Technical Coordinators Meeting Chris Bongaarts Steve Siirila January 11, 2006

Service Outages Wed Jan 4 22:00-22:30 (30min), Wed Jan 4 22:00-22:30 (30min), Sun Jan 8 18:50-19:30 (40min) –Authenticated SMTP (smtp.umn.edu) –Mail Delays –Related to move of directory server Tue Jan 10 13:15-15:20 (2hr 5min) Tue Jan 10 13:15-15:20 (2hr 5min) –Premium Interactive (garnet) –Personal Web Services ( –Due to SAN problem

Equipment Moves Equipment moved from CHRC to St. Paul Equipment moved from CHRC to St. Paul –Directory server –Incoming mail server (MX) –Outgoing mail server (GW, relay) –IMAP/POP server (sapphire) –X.500/Kerberos authentication servers –Other internal servers Two more servers (diamond, ruby) to move over next couple weeks Two more servers (diamond, ruby) to move over next couple weeks New site on DataCenter network New site on DataCenter network –Redundant paths to campus network –Shared VLAN between sites

GopherMail New Webmail client based on University of Cambridge “Prayer” New Webmail client based on University of Cambridge “Prayer” Integrated with: Integrated with: –Central Authentication Hub (CAH) –UMN Spam Reporting –UMN LDAP Directory Services No reliance on an external web server or PHP infrastructure No reliance on an external web server or PHP infrastructure Utilizes IMAP and holds open up to 5 connections much like desktop clients Utilizes IMAP and holds open up to 5 connections much like desktop clients

GopherMail Features Ultra fast response time Ultra fast response time Saving of draft messages Saving of draft messages Forwarding of attachments Forwarding of attachments Downloading of entire mailboxes (UNIX format) Downloading of entire mailboxes (UNIX format) Search on sender, subject, date, size, text Search on sender, subject, date, size, text Spell checker Spell checker Threading option Threading option Import/export of address books Import/export of address books Populate address books via directory search Populate address books via directory search

User-maintained White/Blacklist New user-managed blocking controls coming in January New user-managed blocking controls coming in January –Up to 25 blocked addresses and/or address domains –Ability to add arbitrary addresses and/or address domains to current whitelist –Block reason USR will be used

Complex Blocking Example Block all hotmail.com except those specifically whitelisted: Block all hotmail.com except those specifically whitelisted: –Blacklist: hotmail.com –Whitelist:

Phase-out of clear-text passwords 215 users remain insecure 215 users remain insecure –All but 10 warned they will be “securified” next week –Last 10 will get “personal assistance” Conversion of TC premium (garnet) accounts is complete Conversion of TC premium (garnet) accounts is complete Final target: unauthenticated SMTP gateway now Final target: unauthenticated SMTP gateway now

Top 10 Unauthenticated SMTP gateway IPs (Jan 2-9) 1. mail.nursing.umn.edu (-) 2. fever.cidrap.umn.edu (-) 3. mollusk.ndis.umn.edu (NEW) 4. ahcweb05.ahc.umn.edu (-1) 5. omaweb.stu.umn.edu (+4) 6. x lib.umn.edu (NEW) 7. wwws3.csom.umn.edu (-3) 8. ucs.micro.umn.edu (-3) 9. x ej1074.umn.edu (NEW) 10. hypnos.facm.umn.edu (NEW)

Bits ‘N Bytes UMCal SAN storage moved last week; app upgrade is this weekend (10g) UMCal SAN storage moved last week; app upgrade is this weekend (10g) PKI pilot final report delivered to CIO PKI pilot final report delivered to CIO OITSEC: servers authorized for relay.tc.umn.edu service will be scanned to get access, and quarterly thereafter OITSEC: servers authorized for relay.tc.umn.edu service will be scanned to get access, and quarterly thereafter

‘Till next month… Steve Siirila Steve Siirila Chris Bongaarts Chris Bongaarts