An Overview on the Network News Transfer Protocol (NNTP) Service

The NNTP service is a component of IIS that supports client/server and server/server elements of NNTP. Through the NNTP service, you can implement private news servers to host discussion groups, or you can implement public news servers to provide customer support and help resources to Internet users. You can specify that users need to be authenticated to both read and post to items to newsgroups, or you can allow access to everybody. The NNTP service can also integrate with the Windows Indexing Service for indexing of newsgroup content. It is also fully integrated with event and performance monitoring of Windows Server 2003. To connect to the NNTP service on an IIS machine, you can use Microsoft Outlook Express. By using Outlook Express, you would be able to download a list of newsgroups, read existing messages, post new messages and reply to messages.

To configure and manage the NNTP service on IIS, you can use the IIS Manager or the Web browser NNTP Service Manager (HTML). However, in order to use NNTP as a component of IIS, you first have to install the NNTP service. The Default NNTP Virtual Server is automatically created when you install the NNTP service.Understanding and Managing NNTP Virtual Servers

The NNTP directory structure is also created with a root folder of Inetpubnntpfile when you first install the NNTP service. The NNTP directory structure includes the following folders:

  • Root: This is the parent folder for all newsgroup folders that contain articles.

  • Drop: Incoming postings are placed in the Drop folder. From here, the NNTP service processes the incoming postings and sends the postings to the proper newsgroups.

  • Failedpickup: All postings that have the incorrect format are placed in this folder. Items in the Failedpickup folder need to be handled by an administrator.

  • Pickup: All properly formatted items placed in the Pickup folder are moved to the Drop folder for NNTP processing. All incorrectly formatted items are moved to the Failedpickup folder.

  • temp.files: This is a temporary folder which the NNTP service utilizes when processing news postings.

In addition to the NNTP directory structure, four newsgroups are created when you install the NNTP service:

  • Control.cancel

  • Control.newgroup

  • Control.rmgroup

  • Microsoft.public.ins

The Control.cancel, Control.newgroup, and Control.rmgroup newsgroups are utilized for control messages sent by NNTP virtual servers and NNTP clients to communicate with the NNTP service. The Microsoft.public.ins newsgroup is a sample newsgroup which you can use to test the posting of messages to the NNTP virtual server.

How to install the NNTP Service

To install the NNTP service,

  1. Place the Windows Server 2003 CD-ROM in the CD-ROM drive.

  2. Click Start, Control Panel, and click Add/Remove Programs.

  3. Click Add/Remove Windows Components in the Add Or Remove Programs dialog box.

  4. Click Application Server in the Windows Components dialog box, and then click the Details button.

  5. The Application Server dialog box appears next.

  6. Click IIS and then select the Details button.

  7. Click the NNTP Service checkbox.

  8. Click OK.

  9. Open IIS Manager.

  10. Verify that the NNTP Virtual Server node appears in the console tree of the IIS Manager.

You can use the IIS Manager to perform the NNTP management tasks listed below:

  • Create NNTP virtual servers

  • Configure NNTP virtual servers, such as configuring the following settings:

    • Connection settings

    • Posting and newsgroup settings

    • Security and authentication settings

  • Start, stop and pause a NNTP virtual server

  • Create and configure newsgroups

  • Rebuild a NNTP virtual server

  • View current NNTP sessions.

  • Terminate a particular session(s), or terminate all sessions

How to configure NNTP virtual servers

The NNTP service wizards which can be used to manage certain elements of NNTP virtual servers are listed below. All of these wizards can be initiated from the IIS Manager.

  • New NNTP Virtual Server Wizard

  • New Newsgroup Wizard

  • New NNTP Virtual Directory Wizard

  • New Expiration Policy Wizard

How to create a new NNTP virtual server on the IIS machine

  1. Open the IIS Manager

  2. Select the server's node in the console tree.

  3. Select the Action menu, click New and then select NNTP Virtual Server.

  4. The New NNTP Virtual Server Wizard starts.

  5. Enter a name for the new NNTP virtual server. This is the name that will be displayed in the IIS Manager.

  6. Enter a unique IP address and enter the TCP port for the new virtual server. The default port used for NNTP is port 119.

  7. Configure the location for the internal server files and the location for the news content files. You can specify network shares or local directories.

