise, injecting, relaying and serving storage agents (which are often
just different services provided by the same piece of software)
together comprise the "news servers".
2.3. Identification of news servers
[The format of the Path header is still under discussion (ticket #1047).
Hence the following texts
[There are tentative, and will need to be changed (as
will the associated protocols in 7.3). Moreover, there are two alternative texts which have been proposed:]
In order to record the passage of articles through the network, news
servers need to identify themselves by means of a <path-identity>
(F-3.1.6),
(F-3.1.5), which can appear in Path, Injection-Info and Xref header
fields. Whatever <path-identity> is used in the Path header field
SHOULD be used also in any Injection-Info header field (and it would
be normal to use it in any Xref header field also).
[Maybe that last sentence moves elsewhere.]
NOTE: Such <path-identity>s may also be suitable for sending
email to news server administrators (see [USEAGE]).
[1st alternative]
<Path-identity>s can take the following forms (in decreasing order of
preference):
1. 1. A fully qualified domain name (FQDN) that SHOULD be resolvable in
the DNS (whether via an A, AAAA or MX record or an equivalent
CNAME), thus guaranteeing a unique identity. Ideally, it will also
provide a means to contact the administrators by email (according
to [RFC 2142], the forms "usenet@server" and "news@server" are
common addresses for a news server administrator).
2. Some other (arbitrary) name in the form of a <path-nodot>, and
believed to be unique and registered at least with all other news
servers sending articles directly to the given one. This option
SHOULD NOT be used unless the earlier option is unavailable (e.g.
because the server in question is not connected to the Internet),
or unless it is of longstanding usage and cessation would be
unduly disruptive, or unless the earlier option is provided as
well.
[2nd alternative]
<Path-identity>s can take the following forms (in decreasing order of
preference):
1. A fully qualified domain name (FQDN) that can be resolved to an
email server via an MX, A or AAAA record according to the
procedures of [RFC 2821]; this guarantees that the name is unique,
and makes it easy to contact the administrators if needed.
2. A fully qualified domain name (FQDN) that is guaranteed to be
unique by the administrators of the domain; for instance, the
uniqueness of "server.example.org" could be guaranteed by the
administrator of "example.org" even if nothing is stored in the
DNS for that name.
3. Some other (arbitrary) name in the form of a <path-nodot>, and
believed to be unique and registered at least with all other
news-servers sending articles directly to the given one. This
option SHOULD NOT be used unless the earlier options are
unavailable, or unless the name is of longstanding usage and
cessation would be unduly disruptive, or unless one of the earlier
options is provided as well.
According to [RFC 2142]], the forms "usenet@server" and "news@server"
are common addresses for a news server administrator.
[end of alternatives]
NOTE: Although domain names are case insensitive and it is
intended that <path-nodot>s should also be so, it is customary
to render them all in lowercase, since many implementations
compare them case sensitively for reasons of efficiency.
NOTE: A news server administrator who chooses a name <path-nodot>
which turns out not to be unique (disregarding case) will have
to bear the consequences.
NOTE: The An IP address is not permitted as a <path-identity>,
although it may still appear in a <diag-identity>. Since the
syntax permits the a colon character (which, (":" which, prior to this standard, was a <path-delimiter>)
an alternative to the "!" delimiter) within any <path-
identity> <diag-identity>
which is in takes the form of an <IPv6address>. It <IPv6address>, it would
therefore be unwise to choose,
choose as such a name, <path-nodot> anything composed solely from four (or less) or
less hexadecimal digits.
2.4. Variant Header Fields
Header fields with the variant property may differ between (or even
be completely absent from) copies of the same article as stored or
relayed throughout a Netnews system. The manner of the difference (or
absence) MUST be as specified in this (or some future) standard.
Typically, these header fields are modified as articles are
propagated, or they reflect the status of the article on a particular
serving
storage agent, or cooperating group of such agents. A variant header
field MAY be placed anywhere within the header fields (though placing
it first is recommended).
The following header fields are classified as "variant":
o Path (F-3.1.6) (F-3.1.5) - augmented at each relaying agent that an article
passes through.
o Xref (F-3.2.11) (F-3.2.14) - used to keep track of the <article-locator>s of
crossposted articles so that reading agents serviced by a
particular serving storage agent can mark such articles as read.
o Injection-Info (F-3.2.14) (F-3.2.8) is also considered variant in some
special situations involving reinjection (7.2 (6.2 and 7.2.2). 6.2.2).
2.5. Textual Notations
This standard contains explanatory NOTEs using the following format.
These may be skipped by persons interested solely in the content of
the specification. The purpose of the notes is to explain why choices
were made, to place them in context, or to suggest possible
implementation techniques.
NOTE: While such explanatory notes may seem superfluous in
principle, they often help the less-than-omniscient reader grasp
the purpose of the specification and the constraints involved.
Given the limitations of natural language for descriptive
purposes, this improves the probability that implementors and
users will understand the true intent of the specification in
cases where the wording is not entirely clear.
"US-ASCII" is short for "the ANSI X3.4 character set" [ANSI X3.4].
US-ASCII is a 7 bit character set. Please note that this standard
requires that all agents be 8 bit clean; that is, they must accept
and transmit data without changing or omitting the 8th bit.
Certain words, when capitalized, are used to define the significance
of individual requirements. The key words "MUST", "REQUIRED",
"SHOULD", "RECOMMENDED", "MAY" and "OPTIONAL", and any of those words
associated with the word "NOT", are to be interpreted as described in
[RFC 2119].
NOTE: A requirement imposed on a relaying or serving storage agent
regarding some particular article should be understood as
applying only if that article is actually accepted for
processing (since any agent may always reject any article
entirely, for reasons of site policy).
Wherever the context permits, use of the masculine includes the
feminine and use of the singular includes the plural, and vice versa.
Throughout this standard we will give examples of various
definitions, header fields and other specifications. It needs to be
remembered that these samples are for the aid of the reader only and
do NOT define any specification themselves. In order to prevent
possible conflict with "Real World" entities and people the top level
domain ".example" is used in all sample domains and addresses. The
hierarchy "example.*" is also used as a sample hierarchy.
Information on the ".example" top level domain is in [RFC 2606].
3. Changes to the existing protocols
This standard prescribes many changes, clarifications and new
features since the protocols described in [RFC 1036] and [Son-of-
1036]. It is the intention that they can be assimilated into Usenet
as it presently operates without major interruption to the service
(3.2), though some of the new features may not begin to show benefit
until they become widely implemented. Changes in the syntax and
format are documented in F-Appendix B and changes to control messages
and the protocols are documented below.
3.1. Protocol Changes
o There is a new Control message 'mvgroup' to facilitate moving a
group to a different place (name) in a hierarchy.
o Certain Control messages (Appendix A) have been made obsolete,
and the special significance of "cmsg" when at the start of a
Subject header field has been removed (section 6).
o Additional media types are defined for better structuring of
control messages (5.3 and 5.4).
o Distributions are expected to be checked at the receiving end, as
well as the sending end, of a relaying link.
o There are numerous other small changes, clarifications and
enhancements.
3.2. Transitional Arrangements
An important distinction must be made between news servers, which are
responsible for the distribution and storage of news articles, and
user agents, which are responsible for interactions with users. It is
important that the former should be upgraded to conform to this
standard as soon as possible to provide the benefit of the enhanced
facilities. Fortunately, the number of distinct implementations of
such servers is rather small, at least so far as the main "backbone"
of Usenet is concerned, and many of the new features are already
supported. Contrariwise, there are a great number of implementations
of user agents, installed on a vastly greater number of small sites.
Therefore, the new functionality has been designed so that existing
user agents may continue to be used, although the full benefits may
not be realised until a substantial proportion of them have been
upgraded.
In the list which follows, care has been taken to distinguish the
implications for both kinds of agent.
o [RFC 2822] style <comment>s have been prohibited in the case of
those header fields of particular concern to news servers. They
are unlikely to hinder their proper display in existing reading
agents except in the case of the References header field in
agents which thread articles. [USEFOR] therefore provides that
they SHOULD NOT be generated in that case.
o Because of its importance to all serving agents, the whitespace
and folding in Newsgroups header fields newly permitted by
[USEFOR] SHOULD NOT be generated (though it MUST be accepted);
this restriction may well be removed in a future version of this
standard.
[That last bit needs discussion. It should probably be moved to USEFOR
if it is to be retained.]
o The new style of Path header field, using "!!" as a <path-
delimiter>, is already consistent with the previous standards.
