NetMail/3000 Newsletter Volume #2

Welcome NetMail/3000 Customers

This is the second e-mail newsletter sent to our NetMail/3000 customers; it is intended to let those of you with support contracts know about new and planned features of NetMail/3000, along with a few tips on ways you can use the system you have which you may not be aware of. We will try to make this a regular feature (one issue every 1-2 months), while also trying not to take too much of your valuable time by sending too many issues.

Those of you with Internet e-mail addresses should receive this by e-mail, others will receive it via fax. If you get a fax but have an Internet e-mail address you would prefer us to use, please let us know. Those of you who do not want to receive any more notices (these are intended to highlight features you have already paid for; not merely plugs for additional products) may let us know and we will remove you from the distribution list. Note that we will also use this list to make you aware of important problems or bug reports if applicable, so I urge you to have someone at your site at least review these messages. Also - anyone who would like us to add other mailboxes to our distribution (others at your site that might be interested) you may also let us know.

Finally, if you have questions about NetMail/3000 or any other 3k Associates product (DeskLink, PopServer, Gopher Server, Ftp Server, Fax Server) feel free to give us a call at +44 1480 492400 or e-mail us at sales@3kassociates.com or support@3kassociates.com.

Now that we're done with that...

In this issue:
 1) Tracking down undeliverable mail
 2) New reports available
 3) Fixes to attaching large (record size) files
 4) Preventing your server from being used to "relay" spam
 5) Getting error messages in your postmaster mailbox?
 6) Reflection 6.0 enhancements e-mailers might be interested in
 7) A quick mail listing when you log on
 8) Tell a friend - make a difference!
 9) Just for fun
**If you don't read anything else, PLEASE read the section on preventing
  your system from being used to relay spam. We (in tech support) get a
  disturbing number of calls from sites after they have been victimized;
  it's so easy to prevent - and so costly to clean up - that if your
  system is accessible from the Internet, you *NEED* to know about this.
  Your BUSINESS may depend on it!
  Don't assume that 'they' won't find you; automated programs in use all
  over the Internet scan for any mail server that has Internet access and
  record them for later (ab)use. Professional spammers are even exchanging
  these lists, so if you get hit once, you're very likely to be hit again
  if you don't do something about it. It can happen to anyone; we have
  caught two attempts at relaying through our servers in the past two
  months. (Happily, both were entirely unproductive for the spammers and
  we were able to catch both spammers while they were still online!)

Tracking down undeliverable mail - Part 1 - Outbound Mail

On occasion, you may be faced with the task of tracking down a message
that "didn't arrive" at it's destination. Doing this often takes a bit
of "net detective" work, but like any good mystery, there are usually
clues available to those that know where to look.
The detective work required increases with every "hop" (or system) that
a message must pass through, but most systems do have facilities (though
they're not always enabled) to track down messages that have passed through
the mail system. Each mail system has various "queues" of mail, usually
grouped by it's destination system. Sometimes network connections "break"
and queues get "stuck". Sometimes administrators make unfortunate changes
to mail system configurations and various problems manifest themselves.
Probably a good first step is to try and get a general idea of which system
has a "problem". For instance, user "A" on your system complains that he
can't get a message to user "B" on system2. Some initial things to check:
 * Can anyone else send a message to "B" on system2? Has this person
   gotten any other mail from outside systems?
 * Can user "A" send mail to anyone else on OTHER systems? Anyone else on
   the same (system2) system?
 * Can anyone on your system get a message to "B" on system2?
Some places to look for "clues" on your system:
 * First - check the outbound mail queues in NetMaint. Is the outbound
   message still sitting in the queue? If so, then there's a problem
   connecting to the remote system -- or you forgot to start your background
   netmail job! Ping the remote system. Try telnet'ing to the remote system's
   mail port (port 25). To do this:
    :RUN TELNET.SYS.THREEK
    telnet>OPEN system2 25
   In response to this, you should get a response starting with "220". If
   so, then that system *is* reachable and it's mailer is running. Type
   "quit" to end the telnet program.
 * Check the SMTPOULG.NETMAIL file for a record of the message in question
   having left the system. If you see evidence of the message there (it's
   subject/from/to) then the message DID leave this system. Messages aren't
   logged until the message has left the system. [If you haven't built the
   SMTPOULG -and other log files- sign on under the account which the
   netmail/desklink job runs (threek or hpoffice) and issue the following:
    :build smtpoulg.netmail;rec=-512,,v,ascii;disc=100000,32;cir
    :build smtpinlg.netmail;rec=-512,,v,ascii;disc=100000,32;cir
    :build deskoulg.netmail;rec=-512,,v,ascii;disc=100000,32;cir
    :build deskinlg.netmail;rec=-512,,v,ascii;disc=100000,32;cir
    :build errorlog.netmail;rec=-256,,f,ascii;disc=10000;cir

New reports available

We're now shipping an updated MAILREPT.JOB batch report job that runs
query and generates several reports. One report summarizes the mailboxes
on the system, tallying the number of messages and total bytes per mailbox.
Other reports list POP mailboxes, forwarded mailboxes, and mailboxes that
are routed to a fax. Stream the job to get the reports. Feel free to use
them as examples in developing your own tools; and if you come up with a
report you think might be of use to other systems, send it to us and we'll
add it to the our next update package - giving you credit of course!

