Microsoft recently released Exchange Server 5.0. Known as the Protocol release, version 5.0 includes support for several standard protocols, such as Simple Mail Transfer Protocol (SMTP), Post Office Protocol 3 (POP3), HTTP, and Lightweight Directory Access Protocol (LDAP). Previous articles have discussed using various protocols with Exchange Server (for information about POP3 support in Exchange Server, see my article, "POP3," March 1997; for information about LDAP and SMTP support, see Tony Redmond, "Microsoft Exchange Server 5.0 Smoothes the Rough Edges," April 1997). In addition to supporting these protocols, Exchange Server now supports Network News Transfer Protocol (NNTP) through the Exchange Internet News Server (INS). INS lets Exchange administrators pull USENET newsfeeds into Exchange Public Folders and lets users access these Public Folders through the NNTP protocol. The administrator can also arrange to push Public Folder data to other USENET news servers.

Configuring NNTP in Exchange
To configure NNTP support in Exchange Server 5.0, you use the Exchange Administrator tool to manage the new Protocols container in the Configuration container, as shown in Screen 1. Double-clicking the NNTP (News) Site Defaults object opens the NNTP Properties pages, as you see in Screen 2. Initially, you need to configure only a few pages, starting with the General property page.

In the General property page, you can enable or disable NNTP support and client access. You usually want to enable support for NNTP by selecting Enable protocol, although you can disable it when you want to preserve network bandwidth. Selecting Enable client access lets users access the Exchange Public Folders with any desktop client that supports NNTP, such as the Microsoft Internet News client or a shareware program such as WinVN. Initially, you might want to select both checkboxes.

The second property page you need to configure is the Authentication page, as you see in Screen 3. You use this page to select the forms of authentication that NNTP clients can use to access your Exchange Public Folders. The default setting allows all authentication types and is the easiest configuration to support if you can't control which NNTP client software users are accessing your folders with. Most news clients let you enter a name and a password for accessing a news server. If you want to restrict access to individuals with accounts on your NT domain but you don't control which operating system or clients they use, select Basic (Clear Text) as the authentication method. Finally, if users log on to your NT domain before accessing the folders, you can select Windows NT Challenge/Response authentication.

If you want to let anonymous users access the Public Folders, you must select the Anonymous property page, as shown in Screen 4. Check Allowanonymous access if you want anonymous users on the Internet to have access to the folders you are exposing as newsgroups.

Configuring a Newsfeed
The two basic types of newsfeed are a push feed and a pull feed. In a pull feed, you contact a USENET news server periodically and ask it for all new messages in certain groups. For example, you might contact msnews.microsoft.com every 15 minutes and ask for all the new messages in microsoft.public.exchange. To configure a pull feed, you might need permission from the target news server to pull data. Some servers, such as msnews.microsoft.com, are unrestricted (i.e., anyone wanting to replicate Microsoft's public groups on a news server can pull whatever groups they want without having a valid account from Microsoft). Other commercial servers, such as pubxfer.psinet.com, require that you have a paid subscription to the server to pull a newsfeed.

The alternative to a pull feed is a push feed. In a push feed, a news server periodically sends you all new messages in the groups that you want. To use this type of newsfeed, you must tell the administrator of the push server which groups you want to receive when you set up a contract with the Internet Service Provider (ISP). Then all you have to do is wait for the server to deliver a flood of messages at a scheduled time. Typically, you don't need to configure the newsfeed any further.

If you want to replicate a USENET newsgroup from the Internet in an Exchange Public Folder, start by enabling NNTP support. Next, run the Newsfeed wizard from the New Other option on the File menu in Exchange Server. This wizard lets you specify which news server you want to receive newsgroups from, account information you need to log on to that server, and some configuration options for the newsfeed. You can also replicate newsgroups from more than one news server to Exchange at the same time. After you run the wizard, you can reconfigure all the parameters you set in the wizard from either the Newsfeeds property page or from a new entry the wizard creates in your site's Connections container.

