Forte News Server down

[cameo]

Besides this eternal-september News server, I also get feeds for another
set of NGs from the ForteInc news server which suddenly stopped working
about two days ago without any error message. When I contacted Forte,
they didn't seem to be aware of any problem on their end and asked what
error msg I was getting. After replying to them I am still waiting for a
response and fix. So, I wonder if any of you also experienced this
problem. Of course this is presupposing that you are also using at least
one server that's working and lets this post through to you. ;-)

[VanguardLH]

Not a Comcast issue. An issue with some non-Comcast server or service.
The newsgroups to discuss NNTP servers, in general, are:

news.software.nntp
alt.free.newsservers (however, Forte's NNTP isn't free)

To discuss the NNTP client itself, the newsgroups are:

news.software.readers
alt.usenet.offline-reader.forte-agent

You didn't give the hostname/IP address for Forte's NNTP server
(remember that is a Comcast newsgroup) so I had to look it up. Looks
like the setup is:

hostname = news.forteinc.com
port = 119 (443 if SSL used)

I telnetted to that server. "telnet news.forteinc.com 119" works. I
get the "200" status response so not only is their NNTP server reachable
(no dead hops in route between me and their host) but their NNTP server
is running and responsive. "telnet news.forteinc.com 443" sort of
worked in that their server picked up the connection but sent no "200"
status response; however, since the connection is encrypted and I'm
using a client that doesn't support it then perhaps that is why I cannot
see the server's status response on a successful connect.

So their server is up. The problem is on your end. Can you telnet to
their NNTP server? Can you do a traceroute to their server to ensure
all hops (hosts) in the route between you and them are okay? Could be
your firewall, anti-virus software, or something on your end is blocking
the connection. Could be the configuration in Forte Agent is screwed up
or your profile inside of it got corrupted.

You only asked about the Forte NNTP server. You are posting using
Thunderbird. Do you use the Forte Agent as your NNTP client? If not,
you sure your trial period for their NNTP server that came with a
purchase of Forte Agent has not expired? Forte Inc does *not* operate
free NNTP servers. Pricing can be found at:

http://www.forteinc.com/apn/index.php

If you *buy* their Forte Agent client, you get a 3-month trial account.
If you are paying for their Usenet service, I would expect a better
level of support than you have reported here - but then there NNTP
server is not down so they have nothing to fix on their end.

[elsbeth tascioni]

That happened to me once.

I had to delete alt.online-service.comcast and then add it back. Don't really know why but it fixed it.

I'm sure some know-it-all prick will come along and suggest this is off topic/the wrong group etc but what reasonable person cares?

[cameo]

Now that's the Italian spirit, Elsbeth! ;-)

[cameo]

Actually, I've been using news80.forteinc.com, port 563 with SSL/TLS for
some time when Forte sent a msg to use news80 instead of news and it's
been working just fine till 2 days ago. I figured they must have changed
something because nothing changed on my end.
In any case, I also tried the old news.forteinc.com server, too, but to
no avail. Maybe I should also play with different ports as well.
I could only ping their server, not telnet, because I don't have a
client for that on my Win7 laptop. But I believe what you wrote.

>
> So their server is up. The problem is on your end. Can you telnet to
> their NNTP server? Can you do a traceroute to their server to ensure
> all hops (hosts) in the route between you and them are okay? Could be
> your firewall, anti-virus software, or something on your end is blocking
> the connection. Could be the configuration in Forte Agent is screwed up
> or your profile inside of it got corrupted.
>
> You only asked about the Forte NNTP server. You are posting using
> Thunderbird. Do you use the Forte Agent as your NNTP client? If not,
> you sure your trial period for their NNTP server that came with a
> purchase of Forte Agent has not expired? Forte Inc does *not* operate
> free NNTP servers. Pricing can be found at:
>
> http://www.forteinc.com/apn/index.php

I am only using Thunderbird 45.2.0 as a client and as I wrote above, I
have not made any changes on my system lately. Besides, same NNTP client
works fine with news.eternal-september.org server.

> If you *buy* their Forte Agent client, you get a 3-month trial account.
> If you are paying for their Usenet service, I would expect a better
> level of support than you have reported here - but then there NNTP
> server is not down so they have nothing to fix on their end.

Thanks, but I already pay for news feeds from the Forte servers.

[VanguardLH]

cameo wrote:

> Actually, I've been using news80.forteinc.com, port 563 with SSL/TLS for
> some time when Forte sent a msg to use news80 instead of news and it's
> been working just fine till 2 days ago.

