electronic mail

at risleynet and hosted domains

19December2008: no more unencrypted POP or IMAP

Nobody should still be using unencrypted POP or IMAP -- it's a big security risk. risleynet supports secure "alternate port" POP and IMAP access. Beginning today, there will no longer be direct access to POP or IMAP services. You must use TLS connections. If you have a justifiable need for unencrypted email, let us know and we will consider accommodating your request.

important changes in spam processing 23March2008

Since its inception, risleynet has maintained a laissez-faire stance toward spam filtering. Specifically, we have never discarded users' mail messages, no matter how spammy they looked. When we implemented SpamAssassin, we set it up to only add headers to messages to help users filter the messages using their email client software. (By special request, we can also quarantine suspected spam in a separate mail box.) Alas, the spam situation has worsened steadily over the years. About 90% of connections to risleynet mail servers these days are actually attempts to propagate spam.

We've been running SpamAssassin long enough now to observe that we have never, ever seen any legitimate mail garner a spam score of more than three. Indeed, for our own accounts we've been quarantining email with spam scores ≥ 3 since January 2005, without a single false positive. We have therefore changed our policy, and our mail servers will now silently delete any incoming messages with a spam score ≥ 10. This should reduce the burden of spam on all users of risleynet email.

history

Since 1998, email at risleynet has been served using legacy Macintoshes running Stalker Internet Mail Server (SIMS). SIMS was a great product, but not a big revenue source for Stalker. Development on it basically stopped when Apple released Mac OS X. In addition, running SIMS meant that I had to keep a server running Mac OS 9, a much less stable OS than Linux and more difficult to administer remotely. Stalker's commercial product, CommuniGate Pro, is priced beyond the means of this community-supported operation.

In the years since SIMS development has stopped, email has continued to evolve, largely driven by the tug-of-war between spammers and those who would like their email to remain usable for legitimate purposes. SIMS was falling behind, in that it had no provisions for filtering mail by content and it had a bug that made it incompatible with servers that use greylisting.

On New Year's Day 2005 risleynet switched over to a Postfix-based mail system incorporating SpamAssassin for spam filtering and Qpopper for mail retrieval, all running under a hybrid distribution of Linux. The legacy SIMS system had grown quite complex in seven years and the conversion was complicated, but the majority of users apparently noticed nothing.

alias accounts

Most people who have an email address at a risleynet-hosted domain have what is known as an alias account. What this means is that their email is not actually stored on a risleynet server, but simply passed to their primary email account(s) -- usually one provided by their internet service provider.

Folks with alias accounts will notice only two things:

less spam and fewer worms

The Postfix mail system is able to be very picky about machines it accepts mail from. In short, most of the Windows-borne viruses that propagate via the mail system or turn machines into spamming zombies behave in ways that no legitimate mail source ever would. At present, about 1/3 of the connections to risleynet's mail servers can be rejected before their malware payloads even get sent to the server -- long before they might be able to infect your machine. The only thing you should notice is less spew in your inbox.

new SpamAssassin headers

All email now gets scanned by SpamAssassin, which attempts to classify messages by hundreds of different characteristics to decide what is and is not spam. While this process is thorough, it is not perfect -- it is possible that occasional legitimate messages get marked as spam. Because of this, risleynet never deletes such messages. Instead, SpamAssassin adds headers to each email rating its spamiosity. Your email client may hide these headers; you might want to fiddle with an option probably labeled something like "show all headers" to see how close SpamAssassin is to marking your mail. Of particular interest is a header that looks like:

X-Spam-Level: ****

The more stars in the header, the more likely the message is to be spam. This can be useful because your mail client almost certainly has the ability to filter messages. Create a special mailbox for likely spam, and create a filter to quarantine five-star or better spam to it, and spam showing up in your inbox will become an unusual event. You can occasionally scan your quarantine box for false positives and delete the rest.

Web Mail

If you want to access your alias account via a secure web site instead of an email client, we have an old AtDot-based webmail system available. The software is old and a bit finicky. If you're accessing a local account, you would probably be happier using the SquirrelMail-based webmail system (see below).

local (POP3/IMAP) accounts

A handful of users actually have mailboxes hosted on risleynet servers. In addition to the SpamAssassin features outlined above, the risleynet mail system can also quarantine your suspected spam to a separate mailbox on our servers. This is useful if you have to get your email over a dialup or GPRS link where the spam can go from merely annoying to downright expensive. Contact the risleynet webmaster if you think that a quarantine mailbox is right for you.

secure connections

For those geeky enough to appreciate it, the new system provides for secure connections via TLS or alternate-port SSL for both SMTP and POP3. The host name for secure connections should be ssl.guerillaphysician.com.

password management

A password management web site will soon be available which will allow users to change their passwords via a secure web connection.

IMAP

You can also access your local account using IMAP. We do not currently support SSL or TLS, but it would probably be easy to implement. Let me know if you need secure IMAP.

Web Mail

If you're traveling without your laptop and you want to access your risleynet email, we have a web-based email system based on SquirrelMail that is fast, reliable, and secure.

-- RonRisley - 03 May 2005

Edit | Attach | Watch | Print version | History: r7 < r6 < r5 < r4 < r3 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r6 - 2008-12-19 - RonRisley
 
  • Edit
  • Attach
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback