Frequently Asked Questions

CogLib.com Frequently Asked Questions Table of Contents: 1. What are the services' key fingerprints? 2. How can I configure procmail for the mail configuration on coglib? 3. How do I use SpamAssassin on coglib? 4. How do I use cvs on coglib? 5. What's the safest way to move my email to coglib? 6. Does coglib offer SSL-secured webmail access? 1. What are the services' key fingerprints? === Current ================================================================ SSH RSA key fingerprint: (brain.coglib.com) 2f:6c:7a:db:78:82:fa:59:87:0a:b5:1d:e4:2c:2c:c3 Coglib.com CA certificate: SHA1 Fingerprint=F7:9B:B1:D4:3D:73:85:92:FD:16:F1:B3:FD:3D:A4:2F:FB:77:86:C0 MD5 Fingerprint=9F:3F:F1:0D:45:E9:A9:18:B1:04:10:8B:7F:04:43:60 Coglib.com HTTPS certificate: (*.coglib.com) [2011-05-27 to 2012-05-26] SHA1 Fingerprint=52:8E:B1:C3:5B:D2:E5:8E:44:09:E0:7C:78:31:00:6E:7B:77:F6:01 MD5 Fingerprint=4C:79:40:2C:41:41:FD:AA:AE:3B:45:2C:4A:28:38:01 Coglib.com SMTP/IMAP certificate (smtp.coglib.com) [2011-05-27 to 2012-05-26] SHA1 Fingerprint=87:90:FD:5B:51:54:2F:A0:70:FF:8A:BC:56:AD:66:5B:93:2A:B5:4F MD5 Fingerprint=FF:62:E1:40:59:5F:59:FD:79:36:E3:E2:93:FB:FC:ED === Expired ================================================================ Coglib.com HTTPS certificate: (*.coglib.com) [2010-05-27 to 2011-05-27] SHA1 Fingerprint=20:9B:EA:E5:12:FE:CD:A1:73:ED:31:EA:9B:E2:8F:00:77:B9:AE:7F MD5 Fingerprint=E8:2B:D4:4F:4C:13:95:20:BB:DF:BD:1B:E7:D3:AB:62 Coglib.com SMTP/IMAP certificate (smtp.coglib.com) [2010-05-27 to 2011-05-27] SHA1 Fingerprint=56:D2:97:C4:D8:DB:F6:6B:B6:34:AA:A8:C9:3F:A4:4B:77:F1:32:2C MD5 Fingerprint=5A:17:BF:A4:4B:5F:F1:A4:F1:8F:79:38:9D:DE:C3:85 Coglib.com HTTPS certificate: (*.coglib.com) [2009-05-26 to 2010-05-26] SHA1 Fingerprint=C5:2B:C2:23:77:EF:F5:E3:03:04:9C:9D:5B:FC:F6:27:A9:4F:60:D3 MD5 Fingerprint=43:16:75:2F:73:1F:F5:6C:83:4E:C7:B8:2D:C7:5B:4B Coglib.com SMTP/IMAP certificate (smtp.coglib.com) [2009-05-26 to 2010-05-26] SHA1 Fingerprint=EC:63:9F:BE:1E:54:F0:A9:EB:8B:B1:E8:93:93:99:E2:F9:E6:29:3B MD5 Fingerprint=67:07:FD:6F:7D:57:55:D4:B7:1F:F3:CC:DE:45:E8:0C Coglib.com HTTPS certificate: (*.coglib.com) [2008-05-29 to 2009-05-26] SHA1 Fingerprint=66:69:C0:5D:ED:3A:04:86:6A:F9:57:F6:9B:7C:70:30:ED:32:16:7E MD5 Fingerprint=B1:C6:92:D1:A0:01:DE:37:93:0F:88:88:19:84:4D:1C Coglib.com SMTP/IMAP certificate (smtp.coglib.com) [2008-05-29 to 2009-05-26] SHA1 Fingerprint=BC:1E:A1:63:06:E5:07:D2:31:73:E8:F0:EC:9F:4D:44:DC:CC:AB:05 MD5 Fingerprint=4D:8D:C8:27:08:28:70:31:AB:83:FE:D0:3A:9A:A1:FA Also available as a separate file with signature. It may also be more convenient to install the Coglib CA certificate in your browser/email client. By doing so, you will not have to verify the new HTTPS and SMTP/IMAP certificates every year as the old ones expire and new ones are generated. Instead they will be automatically accepted. The Coglib CA certificate will not expire until 2018. The PEM encoded certificate is: -----BEGIN CERTIFICATE----- MIIEfTCCA2WgAwIBAgIJALffEk5sWyM6MA0GCSqGSIb3DQEBBQUAMIGFMQswCQYD VQQGEwJVUzESMBAGA1UECBMJV2lzY29uc2luMRAwDgYDVQQHEwdNYWRpc29uMRMw EQYDVQQKEwpDb2dMaWIuY29tMRcwFQYDVQQDEw5KYXJlZCBDb3JkYXNjbzEiMCAG CSqGSIb3DQEJARYTamNvcmRhc2NAY29nbGliLmNvbTAeFw0wODA1MjkxNjQwNDVa Fw0xODA1MjcxNjQwNDVaMIGFMQswCQYDVQQGEwJVUzESMBAGA1UECBMJV2lzY29u c2luMRAwDgYDVQQHEwdNYWRpc29uMRMwEQYDVQQKEwpDb2dMaWIuY29tMRcwFQYD VQQDEw5KYXJlZCBDb3JkYXNjbzEiMCAGCSqGSIb3DQEJARYTamNvcmRhc2NAY29n bGliLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALuV83Ed18IQ szqCSjCk8EYTf2bpCSYELtaOKEq4IsoDjTkWjqnY0M49MAt7Al2x/DRkXXnN+foQ Jv8rfy9E4i/txjmbhZFBrfauIhg64a7o+oEhwoszirp2Rmh0vCASKDnfptr5AcLr