Services/Mail: Difference between revisions
mNo edit summary |
|||
(32 intermediate revisions by 2 users not shown) | |||
Line 7: | Line 7: | ||
| account = global-reg |
| account = global-reg |
||
| ipv6 = true |
| ipv6 = true |
||
| security_notes = Access to the mail services are fully secured, and to your data, nevertheless most mail exchange on the Internet are not. Complete security can be achieved using signed and encrypted |
| security_notes = Access to the mail services are fully secured, and to your data, nevertheless most mail exchange on the Internet are not. MX DNS records are protected with DNSSEC and we publish a MTA-STS policy as well as DANE/TLSA records to use secure connections as much as possible. Complete security can be achieved using signed and encrypted mails (see [[wikipedia:Pretty_Good_Privacy|OpenPGP]] and [[wikipedia:S/MIME|S/MIME]]) |
||
}} |
}} |
||
Line 22: | Line 22: | ||
You can use our servers to send mails out too via smtp.duckcorp.org using: |
You can use our servers to send mails out too via smtp.duckcorp.org using: |
||
* SMTP+TLS (TCP 25) / SMTPS (TCP 465) |
* SUBMISSION (TCP 587) which is the recommended way and has less chance to be filtered, or alternatively SMTP+TLS (TCP 25) / SMTPS (TCP 465) |
||
* and SASL authentication |
* and SASL authentication |
||
=== Using a Web Interface === |
=== Using a Web Interface === |
||
A [https://webmail.duckcorp.org/ webmail interface] is available. |
|||
== |
==== Securing Your Account ==== |
||
We strongly suggest you enable [https://en.wikipedia.org/wiki/Multi-factor_authentication Two Factor Authentication (2FA)] to protect your account. With this system your login and password is not sufficient to log in, an external secret is needed. |
|||
Mails stored on our server are checked upon arrival for viruses and SPAMs. Mail redirected to a third party mailbox are not, not to mess with the strategy of the the final destination (which could arm learning greatly). |
|||
Currently only one method is available: |
|||
Mails being viruses are suppressed automatically upon arrival. Once in a week, an extra antivirus check is done on all hosted mailboxes, to remove viruses not detected at the time it arrived (our antivirus database is updated daily), so you may see such mail disappear from your mailbox, don't fear. |
|||
* TOTP: using an application on your phone (FreeOTP available on [https://f-droid.org/ F-Droid] is working fine) |
|||
In the ''settings'' menu click on the ''2-Factor Authentication'' tab and follow these steps: |
|||
SPAMs are more difficult to detect, and it is an error-prone process, so we chose to use a learning software instead of using a global database. On the bright side of things, you would never loose mails and the software should be able to learn what is a SPAM from '''your''' point of view (which has proved to differ slightly between our users), but on the grey side you will have to teach him regularly to avoid errors. When your account is created, it acts like an empty headed body letting everything through, but after a few weeks of teaching it is able to recognize most of your habits and block a lot of annoying SPAM. |
|||
* click on the ''Setup all fields (needs Save)'' button |
|||
* on your phone, open the TOPT application and scan the QR code |
|||
* on your phone generate a code, put it in the ''Check code'' text field and click on the button to validate it works fine |
|||
* click on the ''show recovery codes'' button and store them is a safe place: print then (or store then on an encrypted disk) |
|||
* click the ''Save'' button, you will be logged out |
|||
* check you can login again |
|||
=== |
==== Mail Encryption and Signing ==== |
||
It is possible to encrypt and sign your emails via PGP. In the past is was possible to upload your key on the server but there is a more secure method now: with [https://www.mailvelope.com/ Mailvelope] you can use your key on your machine without exposing your secrets. The company behind Mailvelope proposes various plans but you don't need to subscribe or pay for anything, just install the Free Software plugin for your browser. |
|||
The web interface is an easy way to view your mail history, changes your settings, and more. |
|||
== Antivirus and Antispam == |
|||
The web interface is available using this URL: |
|||
https://spamfilter.duckcorp.org/ |
|||
Mails stored on our server are checked upon arrival for viruses and SPAMs. Outgoing mails from our services are checked too. |
|||
Mails being viruses are suppressed automatically upon arrival. Mails with a huge probability of being SPAM are destroyed too. Good mails and possibly spammy mails are delivered to your mailbox. |
