Coin,
=== LDAP Work ==
Since 2007, most of our core infrastructure has remained identical. To
improve it, we have begun an heavy work on the LDAP database and
related softwares. We no longer rely on firewalling for security, as
every involved server now use TLS communications with certificate
check. The schema is being improved and work on better
administration/user tools will follow. The LDAP infrastructure will
soon be opened to all properly authenticated and securized access to
everyone. This should allow more transparency on retained user
information, and is a continuation of the "Experimental Tool" Banya
(see previous mail in march).
That is to say, this work could introduce some disturbance, mostly at
night (from a GMT+2 point of view) or during legal holidays, even if
we try to minimize it as much as possible.
=== Mail ===
Latest sunday (and probably the previous one), you may have
experienced problems connecting to the mail services. Unfortunately,
our SPAM database suddenly grow quite large, and it was necessary to
shutdown to do some urgent maintenance. Several things were done to
improve the situation, and the software was also upgraded to take
advantage of several database optimizations. The web interface and
processing speed have been improved a bit too. As several persons do
not use much the spam filtering facility, the default training method
was changed to ensure a reduced ressource usage when unnecessary (it
can still be changed in the web interface).
The mail software has been upgraded too, coming with a much better
server-side mail filtering engine (SIEVE), with many fixes compared to
the previous one, and the following new extensions:
- variables
- imap4flags (replacing the obsolete imapflags)
- enotify (replacing the obsolete notify)
- encoded-character
More info on SIEVE and these extensions can be found here:
http://sieve.info/
People using our SMTP from a roaming connections may have had a few
problems with certain restrictions, this is now fixed.
=== Mail from Webapps ===
We spotted a few strange mails, and found a few of you are using forum
or website with open registration with no or not-very-efficient
anti-bot protection, leading to a few SPAM messages. From now on,
webapps using the traditionnal mail functions will have their mail
follow a special path, to ensure we can spot these problems easily and
be able to train our antispam with problematic mails. This should
ensure our mail servers are not banned.
=== Webmails ===
First, a few weeks ago, a Horde upgrade led to firstnames being
screwed in the Contacts, due to a bug in the upgrade script. We had
not enough time to work on restauration, and as very few of you were
concerned, we decided this was too much of a workload. Sorry for the
bother.
The SIEVE filtering plugin for webmail.duckcorp.org has been upgraded
and has better support for SIEVE extensions (but not 'variables' yet).
=== RCS ===
The Arch webdav access was broken, not working with https and auth
with tla, and buggy with baz, so it was merely dropped. Moreover, Arch
not updated upstream since a while (baz was even dropped and corpse
hidden by Canonical a few years ago), so, Arch support is scheduled
for removal in September. You are not obliged to move to a new RCS,
but tools will disapear on our servers. WHen times come to and end,
remaining archives in '/rcs/arch-devel-archives' will be moved to the
corresponding user's home directory.
== SAFT is Back ===
In DuckCorp, we like oldies, abandonwares and the like. Once upon a
time, DC servers were prodiving a service to send files to a remote
UNIX user, SAFT. This funny service is asynchronous and retry-aware,
and can be used when the sender and recipient can't share a common
place to exchange data (FTP for example), and sending a huge mail
would be horrible or even impossible. The receiver needs to run a
simple and light server, and the receiver to use the 'sendfile'
command (available in Debian). One is now running on Toushirou, and
received files can then be found with your shell access and the
'receive' command, or via your FTP account in '/sendfile/<uid>/'.
You're address for the service would then be <uid>@saft.duckcorp.org.
More info on this subject can be found here:
http://fex.rus.uni-stuttgart.de/saft/sendfile.html
Have FUN !!!
--
Marc Dequènes (Duck)
