at risleynet and hosted domains
Forgot to update this information. As of April, we have no longer been discarding spam as we did before. Instead, armed with a far more powerful server than we were using before, we now analyze messages with SpamAssassing
and reject the mail as it's being sent. That gets rid of the same amount of spam, but guarantees that the sender of a false-positive mail (rare, but always possible) will at least know that the mail was rejected instead of being silently trashed.
19December2008: no more unencrypted POP or IMAP
should still be using unencrypted POP or IMAP -- it's a big security risk. risleynet supports secure "alternate port" POP and IMAP access. Beginning today, there will no longer be direct access to POP or IMAP services. You must
use TLS connections. If you have a justifiable need for unencrypted email, let us know and we will consider accommodating your request.
important changes in spam processing 23March2008
Since its inception, risleynet has maintained a laissez-faire stance toward spam filtering. Specifically, we have never
discarded users' mail messages, no matter how spammy they looked. When we implemented SpamAssassin, we set it up to only add headers to messages to help users filter the messages using their email client software. (By special request, we can also quarantine suspected spam in a separate mail box.) Alas, the spam situation has worsened steadily over the years. About 90% of connections to risleynet mail servers these days are actually attempts to propagate spam.
We've been running SpamAssassin long enough now to observe that we have never, ever seen any legitimate mail garner a spam score of more than three. Indeed, for our own accounts we've been quarantining email with spam scores ≥ 3 since January 2005, without a single false positive. We have therefore changed our policy, and our mail servers will now silently delete any incoming messages with a spam score ≥ 10. This should reduce the burden of spam on all users of risleynet email.
Since 1998, email at risleynet has been served using legacy Macintoshes running Stalker Internet Mail Server
(SIMS). SIMS was a great product, but not a big revenue source for Stalker. Development on it basically stopped when Apple released Mac OS X. In addition, running SIMS meant that I had to keep a server running Mac OS 9, a much less stable OS than Linux and more difficult to administer remotely. Stalker's commercial product, CommuniGate Pro, is priced beyond the means of this community-supported operation.
In the years since SIMS development has stopped, email has continued to evolve, largely driven by the tug-of-war between spammers and those who would like their email to remain usable for legitimate purposes. SIMS was falling behind, in that it had no provisions for filtering mail by content and it had a bug that made it incompatible with servers that use greylisting
On New Year's Day 2005 risleynet switched over to a Postfix
-based mail system incorporating SpamAssassin
for spam filtering and Qpopper
for mail retrieval, all running under a hybrid distribution of Linux. The legacy SIMS system had grown quite complex in seven years and the conversion was complicated, but the majority of users apparently noticed nothing.
Most people who have an email address at a risleynet-hosted domain have what is known as an alias account. What this means is that their email is not actually stored on a risleynet server, but simply passed to their primary email account(s) -- usually one provided by their internet service provider.
Folks with alias accounts will notice only two things:
less spam and fewer worms
The Postfix mail system is able to be very picky about machines it accepts mail from. In short, most of the Windows-borne viruses that propagate via the mail system or turn machines into spamming zombies
behave in ways that no legitimate mail source ever would. At present, about 1/3 of the connections to risleynet's mail servers can be rejected before their malware payloads even get sent to the server -- long before they might be able to infect your machine. The only thing you should notice is less spew in your inbox.
new SpamAssassin headers
All email now gets scanned by SpamAssassin, which attempts to classify messages by hundreds of different characteristics to decide what is and is not spam. While this process is thorough, it is not perfect -- it is possible that occasional legitimate messages get marked as spam. Because of this, risleynet never
deletes such messages. Instead, SpamAssassin adds headers to each email rating its spamiosity. Your email client may hide these headers; you might want to fiddle with an option probably labeled something like "show all headers" to see how close SpamAssassin is to marking your mail. Of particular interest is a header that looks like:
The more stars in the header, the more likely the message is to be spam. This can be useful because your mail client almost certainly has the ability to filter messages. Create a special mailbox for likely spam, and create a filter to quarantine five-star or better spam to it, and spam showing up in your inbox will become an unusual event. You can occasionally scan your quarantine box for false positives and delete the rest.
If you want to access your alias account via a secure web site instead of an email client, we have an old AtDot-based webmail system
available. The software is old and a bit finicky. If you're accessing a local account, you would probably be happier using the SquirrelMail-based webmail system
local (POP3/IMAP) accounts
A handful of users actually have mailboxes hosted on risleynet servers. In addition to the SpamAssassin features outlined above, the risleynet mail system can also quarantine your suspected spam to a separate mailbox on our servers. This is useful if you have to get your email over a dialup or GPRS link where the spam can go from merely annoying to downright expensive. Contact the risleynet webmaster
if you think that a quarantine mailbox is right for you.
For those geeky enough to appreciate it, the new system provides for secure connections via TLS or alternate-port SSL for both SMTP and POP3. The host name for secure connections should be ssl.guerillaphysician.com
A password management web site will soon be available which will allow users to change their passwords via a secure web connection.
You can also access your local account using IMAP
. We do not currently support SSL or TLS, but it would probably be easy to implement. Let me know
if you need secure IMAP.
If you're traveling without your laptop and you want to access your risleynet email, we have a web-based email system
based on SquirrelMail
that is fast, reliable, and secure.
- 03 May 2005