|||
==== User Settings ==== |
|||
SPAMs are more difficult to detect, and it is an error-prone process, so we chose to use a learning software instead of using a global database. After a few weeks of teaching it is able to recognize most of your habits and block a lot of annoying SPAM. |
|||
You can yourself setup a few parameters in the ''Preferences'' page of the [https://spamfilter.duckcorp.org/ web interface], mostly: |
|||
* how the system should train: |
|||
** TEFT (''On every new message scanned by the filter''): useful to learn very quickly especially on a new mailbox or when you've got tons of spam on your addresses, but you need to train it regulary (daily is better) or it will learn wrong (very quickly too !) |
|||
** TOE (''Only when the filter makes a mistake''): slow learning, but if you don't have time for training very often or go on long holidays without internet access this mode will give you a stable behavior |
|||
** TUM (''Only with new data or if the filter makes a mistake''): trade-off between the two previous modes, learn quite fast and not too demanding, adapts better to new SPAMs then TOE |
|||
* filter sensitivity: you can ask the system to be more or less aggressive |
|||
* message handling: |
|||
** ''Quarantine the message'': mails are not delivered to your mailbox but kept by the system and you can only manage them through the [https://spamfilter.duckcorp.org/ web interface] ; if you retrain a quarantined mail as HAM, it will be freed from quarantine and delivered in your mailbox at once ; in this mode, you need to flush your quarantine once in a while |
|||
** ''Tag the Subject header with'': mails are delivered with a modified title (which is a tad ugly) |
|||
** ''Deliver the message normally with a X-DSPAM-Result header'': mails are delivered with a special field in your mail headers (not always visible depending on your mail client and its configuration) ; this is quite handy if you prefer SPAMs arranged in a specific folder |
|||
* ''Disable DSPAM filtering'': you may switch off filtering at your own risk |
|||
We strongly recommend using TEFT with daily training for a few weeks then switching to TUM. If you need to go away for a long time, switching to TOE is recommended. Using the quarantine feature is also a safe choice, as the web interface is quite easy to use. |
|||
=== Probable SPAM Notification === |
|||
Mails are delivered normally with a special field added (''X-Spam-Status'') to your mail headers (not always visible depending on your mail client and its configuration) indicating if the mail is a SPAM and its ''spamminess'' score. |
|||
If you are using the ''quarantine'' (see the ''message handling'' setting in your preferences, as explained above), then your SPAMs will not go into your mailbox but stay in this stagging area. |
|||
This is quite handy if you prefer SPAMs arranged in a specific folder. You may use then the provided [[#Mail Filtering |filtering system]] to sort them properly, or configure your eMail client. |
|||
Through the web interface, you can see these mails in the ''Quarantine'' page and: |
|||
* free legitimate mails wrongly considered as SPAM by the system |
|||
* delete real SPAMs if the system was right about them (freeing useful space) |
|||
=== Retraining === |
=== Retraining === |
||
Line 71: | Line 66: | ||
Teaching the system what is SPAM and HAM (non-SPAM) is called ''retraining''. |
Teaching the system what is SPAM and HAM (non-SPAM) is called ''retraining''. |
||
If you have of create a folder named ''Junk'', then it is automatically magic: |
|||
==== Retraining using the Special ''Junk'' Folder (preferred method) ==== |
|||
* if you move mail into it, it is automatically retrained as SPAM |
|||
* if you move mail out of it, it is automatically retrained as HAM |
|||
* with time, certain old mails automatically expire, see below |
|||
If you are using an IMAP Sync client which does not support the MOVE operation (isync, offlineimap…) then you unfortunately cannot use this method, please look at the next chapter. |
|||
{{warning}} This feature is to be available soon! |
|||
To use this folder properly, SPAMs '''must''' be delivered in the ''Junk'' folder automatically, so you can move them out in case of error. |
|||
==== Retraining via Web Interface ==== |
|||
You just need to subscribe to this folder in your mail software (this folder is always auto-created). It is not recommended to use your mail software for this filtering, this is horribly inefficient and you would have to set things up on each device and manually synchronize your settings. |
|||
Automatic expiration logic, based on delivery time (and not the mail timestamp): |
