1 / 23

University of Ottawa Email system Mohammed Master Pete Hickey

University of Ottawa Email system Mohammed Master Pete Hickey. Current stats. 33,000 accounts 4,500 active users Others read on department servers 29 departmental servers Others use HotMail Others don’t read at all. Initial Descisions. Both staff & students have @uottawa.ca

wendi
Download Presentation

University of Ottawa Email system Mohammed Master Pete Hickey

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. University of Ottawa Email systemMohammed MasterPete Hickey

  2. Current stats • 33,000 accounts • 4,500 active users • Others read on department servers • 29 departmental servers • Others use HotMail • Others don’t read at all.

  3. Initial Descisions • Both staff & students have @uottawa.ca • Many departments maintained own mailers • POP/IMAP based

  4. In the beginning… • There was no SPAM • Single machine did everything • Named after a famous mailman, Cliff. • Only readers were Pine and Pegasus. • telnet interface for admin • Forwarding • password change…

  5. Current configuration • Virus filtering • Spam blocking • External relaying both blocked & permitted • Relatively firewalled. • SIS emailer hidden • Load split. • Moving toward LLBs • Admin interface web based.

  6. Components

  7. Mailbox • Contains users inbox & folders • Runs POP and IMAP server • Only accepts from internal mailers • Forwards according to user’s .forward • Web admin interface via ssh • Vacation, password change, forward, etc. • Sanity checks on adding .forwards • Big AIX machine.

  8. Secure-mail • Tunnels an SSL (IMAP) connection from user to mailbox • Encryption load not on mailbox. • Linux box

  9. SMTP-OUT • Accepts mail from internal and our external users • Optional virus checking. • Old (token-ring) RS-6000 • Switching to a pair of redundant linux (HA) boxes

  10. MXer • Accepts external email • Spam blocks • Virus checks before delivery • Mxes for departmental servers • Fewer departments MXing due to SPAM • Fewer departments running own servers • Pair of identical Linux boxes

  11. Canyon • Mail forwarder for our mainframe. • Professor sends email to class without having list of students’ addresses • Other admin apps which send mail • Re-writes headers to hide source machine. • No virus checking. • Small Linux

  12. Remote Relaying • Once remote user logs on to read mail, relaying is allowed • Small addition to POP/IMAP server • Whenever non-uottawa IP address logs on, address written to named pipe • Daemon reads from pipe, adds to database, sends to SMTP-OUT

  13. Remote Relaying • Daemon on SMTP-OUT adds IP-address and timestamp to sendmail database • Sendmail allows relaying from addresses in the database. • Deamon purges addresses after 30 minutes. • Problems now, since some ISPs are blocking port 25 out.

  14. Virus checking • We caught things before commercial virus checkers updates are available. • Virus checker comes free with Unix grep

  15. Virus Checking • MXer (and smtp-out) sendmails are set to queue only into directory mqueue • Mail_mover moves files from mqueue into mqueue2 • Runs grep with –f to check for viruses • Mail with viruses put in mqueue3

  16. Virus Checking • Second sendmail transfers mail from mqueue2 • Mail-returner returns mail in mqueue3 • Unreturnable put in mqueue4 • Adds delay of 5 minutes • Blocked over 1000 Klez in a day

  17. Virus Checking • Strings to look for are in text file used by grep. • We can filter on any content we want. • .exe files blocked here.

  18. Spam blocking • System tuned to users’ various needs. • SPAM blocking is a delicate balance • The tighter rules are higher percentage of real mail blocked. • Some users would rather receive SPAM than chance missing important mail • Eg admissions. • Valid users may come from WKS

  19. Spam blocking • We make extensive use of sendmail checks to block/unblock • BlockIP list (xxx.xxx.xxx.xxx). • No mail accepted from address • BlockIPS list (xxx.xxx.xxx) • No mail accepted from /24 • BlockIPD (xxx.xxx) • No mail accepted from /16.

  20. Spam blocking • AllowIP (xxx.xxx.xxx.xxx) • Mail always accepted • AllowIPS (xxx.xxx.xxx) • Mail always excepted. • AllowSpam list • No spam filtering done for these addresses.

  21. SPAM blocking • Checks against common subjects • 1424 Learn How to Drop Your MORTGAGE Rates. • 161 Get a FREE credit card debt evaluation • 80 A WinXP patch • 59 Be Your Own Server Admin • 49 100 Million EMAIL CD $69 • 50 Work From Home • 47 Interest rates are rising! • 27 Snowhite and the Seven Dwarfs • 26 ( XXX WARNING!! ) • 24 No Joke! A Bigger Penis Can Be Yours!

  22. SPAM blocking • We allow for a one-off exception. • Mail to joe@uottawa.ca sent to joe.NOTSPAM@uottawa.ca • SPAM checking rules are ignored. • Allows grandma@seductive.com to send mail to sunnyboy@uottawa.ca

  23. Sumary • Mail system is composed of lots of little peices • Lots of little tricks make a good system.

More Related