Man Linux: Main Page and Category List


       leafnode - NNTP server for small (dialup) sites




       Leafnode  is a USENET package intended for small sites, where there are
       few users and little disk space, but where a large number of groups  is

       The  design  of leafnode is intended to self-repair after problems, and
       to require no manual maintenance.

       The leafnode program itself  is  the  NNTP  server.   It  is  run  from
       inetd(8),  xinetd(8) or tcpserver when someone wants to read news.  The
       other parts of the package, fetchnews and texpire, are responsible  for
       fetching new news from another server, and for deleting old news.


       No authentication or access control is supported.  This is a deliberate
       omission: Implementing this is a job which should  not  be  redone  for
       each and every service.

       It  is  mandatory  that you use external access control mechanisms like
       tcpd, inetd/xinetd compiled with libwrap  support,  tcpserver  with  -x
       option and the like and that these are in effect.  tcpd and libwrap are
       components of Wietse Venema’s fine tcp_wrappers package.

       As a very rough last line of defense against abuse, leafnode will  drop
       connections  from  outside  your  LANs  by  default.  You can configure
       leafnode to let go of this restriction  (look  for  the  allowstrangers
       option),  but  don’t  do  that unless tight access control is in place.
       Someone will abuse your computer sooner or later. Promised.

       I recommend that either firewalling or tcpd be used for access control.


       All these files and directories must be readable by the user "news". It
       is recommended that, unless otherwise stated, that the user  "news"  be
       the only user in the group "news" and these files belong to "root:news"
       (user:group) so leafnode cannot modify  your  configuration  or  filter

       /etc/news/leafnode  should  not  be writable by the user "news", but it
       must be executable for at least any of the group that the  user  "news"
       is in.  /etc/news/leafnode/config contains the configuration parameters
       for leafnode.  It must not be writable by the user "news". Set this  to
       owner root:news and mode 640. For details, see CONFIGURATION below.

       /var/spool/news  must also be readable and writable by the user "news".
       It contains the news  articles;  e.g.   /var/spool/news/alt/fan/agulbra
       contains  the  articles  in  the group.  Each directory
       contains articles in numbered  files  (decimal  numbers,  monotonically
       increasing),  and  a  special  file called .overview which contains the
       "Subject", "From",  "Date",  "Message-ID",  "References",  "Bytes"  and
       "Lines" headers for each article in the group.

       Several subdirectories are special:

       /var/spool/news/leaf.node  contains  the  files  that  leafnode creates
       during  operation,  for  example  the  groupinfo  file  which  contains
       information  about  each  USENET  newsgroup.  This  file  is  built  by
       fetchnews (8). You can force a complete rebuild of the  groupinfo  file
       by calling fetchnews with the parameter -f (see fetchnews (8)).

       /var/spool/news/out.going  contains local postings that fetchnews(8) is
       to pass  to  the  upstream  NNTP  server.  After  a  posting  has  been
       successfully written to disk, its u+r permission flag is set. This flag
       is interpreted by fetchnews(8) as "you may  post  this  article".  This
       prevents  fetchnews from posting articles that are still being received
       from newsreaders. (Note: versions 1.9.23 to 1.9.32 inclusively used u+x
       instead,  which  caused some "stuck post" problems with articles in the
       spool when a prior leafnode version was updated  to  one  of  these  10
       versions. Updating to leafnode 1.9.33 or later fixes the problem.)

       /var/spool/news/failed.postings   contains   local  postings  that  the
       upstream server rejected.   fetchnews(8)  will  create  files  in  this
       directory,  but  none  of the leafnode programs will delete anything in

       /var/spool/news/ contains hard links to each message; this is
       used in place of the dbz database typically used by bigger servers.  (A
       directory such as this is probably more efficient for the small servers
       leafnode is designed for but scales very badly.)