  8. Click Finish to create the new NNTP virtual server.

How to add a new newsgroup

  1. Open the IIS Manager

  2. In the console tree, select the Newsgroup node.

  3. Select the Action menu, click New, and then click Newsgroup.

  4. The New Newsgroup Wizard starts.

  5. Enter a name for the new newsgroup.

  6. Click Finish to create the new newsgroup.

How to create a virtual directory within the NNTP virtual server

You can create virtual directories within a NNTP virtual server to store segments of the newsgroup content within these directories

  1. Open the IIS Manager

  2. Select the Virtual Directories node under the Default NNTP Virtual Server node in the console tree.

  3. Select the Action menu, click New and then select Virtual Directory.

  4. The New NNTP Virtual Directory Wizard starts.

  5. In the Newsgroup Subtree text box, enter the newsgroup subtree that will have its content stored in the virtual directory. Click Next.

  6. Select either File System or Remote Share, and click Next.

  7. Specify the location where content will be stored. You can specify a local directory, or a network share.

  8. Click Finish to create the new virtual directory.

  9. In the console tree of the IIS Manager, click the Virtual Directories node under the Default NNTP Virtual Server node, to view the new virtual directory.

How to create an expiration policy for newsgroups

You can create an expiration policy to detail the time duration for which articles are to remain in newsgroups, prior to them being deleted.

  1. Open the IIS Manager

  2. In the console tree, select the Expiration Policies node.

  3. Select the Action menu, click New, and then click Expiration Policy.

  4. The New Expiration Policy Wizard starts.

  5. Enter a name for the new expiration policy. Click Next.

  6. In the Newsgroups list, leave the default setting if you want the new expiration policy to apply to all newsgroups hosted on the NNTP virtual server.

  7. If you want to specify the newsgroup(s) to which the new expiration policy should apply, clear the default setting in the Newsgroups list. Click Add and specify the pattern that the newsgroup(s) must match to have the expiration policy applied. Click OK. Click Next.

  8. Enter the duration, in hours, to indiate how long articles remain in the group prior to it being deleted.

  9. Click Finish to create the new expiration policy.

  10. In the console tree of IIS Manager, click the Expiration Policies node under the Default NNTP Virtual Server node to view the expiration policy.

You can configure various configuration settings for an NNTP virtual server by accessing its Properties window, and then using the various tabs to configure these settings. The tabs of the Properties window of a NNTP virtual server are:

  • General tab, Access tab, Settings tab, and Security tab.

To access the Properties window of the NNTP virtual server,

  1. Open the IIS Manager

  2. Right-click the Default NNTP Virtual Server node, and select Properties from the shortcut menu.

  3. The Properties dialog box of the NNTP Virtual Server opens.

  4. The settings that can be configured on each tab are discussed below.

General tab

The configuration settings that can be configured are:

  • IP Address text box: The IP address and TCP port number uniquely identify the NNTP virtual server. The default TCP port number is 119. The NNTP virtual server by default uses port 119 for All Unassigned IP addresses on the IIS machine. If you want to configure multiple IP addresses for the NNTP virtual server, click the Advanced button.

  • Limit Number of Connections To checkbox: If you want to set a limit to the number of concurrent inbound connections the NNTP virtual server can accept from both NNTP clients and other NNTP servers, select the Limit Number of Connections To checkbox and set the number desired.

  • Connection Timeout text box: You can set a timeout value for connections in this textbox.

  • Path Header textbox: The information specified in this textbox is added to the Path line of the NNTP header.

  • If you want to enable NNTP logging, click the Enable Logging checkbox.

Access tab

The security configuration settings that can be configured for NNTP on the Access tab are:

  • Click the Authentication button to configure an authentication method for the NNTP virtual server. Clicking the Authentication button opens the Authentication Methods dialog box. You can configure the following authentication methods:

    • Anonymous Access: This is the default authentication method.

    • Basic Authentication: Basic authentication utilizes a clear text user name and password, and is considered the weaker authentication method. It is recommended to enable SSL encryption, when you use Basic Authentication.

    • Integrated Windows Authentication: When enabled, users would need to provide a user name and password for authentication.

    • Enable SSL client authentication: You can enable SSL for all the authentication methods supported for NNTP servers.

  • Click the Certificate button to start the Web Server Certificate Wizard to obtain and install a server certificate on the NNTP virtual server.

  • Click the Connection button to specify which computers are allowed or denied to access the NNTP server.