However, the intention is that relaying agents should eventually
reject articles in the old style, and so this possibility should
be offered as a configurable option in relaying agents. User
agents are unaffected.
o The introduction by [USEFOR] of MIME reflects a practice that is
already widespread. Articles in strict compliance with the
previous standards (using strict US-ASCII) will be unaffected.
Many user agents already support it, at least to the extent of
widely used charsets such as ISO-8859-1. Users expecting to read
articles using other charsets will need to acquire suitable
reading agents. It is not intended, in general, that any single
user agent will be able to display every charset known to IANA,
but all such agents MUST support US-ASCII. Serving and relaying
agents are not affected.
o The new Control: mvgroup command will need to be implemented in
serving agents. For the benefit of older serving agents it is
therefore RECOMMENDED that it be followed shortly by a
corresponding newgroup command and it MUST always be followed by
a rmgroup command for the old group after a reasonable overlap
period. An implementation of the mvgroup command as an alias for
the newgroup command would thus be minimally conforming. User
agents are unaffected.
o Provision is made for relaying and serving agents to use the Date
header field in the case of articles injected through existing
agents which do not yet provide an Injection-Date header field.
o All the header fields newly introduced by [USEFOR] can safely be
ignored by existing software, albeit with loss of the new
functionality.
4. Transport
As in this standard's predecessors, the exact means used to transmit
articles from one host to another is not specified. NNTP [NNTP] [RFC 3977]
is the most common transmission method on the Internet, but much
transmission takes place entirely independent of the Internet. Other
methods in use include the UUCP protocol [RFC 976] extensively used
in the early days of Usenet, FTP, tunneling through email using
application news/transmission, downloading via satellite, tape
archives, and physically delivered magnetic and optical media.
Transmission paths for news articles MUST treat news articles as
uninterpreted sequences of octets, excluding the values 0 (US-ASCII
NUL) and 13 and 10 (US-ASCII CR and LF, which MUST ONLY appear in the
combination CRLF which denotes a line separator).
NOTE: this corresponds to the range of octets permitted for MIME
"8bit data" [RFC 2045]. Thus raw binary data cannot be
transmitted in an article body except by the use of a Content-
Transfer-Encoding such as base64.
In particular, transmission paths MUST convey all header fields
(including body part header fields and header fields within
message/rfc822 objects) intact, even if they contain octets in the
range 128 to 255. Furthermore, relaying agents MUST, and other
agents SHOULD, convey lines even if they exceed 998 characters in
length, especially in article bodies. These requirements include the
transmissiom paths between posting agents, injecting agents, relaying
agents, serving storage agents and reading agents, but NOT the paths
traversed by Netnews articles that have been gatewayed into Email
(7.9.1).
(6.9.1).
[At some point it will be necessary for the IMAP standards to catch up
with these requirements.]
5.
4. Definition of new Media Types
This standard defines (or redefines) several new Media Types, which
require to be registered with IANA as provided for in [RFC 2048].
5.1. 4288].
4.1. Application/news-transmission
The Media Type "application/news-transmission" is intended for the
encapsulation of complete news articles where the intention is that
the recipient should then inject them into Netnews. This Application
type provides one of the methods for mailing articles to moderators
(see 7.2.2) 6.2.2) and it is also the preferred method when sending to an
email-to-news gateway (see 7.9.2). 6.9.2).
NOTE: The benefit of such encapsulation is that it removes
possible conflict between news and email header fields and it
provides a convenient way of "tunnelling" a news article through
a transport medium that does not support 8bit characters.
The MIME Media Type definition of "application/news-transmission" is:
MIME type name: application
MIME subtype name: news-transmission
Required parameters: none
Optional parameters: usage=moderate
usage=inject
usage=relay
Encoding considerations: A transfer-encoding (such as Quoted-
Printable or Base64) different from that of
the article transmitted MAY be supplied
(perhaps en route) to ensure correct
transmission over some 7bit transport
medium.
Security considerations: A news article may be a "control message",
which could have effects on the recipient
host's system beyond just storage of the
article. However, such control messages
also occur in normal news flow, so most
hosts will already be suitably defended
against undesired effects.
Published specification: [USEPRO]
Body part: A complete article or proto-article, ready
for injection into Netnews, or a batch of
such articles in the batch format described
in section 6.4. 5.4.
NOTE: It is likely that the recipient of an "application/news-
transmission" will be a specialized gateway (e.g. a moderator's
submission address) able to accept articles with only one of the
three usage parameters "moderate", "inject" and "relay", hence
the reason why they are optional, being redundant in most
situations. Nevertheless, they MAY be used to signify the
originator's intention with regard to the transmission, so
removing any possible doubt.
When the parameter "relay" is used, or implied, the body part MAY be
a batch of articles to be transmitted together, in which case the
batch format defined in section 6.4 5.4 MUST be used.
5.2.
4.2. Message/news obsoleted
The Media Type "message/news", as previously registered with IANA, is
hereby declared obsolete. It was never widely implemented, and its
default treatment as "application/octet-stream" by agents that did
not recognize it was counter productive. The Media Type
"message/rfc822" SHOULD be used in its place.
5.3.
4.3. Application/news-groupinfo
The "application/news-groupinfo" is used in conjunction with the
"newgroup" (6.2.1) (5.2.1) and "mvgroup" (6.2.3) (5.2.3) control messages. The
<newsgroup-name> in the <newsgroups-line> MUST agree with the
<newsgroup-name> in the "newgroup" or "mvgroup" control message. The
Media Type "application/news-groupinfo" MUST NOT be used except as a
part of such control messages.
The "application/news-groupinfo" body part contains brief information
about a newsgroup, i.e. the group's name, it's <newsgroup-
description> and the <moderation-flag>.
NOTE: The presence of the <newsgroups-tag> "For your newsgroups
file:" is intended to make the whole newgroup message compatible
with current practice as described in [Son-of-1036].
The MIME Media Type definition of "application/news-groupinfo" is:
MIME type name: application
MIME subtype name: news-groupinfo
Required parameters: none
Disposition: by default, inline
Encoding considerations: "7bit" or "8bit" is sufficient and MUST be
used to maintain compatibility.
Security considerations: this type MUST NOT be used except as part
of a control message for the creation or
modification of a Netnews newsgroup
Published specification: [USEPRO]
The content of the "application/news-groupinfo" body part is defined
as:
groupinfo-body = [ newsgroups-tag CRLF ]
newsgroups-line CRLF
newsgroups-tag = %x46.6F.72 SP %x79.6F.75.72 SP
%x6E.65.77.73.67.72.6F.75.70.73 SP
%x66.69.6C.65.3A
; case sensitive
; "For your newsgroups file:"
newsgroups-line = newsgroup-name
[ 1*HTAB newsgroup-description ]
[ 1*WSP moderation-flag ]
newsgroup-description
= utext *( *WSP utext )
moderation-flag = %x28.4D.6F.64.65.72.61.74.65.64.29
; case sensitive "(Moderated)"
The <newsgroup-description> MUST NOT contain any occurrence of the
string "(Moderated)" within it. Although optional, the <newsgroups-
tag> SHOULD be included until such time as this standard has been
widely adopted, to ensure compatibility with present practice.
Moderated newsgroups MUST be marked by appending the case sensitive
text " (Moderated)" at the end. It is NOT recommended that the
moderator's email address be included in the <newsgroup-description>
as has sometimes been done.
NOTE: There is no provision for the use of charsets other than
US-ASCII within a <newsgroup-description>. Such a facility may
be provided in a future extension to this standard.
[That may seem harsh, but if we make any such provision now, it will
make life more complicated and restrict our freedom when it comes to the
proposed I18N extension. Therefore I resisted the temptation to include
any charset parameter with this Media Type. Note that this also applies
to the checkgroups message further on.]
5.4.
4.4. Application/news-checkgroups
The "application/news-checkgroups" Media Type is used in conjunction
with the "checkgroups" control message (6.2.4). (5.2.4). It MUST NOT be used
except as a part of such control messages.
The "application/news-checkgroups" body part contains a complete list
of all the newsgroups in a (sub)hierarchy, their <newsgroup-
description>s and their moderation status.
The MIME Media Type definition of "application/news-checkgroups" is:
MIME type name: application
MIME subtype name: news-checkgroups
Required parameters: none
Disposition: by default, inline
Encoding considerations: "7bit" or "8bit" is sufficient and MUST be
used to maintain compatibility.
