Commit | Line | Data |
---|---|---|
185b5456 MW |
1 | The =distorted.org.uk= mail system |
2 | ||
3 | * Delivery | |
4 | ||
5 | The mail delivery agent is Exim. If you don't do anything special, mail | |
6 | is delivered into =/var/mail/USER= on stratocaster, in mbox format. | |
7 | ||
8 | There are a number of ways you can affect mail delivery. | |
9 | ||
10 | ** The =~/.forward= file | |
11 | ||
12 | In traditional Unix style, you can write delivery instructions into a | |
13 | file named =.forward= in your home directory. This file can contain a | |
14 | comma-separated list of email address and/or file or directory names to | |
15 | which your mail should be sent. Mail is written to files in traditional | |
16 | Unix `mbox' format, and to directories in `Maildir' format. The | |
17 | =:fail:= and =:defer:= items are permitted, but may not be very useful. | |
18 | ||
19 | This file can instead be an Exim or Sieve filter file, as marked by a | |
20 | special comment on the first line. See the document `Exim's interfaces | |
21 | to mail filtering', available via the command =info filter=, for details | |
22 | about these files. | |
23 | ||
24 | ** The =~/.mail/forward= file | |
25 | ||
26 | If you prefer, you can write delivery instructions to =~/.mail/forward= | |
27 | instead. If you have lots of mail configuration files, you may find it | |
de67b50e | 28 | tidier to keep them all together in =~/.mail/=. |
185b5456 MW |
29 | |
30 | ** The =~/.mail/forward.suffix= file | |
31 | ||
32 | You will receive mail sent to =USER@distorted.org.uk=. You can also | |
33 | receive mail sent to =USER-SUFFIX@distorted.org.uk= or | |
34 | =USER+SUFFIX@distorted.org.uk=, for any =SUFFIX= string if you create a | |
35 | file =~/.mail/forward.suffix=. While this can be a simple forward file, | |
36 | it's probably much more useful to write an Exim filter file to analyse | |
37 | the suffix string and take appropriate action. | |
38 | ||
39 | If this file exists, it should be world-readable, because it will be | |
40 | used by the mail server at SMTP time in order to decide whether a | |
41 | particular =SUFFIX= string is valid. | |
42 | ||
de67b50e MW |
43 | ** Permissions for filter files |
44 | ||
45 | Your various filter files are used by Exim's SMTP server, which runs as | |
46 | an unprivileged user =Debian-exim= for security reasons. Therefore your | |
47 | filter files must be readable by this user. Currently, the only way to | |
48 | do this is to make the filter files world-readable. If this is | |
49 | unsatisfactory for some reason I'll try to come up with a way to arrange | |
50 | privacy for your filters. | |
51 | ||
185b5456 MW |
52 | |
53 | * Reading mail | |
54 | ||
55 | ** Reading mail locally | |
56 | ||
57 | The servers =stratocaster= and =jem= have a few mail user agents | |
58 | installed, most notably trad BSD =mail=, =mutt=, and Emacs's various | |
de67b50e MW |
59 | mail-reading interfaces; more can be added. Your mail is delivered to |
60 | =/var/mail/USER=; any further arrangements, e.g., multiple folders, are | |
61 | left to you. | |
185b5456 MW |
62 | |
63 | ** Fetching mail through IMAP | |
64 | ||
de67b50e MW |
65 | There's an IMAP server running on =mail.distorted.org.uk=. It expects |
66 | your main inbox to be in =/var/mail/USER=, and further folders are put | |
67 | in =~/mail/=, in mbox format. | |
68 | ||
69 | The IMAP server listens on ports 143 (plain IMAP) and 993 (IMAP over | |
70 | TLS). In the former case, you'll have to configure your client to send | |
71 | =STARTTLS=, because the server simply won't allow non-encrypted | |
72 | communication. | |
73 | ||
74 | The server's certificate is signed by my certificate authority, whose | |
75 | own certificate can be fetched from | |
76 | https://www.distorted.org.uk/ca/ca.cert. (The web server's certificate | |
77 | is signed by the StartCom Class 1 CA, which should be in most browser's | |
78 | certificate stores.) I issue new short-term certificates daily, so | |
79 | telling your mail client to pin the certificate won't help. (The public | |
80 | key doesn't change, though, so if you can do public-key pinning you'll | |
81 | be OK.) | |
185b5456 MW |
82 | |
83 | ** Forwarding mail off-site | |
84 | ||
de67b50e MW |
85 | You can redirect all of your mail to some other site if you prefer to |
86 | consolidate it: just write the destination mailbox to =~/.forward=. | |
87 | Everything else is left to you. | |
88 | ||
89 | ||
