In some cases, setting up an NNTP newsfeed in Exchange Server 2003 using the method explained in Step 2 will be
sufficient. Often, you will want more control over the feed's behavior. Even if you don't need to customize the newsfeed's configuration initially, your needs may change, and you might need to modify an existing configuration. To do this:
- Open the Exchange System Manager and navigate through the console tree to Administrative Groups -> Your administrative group ->
Servers -> Your server -> Protocols -> NNTP -> Your NNTP virtual server -> Feeds.
- Right click on the feed you want to modify, and select Properties.You will see four tabs: General, Subscription, Schedule and Security.
The main purpose of the General tab is to allow you to enable or to disable the newsfeed. Figure D illustrates how you can enable or disable the feed by selecting or deselecting the Enable Feed checkbox.
Figure D. The General tab lets you enable or disable the newsfeed.
The General tab also contains other settings, such as the ability to allow or disallow control messages to change the name of the remote server providing the feed or to change the newsfeed's outbound port.
One of its most useful features is a set of dropdown lists that let you set the newsfeed's start date. If you pull the feed from a commercial provider, the newsfeed probably has existed for some time. You must decide if you want all of the newsfeed's archives, some of the archives, or only the posts made from the time that you subscribe.
With each choice, the two drop down boxes at the bottom of the screen let you set the date and time of the first post that you want to download. Once you set this, all subsequent posts will be downloaded.
Over time, you may need to change your newsgroup subscriptions. You can do this using the Subscription tab, shown in Figure E.
Under the Subscription tab, select a newsgroup subscription from the list and click Remove. Conversely, you can subscribe to an additional newsgroup by clicking Add. The Move Up and Move Down buttons let you prioritize your subscription list.
Figure E. The Subscription tab lets you manage the feed's newsgroup subscriptions.
The Schedule tab, shown in Figure F, may be one of the most important tabs on the newsfeed's properties sheet.
When you subscribe to one or more newsgroups using a newsfeed, new content is not delivered to Exchange Server in real time. Instead, your Exchange server contacts the remote server periodically, and polls it for new downloadable content. The Schedule tab allows you to control how frequently this polling occurs.
Figure F. Control how frequently Exchange Server checks the remote server for new posts.
There are two reasons why the Schedule tab is important: performance and availability.
Optimally, newsgroup content on your Exchange server would be updated once a new post is added to the remote server pulling the feed. Instantaneous updates are impossible, but even update intervals (known as run intervals) of a couple of minutes aren't advised. Frequent polls kill performance and can cause problems when large items are posted.
For example, if the run-interval parameter is set to one minute, and a large post is made to a newsgroup, the next update poll could occur before the large post has finished downloading. This is why the default run interval is set to 15 minutes, but can be adjusted according to your needs.
As you adjust the run-interval parameter, keep in mind the concepts of peer, master and subordinate servers. The run interval is set on a per-feed basis, but feeds are on a per-server basis. Therefore, if a peer server has a run interval of 15 minutes, this doesn't mean that all of your NNTP servers will have copies of new posts within 15 minutes.
If a peer server has a run interval of 15 minutes, this means that it will poll the remote content provider once every 15 minutes to check for updates. Your peer server will often act as a master server that distributes newsgroup content to subordinate servers. There is a separate feed that exists between master and subordinate servers. If this separate feed also uses the default 15-minute run interval, it could take up to 30 minutes for new posts to make it to the subordinate servers.
Since Microsoft Outlook clients can only read newsgroup posts from subordinate servers, users will see updates at about the same time as the subordinate servers. They still receive updates every 15 minutes; however, but those updates are 15 minutes behind the updates that the master/peer server receives.
The second reason the Schedule tab is so important is because its settings can affect information availability. Refer back to Figure F again, and you'll notice that the Schedule tab contains a setting that can be used to disable the feed automatically when the Exchange server cannot reach the remote server.
By default, Exchange Server will attempt to contact the remote server 10 times at 15-minute intervals. If after 10 attempts, Exchange is still unable to contact the remote server, it will assume that the feed is permanently unavailable, and the feed will be disabled.
If a feed becomes disabled, you can set it up again using the checkbox shown in Figure F. However, the concern should be with the fact that Exchange Server is automatically disabling a feed that has been down for 2.5 hours (15 minutes × 10 re-tries). This is a problem if the feed contains important information.
The last tab on the newsfeed's properties sheet is the Security tab, which allows you to set the feed's password. Because of limitations associated with the NNTP protocol, your authentication options are limited to basic authentication, which means that the newsfeed's credentials will not be encrypted.
Figure G. The Security tab lets you set the password for a feed.
Preventing random newsgroup browsing
As an additional security measure, it is best to deploy a news server hierarchy instead of outfitting your network workstations with newsreaders, because Internet newsgroups are loaded with malware and inappropriate content.
If you provide users with a newsreader and open the NNTP port on your firewall, you have no control over what users can download. The best way to protect your network from these risks is to prevent users from indiscriminately browsing the newsgroups.
Because Outlook functions only as an Exchange client, not as a newsgroup reader, it is possible to provide users with access to some, but not all, newsgroups. This means that Outlook can only be used to browse newsgroups that have been made available through Exchange Server 2003.
First, you must bring news feeds into your organization. To do so, you must allow NNTP traffic to pass through your organization's perimeter firewall using port 119. Fortunately, most firewalls create rules that restrict ports on a per-IP address basis. This means that you can configure your firewall so that only your peer/master news server is allowed to pass NNTP traffic through the firewall.
The peer/master Exchange Server needs to be able to send and receive NNTP traffic on port 119. Subordinate servers must also be able to communicate across this port. The difference is that a subordinate news server doesn't require Internet access. The only traffic that should be flowing through port 119 on subordinate servers is packets going between the subordinate and the master.
Some newsgroups receive an enormous amount of posts and can deplete your Exchange Server's disk space over time. To prevent this, create an expiration policy that will delete old posts automatically:
- Click on the Expiration Policy container (found beneath the NNTP Virtual Server container).
- Select New -> Expiration Policy from the shortcut menu to launch the New NNTP Expiration Policy Wizard.
- Enter a name for the policy that you are creating and click Next.
- The wizard will ask you to which newsgroups the policy should apply. Use the Add and Remove buttons to build a list of newsgroups.
- Click Next and you will be prompted to enter the lifespan of newsgroup posts. The default setting will expire posts after 168 hours (7 days).
- Click Finish to create the expiration policy.
STEP-BY-STEP GUIDE: CONFIGURE NNTP VIRTUAL SERVERS AND NEWSFEEDS
Step 1: Creating Exchange Server NNTP newsgroup hierarchies
Step 2: Configuring and replicating Exchange Server 2003 NNTP newsfeeds
Step 3: Managing NNTP newsfeeds and expiration policies
|ABOUT THE AUTHOR:|
| Brien M. Posey, MCSE
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com.