The easiest way to learn how to use INS in Exchange Server is to create a very basic pull feed from an unrestricted news server such as msnews.microsoft.com. To create this pull feed, run the Newsfeed wizard and provide the answers to the questions you see in Table 1. In this case, you have created a pull feed that populates Public Folders on your Exchange server, polling Microsoft's unrestricted news server every 15 minutes. When you answered the last Newsfeed wizard question by saying that you would configure your newsfeed later, you told the wizard you will choose at a later time those groups that you want replicated to your server. Screen 5 shows the Newsfeeds property page after you run the wizard and create your newsfeed.

The Newsfeeds property page shows that I created an object, msnews.microsoft.com, with the Newsfeed wizard on my Exchange server (\\kifissia). If I run the wizard again and create another newsfeed with a new name, the new newsfeed appears as a second line on this page. Any newsfeed on the Newsfeeds property page also appears in the Connections container of the server, as you see in Screen 6.

If you double-click the newsfeed object in Screen 6, you see the property pages for the newsfeed with the answers you gave the wizard. Several property pages let you configure the newsfeed to pull only the newsgroups you want, set the schedule for pulling the newsgroups, and establish other parameters for the newsfeed. For example, you can change the remote USENET site or host names or add remote hosts in the Hosts property page (these parameters are items 6 and 7 in Table 1). Similarly, the Security property page lets you specify an account name and password for logging on to a restricted news server (Table 1, item 8). The Schedule property page lets you specify how often (or when) you want your Exchange server to poll the remote host and request any new newsgroups (Table 1, item 5). Finally, the Connection property page lets you specify whether you are connected through a LAN or through a periodic dial-up connection (Table 1, item 4).

The General property page for the newsfeed, as shown in Screen 7, has a checkbox to enable or disable the newsfeed. If you enable the newsfeed, the Exchange server contacts the target news server on a regular schedule to pulldown new news items and push back any responses from your local Exchange users. If your Internet link is down or you need to conserve network bandwidth, you can disable the newsfeed until you rectify the situation. For example, I run an Exchange server on my laptop (\\kifissia) and run the news service to pull down most microsoft.public newsgroups when I am connected to the Internet through the company's T1 link. I then disable the newsfeed, and browse and respond to newsgroup messages when I am on the road without the need of a wide pipe to the Internet. When I reconnect to the Internet, Exchange propagates all changes in both directions.

Remember how you told the Newsfeed wizard that you would configure the newsfeed later (Table 1, item 10)? By doing so, you delayed answering the question that fills out the information on the Inbound property page. I had you delay completing this step because it can take a long time and it can fail for several reasons. I usually postpone this step until I have a visual confirmation that everything else appears to be working OK (i.e., I have a newsfeed object in the Connections container and have no error messages in the Event Log). Call me a coward, but I prefer to win several small battles before I tackle the big one!

After you complete the Newsfeed wizard, but before you specify the inbound newsgroups, I suggest you test the access to the USENET server. To do this test, Telnet to port 119 of the target server and issue a LIST ACTIVE command (for a detailed discussion about how to issue this command, see my article, "Spread the News with Internet News Server," June 1997). This test lets you know that you can get to the news server, that you have the correct name of the news server, and that groups are on the news server and available.

Specifying Inbound Newsgroups
As of the end of March 1997, about 15,000 newsgroups existed (with more than 1.7GB of data in 200,000 messages), and the number is increasing at a rate of more than 300 percent per year. This growth makes selecting which newsgroups to download difficult. When you first configure a pull feed, you need to get the active list of these groups into your news server so that you can pick the ones you want to receive regularly. Fortunately, you don't need to type in this active list. You can either get the active list as an ASCII file from your USENET provider and import it using an import utility, or you can download the information directly using NNTP. If you have a fast link such as a T1 connection, downloading the active list using NNTP takes only a few minutes. If you have a dial-up 28.8Kbps connection, the download can take more than 20 minutes, and you might prefer to get the active list another way.

To start the process of downloading the active list with NNTP, select the Inbound property page for the newsfeed. The first time you perform this process, you will get the message, "There is no active list defined in this newsfeed. Do you wish to import an active list?" If you answer no, you can go back later and configure the newsfeed. If you answer yes, you can download the list from the newsfeed provider using NNTP or import a file containing the active list. In most cases, you can simply choose to use the NNTP method.