Maybe that suggestion was back when Forte added SSL connects to their
Usenet service. Their own FAQ still suggests connecting to their
news.forteinc.com hostname at:

https://www.forteinc.com/apn/faq.php#7C5BFDF93A18BB6188256D64005CDACA

They do not specify a port number in that article. Perhaps the Forte
Agent client auto-selects port 119 for non-SSL connects and 563 (*) for
SSL connects.

(*) I previously said port 463 for SSL connects. After checking, it is
port 563 that is the IANA-specified standard for NNTPS connects.

According to Ralph Fox who responded to your multi-posted copy of your
post over in news.software.readers, the problem is with the site cert
used by Forte for their SSL server. It has expired. Until they get a
new cert with a later expiration date, one choice you have would be to
configure your client, if possible, to ignore cert errors. That would
obviate the point of using SSL to ensure you connect to where you
specified since your posts are publicly available so encrypting your
communication with a Usenet server is frivilous. SSL connects are used
to identify the endpoint as the one to which you specified to connect.
The other use is to encrypt your communications between endpoints but
then that has no value with Usenet as your posts are made public for
anyone to see. There is one other advantage of SSL connects: encrypting
the login credentials to prevent an interloper from capturing them and
logging in under your account.

So, for now, just use port 119 *without* SSL (just plan text connects).
Your login credentials would be sent as plain text. How worried are you
that someone would steal your login credentials to [ab]use your account
with Forte's Usenet service? Does Forte enforce quotas on use of their
NNTP servers, like how many bytes per day you can consume? If anyone
did forge your identity and the headers in their posts reveal that they
were using your hacked account, twould be easy to contact Forte to have
your password changed. They may even provide their own "Forgot
Password" scheme that resets your password to then e-mail you a new
password (provided your e-mail address on your account with them is
still valid and you actively monitor it).

Until Forte replaces their site cert with an unexpired one, you'll have
to forego using NNTPS to their service for awhile, use non-SSL connects
to port 119, or see if you can configure your NNTP client to ignore cert
errors (assuming it will still connect using non-SSL on port 563 versus
dropping to port 119 which you could do yourself).

>> http://www.forteinc.com/apn/index.php
>
> I am only using Thunderbird 45.2.0 as a client and as I wrote above, I
> have not made any changes on my system lately. Besides, same NNTP client
> works fine with news.eternal-september.org server.

Different server, different requirements. Different service, different
site certs at each.

Wait for Forte to get a new and non-expired cert installed on their
NNTPS server or switch to non-SSL connects via NNTP on port 119.

> Thanks, but I already pay for news feeds from the Forte servers.

Then they should respond better and more quickly than you have noted if
you are a paying customer. However, unless you told them that you were
using SSL to connect to their NNTPS server, they probably never checked
that and just used port 119 non-SSL to verify their server is up, will
respond, and will accept connections.

[VanguardLH]

Oh yeah, let's talk about gardening and pet training here, too.
Elsie-the-dumb-cow [tit for tat] can't even bother to notice a
know-it-all-prick already posted 5 hours before her. Also, her
suggestion has nothing to do with not getting a *connection* to the
NNTP[S] server.

[Adam H. Kerman]

"Elsbeth" is our "participant" that posts as a different fictional tv
character each time, can't even keep track of which sex it pretends to be.

[cameo]

Actually that's what I am doing now, but on the new80 server. It works fine.

>
>> Thanks, but I already pay for news feeds from the Forte servers.
>
> Then they should respond better and more quickly than you have noted if
> you are a paying customer. However, unless you told them that you were
> using SSL to connect to their NNTPS server, they probably never checked
> that and just used port 119 non-SSL to verify their server is up, will
> respond, and will accept connections.
>

I wrote them that I was using port 563 with SSL/TLS, so from that they
should have guessed the certificate issue. But maybe they using some
overseas Help Desk that is clueless.

[VanguardLH]

cameo wrote:

> VanguardLH wrote:
>
>> Wait for Forte to get a new and non-expired cert installed on their
>> NNTPS server or switch to non-SSL connects via NNTP on port 119.
>
> Actually that's what I am doing now, but on the new80 server. It works
> fine.

Do an nslookup of those hostnames. You'll see they have the same IP
address (i.e., different hostnames, same IP addresses).

news.forteinc.com = 69.16.179.43, 69.16.179.42
news80.forteinc.com = 69.16.179.43, 69.16.179.42

The only difference between non-SSL and SSL connects is the port (119 or
563) that you specify to connect at the same host.

[cameo]

OK, thanks. In the meantime I urged them to renew that expired
certificate so I can connect to them securely. We'll see ...

[Dr. Frasier Crane]

On 08/12/2016 09:49 PM, Adam H. Kerman wrote:

>
> "Elsbeth" is our "participant" that posts as a different fictional tv
> character each time, can't even keep track of which sex it pretends to be.
>

WTF?