GMWpTVvgbTzyLcya6uNWGi3NjWjnpiyIjfjNJP6rWrQHaJcZNwXHmhc0uM+HozQO lf9QpESxXXyWfEuY2DvvNXJhZy2/138uZeZsr3Rb7YLFkh/WHdkg63jrqtvcKwYt m8/6i6mxGG63cWxtVWUe0dfBBazr3BspGiap7neu7YOjAkCTuILarxBceWd9eIIQ /HBgKtKhO3cCAwEAAaOB7TCB6jAdBgNVHQ4EFgQU5VQ58YObXcYwRshBc0qEyv+w y1IwgboGA1UdIwSBsjCBr4AU5VQ58YObXcYwRshBc0qEyv+wy1KhgYukgYgwgYUx CzAJBgNVBAYTAlVTMRIwEAYDVQQIEwlXaXNjb25zaW4xEDAOBgNVBAcTB01hZGlz b24xEzARBgNVBAoTCkNvZ0xpYi5jb20xFzAVBgNVBAMTDkphcmVkIENvcmRhc2Nv MSIwIAYJKoZIhvcNAQkBFhNqY29yZGFzY0Bjb2dsaWIuY29tggkAt98STmxbIzow DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEApofkyuI+MrldO38vXqjX H2gQf9pzEuVYgB8AmL5FtKgqDYGCOAbvyg4KKbzYedZvDc02mD5q3zFvJPLzQgiH doA4miyFsyocNT0pv04HhjK/TPATc2tpSxiaBJgffKUIW3F8HXj/USzreKmOTg27 ZblEsA1rdkGWjBATplFnnaac9AVgSNGfIJNFRJBCsyV/3MFVNjrthTy8Pf4QnOk4 Axo6tXa65FzHRIjrt7GUEgdvOxR2/ZpmbbCGSXnVM0hjGjvY9e2dJ4l0OyUhu8VF ISQy7Br9USwJ7W1bitaMH+ZKJ5ZBP8pCYkJdQ/6gyTyjBLquxcZf2w3fm/dNyVRl fA== -----END CERTIFICATE----- Also available in PEM format (with signature) for import into any browser or email client, or in CRT format (with signature) for automatic addition to some (all?) browsers. 2. How can I configure procmail for the mail configuration on coglib? There are a number of features of the mail setup on coglib. The following '.procmailrc' file takes advantage of SpamAssassin and address extensions. # Please check that all the paths exist MAILDIR=$HOME/mail # You had better make sure it exists DEFAULT=$HOME/mail/inbox LOGFILE=$HOME/.procmail/log SHELL=/bin/bash VERBOSE=no ### Remove ASSP filter info from guinness forwarded mail ### # This filter simple removes all X-Assp-* headers from email as well # as removing any "[SPAM]" designation in the subject. This is especially # useful for anyone forwarding their mail from a system that pre-screens # for spam. Enabling this filters allows SpamAssassin to come to its own # conclusion. :0f * ^X-Assp | sed -e '/^X-Assp-/d ; /^Subject:/ s/\[SPAM\] //g;' ### BEGIN SPAM ASSASSIN CONFIG ### # Pipe the mail through spamassassin (replace 'spamassassin' with 'spamc' # if you use the spamc/spamd combination) # # The condition line ensures that only messages smaller than 250 kB # (250 * 1024 = 256000 bytes) are processed by SpamAssassin. Most spam # isn't bigger than a few k and working with big messages can bring # SpamAssassin to its knees. # # The lock file ensures that only 1 spamassassin invocation happens # at 1 time, to keep the load down. # :0fw: spamassassin.lock * < 256000 | spamc # Mails with a score of 15 or higher are almost certainly spam (with 0.05% # false positives according to rules/STATISTICS.txt). Let's put them in a # different mbox. (This one is optional.) #:0: #* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\* #almost-certainly-spam # All mail tagged as spam (eg. with a score higher than the set threshold) # is moved to "spam". :0 * ^X-Spam-Status: Yes spam # Work around procmail bug: any output on stderr will cause the "F" in "From" # to be dropped. This will re-add it. :0 * ^^rom[ ] { LOG="*** Dropped F off From_ header! Fixing up. " :0 fhw | sed -e '1s/^/F/' } ### END SPAM ASSASSIN CONFIG ### ### General mail filters ### # This filter takes advantage of address extensions. Address extensions are # enabled on the coglib.com mail server allowing easier filtering/blocking # of email. # # For instance, a user with coglib account 'fakeuser' can create an account # with Amazon.com supplying the email address 'fakeuser+amazon@coglib.com'. # Mail sent to this extended address will be delivered to # 'fakeuser@coglib.com'. However, the user can now track who Amazon sells # their email address to. In addition, filtering is simplified by allowing # the user to filter based on the To rather than the From header since mail # can often come from other domains as companies outsource bulkmail adverts. :0 * ^X-Original-To.