Contents

Introduction
Supported Email Clients
Mail Client Configuration
IMAP Configuration
SMTP Configuration
Other Email Client Options
Managing Your Email Alias
Email Forwarding
Flagging Spam
Redirecting Spam Away from Your Inbox
Email Best Practices

Email

1. Introduction

Sociology provides departmental email service based on the Sociology Linux userid. The form of a departmental email address is userid@soc.duke.edu, where userid is replaced by your Linux id.

Alternately you may elect to use your Duke NetID for email, wherein your email address becomes netid@duke.edu, with netid is replaced by your Duke NetID. Those using OIT mail services should consult the OIT email setup pages for configuring secure email setup under various mail clients.

Most prefer to use the Sociology mail system. Historically it has been as reliable or more reliable than the university system and users have direct access to the system administrator and desktop support staff as issues arise.

2. Supported Email Clients

Unlike OIT, we do not recommend the use of WebMail as your email client, although you are free to use whatever you prefer. Being a self-contained unit allows us to assist personally with the configuration of clients that are more full-featured than WebMail.

Many are gravitating toward Mozilla Thunderbird or versions of Microsoft Outlook. Pegasus Mail is also widely used in the department. There are some users of Eudora and Pine. The Mail application is popular among the few Mac users.

We recommend that you use a mainstream client such as Thunderbird or Outlook. We also have a great deal of experience with Pegasus, and many users find it serves their needs well.

3. Mail Client Configuration

Any modern mail client supporting SSL (Secure Socket Layer) connections may be used for accessing the Sociology mail system. Each must be configured to:

Process incoming mail, by accessing messages in your inbox (and related folders) using the secure IMAP protocol
Process outgoing mail, by sending out messages via the SMTP protocol using the Sociology SMTP server or another server of your choosing

We cannot cover all the specifics of configuring each email client. So we provide the information required to configure mail clients for use of the Sociology mail system. Use this in conjunction with your client documentation to set up a working configuration.

4. IMAP Configuration

Inbox access by the IMAP protocol method is recommended. While the POP3 protocol will work, use is discouraged. IMAP allows you to store your INBOX and folders in a central server location accessible anywhere from many different computers and does not leave copies on the local computer. The inbox and folders are included in daily system backups. IMAP access requires authentication over an encrypted SSL connection.

The information relevant to an IMAP configuration is:

Protocol: IMAP (as opposed to POP)
IMAP Server Hostname: mail.soc.duke.edu
Connection Type: SSL
Port: 993
Userid: Your Sociology Linux userid
Password: Your Sociology Linux password
Mail Folder Prefix: mail

Each client varies in how it requests this information, but all incorporate it in some manner. You may have the option of storing your password permanently as part of the configuration, or not storing it and the client prompting you each time you open the account. The former is more convenient; the latter is more secure. The last item in this list is the location where IMAP looks for your mail folders. The prefix mail is a reference to a special subdirectory under your Linux account where folders are stored. In the absence of this specification, some clients will assume your home directory. This is undesirable, so do set this prefix.

5. SMTP Configuration

Sending mail is more complicated. Sending a message involves relaying it to an SMTP server, which then begins the process of delivery. When at home or on the road, you are outside the duke.edu domain, so the Sociology mail server does not trust you for the purpose relaying mail to it unless you authenticate to it. [This protects against the server being used to relay spam.]

For fixed location PCs, like home desktops, it may be best to use the SMTP server of your Internet service provider. Typically the provider requires no authentication and provides SMTP service on port 25. SMTP specifications for Time Warner Road Runner and Verizon DSL in the Durham area are:

Time Warner Road Runner: smtp-server.nc.rr.com
Verizon DSL: outgoing.verizon.net

For laptops roaming across networks, constant SMTP reconfiguration becomes burdensome. Use of authenticated SMTP solves this problem. The mail client identifies you to the mail server. Once done, you can send mail from almost anywhere.

SMTP technology has evolved two robust methods of authentication based on SSL. The first method - usually referred to as SSL - is an entirely SSL connection that takes place over port 465. The second method - usually referred to as TLS (or STARTTLS) - begins with a non-SSL connection that transforms over to SSL on port 587. Because the second method allows SSL to run on the same port as non-encrypted connections, it is emerging as the best practice.

Both methods require the following information somewhere during the configuration process:

SMTP server hostname: smtp.soc.duke.edu
Userid: Your Sociology Linux userid
Password: Your Sociology Linux password

The table below summarizes the key settings for these two SMTP methods for some commonly used email clients. In general either method will work, unless otherwise noted. Under notes see the links which provide detailed instructions for configuring several of the clients. We recommend use of the TLS method. When having problems or in doubt, please contact a computing staff member.

