1 The =distorted.org.uk= mail system
5 The mail delivery agent is Exim. If you don't do anything special, mail
6 is delivered into =/var/mail/USER= on stratocaster, in mbox format.
8 There are a number of ways you can affect mail delivery.
10 ** The =~/.forward= file
12 In traditional Unix style, you can write delivery instructions into a
13 file named =.forward= in your home directory. This file can contain a
14 comma-separated list of email address and/or file or directory names to
15 which your mail should be sent. Mail is written to files in traditional
16 Unix `mbox' format, and to directories in `Maildir' format. The
17 =:fail:= and =:defer:= items are permitted, but may not be very useful.
19 This file can instead be an Exim or Sieve filter file, as marked by a
20 special comment on the first line. See the document `Exim's interfaces
21 to mail filtering', available via the command =info filter=, for details
24 ** The =~/.mail/forward= file
26 If you prefer, you can write delivery instructions to =~/.mail/forward=
27 instead. If you have lots of mail configuration files, you may find it
28 tidier to keep them all together in =~/.mail=.
30 ** The =~/.mail/forward.suffix= file
32 You will receive mail sent to =USER@distorted.org.uk=. You can also
33 receive mail sent to =USER-SUFFIX@distorted.org.uk= or
34 =USER+SUFFIX@distorted.org.uk=, for any =SUFFIX= string if you create a
35 file =~/.mail/forward.suffix=. While this can be a simple forward file,
36 it's probably much more useful to write an Exim filter file to analyse
37 the suffix string and take appropriate action.
39 If this file exists, it should be world-readable, because it will be
40 used by the mail server at SMTP time in order to decide whether a
41 particular =SUFFIX= string is valid.
46 ** Reading mail locally
48 The servers =stratocaster= and =jem= have a few mail user agents
49 installed, most notably trad BSD =mail=, =mutt=, and Emacs's various
50 mail-reading interfaces; more can be added.
52 ** Fetching mail through IMAP
54 There's an IMAP server running on =mail.distorted.org.uk=. ...
56 ** Forwarding mail off-site
61 The mail server checks incoming mail using SpamAssassin at SMTP time.
62 Suspected spam is rejected immediately. There are no `junk' mail
63 folders. Legitimate senders will likely receive bounces; spammers will
64 probably ignore the error and continue.
68 SpamAssassin works by having a large collection of rules: it tests an
69 incoming message against these rules, and adds up the /scores/ for the
70 rules that match. If the total score is above a given threshold then
71 the message is declared to be probably spam, and rejected.
73 If the mail server accepts a message, it adds two headers to it.
75 + =X-SpamAssassin-Score= has the form =SCORE/LIMIT (BAR)=, where
76 =SCORE= is the actual score for the message, =LIMIT= is the maximum
77 score allowed, and =BAR= is a little bar chart showing the score in
78 a way which can be matched easily using regular expressions. The
79 bar chart uses =+= or =-= signs, depending on whether the score is
80 positive or negative, or consists of a single =/= sign if it's close
83 + =X-SpamAssassin-Status= consists of space-separated =KEY=VAUE=
84 pairs. The keys currently are: =score= and =limit=, which are the
85 message's score and limit again; and =tests=, which lists the rules
86 which matched the message and their individual scores, as a
87 comma-separated list of items of the form =RULE:SCORE=.
91 The default spam limit is currently 5 points. However, you can override
92 this limit for mail sent to you by creating a world-readable file
93 =~/.mail/spam-limit= in your home directory on stratocaster. This file
94 should contain lines of the form
98 where =PATTERN= is an Exim =nwildlsearch= pattern matched against a
99 string of the form =RECIPIENT/SENDER=, and the =LIMIT= is ten times the
100 maximum SpamAssassin score you're willing to tolerate for this message.
101 See the Exim manual for full details; in short, the pattern may be a
102 literal string, a string beginning with a =*= to match a particular
103 suffix (usually a sender address or domain, which is why the sender is
104 on the right), or a Perl-style regular expression starting with =^=.
106 You may not want information about who is sending you spam (or honest
107 but spamlike mail) to be public knowledge, so instead you can make a
108 file =~/.mail/spam-limit.userv= of the same format. This file need not
109 be readable by anyone other than you.
111 Be careful with this facility: if a single incoming message has multiple
112 recipients, and they assign it different spam score limits (either
113 explicitly, or implicitly by accepting the system default) then the
114 sender will be told to defer delivery to some recipients. It's
115 therefore probably a bad idea to apply custom spam score limits for mail
116 for popular mailing lists, for example.
120 I'm not currently running SAUCE, but I'm giving it some consideration.
121 If you have comments on the matter, either way, I'm interested.
126 ** Submission mechanisms
128 Mail can be sent in a number of ways.
130 + The =sendmail= program. This is really Exim in disguise.
132 + SMTP to =localhost= port 25. This doesn't require explicit
133 authentication, since it relies on an identd, which is running on
134 all =distorted.org.uk= hosts.
136 + SMTP to =mail.distorted.org.uk= port 587. You must establish TLS,
137 and authenticate using a username and password; the server uses a
138 short-lived certificate signed by the =distorted.org.uk= certificate
139 authority, whose root certificate is at =/etc/ca/ca.cert= on all
140 servers. Use [[https://www.distorted.org.uk/chpwd/][Chopwood]] to set or change this password.
142 ** Sender authenticity
144 It is my intention that it be very hard for one =distorted.org.uk= user
145 to impersonate another to a third. To this end, the mail server is
146 rather picky about envelope sender addresses.
148 + It won't accept an apparently local sender address from an external
151 + It will check locally submitted mail against the submitter's user
152 name. The precise details vary according to the submission
153 mechanism: mail submitted through =sendmail= will have additional
154 headers added; mail submitted through SMTP will be rejected unless
155 the envelope sender is acceptable.
157 If I see something like DKIM catching on then this will also provide
158 external users with some kind of (probably fairly weak) sender
161 On the other hand, the mail server is aware of vanity domains, extension
162 addresses, and so on, and should let you send mail apparently from an
163 such an address that you control. If you think the mail server is being
164 unnecessarily strict about something then I'm willing to discuss your
167 If I'm hosting your mail domain for you then you get to decide the
171 * Mail hosting and custom domains
173 I think I have a fairly sane way to set up stratocaster (or some other
174 server, but strat is the obvious choice) to receive mail for domains
175 other than =distorted.org.uk=. I can easily arrange to accept mail for
176 such domains and deliver them locally or to other hosts. Pester me if
177 this sounds useful to you.
184 * COMMENT Emacs cruft