INTERNET-DRAFT                               Charles H. Lindsey
Usenet Format Working Group                  University of Manchester
                                             July 2001

9.1. Leakage

Previous Up Next 
9.1.  Leakage
   Articles which are intended to have restricted distribution are
   dependent on the goodwill of every site receiving them.  The
   "Archive: no" header (6.12) is available as a signal to automated
   archivers not to file an article, but that cannot be guaranteed.

   The Distribution header makes provision for articles which should not
   be propagated beyond a cooperating subnet. The key security word here
   is "cooperating". When a machine is not configured properly, it may
   become uncooperative and tend to distribute all articles.

   The flooding algorithm is extremely good at finding any path by which
   articles can leave a subnet with supposedly restrictive boundaries,
   and substantial administrative effort is required to avoid this.
   Organizations wishing to control such leakage are strongly advised to
   designate a small number of official gateways to handle all news
   exchange with the outside world (however, making such gateways too
   restrictive can also encourage the setting up of unofficial paths
   which can be exceedingly hard to track down).

   The sendme control message (7.6), insofar as it is still used, can be
   used to request articles with a given message identifier, even one
   that is not supposed to be supplied to the requestor.
Previous Up Next
Previous draft (04): 9.1. Leakage

Diffs to previous draft

--- {draft-04}	Wed Jul 11 21:56:22 2001
+++ {draft-05}	Wed Jul 11 21:56:22 2001
@@ -1,8 +1,8 @@
 
9.1.  Leakage
    Articles which are intended to have restricted distribution are
    dependent on the goodwill of every site receiving them.  The
-   "Archive: no" header is available as a signal to automated archivers
-   not to file an article, but that cannot be guaranteed.
+   "Archive: no" header (6.12) is available as a signal to automated
+   archivers not to file an article, but that cannot be guaranteed.
 
    The Distribution header makes provision for articles which should not
    be propagated beyond a cooperating subnet. The key security word here