From Newsgroup: news.software.nn
"John F. Morse" <
john@example.invalid> writes:
Aaron W. Hsu wrote:
1: Connect to the server and see whether you can post
The problem right here is without proper authentication, the news server >restricts unauthenticated connects to only one group (on my servers), or >however many groups an administrator may assign for connections where >authentication fails.
[...]
2: If you can post, your fine, start reading
3: If you cannot post, you might want to post, so try an authentication
4: If you need authentication to read, then try an authentication
Here, NN is just not prompting for authentication, or is not providing
it after receiving a 200 reply.
If you read the above steps that NN takes when doing an initial server negotiation you would see why it is not authenticating. After you detailed
the above and below, it is now clear to me, I think, why you are seeing
what you are. In particular, let's look at these logs...
Without being authenticated, any access command is going to receive a
480 reply.
Here is a sample telnet session (with munged areas):
john@hardy:~$ telnet news5 119
Trying 192.168.33.5...
Connected to news5.my.net.
Escape character is '^]'.
200 news5.my.net InterNetNews NNRP server INN 2.5.2 ready (no posting)
group local.test
480 Read access denied
authinfo user {my_username}
381 Enter password
authinfo pass {my_password}
281 Authentication succeeded
Here I tried to access the local.test group, but it requires
authentication, so the server gave me the 480 error.
If you had tried to do the same thing with NN, it would have also asked
you for authentication.
Now if I connect without authentication, the only group I can access is
the local.info group:
john@hardy:~$ telnet news5 119
Trying 192.168.33.5...
Connected to news5.my.net.
Escape character is '^]'.
200 news5.my.net InterNetNews NNRP server INN 2.5.2 ready (no posting)
group local.info
211 1 3 3 local.info
list
215 Newsgroups in form "group high low status"
local.info 0000000003 0000000003 m
I can use the article command with 3 and read that article.
Seeing the above makes it obvious why NN is not asking for authentication. Firstly, when it first connects, the message that it is receiving is a
200 code, which indicates that posting is allowed. Thus, NN, does not
even try to do any initial authentication, because it does not need to
do any right then and their. Instead, if you did not specify a specific
group, it will just run the LIST command, which I am guessing does not
require authentication either on your server. In this case, NN happily continues, because the server has not requested authentication.
If you had instead told NN to do something that required authentication,
then it would have asked for it. If the server had responded with a 201, indicating that posting was not allowed, then NN would have tried to authenticate, to see if authenticating would give it more privileges.
Since the server did not respond so, and everything that NN tried was
okay without authentication, NN did not ask you for any authentication details, nor use those that you provided.
There are notes in the source code suggesting that it might be nice to
have a variable to control whether or not authentication is performed,
but my guess is that it is not done so right now.
It should be provided on a server basis. Some servers require >authentication, and some don't.
You misread or misunderstand me: NN does authentication on a per command basis, not per server; you seem to think that NN does authentication at
some coarser granularity than either of these, NN is just being more
precise about authentication than what you expect. It is commands that
require authentication. NN will not give authentication unless it is
required to do so by the server, or if it is restricted in a way that it thinks it can overcome by authenticating; namely, it will try to authenticate when it receives a 480 reply, or when the initial message gives it a 201
code. Your use of NN is not generating either of these messages, so NN is
not authenticating.
The note I have above is saying that the coders of NN *know* that there
is no configurability (say, in the init file) of whether to blindly authenticate at log in, even if the server gives a 200 instead of 201
as its opening message, and they acknowledge that having a variable to
set this might be nice. However, for the vast majority of installations,
this is not a problem, even today. It is a problem for you because you actually change information that you send based on authentication
information, but you don't do anything to indicate this. Your server
does not give a 201 code, and I am guessing that the LIST command works without authentication, so NN has no way of knowing that it could have
"gotten more groups" if only it had authenticated.
It shouldn't, but depending on the configuration of NN, it might prevent
logging in. Specifically, in Slackware, I had to make it use the hostname >> file because NN expects an FQDN when getting the hostname, which
the hostname(3) was not giving it. It does not sound like this is a problem >> for you, but it's something to note just in case.
Well, it could be if it is associated with the problem of using my real >e-mail address. That would bring on the spammers for sure.
That problem is a problem with you not using a custom From field, and it
has nothing to do with your hostname. NN is using a default address based
on your hostname because you have not overridden the From field in your configuration, but it would do this regardless of the hostname information
it receives. Thus, I am certain that this is not your problem in any of
the gripes you have with NN right now.
IIRC, I could only get NN to access the server that is listed in the >~/.nn/init file.