*fakeuser\+amazon amazon Also available as a separate file. 3. How do I use SpamAssassin on coglib? SpamAssassin has two modes of operation. In one mode, each user launches the 'spamassassin' executable to filter each incoming message. For low volume servers, or servers where there is no system-side SpamAssassin install, this works just fine. The second mode involves using a server-client model to optimize use of system resources. We use this second model. As such your procmail rule should use the 'spamc' client as the filter for your mail. For example: # The lock file ensures that only 1 spamassassin invocation happens # at 1 time, to keep the load down. # :0fw: spamassassin.lock * < 256000 | spamc You'll also need a '.spamassassin' folder in your home directory for storage of bayesian filter data, as well as your 'user_prefs' personal configuration file. Once this is setup, incoming spam is marked with appropriate headers. The following rule puts messages marked as spam in your 'spam' folder. # All mail tagged as spam (eg. with a score higher than the set threshold) # is moved to "spam". :0 * ^X-Spam-Status: Yes spam Note that the original message will be put in a MIME attachment with an explanation of why it was marked as spam. If you would prefer the original message remain untouched, you should set the following option in your '.spamassassin/user_prefs' file: report_safe 0 As messages arrive that are spam but aren't flagged as such, save them to the spam folder. Similarly, items that aren't spam should be moved to a regular folder. Once you have several spam and non-spam messages that were incorrectly flagged, you can train your bayesian filter using the following commands. For spam: $ /usr/bin/sa-learn --showdots --mbox --spam ~/mail/spam For non-spam (ham): $ /usr/bin/sa-learn --showdots --mbox --ham ~/mail/inbox It helps to make aliases so you can periodically train your filters: alias spammail='/usr/bin/sa-learn --showdots --mbox --spam ~/mail/spam; rm -f ~/mail/spam; touch ~/mail/spam;' alias hammail='/usr/bin/sa-learn --showdots --mbox --spam ~/mail/inbox;' And that is how to use SpamAssassin as installed on coglib. Also available as a separate file. 4. How do I use cvs on coglib? Also available as a separate file. 5. What's the safest way to move my email to coglib? Copy over your procmailrc from CS, but DON'T put it as '~/.procmailrc'. Name it '~/.proc_cs' or similar so that it doesn't get used automatically. Then edit at least the following two variables in that file to match the coglib setup: MAILDIR=$HOME/mail DEFAULT=$HOME/mail/inbox This will be the procmailrc file you'll use once everything is moved over. Then, in '~/.procmailrc' put just the following line: DEFAULT=$HOME/mail/forwarded_mail_tmp This will deliver incoming mail to a temporary folder. Make sure there are no rules as you don't want to overwrite incoming forwarded mail when copying folders from CS. At this point you are ready to start redirecting CS to coglib. Create a '.forward' file in your home directory on the CS network that contains one line with your coglib address. (See considerations below.) You can now scp over your mail folders from CS to coglib. No mail will be delivered to the CS folders after creating the forward file, so you won't have to repeat this. Remember that '~/.mail' on CS should become '~/mail/inbox' on coglib. You may want to save your current inbox and add it to your CS inbox like so: $ cd ~/mail $ scp