Security considerations: this type MUST NOT be used except as part
of a checkgroups control message
Published specification: [USEPRO]
The content of the "application/news-checkgroups" body part is
defined as:
checkgroups-body = *( valid-group CRLF )
valid-group = newsgroups-line ; see 5.3
6. 4.3
5. Control Messages
The following sections document the control messages. "Message" is
used herein as a synonym for "article" unless context indicates
otherwise.
Each <control-command> comprises a <verb>, which indicates the action
to be taken, and <argument>(s), which supply the details (see F-
3.2.5).
3.2.3). The following sections contain syntactic definitions for the
<verb>, <argument>s, and possibly the body, for each type of control
message.
[The term <control-command> is now used to denote the syntactic object
within the Control header field, to distinguish it from "control
message", which refers to the whole article.]
The Newsgroups header field of each control message SHOULD include
the <newsgroup-name>(s) for the group(s) affected (i.e. groups to be
created, modified or removed, or containing articles to be canceled).
This is to ensure that the message propagates to all sites which
receive (or would receive) that group(s). It MAY include other
<newsgroup-name>s so as to improve propagation (but this practice may
cause the control message to propagate also to places where it is
unwanted, or even cause it not to propagate where it should, so it
should not be used without good reason).
NOTE: Propagation is controlled by relaying agents, and it may
be necessary for relaying agents to take special steps to ensure
that control messages such as newgroup messages for not-yet-
existent newsgroups are propagated correctly (see 7.3). 6.3).
The presence of a Subject header field whose content starts with the
string "cmsg " followed by a <control-command> was construed under
[RFC 1036] as a request to perform that control action (even if no
genuine Control header field was present). Indeed, some
implementations went further and added the implied Control header
field before injecting. Likewise, the presence of a <newsgroup-name>
ending in ".ctl" in the Newsgroups header field caused the Subject
header field content (not starting with "cmsg" in this case) to be
interpreted as a <control-command>.
All these practices, which have already largely fallen into disuse,
are now declared to be Obsolete, and Subject header fields MUST NOT
now be interpreted as <control-command>s under any circumstances.
[Possible addtional text:]
In order to prevent continuing interpretation of Subject header
fields in this way by existing agents, posting and injecting agents
SHOULD detect and decline to post articles in which the Subject
header field starts with the word "cmsg" and in which there is no
Control header field.
The descriptions below set out REQUIREMENTS to be followed by sites
that receive control messages and choose to honour them. However,
nothing in these descriptions should be taken as overriding the right
of any such site, in accordance with its local policy, to refuse to
honour any particular control message, or to refer it to an
administrator for approval (either as a class or on a case-by-case
basis).
6.1.
5.1. Digital Signature of Header Fields
It is most desirable that group control messages (6.2) (5.2) in particular
be authenticated by incorporating them within some digital signature
scheme that encompasses other header fields closely associated with
them (including at least Approved, Message-ID and Date). At the time
of writing, this is usually done by means of a protocol known as
"PGPverify" ([PGPVERIFY]), and continued usage of this is encouraged
at least as an interim measure.
However, PGPverify is not considered suitable for standardization in
its present form, for various technical reasons. It is therefore
expected that an early extension to this standard will provide a
robust and general purpose digital authentication mechanism with
applicability to all situations requiring protection against
malicious use of, or interference with, header fields. That
extension would also address other Netnews security issues.
6.2.
5.2. Group Control Messages
"Group control messages" are the sub-class of control messages that
request some update to the configuration of the groups known to a
serving
storage agent, namely "newgroup", "rmgroup", "mvgroup" and
"checkgroups", plus any others created by extensions to this
standard.
Group control messages that attempt to create groups with names that
are deprecated or reserved according to F-3.1.5 F-3.1.4 MUST NOT be issued,
except by prior agreement within some cooperating subnet. Moreover,
sites receiving such control messages SHOULD check them for
conformance before honouring them.
All of the group control messages MUST have an Approved header field
(F-3.2.9)
(F-3.2.1) which, in those hierarchies where appropriate
administrative agencies exist (see 1.1), identifies the appropriate
person or entity as authorized by those agencies. The authorized
person or entity SHOULD adhere to any conventions and restrictions on
the format of <newsgroup-name>s established for those hierarchies
[USEAGE].
6.2.1.
5.2.1. The 'newgroup' Control Message
control-command =/ Newgroup-command
Newgroup-command = "newgroup" Newgroup-arguments
Newgroup-arguments = FWS newsgroup-name [ FWS newgroup-flag ]
newgroup-flag = "moderated"
The "newgroup" control message requests that the specified group be
created or have its moderation status or <newsgroups-line> changed.
When the request is honoured, if the <newgroup-flag> "moderated" is
present then the status of the group SHOULD be marked as moderated,
and vice versa. "Moderated" is the only such flag defined by this
standard; other flags MAY be defined for use in cooperating subnets,
but newgroup messages containing them MUST NOT be acted on outside of
those subnets.
NOTE: Specifically, some alternative flags such as "y" and "m",
which are sent and recognized by some current software, are NOT
part of this standard. Moreover, some existing implementations
treat any flag other than "moderated" as indicating an
unmoderated newsgroup. Both of these usages are contrary to this
standard and control messages with such non-standard flags
should be ignored.
6.2.1.1.
5.2.1.1. The Body of the 'newgroup' Control Message
The body of the newgroup message contains the following subparts,
preferably in the order shown:
1. An "application/news-groupinfo" part (5.3) (4.3) containing the name and
<newsgroups-line> (5.3) (4.3) of the group. This part MUST be present
and SHOULD be used to update any copy of the <newsgroups-line>
maintained by the serving storage agent.
2. Other parts containing useful information about the background of
the newgroup message (typically of type "text/plain").
3. Parts containing initial articles for the newsgroup. See section
6.2.1.2
5.2.1.2 for details.
In the event that there is only the single (i.e. application/news-
groupinfo) subpart present, it will suffice to include a "Content-
Type: application/news-groupinfo" amongst the header fields of the
control message. Otherwise, a "Content-Type: multipart/mixed" header
field will be needed, and each separate part will then need its own
Content-Type header field.
6.2.1.2.
5.2.1.2. Initial Articles
Some subparts of a "newgroup" or "mvgroup" control message MAY
contain an initial set of articles to be posted to the affected
newsgroup as soon as it has been created or modified. These parts are
identified by having the Media Type "application/news-transmission",
possibly with the parameter "usage=inject". The body of each such
part should be a complete proto-article, ready for posting. This
feature is intended for the posting of charters, initial FAQs and the
like to the newly formed group.
The Newsgroups header field of the proto-article MUST include the
<newsgroup-name> of the newly created or modified group. It MAY
include other <newsgroup-name>s. If the proto-article includes a
Message-ID header field, the message identifier in it MUST be
different from that of any existing article and from that of the
control message as a whole. Alternatively such a message identifier
MAY be derived by the injecting agent when the proto-article is
posted. The proto-article SHOULD include the header field
"Distribution: local".
The proto-article SHOULD be injected at the serving storage agent that
processes the control message AFTER the newsgroup in question has
been created or modified. It MUST NOT be injected if the newsgroup
is not, in fact, created (for whatever reason). It MUST NOT be
submitted to any relaying agent for transmission beyond the serving storage
agent(s) upon which the newsgroup creation has just been effected (in
other words, it is to be treated as having a "Distribution: local"
header field, whether such a field is actually present or not).
NOTE: It is not precluded that the proto-article is itself a
control message or other type of special article, to be
activated only upon creation of the new newsgroup. However,
except as might arise from that possibility, any
"application/news-transmission" within some nested "multipart/*"
structure within the proto-article is not to be activated.
6.2.1.3.
5.2.1.3. Example
A "newgroup" with its charter:
From: "example.all Administrator" <admin@noc.example>
Newsgroups: example.admin.info,example.admin.announce
Date: 27 Feb 2002 2006 12:50:22 +0200
Subject: cmsg newgroup example.admin.info moderated
Approved: admin@noc.example
Control: newgroup example.admin.info moderated
Message-ID: <ng-example.admin.info-20020227@noc.example> <ng-example.admin.info-20060227@noc.example>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="nxtprt"
Content-Transfer-Encoding: 8bit
This is a MIME control message.
--nxtprt
Content-Type: application/news-groupinfo
For your newsgroups file:
example.admin.info About the example.* groups (Moderated)
--nxtprt
Content-Type: application/news-transmission
Newsgroups: example.admin.info
From: "example.all Administrator" <admin@noc.example>
Subject: Charter for example.admin.info
Message-ID: <charter-example.admin.info-20020227@noc.example>
Distribution: local
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
The group example.admin.info contains regularly posted
information on the example.* hierarchy.
