I will continue to expound this technology by one notch each time I see a UDP being threatened. UDPs are not the answer to spam, they punish innocent users, and are frankly reminiscent of dishonorable gangland warfare.
We presume here that you are using one of the INN varients of news. This way, you have the source code and can make some necessary changes.
There are two types of Usenet Death Penalties (UDP) in existance today on Usenet.
The active UDP involves forging cancel messages (which is against the relavent RFCs) for all messages originating from your news server. This will affect all sites which still have unauthenticated cancel messages enabled. There are a large percentage of sites which do not enable cancel messages, but that doesn't prevent some fast feeder sites who do have cancels enabled from losing sections of the Usenet network.
The passive UDP involves aliasing out your news server site from another server's feed so that all messages that have passed through your site are ignored. As you may know, the Path: header shows where an article has been previously. Your news server puts its site name in the path header before passing the article on to it's peers. This site name is matched and excluded from sites participating in the passive UDP, such that no articles that come from your site are allowed in.
In order to deal with both types of UDP, we must hide all traces of the originating news site. Note that we are only going to handle system generated headers here, other headers that would clearly identify the originating news site are the responsibility of the poster.
There are three system headers that can be used to identify a news site to others. These will all be randomized. The headers and their remedies follow:
The posting hostname is usually found after the "@" character. One has to patch NNRPD so that it does not place the hostname after this character. This is simple.
The posting host IP address is usually found in this header. This patch is simple as well, simply do not print this header out, or put random numbers in it. The former is preferrable, the later is more stealthy.
This is the hardest one to do. Remember that the system's hostname is inserted at the beginning of the path header's contents before the message is propagated outward. There are two solutions possible.
One can simply put no path entry for the system in question. The upside is that one's server can never be passively UDP'd. The downside is many duplicate articles will be transmiited to and from the news server.
Simply choosing a different path name will help for a while. The upside is not getting nearly as many duplicates as complete stealth. However the downsides are worse. You have to trust your upstream sites, they'll have to change names as often as you do, and as soon as the gangs find out what your new name is, they'll alias out that as well.
It is possible, however, to implement a protocol by which the site name is changed every hour, which will alleviate every concern but upstream site trust.