|||
If you are using the ''quarantine'', then freed mails will automatically be retrained as HAM. |
|||
* deleted mails are purged after 1 day |
|||
* read mails without an important flag are purge after 7 days |
|||
* unread mails without an important flag are purge after 30 days |
|||
If you use the ''incoming_spam'' [[#Global_Rules|global rule]], then SPAMs newly discovered by the system are flagged as important, which means these mails will never by purged until you review it and decide to delete them or mark them as not important. Custom rules might play with this flag and achieve an automatic selection. |
|||
=== Retraining for feature-limited IMAP Sync clients === |
|||
Use the [https://spamfilter.duckcorp.org/ web interface] to retrain from errors in the ''History'' page. |
|||
If your client does not support the MOVE operation (isync, [https://github.com/OfflineIMAP/offlineimap/issues/515 offlineimap]…) then you can only copy (APPEND) mail, which does not work with the magic Junk folder. |
|||
==== Retraining via Mail ==== |
|||
In this case, you can create special folders called ''SyncSPAM'' and ''SyncHAM'' and copy SPAM and HAM in them. Every two hours a script will pickup these mails, do the retraining, and remove them. Removing these mails from their original locations will be left to you though. |
|||
Resend SPAMs to ''dc-spam@duckcorp.org'' and HAM (non-SPAM) to ''dc-ham@duckcorp.org''. |
|||
{{warning}} PLEASE TAKE CARE to use the ''resend'' function of your mailer and never use ''forward'', which would result in '''yourself''' being considered as SPAN or HAM. |
|||
== Mail Filtering == |
== Mail Filtering == |
||
With your favourite mail client, you can probably filter your mails in proper folders already. Nevertheless, this can be |
With your favourite mail client, you can probably filter your mails in proper folders already. Nevertheless, this can be an annoying operation: |
||
* blocking you mail client for a long time if you have to process plenty of mails |
* blocking you mail client for a long time if you have to process plenty of mails |
||
* downloading each mail information, and sometimes content (depending on your filters), is lenghty too, and cost much bandwidth |
* downloading each mail information, and sometimes content (depending on your filters), is lenghty too, and cost much bandwidth |
||
* syncing filters |
* syncing filters across your machines (home desktop, laptop, office machine…) is a pain in the ass |
||
* processing only when you're online prevents triggering actions in a timely manner (automatic redirect, vacation messages…), and running a machine 24/7 with a mail client polling new mails every 30s is not a solution |
* processing only when you're online prevents triggering actions in a timely manner (automatic redirect, vacation messages…), and running a machine 24/7 with a mail client polling new mails every 30s is not a solution |
||
We provide a much better way to do this using the [[wikipedia:Sieve_(mail_filtering_language)|SIEVE]] filters. Shortly, SIEVE is a language dedicated to expressing mail filters. Our server is able to process your mails according to these filters as soon as they arrive. You then don't have to care about them anymore, and may use light mail clients or webmails when you're not on your machine with your favourite software. |
We provide a much better way to do this using the [[wikipedia:Sieve_(mail_filtering_language)|SIEVE]] filters. Shortly, SIEVE is a language dedicated to expressing mail filters (also called ''rules''). Our server is able to process your mails according to these filters as soon as they arrive. You then don't have to care about them anymore, and may use light mail clients or webmails when you're not on your machine with your favourite software. |
||
: MANAGESIEVE (TCP 4190) on sieve.duckcorp.org |
|||
=== Rules Configuration === |
|||
Several softwares support managing SIEVE rules: |
|||
* Icedove/Thunderbird using the SIEVE extension (in xul-ext-sieve Debian package) provides a rules editor |
|||
You can express sort/reject/vacation/… filters using these rules, as the capabilities are very rich. Several softwares support managing SIEVE rules: |
|||
* Horde (Ingo) provides an easy to use web interface |
|||
* Icedove/Thunderbird: |
|||
* Squirrelmail with the Avelsieve extension provides an easy to use web interface |
|||
*: using the SIEVE extension (in ''xul-ext-sieve'' Debian package), it provides a rules editor (for power-users) |
|||
* Roundcube with an extension provides an easy to use web interface |
|||
* Roundcube: |
|||
* sieve-connect provides a CLI to upload/download/activate your rules files |