       /var/spool/news/interesting.groups  contains one file for each group an
       NNTP client has asked to read.  leafnode will update the  ctime  (ls -l
       usually  shows  the  mtime,  try  ls -lc)  of  the relevant file when a
       LISTGROUP, XOVER, XHDR, STAT, HEAD, BODY or ARTICLE command is  issued,
       when  a  GROUP  or  LIST  ACTIVE command (the latter only with a single
       group, not with patterns) is issued for an interesting group (to  avoid
       unsubscribing  low-traffic groups that are still read) and fetchnews(8)
       will retrieve all new articles in all  groups  whose  files  have  been

              - touched during the past two days, or

              -  touched  more  than  once,  and at least once within the past

       The  timeout  is  configurable  through  the  config   file   variables
       timeout_short  and  timeout_long.  See  also  fetchnews(8)  for  the -n

       /etc/inetd.conf or /etc/xinetd.conf contains  the  configuration  which
       starts  leafnode.  It is strongly recommended to start leafnode as user


              If this variable exists, all POST commands are rejected  with  a
              400 code.  Use only for debugging clients.

              If this variable exists, the POST command is rejected with a 400
              code after the article and CRLF.CRLF has been received. Use only
              for debugging clients.


       All  configuration  is  done  using the file /etc/news/leafnode/config,
       which may include a filter description file, filterfile for  short,  as
       described below.

       For  the  purposes  of  this section, whitespace shall be defined as an
       arbitrary sequence consisting of one or more SPACE or HTAB  characters,
       ASCII positions 32 and 9, respectively.

       The  configuration  file  is  strictly line-oriented with LF or CRLF as
       line terminator.

       Empty lines and lines consisting of only whitespace, possibly  followed
       by  a  comment (introduced by a hash mark (#) and extending through the
       end of the line), are skipped.

       All other lines have exactly  three  mandatory  fields,  a  plain  text
       parameter,   an  assignment  character  (=)  optionally  surrounded  by
       whitespace and a value.  The value is either plain text or - new  since
       leafnode  v1.11  -  a  string  in  double quotes with trivial backslash
       escape (see below).

       Plain text starts at the first  non-whitespace  character  and  extends
       through  the  last  non-whitespace  character on the line that is not a
       comment. A trailing comment on a line is skipped.

       Quoted strings are  enclosed  in  double  quote  characters  (").   The
       backslash  character  (\)  is  skipped,  but  it copies the immediately
       following character verbatim, so that you  can  specify  the  backslash
       itself  by  doubling it (\\) or a double quote character as part of the
       string by preceding it with a backslash (\");  the  hash  mark  has  no
       special meaning as command introducer inside quoted strings. Text after
       the end of the string is silently ignored (this may  change  in  future
       versions).  Comments after quoted strings are ignored.


       These parameters must be specified for leafnode to work.

       server =
              "server"  is used by fetchnews (8) to select what NNTP server(s)
              to retrieve news from and to post  your  articles  to.  You  can
              specify  more  than  one  news server; in that case, the servers
              will be queried from the top down. If you want to post articles,
              at  least  one of your servers should allow you to post.  In the
              example above, is the news server.

              This parameter can be given more than once. Each  server  starts
              with   a   fresh   set  of  default  configuration  options,  no
              inheritance takes place from  the  previous  server  definition.
              Only options explicitly marked "server-specific" can be set on a
              per server basis, "general" options are set for all  servers  at
              the same time.

       expire = 5
              "expire" is the number of days an article should be kept around.
              In the example, five days after the article has last been  read,
              it  is  deleted  by  texpire (8). This value MUST be at least 1.
              This parameter is global, see the introductory paragraph of  the
              following  GENERAL  OPTION  PARAMETERS  section to find out what
              this means.


       These options can only be configured once in  the  configuration  file,
       and take effect for leafnode as a whole. It does not matter where these
       are specified relative to server= options, but  for  clarity,  you  are
       encouraged  to  place  these  before the first server= line. Specifying
       each of the global options more than  once  lets  the  last  copy  take
       effect, but may cause errors in the future.

       hostname =
              By  default, leafnode tries hard to figure the host name of your
              computer, skipping inadequate (non-unique) names if possible. It
              will  look  up your computer’s host name with gethostname(3) and
              then try to qualify the name with gethostbyname(3) if necessary.
              Common  sources  for the full name therefore are /etc/hosts, NIS
              and DNS, but consult your system documentation for details.

