(Last updated: 2007-09-28)
* Mutt Users *
Include the following in your ~/.muttrc:
set tunnel="ssh -q imap.cs.brandeis.edu /etc/rimapd"
* Pine Users *
Include the following in your ~/.pinerc:
ssh-command=%s %s -x -q -l %s exec /etc/r%sd
* Configuring Procmail and .forward*
Your .forward and .procmailrc files live on the mail server, specifically in
/mnt/mail.cs.brandeis.edu/username, which is accessible from any public
To forward your mail elsewhere, create /mnt/mail.cs.brandeis.edu/username/
.forward containing your desired destination, eg:
email@example.com # Forwards all mail to firstname.lastname@example.org
\username,email@example.com # Keep a local copy, forward a copy to
To use procmail, create /mnt/mail.cs.brandeis.edu/username/.forward containing:
An example .procmailrc is shown below.
# Log everything.
# Eliminate multiple copies of a message cc'd to multiple lists of which
# I am a member.
:0 Wh: .msgid.cache.lock
| formail -D 8192 .msgid.cache
# Mail addressed explicitly to me goes to INBOX.
# Replace "(sahil|tandon)" with an expression containing your own username;
# "|" means "or", so this expression checks for mail addressed to "sahil" OR
# to "tandon".
# Everything else goes to a "possibly-spam" folder.
* Dealing with spam using procmail *
All mail coming into the mail server is scanned for viruses using ClamAV,
and passed through SpamAssasin. ClamAV automatically quarantines email
containing malicious payloads (if you have a legitimate need to share
such material with colleagues for research purposes, please ask for advice
on how to exchange such files safely), and SpamAssasin performs the
All messages are scanned, and assigned a score. Messages with scores over
5 are considered spam. Messages with scores below 5 are not considered
spam. All messages start out with a score of 0. It is possible for a score
to be less than 0. All messages, regardless of status, are marked with the
X-Spam-Status: 'Yes' or 'No', followed by score, and the breakdown of the
tests that contributed to the score
X-Spam-Score: The spam's numerical score.
X-Spam-Level: One asterisk ('*') for each point above 0 (eg: '**' for mail
scored at 2.95)
If a message scores at or above 5, it is considered to be spam, and the
following actions are taken:
This is the only action taken on messages believed to be spam. This decision
was made after a survey of the department indicated that people feared false
positives and wanted the greatest amount of control over their own email
The easiest method to keep spam out of your inbox is to insert the following
procmail rule into your .procmailrc (after properly configuring your
.forward). This rule can be used by itself, or as a part of a larger procmail
# If you don't already have the following line, add it:
# Redirect all mail flagged as spam by SpamAssasin to a suspected-spam folder:
* X-Spam-Flag: YES
The above rule will place all email tagged as spam by SpamAssasin in a
'suspected-spam' folder. Advanced users may tweak this rule to filter based
on score, or make other delivery decisions. Please note that if you send your
mail to /dev/null we can *NOT* recover it for you.
- The subject line is prepended by the string '*** SUSPECTED SPAM *** ' to aid
in visual identification.
- The header 'X-Spam-Flag: YES' is added to the email.
* SSH Keys *
Authorized ssh keys, like your .procmailrc, are kept on the mail server,
specifically in /mnt/mail.cs.brandeis.edu/username/.ssh. Simply create the
.ssh directory if it does not already exist, and place your authorized_keys
* Notes *
We have propagated an up-to-date copy of the ssh_known_hosts file to all public
workstations to ensure that they will authenticate correctly with the new mail
server. If you experience an error from pine or mutt regarding a conflict with
the ssh public keys, check the file ~/.ssh/known_hosts for an older copy of the
mail.cs.brandeis.edu key. Remove any such keys from your personal known_hosts,
and try again.
Clever users may have noticed that imap, pop, and smtp .cs.brandeis.edu are all
currently CNAMEs to mail.cs.brandeis.edu. We ask that, even if you notice this,
you continue to refer to servers in your mail client's configuration with the
proper DNS alias for the service you are accessing, as these functions will
soon be parting ways, never to run on the same machine again. At that time,
clients configured to talk to a single DNS name for multiple services will find
functionality reduced or absent until they update their settings.