|||
*: coupled with the sieverules extension, provides an easy to use web interface |
|||
*: this webmail has been made available [https://webmail.duckcorp.org/ here] |
|||
* sieve-connect: |
|||
*: provides a CLI to upload/download/activate your rules files |
|||
*: this tool is available on [[Services/Shell|shell hosts]] |
|||
(tell us if you know more software supporting this feature) |
(tell us if you know more software supporting this feature) |
||
To push your filters on the server, a dedicated protocol exists: MANAGESIEVE (TCP 4190) on ''sieve.duckcorp.org''. Our webmails are already configured to use it, but it you use sieve-connect from our hosts or your own mail software, you'll need these parameters. |
|||
You can read more info about SIEVE here: |
You can read more info about SIEVE here: |
||
* supported SIEVE features on our server: |
* supported SIEVE features on our server: https://pigeonhole.dovecot.org/ |
||
* http://www.fastmail.fm/docs/sieve/ |
|||
* http://sieve.info/ |
* http://sieve.info/ |
||
=== Global Rules === |
|||
Global rules are provided to ease configuration on specific filters. They can easily be included in your own configuration. |
|||
Available rules: |
|||
* ''incoming_spam'': |
|||
*: SPAMs will automatically be delivered in the ''Junk'' folder and marked as ''important'' |
|||
If you write your own custom rules, here is an example on how to use one of them: |
|||
require ["include"]; |
|||
include :global "<rule-name>"; |
|||
=== Default Rules === |
|||
The default settings (since 2112-02-11) are to use the global ''incoming_spam'' rule (see below), in order to provide a simple default configuration for most users. All other mails will end-up in your ''Inbox'' folder and you may then sort them by yourself. |
|||
If you create your own rules, the default rules won't apply anymore, so power-users can replace the default behavior completely to achieve what they really need. If you want to use the default behavior you can use: |
|||
require ["include"]; |
|||
include :global "incoming_spam"; |
|||
You can also take advantage of the antispam spaminess score to use a different threshold like this: |
|||
require ["fileinto", "spamtestplus", "relational", "comparator-i;ascii-numeric"]; |
|||
# if SPAM score is >37% then move into the junk box |
|||
if spamtest :percent :value "gt" :comparator "i;ascii-numeric" "37" { |
|||
fileinto "Junk"; |
|||
stop; |
|||
} |
|||
== Fetching eMails from an External Mailbox == |
== Fetching eMails from an External Mailbox == |
||
{{warning}} This is not supported anymore; you may still redirect mails from your external mailbox to your DuckCorp's email address though. |
|||
{{todo}} |
|||
== Shared/Public Folders == |
== Shared/Public Folders == |
||
{{warning}} This is unfortunately not supported by the synchronization system between our two main mail servers; it was not used anyway. Private (non-shared) namespaces are possible though. |
|||
You may need to share mails or messages with friends or people you do stuff with (in a project or association). Depending on your needs, two solutions are possible: |
|||
You may need to share mails or messages with friends or people you do stuff with (in a project or association). Depending on your needs, two solutions are possible:</del> |
|||
* share some of your own private folders, thus called ''shared folders'' |
* share some of your own private folders, thus called ''shared folders'' |
||
* manage a special folder hierarchy, called ''public folders'' (even if they may not be accessible to everyone) |
* manage a special folder hierarchy, called ''public folders'' (even if they may not be accessible to everyone) |
||
*: if you need one, ask an administrator; the namespace name can be freely chosen but must be unambiguous and is subject to approval |
|||
=== Namespaces === |
|||
Through IMAP, or our webmails internally using IMAP, it is possible to partition the folder hierarchy into ''namespaces''. Traditionally you are using the root namespace for your private folders. |
Through IMAP, or our webmails internally using IMAP, it is possible to partition the folder hierarchy into ''namespaces''. Traditionally you are using the root namespace for your private folders. Additional namespaces can be created and will appear among your own folders or separate, depending on your mail client's choice of representation. To avoid name clashes, we decided to prefix all additional namespace names with a '''#'''. |
||
Since 2011-05-14, the following extra namespaces are created and reserved: |
Since 2011-05-14, the following extra namespaces are created and reserved: |
||
* #Shared, containing all folders other users decided to share with you |