              If leafnode fails to determine the host name, this is usually  a
              hint  that  your  system is not configured properly, or it has a
              hostname that is unsuitable for the domain part of a Message-ID,
              for  example,  "localhost.localdomain",  and  you should fix the
              name service configuration. Adding a unique fully-qualified host
              name to /etc/hosts is usually sufficient. Please see README-FQDN
              for more details.

              You can configure the unique fully-qualified host name  here  as
              well, but this is not recommended and discouraged.

       create_all_links = 1
              Normally,  fetchnews  will store articles only in the newsgroups
              which it considers interesting. With this option set,  fetchnews
              will  create  hardlinks  for  all  newsgroups in the Newsgroups:
              header that it knows about. This may be of interest if you  want
              to apply a score- or killfile to the local Xref: line.

       maxfetch = 1000
              "maxfetch"  specifies  the  maximum number of articles fetchnews
              (8) should fetch from the upstream server in each group. Its use
              is  not  advised, because if you use it you will not see all the
              traffic in a group. By default there is no limit.

       initialfetch = 1
              "initialfetch" defines how many articles from a newly subscribed
              group  should  be  fetched.  The  default  is  to  fetch all old
              articles, which can get quite time-consuming when subscribing to
              a very busy group. This is equivalent to setting initialfetch to
              zero. If you want to get no old articles when subscribing  to  a
              new group, you should set initialfetch to one, as in the example

       groupexpire = 1

       groupexpire very.crowded.hierarchy.* = 1
              "groupexpire" makes it  possible  to  adjust  expiry  times  for
              individual  groups. Expiry times are given in days. 0 means "use
              the default", negative values prevent  the  expire  process  for
              this  group  altogether (you can consider this an archive mode).
              This value is used by texpire  (8).  You  can  specify  as  many
              groupexpire  lines  as  you like. It is possible to specify glob
              (7)-like wildcard expressions.

       maxage = 10
              If an article turns up on your upstream  news  server  which  is
              older  than  "maxage"  days it will not been fetched even if you
              don’t have it yet.  This is useful if your upstream server  gets
              occasional  "hiccups".  The default is set to 10. If you want to
              switch this feature off, set maxage to some  very  large  value,
              such as 20000 (this is equivalent to roughly 54 years).

       maxold = 10
              Is synonymous to maxage, see above.

       maxlines = 2000
              If  you want to avoid receiving very large articles, you may set
              the "maxlines" parameter to  the  maximal  number  of  lines  an
              article should have. By default, this feature is switched off.

       minlines = 2
              Sometimes  newsgroups are spammed with empty postings. To reject
              these postings, you can set the  "minlines"  parameter.  Setting
              minlines  to  a value larger 4 is probably not a good idea since
              you will also start to kill "real" postings  then.  By  default,
              this feature is switched off.

       maxbytes = 100000
              If  you  want to avoid receiving very large articles, instead of
              using the "maxlines" parameter you can also use  the  "maxbytes"
              parameter. By default, this feature is switched off.

       maxcrosspost = 5
              If you want to combat spam, you can filter out all postings that
              are posted to more than a  certain  number  of  newsgroups.  The
              number  is  defined  by  setting  "maxcrosspost".  Setting  this
              parameter to very low  values  is  probably  a  bad  idea.  This
              feature is switched off by default.

       maxgroups = 5
              Synonymous for maxcrosspost. See above.

       filterfile = /etc/news/leafnode/filters
              Leafnode  can  filter  the  input  headers for arbitrary regular
              expressions.   These   are   stored   in   a   file   designated
              "filterfile".  The  format  of  "filterfile" is very simple: one
              perl-compatible regular expression  per  line.  If  one  of  the
              regular  expressions fits to a header to be downloaded, the body
              of that article will be rejected. This feature is  switched  off
              by  default.  The format of the regular expressions is described
              in pcre(3).

