Services/Mail: Difference between revisions
Line 27: | Line 27: | ||
Mails being viruses are suppressed automatically upon arrival. Once in a week, an extra antivirus check is done on all hosted mailboxes, to remove viruses not detected at the time it arrived (our antivirus database is updated daily), so you may see such mail disappear from your mailbox, don't fear. |
Mails being viruses are suppressed automatically upon arrival. Once in a week, an extra antivirus check is done on all hosted mailboxes, to remove viruses not detected at the time it arrived (our antivirus database is updated daily), so you may see such mail disappear from your mailbox, don't fear. |
||
SPAMs are more difficult to detect, and it is an error-prone process, so we chose to use a learning software intead of using a global database. On the bright side of things, you |
SPAMs are more difficult to detect, and it is an error-prone process, so we chose to use a learning software intead of using a global database. On the bright side of things, you would never loose mails and the software should be able to learn what is a SPAM from '''your''' point of view (which has proved to differ slightly between our users), but on the grey side you will have to teach him regulary to avoid errors. When your account is created, it acts like an empty headed body letting everything through, but after a few weeks of teaching it is able to recognise most of your habits and block a lot of annoying SPAM. |
||
To teach the system, you can: |
To teach the system, you can: |
Revision as of 19:59, 17 May 2011
Mail Hosting
What we can offer:
- full hosting (MX1) on our servers:
- multiple email addresses which can be real mailboxes or mere redirections at another third party addresses
- based on milkypond.org (or maybe duckcorp.org) domain(s) or you own domain(s)
- fallback retention (MX2) on our servers or, at your choice, partner servers (currently via Hivane)
Full Hosting
Access Methods
You can retrieve your mails, in case of a real mailbox, using:
- IMAP+TLS (TCP 143) / IMAPS (TCP 993) on imap.duckcorp.org
- or POP3+TLS (TCP 110) / POP3S (TCP 995) on pop.duckcorp.org
- or one of the provided webmails
The IMAP protocol is recommended over POP3, as it provides many interresting features. If you want to download all your mails absolutely at home, loosing the ability to read your mail from anywhere on the planet, you can do that with IMAP too (look at your mail client settings).
You can use our servers to send mails out too via smtp.duckcorp.org using:
- SMTP+TLS (TCP 25) / SMTPS (TCP 465)
- and SASL authentication
Antivirus and Antispam
Mails stored on our server are checked upon arrival for viruses and SPAMs. Mail redirected to a third party mailbox are not, not to mess with the strategy of the the final destination (which could arm learning greatly).
Mails being viruses are suppressed automatically upon arrival. Once in a week, an extra antivirus check is done on all hosted mailboxes, to remove viruses not detected at the time it arrived (our antivirus database is updated daily), so you may see such mail disappear from your mailbox, don't fear.
SPAMs are more difficult to detect, and it is an error-prone process, so we chose to use a learning software intead of using a global database. On the bright side of things, you would never loose mails and the software should be able to learn what is a SPAM from your point of view (which has proved to differ slightly between our users), but on the grey side you will have to teach him regulary to avoid errors. When your account is created, it acts like an empty headed body letting everything through, but after a few weeks of teaching it is able to recognise most of your habits and block a lot of annoying SPAM.
To teach the system, you can:
- use the web interface to retrain from errors in the History page
- resend SPAM to dc-spam@duckcorp.org and HAM (non-SPAM) to dc-ham@duckcorp.org
You can yourself setup a few parameters in the Preferences page of the web interface, mostly:
- how the system should train:
- TEFT (On every new message scanned by the filter): useful to learn very quickly especially on a new mailbox or when you've got tons of spam on your addresses, but you need to train it regulary (daily is better) or it will learn wrong (very quickly too !)