90 | * Sending mail | |
91 | ||
92 | ** The =sendmail= program | |
93 | ||
94 | Exim provides a =/usr/sbin/sendmail= program with a plausible interface, | |
95 | and most traditional Unix programs will use this by default to send | |
96 | mail. | |
97 | ||
98 | ** SMTP to =localhost= | |
99 | ||
100 | Another traditional way of submitting mail is by connecting to port 25 | |
101 | on the loopback address 127.0.0.1 and speaking SMTP. This will work on | |
102 | most servers, and you will be authenticated automatically using the | |
103 | system's =identd=. NB: servers other than stratocaster won't | |
104 | understand unusual domains. | |
105 | ||
106 | ** The Submission protocol | |
107 | ||
108 | The `modern' way to submit mail involves connecting to port 587 on the | |
109 | =mail.distorted.org.uk= (the `submission' service) and speaking SMTP. | |
110 | If you use this service, then (a) you must tell your client to send | |
111 | =STARTTLS=, and (b) you will have to provide a user name and password. | |
112 | ||
113 | As with IMAP, the SMTP server's certificate is signed by the | |
114 | =distorted.org.uk= CA; see above. | |
115 | ||
116 | ** Sender authenticity | |
117 | ||
118 | It is my intention that it be very hard for one =distorted.org.uk= user | |
119 | to impersonate another to a third. To this end, the mail server is | |
120 | rather picky about envelope sender addresses. | |
121 | ||
122 | + It won't accept an apparently local sender address from an external | |
123 | mail server at all. | |
124 | ||
125 | + It will check locally submitted mail against the submitter's user | |
126 | name. The precise details vary according to the submission | |
127 | mechanism: mail submitted through =sendmail= will have additional | |
128 | headers added; mail submitted through SMTP will be rejected unless | |
129 | the envelope sender is acceptable. | |
130 | ||
131 | If I see something like DKIM catching on then this will also provide | |
132 | external users with some kind of (probably fairly weak) sender | |
133 | authenticity. | |
134 | ||
135 | On the other hand, the mail server is aware of vanity domains, extension | |
136 | addresses, and so on, and should let you send mail apparently from an | |
137 | such an address that you control. If you think the mail server is being | |
138 | unnecessarily strict about something then I'm willing to discuss your | |
139 | requirements. | |
140 | ||
141 | If I'm hosting your mail domain for you then you get to decide the | |
142 | appropriate policy. | |
143 | ||
144 | ||
145 | * Chopwood, and passwords | |
146 | ||
147 | Users don't have login passwords on =distorted.org.uk= machines; but the | |
148 | SMTP and IMAP services require user names and passwords, which are | |
149 | managed using the `Chopwood' service (whose name is `chpwd' -- short for | |
150 | `change password' -- with some additional vowels). | |
151 | ||
152 | You can communicate with Chopwood in three different ways. | |
153 | ||
154 | 1. Using Userv. On stratocaster, run =userv chpwd help= for a list | |
155 | of commands. | |
156 | ||
157 | 2. Using SSH. You will need to send me an SSH public key (or | |
158 | several), which I'll install for you. Then you'll be able to run | |
159 | =ssh chpwd@stratocaster.distorted.org.uk help= for a list of | |
160 | commands, as for Userv. (This is mainly intended for people who | |
161 | don't have login accounts.) | |
162 | ||
163 | 3. Using the web interface. Point your browser at | |
164 | =https://www.distorted.org.uk/chpwd/=. For this, you'll need a | |
165 | user name and password for Chopwood itself: if you have a local | |
166 | login, you can set this up yourself using Userv (say); otherwise | |
167 | I'll generate a password for you and send it to you. | |
168 | ||
169 | If you're using Userv or SSH, you can list which password-using services | |
170 | you have accounts with the =list= command, and request new passwords | |
171 | with =reset=, which prints the new password to stdout; the =clear= | |
172 | command will disable a service's password, preventing you from logging | |
173 | in at all. There is a command =set= for setting a password that you | |
174 | choose, but that's disabled as a matter of local policy: it's possible | |
175 | that I can be persuaded to enable it, but not very likely. Note that | |
176 | you can reset several services' passwords with the same command, and | |
177 | this will use the same (freshly generated) password for all of them. | |
