| Present: | R.J. Dowling, B.K. Omotani, R. Stratford, F.A.N. Finch, J.M. Wilkins, D.P. Carter, P. Stewart, C.E. Thompson, A.A. Schneider. |
Date of next meeting: 16th July 2003 at 11:15 in C304
The bounce message on CUS, Hermes and PPSW has not yet been updated to reflect the decision made at MDCM 107 (simply an oversight which will be addressed).
Mailscanner was rolled out on PPSW on May 22nd after much hard work by Tony Finch. User interfaces to the spam filtering engine were made available at the start of the following week. User reaction has on the whole been very positive although a few users have been taken to forwarding spam messages that they consider to have unreasonably low scores. The email address which appears in the X-Cam-ScannerAdmin: header will be replaced with a URL to some suitable documentation.
Mailscanner on PPSW is still running without a number of network level RBL blacklists which should hopefully improve spam detection rates, but which were causing a bottleneck effect on initial testing. An announcement will be made before these lists are enabled, otherwise people with low spam detection thresholds may be caught out.
PPSW is currently 5 live systems and webmail.hermes has been moved to a dedicated system (also currently configured as a PPSW system). The six systems also act as IMAP and POP proxies for Hermes. Load testing indicates that 2 of the 5 systems can just about cope with the current Mailscanner load on PPSW, and three systems can cope reasonably comfortably, so we have some redundancy and room for growth.
One complication of encouraging institutions to hub incoming mail through PPSW is that some institutions who run firewalls only accept incoming SMTP connections from fixed sets of IP addresses which they consider to be PPSW. This can cause problems as we treat PPSW as a pool of available hardware rather than a fixed resource. A proposed solution is to allocate a range of 16 or 32 addresses on subnet 8 which will be reserved for use as PPSW systems.
Live testing of the Cyrus mailstore has commenced: DPC has moved all of his mail into Cyrus and will soon be looking for other volunteers. So far things seem to be going well: common user agents appear to work without configuration changes (thanks to some backwards compatibility modifications to the Cyrus server). There are a few small incompatibilities with some rather obscure aspects of the IMAP protocol, but so far nothing serious has been discovered.
PPSW currently hubs mail for about a dozen external (non-cam.ac.uk) mail domains which run mail servers on the University Network. These are typically national or international projects currently associated with Cambridge which might move to some other location in the future. Some concern was expressed that such arrangements might be abused to set up purely vanity domains for specific projects within the University.
Requests for external domain names pointing into the CUDN currently have to be cleared by the IT Syndicate, and vanity domains are discouraged.
Certain user agents which abuse the IMAP subscription list as a canonical list of mail folders available in an account will not see the spam folder created by server side filtering on Hermes until the user synchronises the list of available folders. The same is true of any concurrent access which creates or removes mail folders.
POP user agents cannot use server side filtering as they have no access to the separate spam folder on the server. The correct solution is for the user agent to do its own filtering based on the contents of the X-Cam-SpamScore: header, but this depends on the filtering abilities of the user agent in question, and its rather more involved to set up and explain to naive users than the simple server side user interface.
Various configuration changes (documented in the minutes of the CUS planning meeting) have been made to the Exim configuration on CUS as part of the move towards mail hubbing. An unfortunate complication is that large numbers of user agents appear to have been misconfigured to use user@imap.cus.cam.ac.uk and user@pop.cus.cam.ac.uk in various envelope and body headers. This effect is currently masked by rewriting rules on the CUS systems but will become a substantial problem when smtp.cus.cam.ac.uk is moved to point at PPSW to pick up virus filtering. A similar situation exists on Hermes but it will probably be resolved using rewrite rules on PPSW given the much larger and typically less experienced user population on Hermes.
Some early discussions have started between MISD and Computing Service staff regarding a university wide LDAP service to distribute various kinds of information. It is conceivable that such a system could be used as a email directory service.
DPC 2003-06-05