Hello NNTP gurus. I want to host a binary local newsgroup. I want to discourage spammers from trying to push up irrelevant big binaries,
vids, pr0n, etc. The purpose of the binary group is for uploading PDF
and ZIP/XZ/7Z files < 4MB.
I am seeking ideas on different ways to throttle INN connections.
[1] Firstly I want to throttle all client connections to max 64kB/s.
[2] Secondly I want to maintain a timing throttle to all client
connections so that the server does not respond for several seconds
since the last connection from same client / IP, so that there is always
a short delay between the completion of one client command or connect to
the next. I really don't want to differentiate between a client command
and a client connection session--there should be a delay between every command operation during a connect session and a delay between end of a session and the next connection from the same client.
[3] Thirdly, if multiple client connections are detected from the same
IP, I want to throttle bandwidth down to 32kB/s per client and cycle
their access by alternating the delays. This is mainly aimed at
preventing scripted hog connections from Tor exit nodes, although I
don't wish to completely block Tor because anonymity will be one of the
group topics.
[4] Fourthly, I want to offer the newsgroup to the big world network if anyone wants to sync it, with all the binary mimetypes stripped, so the outgoing feed would only contain body text without the binary content.
If clients want to download the binaries they would need to use my local
INN server.
Hello NNTP gurus. I want to host a binary local newsgroup. I want to discourage spammers from trying to push up irrelevant big binaries,
vids, pr0n, etc. The purpose of the binary group is for uploading PDF
and ZIP/XZ/7Z files < 4MB.
[1] Firstly I want to throttle all client connections to max 64kB/s.
Please propose your thoughts on how to proceed with these strange requirements.
711 Spooky Mart <711@spooky.mart> wrote:
Hello NNTP gurus. I want to host a binary local newsgroup. I want to
discourage spammers from trying to push up irrelevant big binaries,
vids, pr0n, etc. The purpose of the binary group is for uploading PDF
and ZIP/XZ/7Z files < 4MB.
Give up now, you don't know what you are doing and obivously don't know INN and how the nntp protocol works.
You don't UPLOAD to an INN server, people use an NNTP client to publish articles. These articles come from a newsreader.
I kind of find it hard to beleive whatever you are trying to accomplish has an audience. Who are these pdf's coming from? Is this something common now?
Are they going to just know about this service or are you providing a link
to the server? Do they know they have to have a newsreader?
Binary articles are not normally part of the scene. You can't just UPLOAD a binary file to a server without converting it to plain text. Do a search for uuencode/uudecode or txt2bin/bin2txt. Some newsreaders can do this on the fly, small ones anyway. Larger ones need to be broken into several parts.
Are your users aware of this?
I think you are better off looking at setting up an ftp server with the anonymous stuff turned on. Bandwidth control would probably be easier using
a Pi with some kind of firewall software on it.
[1] Firstly I want to throttle all client connections to max 64kB/s.
Why? Using your moms internet from your room?
Please propose your thoughts on how to proceed with these strange
requirements.
Like I said, give up now and do more research.
imho it isn't a good strategy
you have to set some thresholds in the system resources used by each IP,
if one exceeds them you ban it for a certain time
it is not difficult to write a script that reads the logs, builds a
database of the resources used by each client then bans and unbans it
Hello NNTP gurus. I want to host a binary local newsgroup. I want to discourage spammers from trying to push up irrelevant big binaries,
vids, pr0n, etc. The purpose of the binary group is for uploading PDF
and ZIP/XZ/7Z files < 4MB.
I am seeking ideas on different ways to throttle INN connections.
[1] Firstly I want to throttle all client connections to max 64kB/s.
[2] Secondly I want to maintain a timing throttle to all client
connections so that the server does not respond for several seconds
since the last connection from same client / IP, so that there is always
a short delay between the completion of one client command or connect to
the next.
[3] Thirdly, if multiple client connections are detected from the same
IP, I want to throttle bandwidth down to 32kB/s per client and cycle
their access by alternating the delays.
[4] Fourthly, I want to offer the newsgroup to the big world network if anyone wants to sync it, with all the binary mimetypes stripped, so the outgoing feed would only contain body text without the binary content.
Il 23/10/21 21:30, 711 Spooky Mart ha scritto:
Hello NNTP gurus. I want to host a binary local newsgroup. I want to
discourage spammers from trying to push up irrelevant big binaries,
vids, pr0n, etc. The purpose of the binary group is for uploading PDF
and ZIP/XZ/7Z files < 4MB.
I am seeking ideas on different ways to throttle INN connections.
[1] Firstly I want to throttle all client connections to max 64kB/s.
if you need a limit for all users, iptables does this
if you need a limit for each user, max_rate does this (see man readers.con)
[4] Fourthly, I want to offer the newsgroup to the big world network if
anyone wants to sync it, with all the binary mimetypes stripped, so the
outgoing feed would only contain body text without the binary content.
you've to patch idd to do this
Hello NNTP gurus. I want to host a binary local newsgroup. I want to discourage spammers from trying to push up irrelevant big binaries,
vids, pr0n, etc. The purpose of the binary group is for uploading PDF
and ZIP/XZ/7Z files < 4MB.
I am seeking ideas on different ways to throttle INN connections.
[1] Firstly I want to throttle all client connections to max 64kB/s.
On 10/24/21 2:37 PM, Aioe wrote:
imho it isn't a good strategy
you have to set some thresholds in the system resources used by each IP,
if one exceeds them you ban it for a certain time
it is not difficult to write a script that reads the logs, builds a
database of the resources used by each client then bans and unbans it
What I'm gathering then, is I got some hacking to do. Maybe I'll post a followup explaining how it all turns out so we can have a cheat sheet.
[1] Firstly I want to throttle all client connections to max 64kB/s.[...]
[4] Fourthly, I want to offer the newsgroup to the big world network if anyone wants to sync it, with all the binary mimetypes stripped, so the outgoing feed would only contain body text without the binary content.
If clients want to download the binaries they would need to use my local
INN server.
It's a workgroup
setup for a documentation project. PDF is necessary because of LATEX
maths, and math fonts must be embedded for proper document formatting.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 296 |
Nodes: | 16 (2 / 14) |
Uptime: | 83:36:15 |
Calls: | 6,658 |
Calls today: | 4 |
Files: | 12,203 |
Messages: | 5,333,525 |
Posted today: | 1 |