* #Shared, containing all folders other users decided to share with you |
||
* #MilkyPond, containing public MP/DC |
* #MilkyPond, containing public MP/DC informational mailboxes you may subscribe at will |
||
=== Folders Permissions === |
|||
Using IMAP, it is possible to setup rights (read only, write allowed…) to your own folders in order to share them with other users, or group of users. Public folders are owned by noone, and must be created by DC administrators ; if you need one, send us a request and we may be able to create it and delegate administration to your care (namespace name is subject to approval). Once created, public folders can be administered like shared folders. |
|||
Using IMAP, it is possible to setup rights (read only, write allowed…) to your own folders in order to share them with other users, or group of users. |
|||
Public folders are owned by no-one, and must be created by the administrators. Once your request is accepted we will delegate its administration to your care. It can then can be managed like shared folders. |
|||
=== Software Support === |
|||
Client mail softwares support: |
Client mail softwares support: |
||
* RoundCube: |
|||
* Horde: support namespaces, shared folders configurable via ''Options->Share Folders'' menu but no ACLs for public folders |
|||
* |
*: support namespaces, shared and public folders configurable via ''Settings->Folders'', selecting a folder then using the ''Sharing'' tab |
||
* Icedove/Thunderbird: |
|||
*: support namespaces, shared and public folders configurable via folder selection and ''Tools->Imap-ACL'' menu action |
|||
Most other softwares have namespace support only, so you should be able to use shared/public folders you have rights on but not configure them yourself |
Most other softwares have namespace support only, so you should be able to use shared/public folders you have rights on but not configure them yourself |
||
(tell us if you know more software supporting this feature) |
(tell us if you know more software supporting this feature). |
||
== Limitations == |
== Limitations == |
||
Line 139: | Line 190: | ||
=== Maximum Mail Size === |
=== Maximum Mail Size === |
||
Mail you send or receive are limited to ''' |
Mail you send or receive are limited to '''20MB'''. If you need to transmit much bigger data, then a mail transport is not appropriate, you'd better use a file sharing method instead. |
||
=== Quotas === |
=== Quotas === |
||
Line 150: | Line 201: | ||
This service is made using: |
This service is made using: |
||
* [ |
* [https://www.clamav.net/ ClamAV] |
||
* [ |
* [https://dovecot.org/ Dovecot] |
||
* [ |
* [https://www.postfix.org/ Postfix] |
||
* [https://github.com/Snawoot/postfix-mta-sts-resolver postfix-mta-sts-resolver] |
|||
* [http://johannes.sipsolutions.net/Projects/dovecot-antispam dovecot-antispam] |
|||
* [https://www.roundcube.net/ RoundCube] |
|||
* [https://rspamd.com/ Rspamd] |
|||
* [https://projects.duckcorp.org/projects/spoolinger Spoolinger] |
* [https://projects.duckcorp.org/projects/spoolinger Spoolinger] |
||
* [http://www.horde.org/ Horde] |
|||
* [http://www.squirrelmail.org/ SquirrelMail] |
|||
* [http://www.roundcube.net/ RoundCube] |
Latest revision as of 06:23, 8 April 2020
Description | Available services:
If you want email addresses using you own domain(s), see the mail hosting service. | |||
---|---|---|---|---|
Prerequisite | None | |||
Account | Global (registration required) | IPv6 Ready | Yes | |
Security Notes | Access to the mail services are fully secured, and to your data, nevertheless most mail exchange on the Internet are not. MX DNS records are protected with DNSSEC and we publish a MTA-STS policy as well as DANE/TLSA records to use secure connections as much as possible. Complete security can be achieved using signed and encrypted mails (see OpenPGP and S/MIME) |
Access
Using a Mail Reader
You can retrieve your mails, in case of a real mailbox, using either:
- IMAP+TLS (TCP 143) / IMAPS (TCP 993) on imap.duckcorp.org
- or POP3+TLS (TCP 110) / POP3S (TCP 995) on pop.duckcorp.org
The IMAP protocol is recommended over POP3, as it provides many interesting features. If you want to download all your mails absolutely at home, loosing the ability to read your mail from anywhere on the planet, you can do that with IMAP too (look at your mail client settings).
You can use our servers to send mails out too via smtp.duckcorp.org using:
- SUBMISSION (TCP 587) which is the recommended way and has less chance to be filtered, or alternatively SMTP+TLS (TCP 25) / SMTPS (TCP 465)
- and SASL authentication
Using a Web Interface
A webmail interface is available.