       timeout_short = 2
              By default, a group that has been accidentally touched is  being
              fetched  for  two  days.  You  can  change this time by changing

       timeout_long = 7
              By default, a group that has not  been  read  at  all  is  being
              fetched  for seven days before being unsubscribed. This interval
              can be changed by setting timeout_long to a different value.

       timeout_active = 90
              By default, active files from the upstream servers  are  re-read
              every   90  days.  This  interval  can  be  changed  by  setting
              timeout_active to a different value. Be aware  that  reading  an
              active  file transfers about one MB of information if the server
              that you are using carries a reasonable number of groups (i.  e.
              around 20,000).

       timeout_client = 900 (since v1.9.23)
              By  default,  leafnode  will drop the connection 900 seconds (15
              minutes) after seeing the last command from the client. You  can
              change  the  timeout  here.  Setting  it  too  low (like below 5
              minutes) will annoy your users and consume more system resources
              for re-reading all the files.

       timeout_fetchnews = 300 (since v1.9.52)
              Fetchnews  will,  since  v1.9.52, assume the upstream server has
              become wedged after waiting for a reply for 300 seconds. You can
              change the timeout here.

       timeout_lock = 5 (since v1.9.54)
              Configure  how  many seconds the leafnode programs (applyfilter,
              checkgroups, fetchnews, texpire) will wait  for  the  lock  file
              before  aborting.  Setting this to 0 means to wait indefinitely.
              NOTE: you can override this by setting the environment  variable
              LN_LOCK_TIMEOUT  (note  it is not LN_TIMEOUT_LOCK).  The default
              is 5 seconds.

       delaybody = 1
              With this option set, fetchnews (8) fetches only the headers  of
              an  article  for  visual  inspection. Only when the headers have
              been read, the bodies of the articles will be retrieved the next
              time  fetchnews  (8)  is  called. This can save a huge amount of
              download time and disk space.

       delaybody_in_situ = 1 (since v1.9.41)
              This is only applicable with delaybody=1.

              By default, leafnode will give the full downloaded article a new
              article  number  so  they appear as new in your newsreader. This
              does not  work  for  all  newsreaders.  With  this  option  set,
              leafnode will retain the original article number. You’ll have to
              figure out how to tell your newsreader  to  show  old  articles.
              This  option defaults to 0. It is highly recommended to leave it

       debugmode = 1
              With this option set, fetchnews (8), texpire  (8)  and  leafnode
              (8) will start to log lots of debugging output via syslog (8) at
              facility news and priority  debug.  Use  it  for  tracking  down
              problems  with  your  feed.  debugmode  should  be left at 0 for
              regular use because it can log enormous  amounts  of  data.  The
              higher  the  number,  the more will be logged. Choosing a figure
              greater than 3 will not make a difference at the moment.

       allow_8bit_headers = 1 (since v1.9.25)
              By  default,  leafnode  rejects  local  posts  that  have  8-bit
              characters  in  their  headers,  because  they  violate relevant
              standards, particularly RFC-2822 (which RFC-1036  is  based  on)
              that  demands that Usenet news headers (as mail headers) must be
              pure 7-bit US-ASCII,  with  only  whitespace  allowed  from  the
              control characters.

              However,  as  UTF-8  is  to come, and some national hierarchies,
              particularly the Norwegian and Danish (no.*, dk.*) seem to  have
              agreed  on preferring just-send-eight over RFC-2047, you can set
              this option to  allow  8-bit  data  in  headers.  Leafnode  will
              however  add  a warning header if 8-bit data is present, stating
              that the site administrator allowed this.