178 | For example, | |
179 | ||
180 | : userv chpwd reset smtp imap | |
181 | ||
182 | will generate a new password which will work both with the SMTP | |
183 | submission service and the IMAP server. | |
184 | ||
185 | Similar functionality is available through the web interface. | |
186 | ||
185b5456 MW |
187 | |
188 | * Spam filtering | |
189 | ||
190 | The mail server checks incoming mail using SpamAssassin at SMTP time. | |
191 | Suspected spam is rejected immediately. There are no `junk' mail | |
192 | folders. Legitimate senders will likely receive bounces; spammers will | |
193 | probably ignore the error and continue. | |
194 | ||
195 | ** SpamAssassin | |
196 | ||
197 | SpamAssassin works by having a large collection of rules: it tests an | |
198 | incoming message against these rules, and adds up the /scores/ for the | |
199 | rules that match. If the total score is above a given threshold then | |
200 | the message is declared to be probably spam, and rejected. | |
201 | ||
202 | If the mail server accepts a message, it adds two headers to it. | |
203 | ||
204 | + =X-SpamAssassin-Score= has the form =SCORE/LIMIT (BAR)=, where | |
205 | =SCORE= is the actual score for the message, =LIMIT= is the maximum | |
206 | score allowed, and =BAR= is a little bar chart showing the score in | |
207 | a way which can be matched easily using regular expressions. The | |
208 | bar chart uses =+= or =-= signs, depending on whether the score is | |
209 | positive or negative, or consists of a single =/= sign if it's close | |
210 | to zero. | |
211 | ||
212 | + =X-SpamAssassin-Status= consists of space-separated =KEY=VAUE= | |
213 | pairs. The keys currently are: =score= and =limit=, which are the | |
214 | message's score and limit again; and =tests=, which lists the rules | |
215 | which matched the message and their individual scores, as a | |
216 | comma-separated list of items of the form =RULE:SCORE=. | |
217 | ||
218 | ** Custom spam limits | |
219 | ||
220 | The default spam limit is currently 5 points. However, you can override | |
221 | this limit for mail sent to you by creating a world-readable file | |
222 | =~/.mail/spam-limit= in your home directory on stratocaster. This file | |
223 | should contain lines of the form | |
224 | ||
225 | : PATTERN: LIMIT | |
226 | ||
227 | where =PATTERN= is an Exim =nwildlsearch= pattern matched against a | |
228 | string of the form =RECIPIENT/SENDER=, and the =LIMIT= is ten times the | |
229 | maximum SpamAssassin score you're willing to tolerate for this message. | |
230 | See the Exim manual for full details; in short, the pattern may be a | |
231 | literal string, a string beginning with a =*= to match a particular | |
232 | suffix (usually a sender address or domain, which is why the sender is | |
233 | on the right), or a Perl-style regular expression starting with =^=. | |
234 | ||
235 | You may not want information about who is sending you spam (or honest | |
236 | but spamlike mail) to be public knowledge, so instead you can make a | |
237 | file =~/.mail/spam-limit.userv= of the same format. This file need not | |
238 | be readable by anyone other than you. | |
239 | ||
240 | Be careful with this facility: if a single incoming message has multiple | |
241 | recipients, and they assign it different spam score limits (either | |
242 | explicitly, or implicitly by accepting the system default) then the | |
243 | sender will be told to defer delivery to some recipients. It's | |
244 | therefore probably a bad idea to apply custom spam score limits for mail | |
245 | for popular mailing lists, for example. | |
246 | ||
247 | ** SAUCE | |
248 | ||
249 | I'm not currently running SAUCE, but I'm giving it some consideration. | |
250 | If you have comments on the matter, either way, I'm interested. | |
185b5456 MW |
251 | |
252 | ||
253 | * Mail hosting and custom domains | |
254 | ||
255 | I think I have a fairly sane way to set up stratocaster (or some other | |
256 | server, but strat is the obvious choice) to receive mail for domains | |
257 | other than =distorted.org.uk=. I can easily arrange to accept mail for | |
258 | such domains and deliver them locally or to other hosts. Pester me if | |
259 | this sounds useful to you. | |
260 | ||
185b5456 MW |
261 | * COMMENT Emacs cruft |
262 | ||
de67b50e MW |
263 | #+LaTeX_CLASS: strayman |
264 | ||
185b5456 MW |
265 | ### Local variables: |
266 | ### mode: org | |
267 | ### End: |