Securing Your Account
We strongly suggest you enable Two Factor Authentication (2FA) to protect your account. With this system your login and password is not sufficient to log in, an external secret is needed.
Currently only one method is available:
- TOTP: using an application on your phone (FreeOTP available on F-Droid is working fine)
In the settings menu click on the 2-Factor Authentication tab and follow these steps:
- click on the Setup all fields (needs Save) button
- on your phone, open the TOPT application and scan the QR code
- on your phone generate a code, put it in the Check code text field and click on the button to validate it works fine
- click on the show recovery codes button and store them is a safe place: print then (or store then on an encrypted disk)
- click the Save button, you will be logged out
- check you can login again
Mail Encryption and Signing
It is possible to encrypt and sign your emails via PGP. In the past is was possible to upload your key on the server but there is a more secure method now: with Mailvelope you can use your key on your machine without exposing your secrets. The company behind Mailvelope proposes various plans but you don't need to subscribe or pay for anything, just install the Free Software plugin for your browser.
Antivirus and Antispam
Mails stored on our server are checked upon arrival for viruses and SPAMs. Outgoing mails from our services are checked too.
Mails being viruses are suppressed automatically upon arrival. Mails with a huge probability of being SPAM are destroyed too. Good mails and possibly spammy mails are delivered to your mailbox.
SPAMs are more difficult to detect, and it is an error-prone process, so we chose to use a learning software instead of using a global database. After a few weeks of teaching it is able to recognize most of your habits and block a lot of annoying SPAM.
Probable SPAM Notification
Mails are delivered normally with a special field added (X-Spam-Status) to your mail headers (not always visible depending on your mail client and its configuration) indicating if the mail is a SPAM and its spamminess score.
This is quite handy if you prefer SPAMs arranged in a specific folder. You may use then the provided filtering system to sort them properly, or configure your eMail client.
Retraining
Teaching the system what is SPAM and HAM (non-SPAM) is called retraining.
If you have of create a folder named Junk, then it is automatically magic:
- if you move mail into it, it is automatically retrained as SPAM
- if you move mail out of it, it is automatically retrained as HAM
- with time, certain old mails automatically expire, see below
If you are using an IMAP Sync client which does not support the MOVE operation (isync, offlineimap…) then you unfortunately cannot use this method, please look at the next chapter.
To use this folder properly, SPAMs must be delivered in the Junk folder automatically, so you can move them out in case of error. You just need to subscribe to this folder in your mail software (this folder is always auto-created). It is not recommended to use your mail software for this filtering, this is horribly inefficient and you would have to set things up on each device and manually synchronize your settings.
Automatic expiration logic, based on delivery time (and not the mail timestamp):
- deleted mails are purged after 1 day
- read mails without an important flag are purge after 7 days
- unread mails without an important flag are purge after 30 days
If you use the incoming_spam global rule, then SPAMs newly discovered by the system are flagged as important, which means these mails will never by purged until you review it and decide to delete them or mark them as not important. Custom rules might play with this flag and achieve an automatic selection.
Retraining for feature-limited IMAP Sync clients
If your client does not support the MOVE operation (isync, offlineimap…) then you can only copy (APPEND) mail, which does not work with the magic Junk folder.
In this case, you can create special folders called SyncSPAM and SyncHAM and copy SPAM and HAM in them. Every two hours a script will pickup these mails, do the retraining, and remove them. Removing these mails from their original locations will be left to you though.
Mail Filtering
With your favourite mail client, you can probably filter your mails in proper folders already. Nevertheless, this can be an annoying operation:
- blocking you mail client for a long time if you have to process plenty of mails
- downloading each mail information, and sometimes content (depending on your filters), is lenghty too, and cost much bandwidth
- syncing filters across your machines (home desktop, laptop, office machine…) is a pain in the ass
- processing only when you're online prevents triggering actions in a timely manner (automatic redirect, vacation messages…), and running a machine 24/7 with a mail client polling new mails every 30s is not a solution
We provide a much better way to do this using the SIEVE filters. Shortly, SIEVE is a language dedicated to expressing mail filters (also called rules). Our server is able to process your mails according to these filters as soon as they arrive. You then don't have to care about them anymore, and may use light mail clients or webmails when you're not on your machine with your favourite software.
