Hermes news

Default quota



1 GB

May request upgrades via a web form.

Until the message store upgrade during the Michaelmas Term, there was a 32 bit limit on upgraded quotas (i.e. 4GB) but this has now been lifted.

Message size limit



25 MB

Message size limit



50 MB

Fixed for all users.

Beware that this is bigger than most other academic and free email services, so messages that are delivered OK within the University may be rejected by remote sites.

Webmail


Our webmail software is called Prayer, because it's a response to Oxford's webmail software WING.

Chinese for email, according to Google

Prayer is now UTF-8 internally, so supports practically everything instead of just ISO 8858-1.

Some recent spam

Sadly I couldn't find any Thai

Nested folders


Old UW-IMAP model

Directories vs. mailboxes

New cyrus model

Nested folders

What most desktop MUAs expect

Will allow us to eliminate some patches from Cyrus

Data protection


Investigating problems


Investigating problems


  • date & time
  • sender, recipients
  • IP address & hostname
  • error messages
  • not subject
  • queries to help-desk@ucs
  • no queries from 3rd parties
  • (COs please CC: relevant user)

Many users complain of email problems but never provide details when we ask for them, so we are unable to investigate.

Nearly 4GB logs per day - 25 million lines.

Specific information is necessary.

Accidental lossage


We can recover email lost within the last week or so.

Requests to help-desk@ucs as usual.

We only need to know the name of the mailbox and the rough time of the loss - our recovery tools don't expose message contents.

Email access in absentia


  • Handled by user-admin, not postmaster
  • Must be signed off by HoD or similar
  • User's password is reset
  • Work-related email manually forwarded elsewhere
  • Vacation message installed to inform others of situation
  • Relatives / executors given access after death

They try not to look at personal email, though this can be difficult to get right, and they try to go in to the account only once.

Rôle addresses


Rôle addresses


reception@ucs ⇒ ucs@hermes
unix-support@ucs ⇒ cs-unix-support@lists
mail-support@ucs ⇒ dpc22@cam, fanf2@cam
help-desk@ucs ⇒ help-desk@helpdesk.csx

Shared hermes account - useful if some people handling the email work part-time - ad-hoc ticketing system.

Mailing list - useful to avoid having to use multiple accounts; works OK if staff are full-time and disciplined about CC:ing the role address.

Managed mail domain alias - poor man's mailing list. Generally best avoided.

You might want to set up a ticketing system like RT. We can provide managed mail domain "escape routes" for this kind of purpose.

Shared Hermes account is just like a normal Hermes account except that it has no @cam address, only an @hermes address. You need to tweak Prayer's defaults.

vanity domains

  • managed zone service
  • managed web server
  • managed mail domain

long-form domains

Junk email


90 messages per second is 7.8 million per day.

6 messages per second is 0.5 million per day.

Spam (according to SpamAssassin) is 25% weekdays 33% weekends.

Anti-Spam


  • Protocol conformance checks (<5%)
  • DNS blacklists: Spamhaus ZEN and MAPS RBL+ (>90%)
  • Email address verification (<5%)
  • Anti-virus: McAfee and ClamAV (negligible)
  • SpamAssassin (about 90% of the rest)
  • (optional) in-MUA filter

Based on my email for the last week, SpamAssassin scored 3900 messages as spam and missed about 300.

Future work