              There is no way to make leafnode accept  non-whitespace  control
              characters in headers.

       allowSTRANGERS = MAGIC (since v1.9.23)
              By default, leafnode refuses connections from outside your LANs.
              Check config.example for  how  to  use  this  parameter  to  let
              strangers  connect  to your leafnode. Instead of MAGIC, you have
              to write a number as  mentioned  in  config.example.  Note  that
              capitalization matters.

       linebuffer = 1
              By  default, stdout and sometimes stderr of applications are set
              to "fully buffered" unless  connected  to  terminals.  Use  this
              option  to  explicitly request line buffered mode for stdout and

       clamp_maxage = 0
              By default, leafnode will derive a "maxage"  argument  from  the
              expire time that is applicable to the group (groupexpire if set,
              expire otherwise), to prevent fetching articles again that  were
              once there and then cleared by texpire(8). Set clamp_maxage=0 to
              get rid of this behaviour.

       article_despite_filter = 1 (since v1.9.33)
              By default, fetchnews will request HEAD and BODY separately if a
              filter  file  is defined and delaybody is off. For high latency,
              high throughput links (such  as  interleaved  DSL  or  satellite
              links),  it may be faster to request head and body together with
              an ARTICLE command and ignore the  body  if  the  filters  apply
              (though  it  may  not be cheaper if you pay per MByte), enabling
              this option will force leafnode to use the  ARTICLE  command  in
              spite  of  filters  being defined. (Note that in delaybody mode,
              HEAD and BODY will ALWAYS be requested separately.)

       newsadmin = (since v1.9.47)
              This option sets the From: address for the placeholder  article,
              it should be the news administrator’s mail address.  It defaults
              to news@HOSTNAME, where HOSTNAME is leafnode’s hostname.


       These options can only be placed after the server= line of  the  server
       to  which you would like these to apply, and they always pertain to the
       preceding server= line. Specifying them before the first  server=  line
       is an error.

       username = myname
              If  any  of your news servers requires authentification, you can
              enter your username on that server here. This  field  may  occur
              multiple  times,  once  after  each  server  definition. See the
              introduction of this CONFIGURATION section  for  information  on
              how to quote myname.

       password = mypassword
              If  any  of your news servers requires authentification, you can
              enter your password on that server here. This  field  may  occur
              multiple  times,  once  after each server definition.  Since the
              password is available in clear text, it is recommended that  you
              set  the  rights  on the config file as restrictive as possible,
              otherwise other users of your computer will be able to get  your
              password(s)  from  that  file.  See  the  introduction  of  this
              CONFIGURATION  section  for  information   on   how   to   quote

       port = 8000
              By  default,  fetchnews  tries  to  connect to its upstream news
              servers on the NNTP  port  (119).  If  your  servers  run  on  a
              different port, you can specify those here. This field may occur
              multiple times, once after each server definition.

              Note: to modify the port your own leafnode servers  listens  on,
              change  the  inetd.conf,  xinetd.conf  configuration file or the
              tcpsvd/tcpserver command line. leafnode  does  not  set  up  its
              listen port itself.

       timeout = 30
              By default, leafnode tries to connect for 10 seconds to a server
              and then gives up. If you have a slow server, you can try for  a
              longer  time  by setting the timeout higher (in this example, 30
              seconds). The timeout can be tuned individually for each server.

       noactive = ANYTHING (v1.9.25 ... v1.11.4)

       noactive = 1 (since v1.11.5)
              If  this  parameter  is set, the active file is never downloaded
              from this server. Use this for very  slow  servers  unless  they
              carry  groups  that other servers don’t offer. Leafnode versions
              1.9.25 to 1.11.4 would always assume that "ANYTHING" had been 1.
              "noactive = 0" is supported since v1.11.5.

       nodesc = ANYTHING (until v1.11.4)

       nodesc = 1 (since v1.11.5)
              Some  servers  do not deliver news groups descriptions correctly
              because they  cannot  parse  the  XGTITLE  and  LIST  NEWSGROUPS
              commands.  In  that case, put this line after the "server" line.
              Leafnode  versions  up  to  v1.11.4  would  always  assume  that
              "ANYTHING"  had been 1. "nodesc = 0" is supported since v1.11.5.

       nopost = 1 (since v1.9.23)
              Prevent posting to this server. You can use this if the upstream
              won’t  let  you post but still greet leafnode with 200 or if the
              upstream doesn’t forward your postings reliably.

