perl-nocem - A NoCeM-on-spool implementation for INN 2.x
NoCeM, which is pronounced No See 'Em
, is a protocol enabling
authenticated third-parties to issue notices which can be used to cancel
unwanted articles (like spam and articles in moderated newsgroups which were
not approved by their moderators). It can also be used by readers as a
. It is intended to eventually replace the protocol
for third-party cancel messages.
processes third-party, PGP-signed article cancellation
notices. It is possible not to honour all NoCeM notices but only those which
are sent by people whom you trust (that is to say if you trust the PGP key
they use to sign their NoCeM notices). Indeed, it is up to you to decide
whether you wish to honour their notices, depending on the criteria they use.
Processing NoCeM notices is easy to set up:
- Import the keys of the NoCeM issuers you trust in order to
check the authenticity of their notices. You can do:
gpg --no-default-keyring --primary-keyring=/etc/news/pgp/ncmring.gpg \
--no-options --allow-non-selfsigned-uid --no-permission-warning \
--batch --import <key-file>
chmod 644 <pathetc>/pgp/ncmring.gpg
where <pathetc> is the value of the pathetc parameter set in
inn.conf and <key-file> the file containing the key(s) to
import. The keyring must be located in <pathetc>/pgp/ncmring.gpg;
you only have to create the directory <pathetc>/pgp before using
gpg (it will automatically generate the ncmring.gpg file)
and make sure the news user can read this file, once generated.
For old PGP-generated keys, you may have to use
--allow-non-selfsigned-uid if they are not properly self-signed,
but anyone creating a key really should self-sign the key. Current PGP
implementations do this automatically.
The keys of NoCeM issuers can be found in the web site of The NoCeM
<http://rosalind.home.xs4all.nl/nocemreg/nocemreg.html>. You can
even download there a unique file which contains all the keys.
- Create a nocem.ctl config file in pathetc
indicating the NoCeM issuers and notices you want to follow. This
permission file contains lines like:
This will remove all articles for which the issuer (first part of the line,
before the colon ":") has issued NoCeM notices corresponding to
the criteria specified after the colon.
You will also find information about that on the web site of The NoCeM
- Add to the newsfeeds file an entry like this one in
order to feed perl-nocem the NoCeM notices posted to alt.nocem.misc
with the correct path to perl-nocem, located in <pathbin>.
Then, reload the newsfeeds file ("ctlinnd reload newsfeeds
'NoCeM channel feed'").
Note that you should at least carry news.lists.filters on your news server
(or other newsgroups where NoCeM notices are sent) if you wish to process
- Everything should now work. However, do not hesitate to
manually test perl-nocem with a NoCeM notice, using:
grephistory '<Message-ID>' | perl-nocem
Indeed, perl-nocem expects tokens on its standard input, and
grephistory can easily give it the token of a known article, thanks
to its Message-ID.
When you have verified that everything works, you can eventually turn off
regular spam cancels, if you want, not processing any longer cancels
containing "cyberspam" in the Path: header (see the
parameter in inn.conf
- The Perl script itself used to process NoCeM notices.
- The configuration file which specifies the NoCeM notices to
- The keyring which contains the public keys of trusted NoCeM
The Subject: header is not checked for the @@NCM string and there is no check
for the presence of the References: header.
The Newsgroups: pseudo header is not checked, but this can be done in
The Hierarchies: header is ignored.
Copyright 2000 by Miquel van Smoorenburg <firstname.lastname@example.org>.
Copyright 2001 by Marco d'Itri <email@example.com>.
$Id: perl-nocem.in 10076 2016-10-08 20:37:36Z iulius $