|Set-up for Email|
Spam filtering implementing SpamAssassin
To send an email, a you need an email program that will communicate with CSIM email server.
It is defined as an AIT policy that in CSIM building, a user must go through CSIM email server to send and email to outside.
In the email program select mail.cs.ait.ac.th as the outgoing email server
CSIM email server has been enhanced with SSL/TLS encrypted connection. Whenever it is possible, the server will use encryption to talk to the user's client or to another server.
By using Netscape, and provided that the you have a certificate on your computer, encrypted communication can be established between Netscape and CSIM email server. In no case it guarantee that the email is encrypted from end to end, from the sender to the recipient, only connections that involve CSIM email server are concerned.
Email is send over the Internet by using SMTP (Simple Mail Transfer Protocol)
where an enail is stored on an email gateway before it is sent to the next email
gateway and repeating until it reaches the recipient.
|Example of email transmission, with protocol used (SNMP or POP/IMAP)|
In this case, the only transmission that can be encrypted are the green ones, between the sender and CSIM email server (provided he has a certificate), and between CSIM email server and the recipient email gateway (provided this gateway accepts encrypted connection). Encryption on other connections depends on email gateways that are not under CSIM management.
In any case, the connection only will be encrypted; when the email is stored on a gateway, it will be in plaintext/non-encrypted format. In order to assure an end-to-end encryption, the user should encrypt his message using PGP or GnuPG for example.
Automatic and transparent roaming facility if provided to CSIM users. The solution that has been implemented is decribed bellow:
Given that you haveauthenticated first, you can use CSIM email server without restriction. The setting of your email program needs not to be changed.
In order to reduce unsollicited commercial email (spam), CSIM email server has been set-up to refuse email relaying. It will only accept email with (green arrow):
But it will refuse any email when sender and recipient are outside CSIM (red arrow). When you are outside CSIM network (from home, travelling) and want to send email to a recipient that is also outside CSIM network, CSIM email server cannot be used.
With the roaming facility, you can use CSIM email server, after you have autheticated, but other machines cannot, so CSIM email server does not relay spam.
|Contact us: Olivier Nicole||Last update: Aug 2007|