       noread = 1 (since v1.9.33)
              Prevent fetching news articles or active files from this server.
              You  can  use this if the upstream is good to post, but too slow
              to fetch news from.

       noxover = 1 (since v1.9.47)
              Prevent the use of XOVER on the current server.  Fetchnews  will
              use XHDR instead.

       only_groups_match_all = 1 (since v1.9.52)
              Usually,  when cross-posting an article, fetchnews will post the
              article if ANY group listed in the Newsgroups: header is matched
              by  the  PCRE.   With  this  option on, ALL groups listed in the
              Newsgroups: header  must  match.  This  can  be  used  to  avoid
              "poison" groups when you have multiple upstream servers.

       only_groups_pcre = PCRE (since v1.9.28)
              This  parameter  lists the Perl-compatible regular expression of
              groups that are fetched or posted to this server.  The  PCRE  is
              automatically  anchored  at  the left hand side, so you can omit
              the leading ^. Remember to escape dots, as in:

              If this parameter is omitted, all groups are  fetched  from  and
              posted to this server.

              Note:  you must run fetchnews with the -f option after changing,
              adding or removing any only_groups_pcre option.

              Hint:  you  can  use  something  like   this   to   check   your
              only_groups_pcre settings:
              cut -f1 -d" " @spooldir@/leaf.node/groupinfo \
              | pcregrep ’PATTERN’

       post_anygroup = 1 (since v1.9.37)
              This  parameter  makes  leafnode  post  on  this  server without
              checking if it carries the group an article is  posted  to.  The
              default  is  post_anygroup  =  0, which means that leafnode will
              check with a "GROUP" command if the server carries the group the
              articles  is  posted  into.  Use  this on post-only servers that
              don’t allow the "GROUP" command. Note: inconsiderate use of this
              parameter  may  cause  articles to end up in the failed.postings


              is synonymous to server. Don’t use it on new installations.

       fqdn   is synonymous to hostname. Don’t use it on new installations.


       Here are the NNTP commands supported by this server:

       These  commands  follow RFC-977 and RFC-2980, except HDR and OVER which
       are recognized in anticipation of current NNTP drafts.

       Note that the syntax of HDR and OVER may change.


       Leafnode is totally unaware of UTF-8 and  will  reject  a  client  that
       posts  UTF-8  characters in the header. Current Usefor drafts claim all
       article headers UTF-8 encoded Unicode. Leafnode still expects  RFC-2047
       instead which may eventually be phased out in favour of UTF-8.

       Leafnode stops reading a line at the first NUL character.

       Leafnode may not cope well with crosspostings that cross hierarchies if
       you  have  multiple  upstream  feeds  and  use   the   only_groups_pcre
       configuration option.

       Leafnode  will  only  bother  to  determine  the  time  zone offset for
       generated Date: headers for posts that lack them on systems that  offer
       the tm_gmtoff member in struct tm (commonly BSD and GNU systems).


       Written by Arnt Gulbrandsen <> and copyright 1995 Troll
       Tech AS, Postboks 6133 Etterstad, 0602 Oslo, Norway, fax +47  22646949.

       Modified  by  Cornelius  Krasel  <>,
       Randolf   Skerka   <>   and   Markus   Enzenberger
       <>.    Copyright   of  the  modifications

       Modified by Matthias Andree <>, Copyright 1999  -
       2002.   Modified by Ralf Wildenhues <>, Copyright

       Jonathan  Larmour  <>  contributed  the   timeout_client

       Andreas  Meininger  <>  contributed  the code to let
       texpire ignore groupexpire = -1 groups.

       Mark Brown <> added the noactive option.

       Numerous contributions by other people.

       The initial development of leafnode has been paid  for  by  Uninett  AS


       applyfilter(8), checkgroups(8), fetchnews(8), newsq(1), texpire(8).

       tcpd(8), hosts_access(5), glob(7), pcre(3), RFC 977, RFC 2980.