Please Whitelist This Site? I know everyone hates ads. But please understand that I am providing premium content for free that takes hundreds of hours of time to research and write. I don't want to go to a pay-only model like some sites, but when more and more people block ads, I end up working for free. And I have a family to support, just like you. :) If you like The TCP/IP Guide, please consider the download version. It's priced very economically and you can read all of it in a convenient format without ads. If you want to use this site for free, I'd be grateful if you could add the site to the whitelist for Adblock. To do so, just open the Adblock menu and select "Disable on tcpipguide.com". Or go to the Tools menu and select "Adblock Plus Preferences...". Then click "Add Filter..." at the bottom, and add this string: "@@||tcpipguide.com^$document". Then just click OK. Thanks for your understanding! Sincerely, Charles Kozierok Author and Publisher, The TCP/IP Guide

NOTE: Using software to mass-download the site degrades the server and is prohibited. If you want to read The TCP/IP Guide offline, please consider licensing it. Thank you.

The TCP/IP Guide  9  TCP/IP Application Layer Protocols, Services and Applications (OSI Layers 5, 6 and 7)       9  TCP/IP Key Applications and Application Protocols            9  TCP/IP File and Message Transfer Applications and Protocols (FTP, TFTP, Electronic Mail, USENET, HTTP/WWW, Gopher)                 9  Usenet (Network News) and the TCP/IP Network News Transfer Protocol (NNTP)                      9  TCP/IP Network News Transfer Protocol (NNTP)

NNTP Commands 1 2 3 4 NNTP Status Responses and Response Codes

Other NNTP Extensions

The last extension group is the “other” extensions, miscellaneous ones not strictly related to either inter-server or client-server NNTP interaction. There are two commands in this group: AUTHINFO and DATE. The latter is a simple command that causes the server to tell the client its current date and time. AUTHINFO is more interesting: it is used by a client to provide authentication data to a server.

You may have noticed that there are no commands related to security described in the RFC 977 protocol. That's because the original NNTP had no security features whatsoever. Like many protocols written before the modern Internet era, security was not considered a big issue back in the early 1980s. Most news servers were used only by people within the organization owning the server, and simple security measures were used, such as restricting access to servers by IP address or through the use of access lists.

One of the more important changes made by many NNTP software implementation as soon as Usenet grew in size was to require authentication. Modern clients will usually issue AUTHINFO as one of its first commands upon establishing a connection to a server, because the server will refuse to accept most other commands before this is done. A special reply code is also added to NNTP for a server to use if it rejects a command due to improper authentication.

The AUTHINFO command can be invoked in several different ways. The original version of the command required the client to issue an AUTHINFO USER command with a user name, followed by AUTHINFO PASS with a password. Naturally, this is simple user/password login authentication. A variation of this is the AUTHINFO SIMPLE command, where the client needs to send just a password.

A client and server can also agree to use more sophisticated authentication methods by making use of the AUTHINFO GENERIC command. The client provides to the server the name of the authentication method it wants to use, along with any arguments required for authentication. The client and server then exchange messages and authentication information as required by the particular authenticator they are using.

NNTP Commands 1 2 3 4 NNTP Status Responses and Response Codes