Fixes to attaching large (record size) files

Many sites have been utilizing NetMail/3000 to send reports to other
users or systems. In the past, there have been problems attaching files/
reports to messages which had record sizes greater than 132 bytes. Some
e-mail clients handle plain text attachments with large record sizes as blocks
of text and line-wrap at arbitrary points. To workaround this, we've made
some changes to the means of encoding these attachments, and have also added
a new filecode/mapping which will allow you to determine whether you really
want text to be linewrapped arbitrarily (as is usually ok with plain text)
or you want to force the existing end-of-lines to be preserved.
The default behavior is still to allow the client to line-wrap text attach-
ments at will on message parts whose lines are wider than the client's display
window. To force the preservation of long lines in most e-mail clients, you
can assign a filecode of '9979' to your ascii files before attaching them.

Preventing your server from being used to "relay" spam

  Mail servers all over the world are being victimized on a daily basis by
shady "spammers" using any "open" mail server they can access to send their
bounty of trash messages. They submit, often tens or hundreds of thousands
of trash messages, through their victim's servers, usually with forged
return addresses, then disappear to let the victim handle the thousands upon
thousands of undeliverable messages, and the barrage of complaints and
often mailbombing or other attacks from unwilling spam recipients.
  Anyone who has been through this can attest that is is a maddening,
humbling, and very expensive attack to recover from.
  To defeat these criminals, you need to understand how they work. Using
mail clients specifically designed to hide their identity, they find a mail
server which will "relay" messages for them. Relaying means that they can
submit a massive quantity of messages in a single (or multiple simultaneous)
streams very quickly to a server; normally the process of delivering mail
messages is a slower, time-consuming process as there are many DNS lookups
required and connections must be made to multiple mail systems around the
world. By handing off all this work to someone else's machine, the spammer
can unload a massive amount of messages in a short time; then disappear back
into the shadows.
  Some of the trademarks of these attacks are that these mailers, by
necessity, transmit a long list of recipients to the mail server, followed
by one message body. Basically sending the exact message to hundreds or
thousands of addresses.
  A new feature in DeskLink as of version B.06 is enabled via a job
control word (JCW) in the desklink job. This jcw, MAXSMTPRCPTS is
set to 0 (zero) by default; but can be set to any number >0 and <32000.
This setting allows you to catch users submitting massive amounts of
mail messages to your server from an outside source. By setting this jcw
to 100 (for example), any attempt to submit the same message to more than
100 recipients (this is COMING from another system) will be prevented.
Obviously, if you have more than 100 persons on your system and are likely
to get messages (say mailing lists) that do regularly get sent to more than
100 of your users, then you'll need to adjust this threshold appropriately.
  When someone attempts to relay messages through your system AND exceeds the
MAXSMTPRCPTS limit you set, their message will be dropped, their connection
(between your server and the server submitting the messages) will be term-
inated, and error messages will be logged to the system console and to
the "ERRORLOG" file indicating the problem and where the "spammer" is coming
from (his IP address and hostname -if available).
  In the event of a spam-relay attack, it is important that you determine the
Internet provider that the spammer is using (if you need help with this, let
us know) and notify them immediately. Some ISPs log their dial-in users but
only keep the logs for a limited time. Keep copies of the messages from your
errorlog file in case you need evidence if you choose to pursue legal actions
against the attacker.

Getting error messages in your postmaster mailbox?

