Interesting that the content off the Approved header didn't matter. I'm only familiar with Mailman's use of same, where the content has to be the moderator's password: incorrect is equivalent to not providing the header, and correct bypasses the moderation queue. Either way, it gets scrubbed immediately, for secrecy. Essentially, it's just to let listserv moderators send to a list without having to spend time using the queue for their own messages, or automation of any sort such as custom smtp client apps.
Ah, I'd forgotten about the similarity to Mailman's moderation. Right, that works because there's a centralized approval gateway (the mailman code on the mail server) which can also strip out the secret before distributing the message to the list members.
Since NetNews had no central authority, every news server had to judge the validity of posts for themselves. And obviously they couldn't all know the moderator secret without it leaking immediately. Nowadays we'd have a moderator cryptographically sign the message contents. Actually this should have been possible back then too (RSA in 1977 plus a public key published in the newsgroup definition which already held the moderator email address?), but it was not used.
Newsreaders did not show the Approved header. People often stuck fun or funny stuff in there, like easter eggs for those who knew to look.