Settings tab

The settings which you can configure for message posting and newsfeeds are:

  • Allow Client Posting: You can enable or disable posting of articles by NNTP clients to the virtual server. You can specify the maximum size of a message that can be posted, and you can specify the maximum amount of data which a user can post during a connection.

  • Allow Feed Posting: You can enable or disable downloading of newsfeeds from other NNTP hosts such as USENET hosts, and you can specify the maximum message size and totl size of the feeds.

  • Allow Servers To Pull Articles From This Server: You can allow or disallow other NNTP servers to pull newsfeeds from the NNTP virtual server.

  • Allow Control Messages: If you want the NNTP virtual server to process NNTP control messages sent to it from other NNTP servers, enable the Allow Control Messages checkbox.

  • SMTP Server for Moderated Groups: If you have moderated newsgroups hosted on the NNTP virtual server, you have to specify the FQDN of an SMTP server which the NNTP server can use to send messages to the moderator.

  • Default Moderator Domain: Specify the fully qualified DNS name of the domain to which the moderator is a member of.

  • Administrator E-mail Account: Enter the e-mail address to which an error message should be sent when a message cannot be delivered to the moderator of a moderated newsgroup.

Security tab

The users and security groups that have permission to configure the properties of the NNTP server are located on the Security tab. The default groups that are assigned NNTP operator permissions are:

  • Administrators

  • LocalService

  • NetworkService

How to configure settings for virtual directories within the NNTP virtual server

  1. Open the IIS Manager

  2. Click the Virtual Directories node under the Default NNTP Virtual Server node, to locate the virtual directory that you want to configure settings for.

  3. Right-click the virtual directory and select Properties from the shortcut menu.

  4. The settings which you can configure on the General tab are:

    • Click the Contents button if you want to change the folder that maps to the virtual directory alias, or if you want to define the UNC path to a remote network share.

    • Click the Secure button if you want to enable or disable SSL for newsgroups of this particular virtual directory.

    • Enable the Allow Posting checkbox to allow users to post articles to newsgroups through the virtual directory.

    • Enable the Restrict Newsgroup Visibility checkbox to restrict viewing of newsgroups through the virtual directory to only users who have been authenticated by the NNTP virtual server.

    • Enable the Log Access checkbox if you want IIS logging to occur for newsgroups using the virtual directory.

    • Enable the Index News Content checkbox if you want content indexing on newsgroup content to take place.

How to test access to newsgroups using an NNTP client

  1. Open Outlook Express

  2. Select the Tools menu, and then select Accounts.

  3. When the Internet Accounts dialog box opens, Click Add, and select News.

  4. To create a new NNTP account, provide a name, e-mail address, and the fully qualified DNS name or IP address of the new server.

  5. Enable the My News Server Requires Me To Log On checkbox, and enter your user account credentials. This is only necessary if Anonymous access is not configured for the NNTP virtual server.

  6. Click Next, and then click Finish.

  7. Close the Internet Accounts dialog box

  8. Click Yes to download newsgroups

  9. When the Newsgroup Subscriptions dialog box appears, select a newsgroup from the newsgroups available on the NNTP virtual server.

  10. Click OK.

  11. You can now test access to the newsgroup by reading messages and posting messages.

How to rebuild an NNTP virtual server

You would typically need to rebuild the NNTP virtual server to recover from situations that resulted in the corruption of files on the NNTP virtul server.

To rebuild the NNTP virtual server,

  1. Open the IIS Manager

  2. Stop the NNTP virtual server which you want to rebuild. You do this by right-clicking the virtual server node and selecting Stop on the shortcut menu.

  3. Right-click the virtual server once more, and select All Tasks and then Rebuild Server from the shortcut menu.

  4. When the Rebuild NNTP Virtual Server dialog box opens, select either to perform a Standard rebuild, a Thorough rebuild.

  5. Click Start.

Managing NNTP virtual servers from the command line

The scripts included with IIS 6 which you can use to manage NNTP virtual servers are:

  • Rgroup.vbs, used for adding and deleting newsgroups, and for editing existing newsgroups.

  • Rexpire.vbs, used for adding and deleting expiration policies, and for editing existing expiration policies.

  • Rfeed.vbs, used to configure newsfeeds with other NNTP hosts.

  • Rsess.vbs, used to enumerate active NNTP client sessions, and to terminate NNTP client sessions.