RUL #900.tba.tba
Issued by the University Computing Standards Committee
Approved, December 12, 2001

Email Postmaster Responsibilities and Guidelines

Postmaster Definition

The postmaster is the individual responsible for implementing and maintaining the email system for a campus organization. For example, the Information Technology Division (ITD) has several individuals who are responsible for the user@ncsu.edu and user@unity.ncsu.edu type addresses. In the same way, Network and Client Services is responsible for the administrative GroupWise system.

Registration Process

Any group that runs their own mail server may register postmaster contact information with the central organizations. This information will be used to attempt contact when there is an emergency situation involving the server. If contact is not possible the machine may need to be blocked from the network to protect other servers. Relevant information includes:

• Who is the responsible individual(s)
• What group do they serve
• What server(s) are they a contact for
• Where is the server
• When are they at work
• Pager what is their pager number or other emergency contact information.

Responsibilities

Any group that runs their own mail server needs to have a working postmaster email address for their site, eg. postmaster@unity.ncsu.edu. This is the address that others will normally use to attempt to contact a system administrator if there are problems with a mail server.

All postmasters have a set of responsibilities to their users and to the other postmasters with whom they interact. This includes the University Postmasters who may route their email as well as outside Postmasters who will complain about inappropriate actions by users.

All incidents of abuse of campus email services should be reported to abuse@ncsu.edu where they will be incorporated into our problem tracking database.

In some cases it might be necessary to turn off access to email services to another campus mail server which is having problems. Such problems can be mail loops, or misconfigurations as to which domain the mailer accepts mail. In all cases, denial of mail services should be the last option used, and even then only when the reliability of other campus services is at risk. For example, a mail loop may cause several hundred messages to be sent per minute and will not allow any other mail through versus a mail problem that generates 4 or 5 bounced messages per hour. For registered mail servers an attempt will be made to reach the contact before any block is put in place. For unregistered mail servers, notification of any action will be sent to the lan-admin and resolution of problems will be handled during normal business hours.

Unsolicited Commercial Email

Unsolicited Commercial Email (UCE, also known as SPAM) can cause a great deal of difficulty for any users of our email systems. It is the responsibility of the postmaster to ensure that appropriate anti-spam precautions are taken and to deal with reports of spam originating within their domain.

As a first step at preventing SPAM all mail servers should be configured so they are not open-relays. When considering if your machine is an open-relay you want to make sure non-ncsu hosts cannot relay mail through your server. You may, if you want, also limit the ncsu hosts that can relay mail through your server as well, but that is your decision.

Some groups on campus will go farther than this and implement blocking of email senders from their servers based on prior bad conduct. Depending on the mail server software and configuration choices the sender block could be by user, hostname, IP address, domain or some combination of these. If you choose to implement sender blocking on your mail server then there should be posted documentation explaining that blocking is implemented, how/why senders get added to the list, and how senders can get off the list. You should also configure the server to include information in the rejected email saying why it was rejected and pointing to documentation with information on how to get unblocked.

General Rule Set Agreements

Campus-wide, we need to agree on the maximum size that an email can be. Currently ITD is using 5MB. This maximum size needs to take into account the amount of spool space allocated to users on campus as well as the maximum size specified by commercial service providers such as AOL. It would be best to have a consistent size for all of campus to avoid confusion problems for users when mail is accepted by some machines but rejected by others because of size.

We also need to understand who we allow to use our systems as email relays. Most client mail programs need a server (or mail relay) configured to deliver mail; they do not deliver the mail directly. The configuration and maintenance of the mail relays is very important (see the SPAM discussion above). ITD maintains the server smtp.ncsu.edu which is configured to allow all ncsu hosts to use it as a mail-relay. A general summary of campus email routing policies will be written down and made available to all postmasters.

 

Client (end user) Responsibilities

All responsibilities for successful email services do not fall on the postmaster completely. It is important that the end user takes some responsibility for correctly configuring their email client as well as responsibility for proper encoding of content and appropriate use of email.

The ability to send email to a large number of users (especially all of campus) tempts many users into attempting to do this. The demands that this places on our systems are huge, from the delivery to 60,000+ users as well as the storage of the mail until it is read. The acceptable use policy requires the approval of the Chancellor, Vice Chancellor for Business and Finance or the Provost before "broadcast" email will be allowed to be sent out.

In general, client responsibility is defined in the Administrative Regulations - Computer Use and all new users should be made aware of this regulation. Some of the items of interest for email are: II F. sender must be correctly identified (which means no setting of incorrect or faked From address even in attempts to trick spammers), III I. no sending of junk or spam email and IV D. restrictions on use of "broadcast" email.

Links of Interest

• http://www.fis.ncsu.edu/ncsulegal/compuse.htm
  NCSU Administrative Regulations - Computer Use
• http://help.ncsu.edu/services/getsoln.pl?id=2417
  Information on campus and ISP mail relays
• http://mail-abuse.org/tsi/
  Information on mail-relays, how to test your machine and suggestions on how to fix open-relays.
• http://www.ncsu.edu/it/rulesregs/email/mailalias-sop.html
  Guidelines for the management of ncsu.edu aliases. (currently being revised for posting)
• campus email routing
  Description of current email routing on campus. (needs to be posted)
• http://www.ncsu.edu/it/rulesregs/email/imap-sop.html
  Information on Unity IMAP email services.
• http://www.ncs.ncsu.edu/ncs/html/gw5tips.html
  Information on NCSU Groupwise email services.
• http://www.ncsu.edu/it/rulesregs/broadcastemail/
  Information on NCSU Broadcast E-mail Policy and Procedures
• http://www.ncsu.edu/it/rulesregs/broadcastemail/crimealert.html/
  Information on NCSU Crime Alert Procedures.