Perhaps there is another configuration value that would put one file
above another, but I think I've tried them all.
If there is an NNTPSERVER variable, NN should use that; if not, it should
use the value on the command-line; and if not, then it should use the
init file value.
I have /etc/news/server but it is for SLRN, and points to localhost for >>> Stunnel support, and for a different local INN reader server which
requires TLS on port 563.
This may or may not be causing NN to barf, but I would be suprised if it
is assuming that you are properly specifying the NNTP server. I'd have to >> check the code.
This is not used for NN. It is for SLRN, and maybe Tin, if I don't
override it with a launch commend parameter.
You seemed to think that it was grabbing a local spool rather than using
the NNTP server that you specified. That's how I read this part of your message. If that is not the case, then we can dispense with this part entirely.
Please review the authentication info above. Basically, without >authentication, there is no access except to one group (local.info), and >posting is prohibited anywhere.
But your initial log in server response gives a 200 reply instead of a 201, which in the protocol indicates that posting *is* allowed. As I mentioned above, NN will not try to authenticate initially if it does not receive
a 201 on login. It *will* try to authenticate later on if a command it
tries gets a 480 reply.
NN cannot know whether a news server requires authentication unless the >server asks (none do AFAIK), or NN has a configuration file setting
(which we are looking for and not finding).
All servers that I have ever used, including GigaNews, Gmane, and my ISP, among others, either work without passwords, or request a password
explicitly. For example, with GigaNews, here's what I get from a Telnet session:
Trying 216.196.97.131...
Connected to news.giganews.com.
Escape character is '^]'.
200 News.GigaNews.Com
MODE READER
200 reading enabled
LIST
480 authentication required
The above simulates what NN does on logging into the server. NN sees the
480 reply and then asks me to authenticate. The problem you are
experiencing is that you give different results for a command such as
LIST depending on authentication rather than just returning 480 on
the command, as most servers that require authentication would.
Some cases allow authentication by putting username:password on the
command line as an attribute. I do not find it works with NN, and don't >recollect reading it in the various documentation.
If you have a version of NN with nntp-user and nntp-password variables,
then you can set them explicitly on the command line:
nn nntp-user={username} nntp-password={password} ...
In fact, the word "authentication" is not even in the docs.
That's because in most versions of NN, this was always done interactively,
it is only in relatively recent NN versions that nntp-user and nntp-password were supported, and the vanilla source of 6.7.3 only has that in the README, and does not document it in the man page.
The nn(1) man page is where I read this, and it works.
It is obvious that you are using a patched version of NN, since the
6.7.3 version that I have does not have this in the man page, but instead explicitly recommends against putting nntp-server in the init file, and recommends always putting it in the command-line. However,
while the man page says this, I think that some patches were introduced
that caused the init file to be loaded earlier, so that you can get away
with using nntp-server in the init file, which is what you have been doing, apparently.
set nntp-user {my_username}
set nntp-password {my_password}
These are not valid settings, methinks.
They are also mentioned in the man page, but they obviously do not
permit authentication.
If the syntax is incorrect, then NN will fail to launch as mentioned below.
Actually, these are not documented in the vanilla version of the man page,
but they are in the code (I just checked) nonetheless, and the README
talks about their introduction. Thus, someone seems to have patched your
man page to include them and make adjustments for recent code changes.
You incorrectly state that the "obviously do not permit authentication," because they *will* be used if NN ever needs to authenticate to the server. The problem here is not that NN cannot authenticate, but that it does
not authenticate with your server because your server does not suggest anything to NN that makes NN think it should authenticate.
set news-header Organization: {My_Organization_Name}
set mail-header Organization: example.invalid
Good, you know about these settings. :-) They are very useful.
Yes, but neither is for the e-mail address (From or Sender).
Actually, they both are, and I explained how to use them further
down, and the man page explains how to use them. This is what I wrote
that explains how to use these settings.
I actually change my From header to display my real email address,
which I know a lot of people do not like, but the process is the same
for using invalid From headers as well. From the nn(1) man page, the
news-header and mail-header settings can be used to specify more than a
single header. Each header line can be separated by a semicolon. See
the man page's documentation of the mail-header option for an example,
which sets the Reply-To and Organization headers.