Error messages announcing timed-out connections and various 'disconnects'
are common in NetMail/3000 installations on the Internet. Usually these
errors are natural effects of temporary cpu 'busy periods', or network
slowdowns, or perhaps a router or switch or some remote system's becoming
temporarily too busy to respond in a timely fashion. The result is an error
message, directed to the postmaster (or mail administrator's) mailbox.
The Internet mail standards define (and expect) this behavior, and the
mail 'protocol' is designed to work around these temporary failures. Be
assured that the mail system (ours as well as any other Internet mail
server that's SMTP compatible) will keep retrying - usually retrying for
several days before giving up. In the meantime, you may see several error
messages denoting failed attempts. Not to worry. For the most part, these
errors are just 'part of doing e-mail on the Internet'. Do be aware of
trends though; if you're consistently seeing error messages from a certain
host, perhaps there's a problem at some link between your systems. Also, in
the event you get a sudden batch of error messages, it might be time to
check for a faulty Internet connection (overloaded router or hub? Or is
your Internet access link overloaded? Did someone recently change a
configuration on a network device? Was there a change in your firewall
setup? Perhaps the firewall itself is experiencing problems?)
For those already familiar with these error messages, you'll notice that
in the B.06 release with date codes from October and later, that these
messages have been enhanced. They now indicate the process that encount-
ered the error (smtp, pop, finger, etc) as well as any dialogue previously
exchanged between the server and the remote system. System names are also
listed in addition to IP addresses.

Reflection 6.0 enhancements e-mailers might be interested in

Those of you using Reflection as a terminal emulator now have another
reason to upgrade to WRQ's latest release!
With WRQ's 6.0 release of Reflection for Windows/Windows 95, Reflection now
automatically recognizes (web) URLs displayed on the screen and enables
"hot links" to them. This means that if you receive a web address (i.e.
http://www.3kassociates.com/ or even ftp://ftp.3kassociates.com/ within an e-mail message in
NetMail/3000, you can "click on the link" to launch your PC's web browser
and automatically load the referenced page -- just like the PC/GUI mail
clients.
Contact WRQ for details on obtaining Reflection version 6.0

A quick mail listing when you log on

Want to get a quick listing of the mail in your mailbox - or just the NEW
mail in your mailbox when you log on? Add this to your logon udc;
:RUN MAILFROM.PUB.THREEK               (to list all mail)
 or
:RUN MAILFROM.PUB.THREEK;INFO="-new"   (to only list new messages)
It's a quick, one-line-per-message listing that'll give you a quick status
check on your mailbox. It'll only work if your logon is mapped to a single
mailbox (i.e. if your logon gives you access to several mailboxes then this
program doesn't apply). The program runs, listing your messages, then ends,
letting you go on to do (or run) whatever you like.

Tell a friend - Make a difference!

Thru January 31, 1998, helping a colleague mail-enable their HP 3000 system
can help your company - or a certified charity of your choosing.
If you know of an HP 3000 site that could benefit from mail-enabling their
HP3000 users or applications, then give us a call. Through January 31, 1998,
any such referrals that lead to a purchase of NetMail/3000 (unlimited
mailbox version) or DeskLink will net the referrer a choice of:
* One free year added to their organization's technical/update support
  contract for any one of our products
-or-
* A $250 contribution made in their name to the certified charity of their
  choice (or if you choose, we'll send your contribution to our favorite
  charitable organization; the Bethany House of Northern Virginia, which
  does wonderful work providing shelter and assistance to battered and abused
  children and spouses.)
Charitable contribution options are also available for all other 3k Associates
e-mail products. Offer valid only in North and South America. Contact our
sales office for details at (800) Net-Mail or +1 646-820-7619.

Just for fun

  Many of you may not be aware that among other things, built in with every
NetMail/3000, DeskLink, or Popserver/3000 package is a little Internet service
called "quote of the day". It's exactly what it sounds like; every time it's
called, it returns a cute "quote".
  While not earth shattering, it can come in useful. For example, the job
stream below, scheduled say once a day, will append a "quote of the day" to
your HP 3000 system's welcome message!
  The job assumes that you keep the standard text for your welcome message in
a file called "welcome.pub.sys" (change the file reference if needed). You'll
also need to change the info= string to reflect the name of YOUR HP3000 (or
one of your HP3000s that runs the netmail or desklink job).
!job newwelc,manager.sys
!comment this user will need to be allowed the "WELCOME" command
!comment -you may need to run an "allow" program (available from the CSL
!comment  and other places)
!comment
!continue
!purge welc2
!build welc2;rec=-80,,f,ascii;disc=100
!file w2=welc2,old;acc=append
!fcopy from=welcome.pub;to=*w2
!build tempw;rec=-80,,f,ascii
!file app=tempw,old;acc=append
!comment
!comment be sure to change the 'myhost.mydomain.com' to the name of your
!comment system
!comment
!run get.sys.threek,quote;info="myhost.mydomain.com";stdlist=*app
!listf tempw,2
!print tempw
!echo Quote for the day: > *w2
!fcopy from=tempw;to=*w2;subset=2
!echo > *w2
!print welc2
!continue
!purge tempw
!continue
!welcome welc2
!continue
!purge welc2
!set stdlist=delete
!eoj

Back to home page