--nxtprt--
6.2.2.
5.2.2. The 'rmgroup' Control Message
control-command =/ Rmgroup-command
Rmgroup-command = "rmgroup" Rmgroup-arguments
Rmgroup-arguments = FWS newsgroup-name
The "rmgroup" control message requests that the specified group be
removed from the list of valid groups. The Media Type of the body is
unspecified; it MAY contain anything, usually an explanatory text.
NOTE: It is entirely proper for a serving storage agent to retain the
group until all the articles in it have expired, provided that
it ceases to accept new articles.
6.2.2.1.
5.2.2.1. Example
From: "example.all Administrator" <admin@noc.example>
Newsgroups: example.admin.obsolete, example.admin.announce
Date: 4 Apr 2002 2006 22:04 -0900 (PST)
Subject: cmsg rmgroup example.admin.obsolete
Message-ID: <rm-example.admin.obsolete-20020404@noc.example> <rm-example.admin.obsolete-20060404@noc.example>
Approved: admin@noc.example
Control: rmgroup example.admin.obsolete
The group example.admin.obsolete is obsolete. Please remove it
from your system.
6.2.3.
5.2.3. The 'mvgroup' Control Message
control-command =/ Mvgroup-command
Mvgroup-command = "mvgroup" Mvgroup-arguments
Mvgroup-arguments = FWS newsgroup-name FWS newsgroup-name
[ FWS newgroup-flag ]
The "mvgroup" control message requests that the group specified by
the first <(old-)newsgroup-name> be moved to that specified by the
second <(new-)newsgroup-name>. Thus it is broadly equivalent to a
"newgroup" control message for the second group followed by a
"rmgroup" control message for the first group.
The message body contains an "application/news-groupinfo" part (5.3) (4.3)
containing machine- and human-readable information about the new
group, and possibly other subparts as for a "newgroup" control
message. The information conveyed in the "application/news-groupinfo"
body part, notably its <newsgroups-line> (5.3), (4.3), is applied to the new
group.
When this message is received, the new group is created (if it does
not exist already) as for a "newgroup" control message, and SHOULD in
any case be made moderated if a <newgroup-flag> "moderated" is
present, and vice versa. At the same time, arrangements SHOULD be
made to remove the old group (as with a "rmgroup" control message),
but only after a suitable overlap period to allow the network to
adjust to the new arrangement.
At the same time as a serving storage agent acts upon this message, all
injecting agents associated with that serving storage agent SHOULD inhibit
the posting of new articles to the old group (preferably with some
indication to the poster that the new group should have been used).
Relaying agents, however, MUST continue to propagate such articles
during the overlap period.
NOTE: It is to be expected that different serving storage agents will
act on this message at different points of time, users of the
old group will have to become accustomed to the new arrangement,
and followups to already established threads will likely
continue under the old group. Therefore, there needs to be an
overlap period during which articles may continue to be accepted
by relaying and serving storage agents in either group. This standard
does not specify any standard period of overlap (though it would
be expected to be expressed in days rather than in months). The
inhibition of injection of new articles to the old group may
seem draconian, but it is the surest way to prevent the
changeover from dragging on indefinitely.
Since the "mvgroup" control message is newly introduced in this
standard and may not be widely implemented initially, it SHOULD be
followed shortly afterwards by a corresponding "newgroup" control
message; and again, after a reasonable overlap period, it MUST be
followed by a "rmgroup" control message for the old group.
In order to facilitate a smooth changeover, serving storage agents MAY
arrange to service requests for access to the old group by providing
access to the new group, which would then contain, or appear to
contain, all articles posted to either group (including, ideally, the
pre-changeover articles from the old one). Nevertheless, if this
feature is implemented, the articles themselves, as supplied to
reading agents, MUST NOT be altered in any way (and, in particular,
their Newsgroups header fields MUST contain exactly those newsgroups
present when they were injected). On the other hand, the Xref header
field (F-3.2.11) (F-3.2.14) MAY contain entries for either group (or even both).
NOTE: Some serving storage agents that use an "active" file permit an
entry of the form "oldgroup xxx yyy =newgroup", which enables
any articles arriving for oldgroup to be diverted to newgroup,
thus providing a simple implementation of this feature. However,
it is known that not all current serving storage agents will find
implementation so easy (especially in the short term) which is
why it is not mandated by this standard. Nevertheless, its
eventual implementation in all serving storage agents is to be
considered highly desirable.
On the other hand, it is recognized that this feature would
likely not be implementable if the new group was already in
existence with existing articles in it. This situation should
not normally arise except when there is already some confusion
as to which groups are, or are not, supposed to exist in that
hierarchy. Note that the "mvgroup" control message is not really
intended to be used for merging two existing groups.
6.2.3.1.
5.2.3.1. Example
From: "example.all Administrator" <admin@noc.example>
Newsgroups: example.oldgroup,example.newgroup,example.admin.announce
Date: 30 Apr 2002 2006 22:04 -0500 (EST)
Subject: cmsg mvgroup example.oldgroup example.newgroup moderated
Message-ID: <mvgroup-example.oldgroup-20020430@noc.example> <mvgroup-example.oldgroup-20060430@noc.example>
Approved: admin@noc.example
Control: mvgroup example.oldgroup example.newgroup moderated
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary=nxt
--nxt
Content-Type: application/news-groupinfo
For your newsgroups file:
example.newgroup The new replacement group (Moderated)
--nxt
The moderated group example.oldgroup is replaced by
example.newgroup. Please update your configuration, and please,
if possible, arrange to file articles arriving for
example.oldgroup as if they were in example.newgroup.
--nxt
Content-Type: application/news-transmission
Newsgroups: example.admin.info
From: "example.all Administrator" <admin@noc.example>
Subject: Charter for example.newgroup
Message-ID: <mvgroup-example.newgroup-20020430@noc.example>
Distribution: local
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
This group (formerly known as example.oldgroup) is for the
discussion of examples.
--nxt--
6.2.4.
5.2.4. The 'checkgroups' Control Message
The "checkgroups" control message contains a list of all the valid
groups in a complete hierarchy.
control-command =/ Checkgroup-command
Checkgroup-command = "checkgroups" Checkgroup-arguments
Checkgroup-arguments= [ chkscope ] [ chksernr ]
chkscope = 1*( FWS ["!"] newsgroup-name )
chksernr = FWS "#" 1*DIGIT
A "checkgroups" message applies to any (sub-)hierarchy with a prefix
listed in the <chkscope> argument, provided that the rightmost
matching <newsgroup-name> in the list is not immediately preceded by
a "!". If no <chkscope> argument is given, it applies to all
hierarchies for which group statements appear in the body of the
message.
NOTE: Some existing software does not support the <chkscope>
argument. Thus a "checkgroups" message SHOULD also contain the
groups of other subhierarchies the sender is not responsible
for. "New" software MUST ignore groups which do not fall within
the <chkscope> argument of the "checkgroups" message.
The <chksernr> argument is a serial number, which can be any positive
integer (e.g. just numbered or the date in YYYYMMDD). It SHOULD
increase by an arbitrary value with every change to the group list
and MUST NOT ever decrease.
NOTE: This was added to circumvent security problems in
situations where the Date header field cannot be authenticated.
Example:
Control: checkgroups de !de.alt #248
which includes the whole of the 'de.*' hierarchy, with the exception
of its 'de.alt.*' sub-hierarchy.
The body of the message has the Media Type "application/news-
checkgroups" (5.4). (4.4). It asserts that the <valid-group>s it lists are
the only newsgroups in the specified hierarchies.
NOTE: The "checkgroups" message is intended to synchronize the
list of newsgroups stored by a serving storage agent, and their
<newsgroup-description>s, with the lists stored by other serving storage
agents throughout the network. However, it might be inadvisable
for the serving storage agent actually to create or delete any
newsgroups without first obtaining the approval of its
administrators for such proposed actions.
NOTE: The possibility of removing a complete hierarchy by means
of an "invalidation" line beginning with a '!' in the
checkgroups-body is no longer provided by this standard. The
intent of the feature was widely misunderstood and it was
misused more often than it was used correctly. The same effect,
if required, can now be obtained by the use of an appropriate
<chkscope> argument in conjunction with an empty <checkgroups-
body>.
6.3.