- TOE (Only when the filter makes a mistake): slow learning, but if you don't have time for training very often or go on long holidays without internet access this mode will give you a stable behavior
- TUM (Only with new data or if the filter makes a mistake): trade-off between the two previous modes, learn quite fast and not too demanding, adapts better to new SPAMs then TOE
- filter sensitivity, so you can ask the system to be more or less aggressive
- message handling:
- Quarantine the message: mails are not delivered to your mailbox but retained by the system and you can only manage them through the web interface ; if you retrain a quarantined mail as HAM, it will be freed from quarantine and delivered in your mailbox at once ; in this mode, you need to flush your quarantine once in a while
- Tag the Subject header with: mails are delivered with a modified title (which is a tad ugly)
- Deliver the message normally with a X-DSPAM-Result header: mails are delivered with a special field in your mail headers (not always visible depending on your mail client and its configuration) ; this is quite handy if you prefer SPAMs arranged in a specific folder
- Disable DSPAM filtering: you may switch off filtering at your own risk
We strongly recommend using TEFT with daily training for a few weeks then switching to TUM. If you need to go away for a long time, switching to TOE is recommended. Using the quarantine feature is also a safe choice, as the web interface is quite easy to use.
Mail Filtering
With your favourite mail client, you can probably filter your mails in proper folders already. Nevertheless, this can be a annoying operation:
- blocking you mail client for a long time if you have to process plenty of mails
- downloading each mail information, and sometimes content (depending on your filters), is lenghty too, and cost much bandwidth
- syncing filters accross your machines (home desktop, laptop, office machine…) is a pain in the ass
- processing only when you're online prevents triggering actions in a timely manner (automatic redirect, vacation messages…), and running a machine 24/7 with a mail client polling new mails every 30s is not a solution
We provide a much better way to do this using the SIEVE filters. Shortly, SIEVE is a language dedicated to expressing mail filters. Our server is able to process your mails according to these filters as soon as they arrive. You then don't have to care about them anymore, and may use light mail clients or webmails when you're not on your machine with your favourite software. To push your filters on the server, a dedicated protocol exists:
- MANAGESIEVE (TCP 4190) on sieve.duckcorp.org
Several softwares support managing SIEVE rules:
- Icedove/Thunderbird using the SIEVE extension (in xul-ext-sieve Debian package) provides a rules editor
- Horde (Ingo) provides an easy to use web interface
- Squirrelmail with the Avelsieve extension provides an easy to use web interface
- Roundcube with an extension provides an easy to use web interface
- sieve-connect provides a CLI to upload/download/activate your rules files
(tell us if you know more software supporting this feature)
You can read more info about SIEVE here:
- supported SIEVE features on our server: http://pigeonhole.dovecot.org/
- http://www.fastmail.fm/docs/sieve/
- http://sieve.info/
You may need to share mails or messages with friends or people you do stuff with (in a project or association). Depending on your needs, two solutions are possible:
- share some of your own private folders, thus called shared folders
- manage a special folder hierarchy, called public folders (even if they may not be accessible to everyone)
Through IMAP, or our webmails internally using IMAP, it is possible to partition the folder hierarchy into namespaces. Traditionally you are using the root namespace for your private folders. Additionnal namespaces can be created and will appear among your own folders or separate, depending on your mail client's choice of representation. To avoid name clashes, we decided to prefix all additionnal namespace names with a #.
Since 2011-05-14, the following extra namespaces are created and reserved:
- #Shared, containing all folders other users decided to share with you
- #MilkyPond, containing public MP/DC information mailboxes you may subscribe at will
Using IMAP, it is possible to setup rights (read only, write allowed…) to your own folders in order to share them with other users, or group of users. Public folders are owned by noone, and must be created by DC administrators ; if you need one, send us a request and we may be able to create it and delegate administration to your care (namespace name is subject to approval). Once created, public folders can be administered like shared folders.
Client mail softwares support:
- Horde: support namespaces, shared folders configurable via Options->Share Folders menu but no ACLs for public folders
- Icedove/Thunderbird: support namespaces, shared and public folders configurable via folder selection and Tools->Imap-ACL menu action
Most other softwares have namespace support only, so you should be able to use shared/public folders you have rights on but not configure them yourself (tell us if you know more software supporting this feature)
Fallback retention
The current retention period on our servers is 2 weeks, but can be temporary or permanently increased if needed.
Mails flowing back to your primary server can be protected using TLS with certificate verification if you wish.
Antivirus and antispam filtering are not applied to relayed mails, so we do not mess with your prefered strategy on your primary server, nevertheless basic checks (EHLO, DNS…) and RBL scoring are done to avoid accepting tons of SPAMs.