At this point, you see a dialog box and progress indicator that show the progress of the active list download from the provider. If your Internet connection is down or if you have incorrectly entered the provider's name and requisite security information in the connection page for the newsfeed, you will get an error message within a few seconds. However, if you establish a connection, you can gauge the progress of the download from the sliding indicator. Keep in mind that some ISPs have different USENET servers for news server or news client access--make sure you don't choose the wrong one. On two occasions, I've seen the progress indicator climb to about 60 percent and freeze when trying to pull a newsfeed from a news server designated for client access. Unfortunately, you don't see any error message, and the newsgroups appear to be downloading based on your ability to access the server using Telnet or a desktop news client.

After you download the active list, Exchange stores it locally. Every time you subsequently open the Inbound property page for the newsfeed, you see a brief message saying, "Setting up the Active File... Initializing." This message indicates that Exchange is reading the local copy of the active list. After you complete this step, you can see a list of the newsgroups available on the provider's server. Screen 8 shows some of the newsgroups available on msnews.microsoft.com as of March.

The list in Screen 8 does not imply that these newsgroups contain any messages or that any authority has evaluated any of the messages therein. To select a newsgroup to download, highlight the group and click Include. When you select a newsgroup, you are also selecting all subgroups of the newsgroup, regardless of whether you want to replicate these subgroups to your server. After you select a group, the folder in the list changes appearance from a blank folder to a small newspaper. In Screen 8, you can see that I am not downloading the cinemania group, but I am downloading the catapult folder and all its subgroups. When you click OK to close this property page, the Exchange server contacts the news server for the newsfeed (here msnews.microsoft.com) on the prearranged schedule and requests any new items in the included newsgroups. Your Exchange server will then download all items added to the newsgroups at Microsoft since the last time your server polled msnews.microsoft.com and upload to Microsoft any items your local Exchange users posted to the corresponding public folders.

Client Access
Now that you have configured a pull newsfeed, you can access the newsgroups with either a Messaging API (MAPI) or an NNTP client (for details about NNTP client access, see my article, "Spread the News with Internet News Server," June 1997). If you open an Outlook client, you will see the newsgroups you have pulled down in the Internet Newsgroups folder, similar to what you see in Screen 9.

In this case, I am browsing the microsoft.public.frontpage.client newsgroup, and I've just read a message entitled "virtural server wont start" posted by some unfortunate soul. If you use an NNTP client such as the Microsoft Internet News client configured to use the Exchange server as its USENET server, you will see the same hierarchy and message. Screen 10 shows the Microsoft Internet News client displaying the microsoft.public.frontpage.client newsgroup.

If you select Enable Client Access on the NNTP General property page (see Screen 2), you can view and respond to the same Exchange public folders with either NNTP or MAPI clients. Exchange will replicate responses you post to Microsoft during the next scheduled connection and replicate your responses to other news servers with feeds from msnews.microsoft.com.

As you can see, setting up a news server and a pull feed is astonishingly simple. However, keep in mind one caveat: Most newsgroups on the Internet are not moderated; that is, nobody is monitoring the messages being posted, and therefore nobody is responsible for controlling the content of the newsgroups. This freedom to post whatever you want whenever you want is both useful and dangerous and can lead to major arguments within companies as to which newsgroups to carry. For example, take the newsgroup alt.2600 and its subgroups available on the public USENET servers. In this newsgroup, you will find a lot of people posting ways to defeat servers, source code for viruses, ways to bypass known commercial firewalls, and all sorts of unsavory and exciting stuff. By reading this newsgroup, you can learn about potential threats to your own network and your customers' networks. Study this newsgroup, and you can become a security expert who is adept at fending off attacks by hackers. This ability to access such information is good. However, letting that information and code loose on your own network is potentially disastrous. You have to make a choice between providing valuable but dangerous information to your users, or censoring it and ensuring that your company's engineers read only publications approved by software publishers' legal departments.