5.3. Cancel
The "cancel" message requests that a target article be "canceled",
i.e. be withdrawn from circulation or access.
control-command =/ Cancel-command
Cancel-command = "cancel" Cancel-arguments
Cancel-arguments = FWS msg-id [FWS]
The argument identifies the article to be cancelled by its message
identifier. The body SHOULD contain an indication of why the
cancellation was requested. The "cancel" message SHOULD be posted to
the same newsgroup(s), with the same distribution(s), as the article
it is attempting to cancel.
A serving storage agent that elects to honour a "cancel" message SHOULD make
the article unavailable for relaying or serving storage (perhaps by deleting
it completely). If the target article is unavailable, and the
acceptability of the "cancel" message cannot be established without
it, activation of the "cancel" message SHOULD be delayed until the
target article has been seen. See also sections 7.3 6.3 and 7.4. 6.4.
NOTE: It is expected that the security extension envisaged in
section 6.1 5.1 will make more detailed provisions for establishing
whether honouring a particular "cancel" message is in order. In
particular, it is likely that there will be provision for the
digital signature of 3rd party cancels (i.e. those issued other
than by the sender, the moderator, or the injector).
NOTE: A cancel submitted by the poster for an article in a
moderated group will be forwarded to the moderator of that
group, and it is up to that moderator to act upon it (7.8). (6.8).
NOTE: The former requirement [RFC 1036] that the From and/or
Sender header fields of the "cancel" message should match those
of the original article has been removed from this standard,
since it only encouraged cancel issuers to conceal their true
identity, and it was not usually checked or enforced by
canceling software. Therefore, both the From and/or Sender
header fields and any Approved header field should now relate to
the entity responsible for issuing the "cancel" message.
6.4.
5.4. Ihave, sendme
The "ihave" and "sendme" control messages implement a crude batched
predecessor of the NNTP [NNTP] [RFC 3977] protocol. They are largely
obsolete on the Internet, but still see use in conjunction with some
transport protocols such as UUCP, especially for backup feeds that
normally are active only when a primary feed path has failed. There
is no requirement for relaying agents that do not support such
transport protocols to implement them.
NOTE: The ihave and sendme messages defined here have ABSOLUTELY
NOTHING TO DO WITH NNTP, despite similarities of terminology.
The two messages share the same syntax:
control-command =/ Ihave-command
Ihave-command = "ihave" Ihave-argument
Ihave-argument = relayer-name
control-command =/ Sendme-command
Sendme-command = "sendme" Sendme-argument
Sendme-argument = Ihave-argument
relayer-name = path-identity ; see F-3.1.6 F-3.1.5
ihave-body = *( msg-id CRLF )
sendme-body = ihave-body
The body of the message consists of a list of <msg-id>s, one per
line. [RFC 1036] also permitted the list of <msg-id>s to appear in
the <Ihave-> or <Sendme-argument> with the syntax
Ihave-argument = [FWS] *( msg-id FWS ) [relayer-name]
but this form SHOULD NOT now be used, though relaying agents MAY
recognize and process it for backward compatibility.
The "ihave" message states that the named relaying agent has received
articles with the specified message identifiers, which may be of
interest to the relaying agents receiving the ihave message. The
"sendme" message requests that the agent receiving it send the
articles having the specified message identifiers to the named
relaying agent.
Upon receipt of the sendme message, the receiving agent sends the
article(s) requested, often (especially when the transport protocol
is UUCP) in the form of one or more batches, each containing several
articles. The usual form of a <batch> is defined by the following
syntax (which is also used in the application/news transmission media
type (5.1)). (4.1)).
batch = 1*( batch-header article )
batch-header = "#!" SP rnews SP article-size CRLF
rnews = %x72.6E.65.77.73 ; case sensitive "rnews"
article-size = 1*DIGIT
Thus a <batch> is a sequence of articles, each prefixed by a header
line that includes its size. The <article-size> is a decimal count of
the octets in the article, counting each CRLF as one octet regardless
of how it is actually represented.
NOTE: Despite the similarity of this format to an executable
UNIX script, it is EXTREMELY unwise to feed such a batch into a
command interpreter in anticipation of it running a command
named "rnews"; the security implications of so doing would be
disastrous.
These control messages are normally sent essentially as point-to-
point messages, by using <newsgroup-name>s in the Newsgroups header
field of the form "to." followed by one (or possibly more)
<component>s in the form of a <relayer-name> (see section F-3.1.5 F-3.1.4
which forbids "to" as the first <component> of a <newsgroup-name>).
The control message SHOULD then be delivered ONLY to the relaying
agent(s) identified by that <relayer-name>, and any relaying agent
receiving such a message which includes its own <relayer-name> MUST
NOT propagate it further. Each pair of relaying agent(s) sending and
receiving these messages MUST be immediate neighbours, exchanging
news directly with each other. Each relaying agent advertises its new
arrivals to the other using "ihave" messages, and each uses "sendme"
messages to request the articles it lacks.
To reduce overhead, ihave and sendme messages SHOULD be sent
relatively infrequently and SHOULD contain reasonable numbers of
message identifiers. If ihave and sendme are being used to implement
a backup feed, it may be desirable to insert a delay between
reception of an ihave and generation of a sendme, so that a slightly
slow primary feed will not cause large numbers of articles to be
requested unnecessarily via sendme.
6.5.
5.5. Obsolete control messages.
The following control messages (as described in Appendix A) are
declared obsolete by this standard:
sendsys
version
whogets
senduuname
7.
6. Duties of Various Agents
The following section sets out the duties of various agents involved
in the creation, relaying and serving storage of Netnews articles. Insofar as
these duties are described as sequences of steps to be followed, it
should be understood that it is the effect of these sequences that is
important, and implementations may use any method that gives rise to
that same effect.
In this section, the word "trusted", "verified", as applied to the source of
some article, means that an agent processing that article has verified,
established, by some means, the identity of that source (which may be
another agent or a poster).
NOTE: In many implementations, a single agent may perform
various combinations of the injecting, relaying and serving storage
functions. Its duties are then the union of the various duties
concerned.
7.1.
6.1. General principles to be followed
There are two important principles that news implementors (and
administrators) need to keep in mind. The first is the well-known
Internet Robustness Principle:
Be liberal in what you accept, and conservative in what you
send.
However, in the case of news there is an even more important
principle, derived from a much older code of practice, the
Hippocratic Oath (we may thus call this the Hippocratic Principle):
First, do no harm.
It is VITAL to realize that decisions which might be merely
suboptimal in a smaller context can become devastating mistakes when
amplified by the actions of thousands of hosts within a few minutes.
In the case of gateways, the primary corollary to this is:
Cause no loops.
7.2.
6.2. Duties of an Injecting Agent
An Injecting Agent is responsible for taking a (proto-)article from a
posting (or other) agent and either forwarding it to a moderator or
injecting it into the relaying system for access by readers.
As such, an injecting agent is considered responsible for ensuring
that any article it injects conforms with the rules of [USEFOR]. It
is also expected to bear some responsibility towards the rest of the
network for the behaviour of its posters.
In the normal course of events, an article that has already been
injected into a Netnews network will never pass through another
injecting agent. So, if an injecting agent receives an otherwise
valid article that has already been injected (as evidenced by the
presence of an Injection-Date header field, an Injection-Info header
field, or more than one occurrence of the <diag-keyword> "POSTED" in
a Path header field) it MAY choose to reject it, but otherwise SHOULD
cause it to be relayed, as it stands, by a relaying agent (7.3). (6.3).
In exceptional circumstances (e.g. as part of some complex gatewaying
process, or where a relaying agent considers it essential for
fulfilling its responsibility towards the rest of the network) an
already injected article MAY be "reinjected" into the network. This
standard does not prescribe any such circumstance; rather this is a
matter of policy to be determined by the administrators of each
injecting agent, who have the responsibility to ensure that no harm
arises. In all other circumstances, unintented reinjection is to be
avoided (see 7.9). 6.9). Nevertheless, in order to preserve the integrity
of the network in these special cases, this standard does set out the
correct way to reinject (see special provisions in 7.2.2 6.2.2 Steps 3, 7
and 9).
It is usual for an injecting agent to be closely associated with a
serving
storage agent, thus giving it access to the list (7.4) (6.4) showing the
moderation status of the newsgroups it is likely to handle. In the
event that it does not have such an associated serving storage agent, it MUST
maintain that list itself.
7.2.1.
6.2.1. Proto-articles
A proto-article SHOULD NOT be propagated in that form to other than
injecting agents.
A proto-article has the same format as a normal article except that
some of the following mandatory header fields MAY be omitted:
Message-Id, Date, Path (and even From if the particular injecting
agent can derive that information from other sources). However, if
it is intended to offer the proto-article to two or more injecting
agents in parallel, then it is only the Path header field that MAY be
omitted. The header fields that can be omitted MUST NOT contain
invalid values; they MUST either be correct or not present at all.