Rules Configuration
You can express sort/reject/vacation/… filters using these rules, as the capabilities are very rich. Several softwares support managing SIEVE rules:
- Icedove/Thunderbird:
- using the SIEVE extension (in xul-ext-sieve Debian package), it provides a rules editor (for power-users)
- Roundcube:
- coupled with the sieverules extension, provides an easy to use web interface
- this webmail has been made available here
- sieve-connect:
- provides a CLI to upload/download/activate your rules files
- this tool is available on shell hosts
(tell us if you know more software supporting this feature)
To push your filters on the server, a dedicated protocol exists: MANAGESIEVE (TCP 4190) on sieve.duckcorp.org. Our webmails are already configured to use it, but it you use sieve-connect from our hosts or your own mail software, you'll need these parameters.
You can read more info about SIEVE here:
- supported SIEVE features on our server: https://pigeonhole.dovecot.org/
- http://sieve.info/
Global Rules
Global rules are provided to ease configuration on specific filters. They can easily be included in your own configuration.
Available rules:
- incoming_spam:
- SPAMs will automatically be delivered in the Junk folder and marked as important
If you write your own custom rules, here is an example on how to use one of them:
require ["include"]; include :global "<rule-name>";
Default Rules
The default settings (since 2112-02-11) are to use the global incoming_spam rule (see below), in order to provide a simple default configuration for most users. All other mails will end-up in your Inbox folder and you may then sort them by yourself.
If you create your own rules, the default rules won't apply anymore, so power-users can replace the default behavior completely to achieve what they really need. If you want to use the default behavior you can use:
require ["include"]; include :global "incoming_spam";
You can also take advantage of the antispam spaminess score to use a different threshold like this:
require ["fileinto", "spamtestplus", "relational", "comparator-i;ascii-numeric"]; # if SPAM score is >37% then move into the junk box if spamtest :percent :value "gt" :comparator "i;ascii-numeric" "37" { fileinto "Junk"; stop; }
Fetching eMails from an External Mailbox
This is not supported anymore; you may still redirect mails from your external mailbox to your DuckCorp's email address though.
This is unfortunately not supported by the synchronization system between our two main mail servers; it was not used anyway. Private (non-shared) namespaces are possible though.
You may need to share mails or messages with friends or people you do stuff with (in a project or association). Depending on your needs, two solutions are possible:
- share some of your own private folders, thus called shared folders
- manage a special folder hierarchy, called public folders (even if they may not be accessible to everyone)
- if you need one, ask an administrator; the namespace name can be freely chosen but must be unambiguous and is subject to approval
Namespaces
Through IMAP, or our webmails internally using IMAP, it is possible to partition the folder hierarchy into namespaces. Traditionally you are using the root namespace for your private folders. Additional namespaces can be created and will appear among your own folders or separate, depending on your mail client's choice of representation. To avoid name clashes, we decided to prefix all additional namespace names with a #.
Since 2011-05-14, the following extra namespaces are created and reserved:
- #Shared, containing all folders other users decided to share with you
- #MilkyPond, containing public MP/DC informational mailboxes you may subscribe at will
Folders Permissions
Using IMAP, it is possible to setup rights (read only, write allowed…) to your own folders in order to share them with other users, or group of users.
Public folders are owned by no-one, and must be created by the administrators. Once your request is accepted we will delegate its administration to your care. It can then can be managed like shared folders.
Software Support
Client mail softwares support:
- RoundCube:
- support namespaces, shared and public folders configurable via Settings->Folders, selecting a folder then using the Sharing tab
- Icedove/Thunderbird:
- support namespaces, shared and public folders configurable via folder selection and Tools->Imap-ACL menu action
Most other softwares have namespace support only, so you should be able to use shared/public folders you have rights on but not configure them yourself (tell us if you know more software supporting this feature).
Limitations
Maximum Mail Size
Mail you send or receive are limited to 20MB. If you need to transmit much bigger data, then a mail transport is not appropriate, you'd better use a file sharing method instead.
Quotas
Even if it would be nice to live without it, we had to establish quotas to force people sort their mails out once in a while and delete useless things instead of leaving an ever-growing mess behind.
The default quota is 512MB which is not that big but should match needs of most users. This said, you may ask us for more and there's no reason we would refuse a reasonable demand.
Technical Details
This service is made using: