DoN. Nichols wrote:

That would not have worked in this case. It appears that it was
a client machine (probably a Windows box) which was compromised, and
which was dumping articles into the local news server -- which took care
of transmitting them to the outside.

It would have needed someone to identify the offending machine,
and disallow it connecting to the news server -- and then flush
everything posted from it. But a lot of the stuff was already out in
the net, and would be still flowing in to everywhere else for a day or
two.

What is needed there is a limit to the number of articles per
hour that any one machine can submit to the news server.



Tell me again why cross posting is a necessary thing???