[Maybe omit that last sentence.]
NOTE: An article that is offered for reinjection has, by
definition, already been injected once, and is not therefore to
be considered as a proto-article. Hence a genuine proto-article
will not contain any Injection-Date header field nor any the <diag-
keyword> "POSTED" anywhere in its Path header field, though that
header field MAY contain <path-identity>s corresponding to
machines traversed between the posting agent and the injecting
agent proper.
7.2.2.
6.2.2. Procedure to be followed by Injecting Agents
An injecting agent receives (proto-)articles from posting and
followup agents. It verifies them, adds header fields where required,
and then either forwards them to a moderator or injects them by
passing them to serving storage or relaying agents. It MUST NOT forward an
already injected article to a moderator.
An injecting agent processes articles as follows:
1. It MUST remove any Injection-Info header field already present
(though it might be useful to copy it to a suitable "X-" header
field). It SHOULD likewise remove any NNTP-Posting-Host, X-Trace,
or other non-standard tracing header field.
2. It SHOULD verify ensure that the article is from a trusted verified source, and
MAY reject articles in which header fields contain unverified
email addresses, that is, addresses which are not known to be
valid for the trusted verified source, though it would be perverse to
reject intentionally unverifiable addresses such as those ending
in ".invalid" (7.5). (6.5).
3. It SHOULD reject any article whose Date header field (F-3.1.2) (F-3.1.1) is
more than 24 hours into the future (and MAY use a margin less than
that 24 hours). It MUST (except when reinjecting) reject any
article with an Injection-Date header field already present (and
SHOULD do likewise with any NNTP-Posting-Date header field). When
reinjecting it MAY, in the absence of any Injection-Date header
field, reject any article whose Date header field appears to be
stale (e.g. more than 72 hours into the past).
4. It MUST reject any article that does not have the proper mandatory
header fields for a proto-article or which contains any header
field that does not have legal contents. It SHOULD reject any
article which contains any header field deprecated for Netnews
(e.g. as in [RFC 2298]). It SHOULD reject any article whose
Newsgroups header field does not contain at least one <newsgroup-
name> for an existing group (as listed by its associated serving storage
agent) and it MAY reject any <newsgroup-name> which violates one
of the restrictions in F-3.1.5 F-3.1.4 or which, although otherwise
correct, violates a policy restriction established, for some
(sub-)hierarchy, by an agency with the appropriate authority
(1.2). Observe that crossposting to unknown newsgroups is not
precluded provided at least one of those in the Newsgroups header
field is listed.
NOTE: This ability to reject <newsgroup-name>s in breach of
established policy does not extend to relaying agents, though it
might be reasonable for posting agents to do it.
5. If the article is rejected (for reasons given above, or for other
formatting errors or matters of site policy) the posting agent
SHOULD be informed (such as via an NNTP 44x response code) that
posting has failed and the article MUST NOT then be processed
further.
6. The Message-ID, Date and From header fields (with appropriate
contents) MUST be added when not already present. A User-Agent
header field MAY be added (or an already present User-Agent header
field MAY be augmented) so as to identify the software (e.g.
"INN/1.7.2") used by the injecting agent.
[That
[I think that last sentence may need needs to be reconsidered go (in which case see consequential
change in 7.3).] 7.3). Did we discuss this when we looked at User-Agent in
USEFOR?]
NOTE: The Message-ID, Date and From fields will already be
present during reinjection.
7. The injecting agent MUST NOT alter the body of the article in any
way (including any change of Content-Transfer-Encoding). It MAY
(except when reinjecting) add other header fields not already
provided by the poster, but SHOULD NOT alter, delete, or reorder
any existing header field, with the specific exception of the
"tracing" header field Injection-Info, which is to be removed as
already mentioned.
8. If the Newsgroups header field contains one or more moderated
groups and the article does NOT contain an Approved header field,
the injecting agent MUST forward it to a moderator as specified in
section 7.2.3 6.2.3 below.
9. Otherwise, a Path header field with a <tail-entry> (F-3.1.6) (F-3.1.5) MUST
be correctly added if not already present. During reinjection, the
existing Path header field SHOULD be retained.
10.It MUST then prepend the <path-identity> of the injecting agent,
followed by a '!', '!.' and the <path-keyword> "POSTED" <diag-keyword> "POSTED", and then a
further "!"
(or "!!" if appropriate) "!", to the content of the Path header field; this header
field SHOULD then be folded if it would otherwise result in a
header line of excessive length.
[This may need further changes depending on the resolution of ticket
#1047.]
NOTE: This could result in more that one "POSTED" <path-keyword>
in the case of reinjection.
11.An Injection-Info header field (F-3.2.14) (F-3.2.8) SHOULD be added,
identifying the trusted verified source of the article and possibly an
address for mailing complaints to. Each injecting agent SHOULD
use a consistent form of the Injection-Info header field for all
articles emanating from the same or similar origins.
NOTE: The step above is the only place in which an Injection-
Info header field is to be created. It follows that this header
field MUST NOT be created, replaced, changed or deleted by any
other agent (except during reinjection, in which case it will
always relate to the latest injection and is, to that extent,
regarded as a variant header field).
12.The injecting agent MUST then add an Injection-Date header field
(F-3.2.1)
(F-3.2.7) if one is not already present, but it MUST NOT alter, or
delete, an already present Injection-Date header field (and
likewise SHOULD NOT alter, or delete, an already present NNTP-
Posting-Date header field). Finally, it forwards the article to
one or more relaying or serving storage agents, and the injection process
is to be considered complete.
NOTE: The step above is the only place where an Injection-Date
header field is to be created It follows that it MUST NOT
subsequently be replaced, changed or deleted by any other agent,
even during reinjection.
7.2.3.
6.2.3. Procedure for Forwarding to a Moderator
An injecting agent forwards an article to a moderator as follows:
1. It MUST forward it to the moderator of the first (leftmost)
moderated group listed in the Newsgroups header field, customarily
via email, (see 7.8 6.8 for how that moderator may forward it to
further moderators). There are two possibilities for doing this:
(a) The complete article is encapsulated (header fields and all)
within the email, preferably using the Content-Type
"application/news-transmission" (5.1) (4.1) with any usage
parameter set to "moderate". Moreover, there SHOULD NOT be
more than one encapsulated article within the one email.
This method has the advantage of removing any possible
conflict between Netnews and Email header fields, or of
changes to those fields during transport through email.
(b) The article is sent as an email as it stands, with the
addition of such extra header fields (e.g. a To header field)
as are necessary for an email. The existing Message-ID header
field SHOULD be retained.
Although both of these methods have seen use in the past, the
preponderance of current usage on Usenet has been for method (b)
and many moderators are ill-prepared to deal with method (a).
Therefore, method (a) SHOULD NOT be used until such time as the
majority of moderators are able to accept it.
2. This standard does not prescribe how the email address of the
moderator is to be determined, that being a matter of policy to be
arranged by the agency responsible for the oversight of each
hierarchy. Nevertheless, there do exist various agents worldwide
which provide the service of forwarding to moderators, and the
address to use with them is obtained as follows:
(a) Each '.' in the <newsgroup-name> is replaced with a '-'.
(b) The result of these operations is used as the <local-part> of
the <mailbox> of the agent. For example, articles intended
for "news.announce.important" would be emailed to "news-
announce-important@forwardingagent.example".
7.3.
6.3. Duties of a Relaying Agent
A Relaying Agent accepts injected articles from injecting and other
relaying agents and passes them on to relaying or serving storage agents
according to mutually agreed policy. Relaying agents SHOULD accept
articles ONLY from trusted agents. verified sources.
An article SHOULD NOT be relayed unless the sending agent has been
configured to supply and the receiving agent to receive at least one
of the <newsgroup-name>s in its Newsgroups header field and at least
one of the <dist-name>s in its Distribution header field, if any.
Exceptionally, ALL relaying agents are deemed willing to supply or
accept the <dist-name> "world", and NO relaying agent should supply
or accept the <dist-name> "local".
However, if the particular implementation does not relay non-existent
newsgroups, even when included in the Newsgroups header field and
implied (e.g. by some "wild card" notation) in the configuration
tables, then the agent MUST examine all group control messages (6.2) (5.2)
in order to ensure that relaying of those messages proceeds normally.
