Mail Settings

* Mutt Users *
Include the following in your ~/.muttrc:

set tunnel="ssh -q imap.cs.brandeis.edu /etc/rimapd"
set spoolfile={imap.cs.brandeis.edu}INBOX
set folder={imap.cs.brandeis.edu}
set hidden_host=yes



* Pine Users *
Include the following in your ~/.pinerc:

user-domain=cs.brandeis.edu
smtp-server=smtp.cs.brandeis.edu
ssh-path=/usr/bin/ssh
ssh-command=%s %s -x -q -l %s exec /etc/r%sd
inbox-path={imap.cs.brandeis.edu}INBOX
folder-collections=Mail {imap.cs.brandeis.edu}[]



* Configuring Procmail and .forward*

Your .forward and .procmailrc files live on the mail server, specifically in
/mnt/mail.cs.brandeis.edu/username, which is accessible from any public
workstation.

To forward your mail elsewhere, create /mnt/mail.cs.brandeis.edu/username/
.forward containing your desired destination, eg:

username@example.com	# Forwards all mail to username@example.com

OR

\username,address@example.com	# Keep a local copy, forward a copy to
				# address@example.com

To use procmail, create /mnt/mail.cs.brandeis.edu/username/.forward containing:

|procmail

An example .procmailrc is shown below.  Note well the syntax of delivering mail
to a specific mailbox, i.e. |/usr/bin/dmail +mailboxname; the mailbox
'mailboxname' *must* already exist for this rule to work.

# Log everything.
LOGFILE=procmail.log

# Eliminate multiple copies of a message cc'd to multiple lists of which
# I am a member.

:0 Wh: .msgid.cache.lock
| formail -D 8192 .msgid.cache

# Mail addressed explicitly to me goes to INBOX.
:0
* ^TO.*(sahil|tandon)
{
   :0
   |/usr/bin/dmail +INBOX
}

# Everything else goes to a "possibly-spam" folder.
:0
|/usr/bin/dmail +possibly-spam



* Dealing with spam using procmail *

All mail coming into the mail server is scanned for viruses using ClamAV,
and passed through SpamAssasin. ClamAV automatically quarantines email
containing malicious payloads (if you have a legitimate need to share
such material with colleagues for research purposes, please ask for advice
on how to exchange such files safely), and SpamAssasin performs the
following actions:

All messages are scanned, and assigned a score. Messages with scores over
5 are considered spam. Messages with scores below 5 are not considered
spam. All messages start out with a score of 0. It is possible for a score
to be less than 0. All messages, regardless of status, are marked with the
following headers:

X-Spam-Status: 'Yes' or 'No', followed by score, and the breakdown of the
tests that contributed to the score
X-Spam-Score: The spam's numerical score.
X-Spam-Level: One asterisk ('*') for each point above 0 (eg: '**' for mail
scored at 2.95)

If a message scores at or above 5, it is considered to be spam, and the
following actions are taken:

The subject line is prepended by the string '*** SUSPECTED SPAM *** ' to aid
in visual identification.
The header 'X-Spam-Flag: YES' is added to the email.

This is the only action taken on messages believed to be spam. This decision
was made after a survey of the department indicated that people feared false
positives and wanted the greatest amount of control over their own email
filtering.

The easiest method to keep spam out of your inbox is to insert the following
procmail rule into your .procmailrc (after properly configuring your
.forward). This rule can be used by itself, or as a part of a larger procmail
recipe:

# If you don't already have the following line, add it:
LOGFILE=.procmail.log

# Redirect all mail flagged as spam by SpamAssasin to a suspected-spam folder:
:0
* X-Spam-Flag: YES
|/usr/bin/dmail +suspected-spam

The above rule will place all email tagged as spam by SpamAssasin in a
'suspected-spam' folder. Advanced users may tweak this rule to filter based
on score, or make other delivery decisions. Please note that if you send your
mail to /dev/null we can *NOT* recover it for you.



* SSH Keys *

Authorized ssh keys, like your .procmailrc, are kept on the mail server,
specifically in /mnt/mail.cs.brandeis.edu/username/.ssh.  Simply create the
.ssh directory if it does not already exist, and place your authorized_keys
file therein.



* Notes * 

We have propagated an up-to-date copy of the ssh_known_hosts file to all public
workstations to ensure that they will authenticate correctly with the new mail
server.  If you experience an error from pine or mutt regarding a conflict with
the ssh public keys, check the file ~/.ssh/known_hosts for an older copy of the
mail.cs.brandeis.edu key.  Remove any such keys from your personal known_hosts,
and try again.

Clever users may have noticed that imap, pop, and smtp .cs.brandeis.edu are all
currently CNAMEs to mail.cs.brandeis.edu. We ask that, even if you notice this,
you continue to refer to servers in your mail client's configuration with the
proper DNS alias for the service you are accessing, as these functions will
soon be parting ways, never to run on the same machine again. At that time,
clients configured to talk to a single DNS name for multiple services will find
functionality reduced or absent until they update their settings.