And since the above obviously did not help you, here is the relevant text
from the nn(1) man page:
mail-header headers (string, default not set)
The headers string specifies one or more extra header lines
(separated by semi-colons `;') which are added to the header of
mail sent from nn using the reply and mail commands. For exam?
ple:
set mail-header Reply-To:
storm@texas.dk;Organization: TI - DK
To include a semicolon `;' in a header, precede it by a back?
slash (which must be doubled because of the conventions for
entering strings).
news-header headers (string, default not set)
The headers string specifies one or more extra header lines
(separated by semi-colons `;') which are added to the header of
articles posted from nn using the follow and post commands. See
mail-header for an example.
As you can see, you use these settings if you want to change the From
address or the Sender.
So you are manually editing the From in the editor? That would be a real >task if you post many articles!
That would be a task, but as you can see, I am not.
How do people use NN with authentication? The INN news server is the
most common on Usenet, and many Usenet servers require authentication.
I am using it every day with authentication and without, with by using GigaNews, and without by using gmane.
Perhaps NN is just not very common. I rarely see anyone posting with it.
It is not very common nowadays, that's true, but not because it doesn't
know how to authenticate, because it does.
I read headers most of the time, and have the Display Mail User Agent >extension in Thunderbird. If a big red NN shows up, I will notice it. I >rarely see it.
Do you see it on my messages? :-)
I know newsrc is different for each server. However several newsreaders
can often share the same newsrc for a particular server.
Yes, you can use the same newsrc for the same server with different newsreaders, and NN should play nicely with other clients that use ~/.newsrc, but if you want to use NN on *different* servers, unless you know
that they can play nicely, you will need to use the newsrc variable
to change the newsrc file appropriately for each server. You don't have
to, but then things could go wrong (of course, you know what you are
doing, so feel free to pick and choose).
I access many servers, so some kind of separation is definitely required.
Yes, so then you would want to call nn with nntp-server, newsrc, and nn-directory all set explicitely on the command-line for each server
that you want to connect to.
The ~/.nn/init file does work for choosing a server. Sometimes it is the >only way to choose a server, and it overrides whatever server is given
on the command line.
You should set it on the command line if you have a lot of different
servers to connect to. As you mentioned, setting it in the init file
and editing it each time you want to connect to a new server is a pain.
I have read everything there is to read concerning NN. I have then
searched (grepped) the documentation, and came up with nothing.
Debian seems to have a slightly customized version of NN. Slackware's is
much closer to vanilla. However, the above information on authentication,
in all its gory detail is not available in documentation. The variables
and the other settings are, but the exact workings of the authentication
I derived by reading the source code. Still, most of your other inquiries
*are* answered in the documentation. For example, your query about
the nntp-server, I get this from the man page:
newsrc file (string, default "~/.newsrc") Specifies the
file used by nn to register which groups and articles have been
read. The default setting corresponds to the .newsrc file used
by other news readers. Notice that nn release 6.4 onwards does
allow individual articles to be marked unread, and some articles
marked unread, and thus no longer messes up .newsrc for other
news readers! Also see nntp-server.
nn-directory directory (string, default "~/.nn")
It only makes sense to set this variable on the command line,
e.g. "nn-directory=$HOME/.nn2" since it is looked at before the
init file is read. It must be set to a full pathname. Usually
set when using multiple servers; see newsrc above and nntp-
server below.
nntp-server hostname or filename (string)
It only makes sense to set this variable on the command line,
e.g. "nntp-server=news.some.domain", since it is looked at
before the init file, If you use multiple servers, you probably
want to set the nn-directory and newsrc variables on the command
line to alternate names as well, since some of the data files
are server dependent.
That explains pretty much all you need to know about multiple servers
and nntp servers. The only thing not discussed there is how to actually
set those options on the command line, and here is the relevant man page
text on that:
Some variables only make sense when set on the command line,
since they are examined early in startup, before the init
files are read. The syntax for setting variables on the command
line is:
variable=value
The value may need to be quoted if it contains white space or
special characters. They can be intermixed with other options,
and are exam? ined prior to other argument parsing.
And there you go.
That is a Slackware problem, not NN nor Debian. ;-)
Actually, Debian patches its software a lot, it seems, in this case, though none of the patches seem nefarious, unless your man page lacks the above
text that I quoted, in which case you are missing out a lot.
Patches should have been provided for NN, and not specifically for just >Slackware's NN package.
The patches were related to the configuration of Slackware's NN, not in
NN itself. A patch that Slackware used to provide a nicer error message
had a missing brace that caused universal failure, and it had a bad configuration that did not allow for use on systems that did not have an
FQDN. Neither of these were upstream problems. They were also fixed
some years back.
The authentication problem should be at the head of the list. Without
it, I'm afraid NN is something of a relic from the very distant past.