dab.cs.stevens.edu:~/.mail ./inbox.cs $ cat inbox >> inbox.cs $ mv inbox.cs inbox Alternatively you can make your CS inbox separate from your coglib inbox, choosing to put it somewhere like '~/mail/guinness'. Once all your mailboxes are moved over, you can replace the temporary procmailrc file with your permanent one (the one with example name '~/.proc_cs'). If any mail arrived while you were moving things over, sort through '~/mail/forwarded_mail_tmp' and put the mail in the correct folders. Once this is empty, you can then delete the file. You should now be moved over without having lost any mail. A few things to consider: - Your forwarded mail will still show a To: header of foo@cs.stevens.edu or foo@stevens.edu (from pipeline) This can be used for sorting incoming mail into different inboxes. One setup would be using 'inbox' for coglib.com emails, 'guinness' or 'cs' for cs.stevens.edu emails, and 'pipeline' for stevens.edu emails. The problem occurs when an address you are forwarding from is subscribe to a mailing/advertisement list. Since the list name is specified rather than the individual recipient, you wouldn't be able to sort based on the To header. One solution is to use address extensions for forwarded mail. Tell pipeline to forward stevens.edu emails to foo+pipeline@coglib.com and CS to forward emails to foo+guinness@coglib.com. You can then sort these mails on the X-Original-To header (see example at http://www.coglib.com/faq/). The rules that catch all mail for a forwarded account should go at the END of your procmailrc file so that more specific rules have a chance to catch the mail first. - Using address extensions can be very helpful for sorting. They are even more useful if you change the address at the source rather than allowing your CS or pipeline account to continue forwarding mail. Changing your email address with Amazon and others, not only allows you to set a per website extension for more fine grained filtering, it also cuts out the middle-man of either guinness or pipeline in mail delivery. If a website doesn't know your coglib email, then when CS goes down (and it will), you won't get those emails even though coglib is up. - Email forwarded from guinness will still be marked with ASSP's spam designation. To remove all traces of this, use the following procmail rule: :0f * ^X-Assp | sed -e '/^X-Assp-/d ; /^Subject:/ s/\[SPAM\] //g;' Make sure to put this at the TOP of your procmailrc file to make sure this crud is removed before any further processing. One other note about moving over. If you still have your SpamAssassin bayes files on CS, don't bother transferring them over to coglib. Since coglib is running the newest version of SpamAssassin, it will not read these older format files. Do, however, bring over the rest of your '.spamassassin' directory including your 'user_prefs' file and any whitelisting settings. Be sure to see the FAQ at http://www.coglib.com/faq/ for more information on how to configure procmail to use SpamAssassin as well as how to use and train SpamAssassin. Also available as a separate file. 6. Does coglib offer SSL-secured webmail access? Yes! Login at: https://www.coglib.com/webmail/ Note however that there are some differences between the expectancies of the webmail software and your usual mutt or pine setup. The biggest difference is that the webmail program will create a trash folder at '~/mail/Trash' and will move all deleted mail there, rather than flagging it for deletion and leaving it in the folder. There are additional items you may wish to customize in the webmail interface, however, a description of them will be written up at a later time.