Mail Settings

(Last updated: 2007-09-28)

* Mutt Users *

Include the following in your ~/.muttrc: set tunnel="ssh -q imap.cs.brandeis.edu /etc/rimapd" set spoolfile={imap.cs.brandeis.edu}/var/spool/mail/your-username set folder={imap.cs.brandeis.edu} set hidden_host=yes

* Pine Users *

Include the following in your ~/.pinerc: user-domain=cs.brandeis.edu smtp-server=smtp.cs.brandeis.edu ssh-path=/usr/bin/ssh ssh-command=%s %s -x -q -l %s exec /etc/r%sd inbox-path={imap.cs.brandeis.edu}INBOX folder-collections=Mail {imap.cs.brandeis.edu}[]

* Configuring Procmail and .forward*

Your .forward and .procmailrc files live on the mail server, specifically in /mnt/mail.cs.brandeis.edu/username, which is accessible from any public workstation. To forward your mail elsewhere, create /mnt/mail.cs.brandeis.edu/username/ .forward containing your desired destination, eg: username@example.com # Forwards all mail to username@example.com OR \username,address@example.com # Keep a local copy, forward a copy to # address@example.com To use procmail, create /mnt/mail.cs.brandeis.edu/username/.forward containing: |procmail An example .procmailrc is shown below. # Log everything. LOGFILE=procmail.log # Eliminate multiple copies of a message cc'd to multiple lists of which # I am a member. :0 Wh: .msgid.cache.lock | formail -D 8192 .msgid.cache # Mail addressed explicitly to me goes to INBOX. # # Replace "(sahil|tandon)" with an expression containing your own username; # "|" means "or", so this expression checks for mail addressed to "sahil" OR # to "tandon". :0 * ^TO.*(sahil|tandon) { :0 ${DEFAULT} } # Everything else goes to a "possibly-spam" folder. :0 possibly-spam

* Dealing with spam using procmail *

All mail coming into the mail server is scanned for viruses using ClamAV, and passed through SpamAssasin. ClamAV automatically quarantines email containing malicious payloads (if you have a legitimate need to share such material with colleagues for research purposes, please ask for advice on how to exchange such files safely), and SpamAssasin performs the following actions: All messages are scanned, and assigned a score. Messages with scores over 5 are considered spam. Messages with scores below 5 are not considered spam. All messages start out with a score of 0. It is possible for a score to be less than 0. All messages, regardless of status, are marked with the following headers: X-Spam-Status: 'Yes' or 'No', followed by score, and the breakdown of the tests that contributed to the score X-Spam-Score: The spam's numerical score. X-Spam-Level: One asterisk ('*') for each point above 0 (eg: '**' for mail scored at 2.95) If a message scores at or above 5, it is considered to be spam, and the following actions are taken:
  1. The subject line is prepended by the string '*** SUSPECTED SPAM *** ' to aid in visual identification.
  2. The header 'X-Spam-Flag: YES' is added to the email.
This is the only action taken on messages believed to be spam. This decision was made after a survey of the department indicated that people feared false positives and wanted the greatest amount of control over their own email filtering. The easiest method to keep spam out of your inbox is to insert the following procmail rule into your .procmailrc (after properly configuring your .forward). This rule can be used by itself, or as a part of a larger procmail recipe: # If you don't already have the following line, add it: LOGFILE=.procmail.log # Redirect all mail flagged as spam by SpamAssasin to a suspected-spam folder: :0 * X-Spam-Flag: YES suspected-spam The above rule will place all email tagged as spam by SpamAssasin in a 'suspected-spam' folder. Advanced users may tweak this rule to filter based on score, or make other delivery decisions. Please note that if you send your mail to /dev/null we can *NOT* recover it for you.

* SSH Keys *

Authorized ssh keys, like your .procmailrc, are kept on the mail server, specifically in /mnt/mail.cs.brandeis.edu/username/.ssh. Simply create the .ssh directory if it does not already exist, and place your authorized_keys file therein.

* Notes *

We have propagated an up-to-date copy of the ssh_known_hosts file to all public workstations to ensure that they will authenticate correctly with the new mail server. If you experience an error from pine or mutt regarding a conflict with the ssh public keys, check the file ~/.ssh/known_hosts for an older copy of the mail.cs.brandeis.edu key. Remove any such keys from your personal known_hosts, and try again. Clever users may have noticed that imap, pop, and smtp .cs.brandeis.edu are all currently CNAMEs to mail.cs.brandeis.edu. We ask that, even if you notice this, you continue to refer to servers in your mail client's configuration with the proper DNS alias for the service you are accessing, as these functions will soon be parting ways, never to run on the same machine again. At that time, clients configured to talk to a single DNS name for multiple services will find functionality reduced or absent until they update their settings.