I have added this as an issue in my tracker at GitHub. The code is
public, and this is an easy fix, so I just might knock this one out. :-) However, please understand that the issue is *not* that NN cannot do authentication or that it is somehow non-compliant. It is doing things
just fine, but it lacks an explicit option to always send authentication, regardless of the server information. This is useful, but it is not
a failing, IMO.
Another problem I just found is the port is not assignable. That is >something available in modern newsreaders.
Yes, to my knowledge NN does not allows a custom port unless you
edit the service database to change the NNTP/TCP service.
NN does not show the selected article by using Z or X. It is broken I'm >afraid.
Z and X are not meant to show a single article. They are meant to take
you into reading mode where you can read the articles that you have
selected. Thus, if you have a single screenful of articles and you
hit 'a' and 'c', then hit 'Z', NN will show you article 'a', which you
can page through using the space character. When you page through 'a',
the article that you marked with 'c' will then be displayed and you can
page through it the same way. The difference in Z and X is what happens
when you have gone through all the articles that you marked when you
were in selection mode. 'Z' takes you back to your list of articles
with all the articles that you did not mark still marked as being unread, whereas 'X' will mark all the articles that you did not select to read
as having been seen or read, and when you finish reading the articles that
you did select, it will not take you back to the group you were in,
but will instead take you to the next group.
These are also documented clearly in the man page.
And it is much slower than any other newsreader I use.
This used to be the case for me on slow connections as NN downloads
the list of new articles at startup before it displays the first
group, but with fast connections these days, that is a very small time,
and this time is actually shorter than the aggregate amount of time
for some other readers I have used to update their message lists.
As for actually reading news, I have not found NN to be any slower, and actually faster in workflow than the others by a long shot. Only
initial startup may be slightly slower than others, do to its batch
nature.
I particularly do not like the following idea, found at >http://en.wikipedia.org/wiki/Nn_%28newsreader%29 :
NN was known for its mode separation between choosing and reading
articles. Threads were presented for reading or skipping, and once
all choices in a newsgroup were made, the user continued on to
reading the selected articles.
How can you choose something if you don't read it? Topic/Subject drift
long ago killed that glorious idea!
Ah, but you see, that *is* the primary reason why I like NN so much!
This separation of selecting what articles I want to read first and
then reading through them is *so* much nicer for me than having to
laboriously click or navigate through the header list while simultaneously reading the news.
Here's how it goes for me; I obviously don't want to read some articles
and I can tell this from the subject line. With NN I simply don't select
those articles. That usually eliminates my need to read most of the articles in a group, or at least, the obviously useless articles. Then comes
the ones that I might just be interested in. These I select for reading.
Then I go into reading mode and start going at it. Many of the articles
are what I wanted, and I read through them entirely. Some are useless,
and I don't care about them, so I skip reading them in their entirety
and use the 'n' key to go to the next article in my selected reading list. Sometimes, it is obvious that a thread has devolved and that it no longer contains useful information. At that point, rather than plog through
the rest of the articles of that subject that I may have selected, I just
use the 'k' key to temporarily kill that subject just for this session,
and I can continue reading the next thread. If I decide I want to
permanently kill a subject, then I can, of course, do that as well.
Now, the other way around sometimes happens. I read the first post of
an article and think that I would like to follow more, well, rather
than going back to selection mode, I can just hit '*' and all the articles that are followups to the article I am reading will be selected and added
to my reading list for me.
This is so much more efficient for me than what I have to do in other
readers, which I have to scroll through the list in one way, and then
jump around as I proceed to read though the lists. Certainly it is no
slower or more wasteful than having to open each article, since I can
already eliminate articles that I do not want to read. So, in fact,
I can deal with topic drift and useless articles much faster this way than with the normal approaches.
Obviously, you may not like this approach, and if you don't then you
probably will not like NN. However, I think it's worth giving it a shot,
since it is surprisingly nice to use once you do.
21 years have passed, and Michael's site is broken badly. <sigh>
Yes, it is, which is why I have my own GitHub where I keep my own work
on NN.
If NN is doing what you want it to do, what you need, then who am I to >suggest you try Tin or SLRN? They both have what I need for my
text-based netnews desires, and are easy to navigate, especially Tin.
Oh, they are both fine readers, and I have used them both, but in both
cases I found them slower and harder to use efficiently than NN. They
have a lot of nice features, but NN is more usable for my workflow.
--
Aaron W. Hsu |
arcfide@sacrideo.us |
http://www.sacrideo.us
Programming is just another word for the lost art of thinking.
--- Synchronet 3.21d-Linux NewsLink 1.2