Nevis Mail Server Switch On 15:00 Thu 09-May-2002, I plan to switch the server that receives mail for Nevis from nevis1 to the new mail server, franklin. This web page discusses:
  • what is being done,
  • how having a different account on the mail server might affect you,
  • the issue of spam filtering on the new mail server,
  • and reading mail on the Linux cluster.
  • As part of the transition to the new mail server, as of 09-May-2002 I plan to change the main mail server for the nevis.columbia.edu domain. Based on the experimentation I've done thus far, I believe that this switch will be transparent to most, if not all, the users at Nevis.

    Nevertheless, given the importance of mail services at Nevis, I've prepared this web page to describe in detail the nature of the switch and its potential consequences.


    What is being done

    The mail setup at Nevis can basically be divided into three functions:

    1. Receiving mail via the internet and storing it on disk.
    2. Transferring the mail from that disk to a user's mail reader.
    3. Transmitting mail from a user's program to the internet.

    Right now, most users at Nevis use nevis1 for all three of the above functions. In fact, a user can only change (2) or (3) on their own; item (1), the "mail exchanger", is controlled by the domain name services. If you want to check this for yourself, enter the following command on a UNIX system:

    nslookup -query=mx nevis.columbia.edu You'll see that nevis1 is the primary mail exchanger for the entire nevis.columbia.edu domain (since it has the lowest preference number). What I specifically plan to do is set the primary mail exchanger for the nevis.columbia.edu domain to franklin, our new mail server. For a while, nevis1 will remain a secondary mail server, just in case franklin fails.

    The mail will still be stored physically on nevis1. You will still be able to read it using whatever mail reader you presently use, with no change to your program's configuration.

    If that were the only difference, there would be no need for me to prepare this web page. However, there are two issues that may potentially make a difference; these are described below.


    Mail server accounts

    The accounts on the new mail server, franklin, are not linked to the accounts on nevis1 in any direct way. Eventually, the accounts, home directories, and passwords on the two systems will be linked via NIS, but that is a project that I must postpone until mail services are entirely moved off of nevis1.

    What I have done is manually duplicate every active account on nevis1 onto franklin. If a given user account can receive mail on nevis1, then a duplicate account exists on franklin as well. The chief exception are those users who left Nevis and forwarded their e-mail elsewhere; rather than creating new accounts for them, I set up permanent mail forwarding aliases on both nevis1 and franklin.

    However, there are some differences between accounts on the systems:

    At this point, you may want to check that you have an account on franklin. If you have an account on the Linux cluster, you automatically have an account on franklin, but here's how both Linux and nevis1 users can check:

    ssh <user-name>@franklin.nevis.columbia.edu You'll be prompted for a password.


    Spam filtering

    The new mail server has a number of security features that the mail program on nevis1 does not have. Most of these features won't be visible until we fully switch mail servers, but there's one that will have an effect immediately: the mail server on franklin has a spam filter.

    The spam filter on franklin is actually rather mild as such things go. It does not filter the mail based on content; instead, it blocks mail based on where it comes from:

    In my initial testing, no mail from legitimate sites was blocked (although all-too-many spam messages still got through). My plan is to monitor all messages rejected by franklin for a month or two after we start using it as the mail exchanger; if I spot any legitimate mail being blocked, I can always turn off the spam filter. On the other hand, if the level of spam remains excessive, I can contemplate putting in a content filter.

    Note that if mail is rejected as spam, it is bounced back to the sender with an explanatory error message. This means that if someone sends you legitimate e-mail and it's rejected, the sender will know why and be able to take corrective action.

    Note added 12-Aug-2002: The blackhole-list portion of the spam filter was turned off shortly after franklin was put in use. In addition to many sites which are clearly sources of junk mail, the blackhole list included servers such as travelocity.com and cc-inc.com (which is PC-Mall). Although these companies are sources of unwanted junk mail, they are also sites with which legitimate Nevis business might be conducted.

    I have installed SpamAssassin on the Linux cluster. I'll eventually have a Nevis SpamAssassin web page. Until then, if you want to use this utility, read the "spamassassin" man page and web site; you can also look at ~seligman/.procmailrc for additional hints.


    Reading mail on the Linux cluster

    Since about 1998, the standard model for reading mail at Nevis was to logon to nevis1 and use pine. As of now (even before this mail exchanger switch), users can do this while logged on the to Linux cluster.

    Some items to note:

    The most important aspect of this change is that it's no longer necessary to give someone (a summer student, a staff member, a visiting scientist) an account on nevis1 just so they can receive mail here. An account on the cluster is all that's necessary.


    Back to the Nevis Mail Page.

    Return to the Nevis Computing Page.

    Up to the Nevis Home Page.

    E-mail: Send any comments or questions to the webmaster.