NOTE: Although it would seem redundant to filter out unwanted
distributions at both ends of a relaying link (and it is clearly
more efficient to do so at the sending end), many sending sites
have been reluctant, historically speaking, to apply such
filters (except to ensure that distributions local to their own
site or cooperating subnet did not escape); moreover they tended
to configure their filters on an "all but those listed" basis,
so that new and hitherto unheard of distributions would not be
caught. Indeed many "hub" sites actually wanted to receive all
possible distributions so that they could feed on to their
clients in all possible geographical (or organizational)
regions.
Therefore, it is desirable to provide facilities for rejecting
unwanted distributions at the receiving end. Indeed, it may be
simpler to do so locally than to inform each sending site of
what is required, especially in the case of specialized
distributions (for example for control messages, such as cancels
from certain issuers) which might need to be added at short
notice. A similar possibility for reading agents to filter
distributions is also suggested in [USEAGE]) for the same
reason.
In order to avoid unnecessary relaying, an article SHOULD NOT be
relayed if the <path-identity> of the receiving agent (or some known
alias thereof) appears as a <path-identity> (excluding within the
<tail-entry>) in its Path header field.
But note that the <tail-entry> (which follows the last "!") is not a
<path-identity>, although not all current implementations observe
this distinction.
For this to work, each relaying agent needs to insert it own <path-
identity> (chosen according to 2.3) into the Path header field. It
MAY insert more than one <path-identity> for itself (in which case
the leftmost should be the one by which it is known to its immediate
neighbours), but where an article passes through several relaying
agents at the same site it MAY omit the <path-identity>s for some of
them (but NOT the one which finally relays it to an outside site).
It MAY (and usually SHOULD) also add a <path-diagnostic> giving
additional information concerning the route taken by the article
through the network. A <path-diagnostic> consists of either the
special <diag-match> "!" (which effectively replaces the standard
delimiter "!" by "!!"), or it is composed from a <diag-keyword>
usually followed by a <diag-identity>. The following are the only
<diag-keyword>s defined by this standard:
o "POSTED" (already introduced in Step 10 of 6.2.2), which is never
followed by a <diag-identity>;
o "SEEN", whose following <diag-identity> indicates the verified
identity (see 6) of the agent from which the article was received
(but makes no claim as to whether it matched the <path-identity)
inserted by that agent);
o "MISMATCH", whose following <diag-identity> indicates the
verified identity of the agent from which the article was
received and asserts that it could not be reconciled with the
<path-identity> (supposedly) inserted by that agent.
Other <diag-keyword>s beginning with "X" MAY be used by a relaying
agent to make some assertion not envisaged here, but other (non-"X")
<diag-keyword>s MUST NOT be used unless defined by some extension to
this standard.
NOTE: The <diag-keyword> "MATCH", which might have indicated the
verified identity of the source agent with an assertion that it
agreed with the <path-identity> inserted by that agent, has NOT
been provided, since the special <diag-match> conveys exactly
that meaning for this commonly occurring case.
NOTE: Whilst <diag-keywords>s are case insensitive, it is
intended that they should normally be rendered in uppercase.
A relaying agent processes articles as follows:
1. It MUST MUST/SHOULD establish the trusted verified identity of the source of
the article and compare it with the leftmost <path-identity> of
the existing Path header field's content. If it matches it MUST Except possibly when
relaying to other hosts on the same site, It then MUST or SHOULD,
as indicated, prepend to that content (from left to right) the
following:
o (MUST) its own <path-identity> <path-identity>;
o (MUST) a "!" delimiter;
o (MUST/SHOULD) if the verified and existing identities match,
a '!!' <path-delimiter> to that
content. If it does <diag-match> (effectively converting the "!" delimiter into
"!!");
o (MUST/SHOULD) alternatively, where the identities do not
match then it prepends instead two entries (or have not been determied to that content; firstly the true established <path-identity> of
the source followed by match), a '!', ".", the <path-keyword>
<diag-keyword> "MISMATCH" and (or "SEEN"), another ".", a
further '!', and then, to the left of that, its own <path- <diag-
identity> followed by indicating the verified identity, and finally a '!!' <path-delimiter>
further "!";
o possibly further <path-identity>s etc. as usual. above, identifying
itself.
This
prepending of two entries SHOULD NOT be done if the provided and
established identities match. This header field SHOULD then be folded if it would otherwise
result in a header line of excessive length.
[This may need further changes depending on
[The "MUST/SHOULD"s above were all "MUST" in the resolution of ticket
#1047.]
[It has been suggested that relaying agents should previous drafts.
Discussion is needed to resolve this.]
NOTE: Since each agent at one site can be permitted assumed to
prepend more than be aware of
the one or two entries permitted above.]
[something like identity of the following from Diablo might also others (and of itself), it would be useful:
>>> NOTE <<< you should grep through newly created spool directories
every so often looking most
unusual for .MISMATCH in their <path-identity>s to be separated other than by
"!!". Thus the spool files presence of a single "!", unless followed by a
"." and some <diag-keyword>, can be taken as signifying an agent
that has not yet been upgraded to locate
incoming feeds with conform to this standard.
NOTE: Whilst the presence of a "MISMATCH" would normally
indicate that the existing Path was bogus in some sense, it
could also indicate that the ralaying agent was improperly
configured I found that four to recognise the identities or aliases used by its
neighbours. Administators of my 80+
feeds were misconfigured. ] relaying agents should therefore
periodically monitor the <path-diagnostic> being inserted so as
to avoid this.
NOTE: In order to prevent overloading, relaying agents should
not routinely query an external entity (such as a DNS-server) in
order to verify an article determine a verified identity (though a local cache of
the required information might usefully be consulted).
2. It MUST examine the Injection-Date header field (or, if that is
absent, the Date header field) and reject the article as stale
(F-3.2.1)
(F-3.2.7) if that predates the earliest articles of which it
normally keeps record, or if it is more than 24 hours into the
future (the margin MAY be less than that 24 hours).
3. It SHOULD reject any article that does not include all the
mandatory header fields (section F-3.1).
4. It MAY reject any article whose header fields do not have legal
contents.
5. It SHOULD reject any article that has already been sent to it (a
database of message identifiers of recent messages is usually kept
and matched against).
NOTE: Even though commonly derived from the domain name of the
originating site (and domain names are case-insensitive), a
message identifier
<msg-id-core> MUST NOT be altered in any way during transport,
or when copied (as when forming a References header field), and
thus a simple (case-sensitive) comparison of octets will always
suffice to recognize that same message identifier wherever it
subsequently reappears.
NOTE: These requirements are to be contrasted with those of the
un-normalized msg-ids defined by [RFC 2822], which may perfectly
legitimately become normalized (or vice versa) during transport
or copying in email systems.
6. It SHOULD reject any article that matches an already received
cancel message (or an equivalent Supersedes header field) issued
by its poster or by some other trusted entity.
7. It MAY reject any article without an Approved header field posted
to newsgroups known to be moderated (this practice is strongly
recommended, but the information necessary to do so may not be
available to all agents).
8. It MAY delete any Xref header field that is present.
9. Finally, it passes the articles on to neighbouring relaying and
serving
storage agents.
If the article is rejected as being invalid, unwanted or unacceptable
due to site policy, the agent that passed the article to the relaying
agent SHOULD be informed (such as via an NNTP 43x response code) that
relaying failed. In order to prevent a large number of error messages
being sent to one location, relaying agents MUST NOT inform any other
external entity that an article was not relayed UNLESS that external
entity has explicitly requested that it be informed of such errors.
Relaying agents MUST NOT alter, delete or rearrange any part of an
article except for header fields designated as variant (2.4). In
particular
o they MUST NOT create or augment a User-Agent header field in
order to identify themselves;
o they MUST NOT rewrite the Newsgroups header field in any way,
even if some supposedly non-existent newsgroup is included;
o they MUST NOT refold any header field (i.e. they must pass on the
folding as received);
o they MUST NOT alter the Date header field or the Injection-Date
header field;
o they MUST NOT delete any unrecognized header field whose field
name is syntactically correct (whether or not it is registered
with IANA [RFC 3864]);
o they MUST NOT change the Content-Transfer-Encoding of the body or
any body part;
o they MUST transmit lines of arbitrary length and articles of
arbitrary size.
7.3.1.
6.3.1. Path Header Field Example
Path: foo.isp.example!!foo-server!!bar.isp.example!MISMATCH!
2001:DB8:0:0:8:800:200C:417A!!old.site.example!barbaz!!
baz.isp.example!POSTED!!dialup123.baz.isp.example!not-for-mail bar.isp.example!.SEEN.news3.foo.isp.example!foo.isp.example
!!foo-server!.MISMATCH.2001:DB8:0:0:8:800:200C:417A
!dubious.site.example!!old.site.example!barbaz!!baz.isp.example
!.POSTED!dialup123.baz.isp.example!not-for-mail
NOTE: That article was injected into the news stream by
baz.isp.example, as indicated by the <path-keyword> <diag-keyword> "POSTED"
(complaints may be addressed to abuse@baz.isp.example). The
injector has chosen to record that it got it from
dialup123.baz.isp.example. "not-for-mail" is a dummy <tail-
entry>, though sometimes a real userid is put there.
The article was relayed, perhaps by UUCP, to the machine known,
at least to old.site.example, as "barbaz".
Barbaz relayed it to old.site.example, which does not yet
conform to this standard (hence the single '!' <path-delimiter). delimiter). So
one cannot be sure that it really came from barbaz.
Old.site.example relayed it to a site claiming to have the IPv6
address [2001:DB8:0:0:8:800:200C:417A], be
dubious.site.example, and claiming (by using the '!!' <path-delimiter>)
delimiter) to have verified that it came from old.site.example.
[2001:DB8:0:0:8:800:200C:417A]
Dubious.site.example relayed it to "foo-server" which, not being
convinced that it truly came from
[2001:DB8:0:0:8:800:200C:417A], inserted the <path-keyword>
"MISMATCH" dubious.site.example, and then did
knowing that it in fact arrived from a reverse lookup on host with the actual source
and concluded it was known as bar.isp.example IPv6address
[2001:DB8:0:0:8:800:200C:417A], inserted the <path-diagnostic>
"!.MISMATCH.2001:DB8:0:0:8:800:200C:417A" (that is not to say
that [2001:DB8:0:0:8:800:200C:417A] was not a correct IPv6
address for bar.isp.example, dubious-site.example, but simply that that
connection could not be substantiated by foo-server). Observe that foo-
server has now added two entries to the Path.
"foo-server" is a locally significant name within the complex
site of many machines run by foo.isp.example, so the latter
should have no problem recognizing foo-server and using a '!!'
<path-delimiter>. Presumably
delimiter. It was not strictly necessary to insert the <path-
identity> "foo-server" as well as "foo.isp.example" (but maybe
some site elsewhere had some reason to test for it).
[Please could Richard Clayton provide a more plausible reason why "foo-
server" might be a <path-nodot> here?]
It then went to bar.isp.example which determined (by reverse
DNS) that it had come from news3.foo.isp.example, but had taken
no steps to check whether that was a known alias for
foo.isp.example (which it probably was). Strictly, it SHOULD
have made such a check, and then inserted either a "!!" or a
"!MISMATCH..." according to the result.
Presumably bar.isp.example then delivered the article to its
direct clients.
It appears that foo.isp.example, foo-server and barbaz baz.isp.example
decided to fold the line, on the grounds that it seemed to be
getting a little too long.
7.4. Note that folding and whitespace is
permitted before (but not after) any "!" (but not within a
"!!"); hence continuation lines will always start with either
"!" or "!!".
6.4. Duties of a Serving Agent
A Serving Agent takes an article from a relaying or injecting agent
and files it in a "news database". It also provides an interface for
reading agents to access the news database. This database is normally
indexed by newsgroup with articles in each newsgroup identified by an
<article-locator> (usually in the form of a decimal number - see F-
3.2.11).
3.2.14).
A serving storage agent MUST maintain a list of the newsgroups it stores in
its news database showing the moderation status of each one (see
6.2.1),
5.2.1), and SHOULD include in that list all groups likely to be
crossposted to from those groups (e.g. all other groups in the same
hierarchy(ies)).
NOTE: Since control messages are often of interest, but should
not be displayed as normal articles in regular newsgroups, it is
common for serving storage agents to make them available in a pseudo-
newsgroup named "control" or in a pseudo-newsgroup in a sub-
hierarchy under "control." (e.g. "control.cancel").
A serving storage agent MAY decline to accept an article if the Path header
field contains some <path-identity> whose articles the serving storage agent
does not want, as a matter of local policy.
NOTE: This last facility is sometimes used to detect and decline
control messages (notably cancel messages) which have been
deliberately seeded with a <path-identity> to be "aliased out"
by sites not wishing to act upon them.
[INN at least does this. It might be argued that it is not necessary to
mention it here.]
A serving storage agent processes articles as follows:
1. It MUST MUST/SHOULD establish the trusted verified identity of the source of
the article and modify the Path header field as for a relaying
agent
(7.3). (6.3).
2. It MUST examine the Injection-Date header field (or, if that is
absent, the Date header field) and reject the article as stale
(F-3.2.1)
(F-3.2.7) if that predates the earliest articles of which it
normally keeps record, or if it is more than 24 hours into the
future (the margin MAY be less than that 24 hours).
3. It MUST reject any article that does not include all the mandatory
header fields (section F-3.1), or which contains any header field
that does not have legal contents.
4. It SHOULD reject any article that has already been sent to it (a
database of message identifiers of recent articles is usually kept
and matched against).
5. It SHOULD reject any article that matches an already received
cancel message (or an equivalent Supersedes header field) issued
by its poster or by some other trusted entity.
Likewise, a newly received cancel message (or equivalent
Supersedes) should cause immediate deletion (or deactivation) of
the canceled article.
NOTE: An article with a Supersedes header field is itself stored
normally.
6. It MUST reject any article without an Approved header field posted
to any newsgroup listed as moderated.
7. It MUST (exept when specially configured to preserve the
<article-locator>s set by the sending site) remove any Xref header
field (F-3.2.11) (F-3.2.14) from each article. It then MAY (and usually
will) generate a fresh Xref header field.
8. Finally, it stores the article in its news database.
Serving agents MUST NOT create new newsgroups simply because an
unrecognized <newsgroup-name> occurs in a Newsgroups header field
(see 6.2.1 5.2.1 for the correct method of newsgroup creation).
Serving agents MUST NOT alter, delete or rearrange any part of an
article in any other way. The list of particular cases given for
relaying agents (7.3) (6.3) applies here also.
7.5.
6.5. Duties of a Posting Agent
A Posting Agent is used to assist the poster in creating a valid
proto-article and forwarding it to an injecting agent.
Postings agents SHOULD ensure that proto-articles they create are
valid according to [USEFOR] and other applicable policies. In
particular, they MUST NOT create any Injection-Date or Injection-Info
header field.
Contrary to [RFC 2822], which implies that the mailbox(es) in the
From header field should be that of the poster(s), a poster who does
not, for whatever reason, wish to use his own mailbox MAY use any
mailbox ending in the top level domain ".invalid" [RFC 2606].
Posting agents meant for use by ordinary posters SHOULD reject any
attempt to post an article which cancels or Supersedes another
article of which the poster is not the author or sender.
7.6.
6.6. Duties of a Followup Agent
A Followup Agent is a special case of a posting agent, and as such is
bound by all the posting agent's requirements. Followup agents MUST
create valid followups and are subject to special requirements
involving the Newsgroups, Subject, Distribution and References header
fields. Wherever in the following it is stated that, "by default", a
header field is to be "inherited" from one of those header fields in
the precursor, it means that its initial (semantic) content is to be
a copy of the content of that precursor header field. However,
posters MAY then override that default before posting if they so
wish.
NOTE: The Keywords header field is not inheritable, though some
older newsreaders user agents treated it as such.
1. The Newsgroups header field (F-3.1.5) (F-3.1.4) SHOULD by default be
inherited from the precursor's Followup-To header field if
present, and otherwise from the precursor's Newsgroups header
field. However, if the content of that Followup-To header field
consists of "poster" (and the user does not override it), then the
followup MUST NOT be posted but, rather, is to be emailed to the
precursor's poster.
2. The Subject header field SHOULD by default be inherited from that
of the precursor. The case sensitive string "Re: " MAY be
prepended to the content of its Subject header field, unless it
already begins with that string.
3. The Distribution header field (F-3.2.7) (F-3.2.4) SHOULD by default be
inherited from the precursor's Distribution header field, if any.
4. The followup MUST (in accordance with the definition of that term) term
- F-1.5) have a References header field referring to its
precursor, constructed in accordance with section 7.6.1 6.6.1 below.
NOTE: That "MUST" is to be contrasted with the weaker
recomendation using "SHOULD" applied, in [RFC 2822], to the
generation of "replies" in email. Moreover, in Netnews, there is
no expectation of any In-Reply-To header field in a followup.
7.6.1.
<