Email Client Secure SMTP Settings and Other Notes
Client	SSL Method	TLS Method (Recommended)	Notes
Mozilla Thunderbird (Windows or Mac)	* Use secure connection: SSL * Port: 465	* Use secure connection: TLS * Port: 587	Do not use the "TLS, if available" option (considered insecure)
Pegasus Mail (Windows)	* Server TCP/IP port: 465 * Use SSL/TLS security on this connection: Via direct SSL connect	* Server TCP/IP port: 587 * Use SSL/TLS security on this connection: Via STARTTLS
Outlook 2007 (Windows)	* My outgoing server (SMTP) requires authentication: * Outgoing server (SMTP): 465 * Use the following type of encrypted connection: SSL	* My outgoing server (SMTP) requires authentication: * Outgoing server (SMTP): 587 * Use the following type of encrypted connection: TLS	See the following University of Wisconsin link for Outlook 2007 setup. Substitute Duke Sociology information where appropriate. To map your remote folders, see step 7 of these instructions and enter *~socid/mail* into the Root folder path box, where socid is your Sociology userid. For example: ~bart/mail
Outlook 2003 and Outlook XP (2002) (Windows)	* Outgoing Mail Server - My server requires authentication: * Outgoing server (SMTP): 465 * This server requires an encrypted connection (SSL):	* Outgoing Mail Server - My server requires authentication: * Outgoing server (SMTP): 587 * This server requires an encrypted connection (SSL):	The port specification distinguishes the method used. See the following University of Wisconsin link for Outlook 2003 and Outlook XP setup. Substitute Duke Sociology information as appropriate. To map your remote folders, see step 7 of these instructions and enter *~socid/mail* into the Root folder path box, where socid is your Sociology userid. For example: ~bart/mail
Outlook Express 6.x (Windows)	* Outgoing Mail Server - My server requires authentication: * Outgoing server (SMTP): 465 * This server requires an encrypted connection (SSL):	* Outgoing Mail Server - My server requires authentication: * Outgoing server (SMTP): 587 * This server requires an encrypted connection (SSL):	See the following University of Wisconsin link for Outlook Express setup. Substitute Duke Sociology information as appropriate. To map your remote folders select Tools > Accounts... > Mail tab. Click Properties and select the IMAP tab. Enter *~socid/mail* into the Root folder path box, where socid is your Sociology userid. For example: ~bart/mail
Apple Mail 3.x or Apple Mail 2.x (Mac)	Server port: 465 Use Secure Sockets Layer (SSL)	Server port: 587 Use Secure Sockets Layer (SSL)	The port specification distinguishes the method used. See the following University of Wisconsin link for Apple Mail setup. Substitute Duke Sociology information as appropriate. To map your remote folders select Mail > Preferences... > Accounts. Select the Advanced tab. Type mail into the IMAP Path Prefix field.

There are some environments - typically WiFi settings you encounter when travelling - that block the use of third-party SMTP servers. They may require the use of specific SMTP settings that they provide. Your fall-back options are to:

Temporarily reconfigure the SMTP settings of your client.
Use WebMail.
Use Pine on login.soc.duke.edu.

6. Other Email Client Options

WebMail and Pine require no configuration and are useful in situations when you don't have access to your usual computer or mail client. Both clients access your Inbox and remotely stored folders.

WebMail requires only a browser. OIT maintains a WebMail site with access to departmental services. Select Sociology Mail from the server drop-down list, enter your login information and click the Log in button. WebMail is linked on the departmental resources QuickLinks page.

Pine for Linux - a text-based, keystroke driven mailer - is available through any SSH client.

Open the SSH client.
Open a terminal session to the host login.soc.duke.edu.
Enter your Linux userid and password.
At the shell prompt, type pine and press the Enter key.

Pine for Windows is also available in the Sociology Computing Lab.

7. Managing Your Email Alias

When OIT sets up the mail function for a user NetID, they also create an email alias (their term is "e-mail alias"). This alias is a representation of your given name - with spaces replaced by periods - that points to your NetID. For example, the alias bart.simpson might point to the NetID bs432. The purpose of the alias is to provide an email address that others can easily remember - in this case bart.simpson@duke.edu.

So:

How do I know what my alias is?
How do I change it to alias to my Sociology email address?

Proceed as follows:

Right-click on Online@Duke and open a new tab or window. Select the Change your e-mail alias option found under E-mail services [NetID authentication is required].
Your alias is listed in the Manage e-mail alias & privacy preferences section of the resulting window along with the email address to which it is currently aliased.
Select the Change my e-mail alias option to set aliasing to your Sociology address, .
You go to the Duke Email Alias form. Replace the Email Address field with your Sociology email address and then click Change Email to submit the request. [Note that a Duke Email Alias will only alias Duke email addresses.]

8. Email Forwarding

It is generally prudent to set forwarding of your secondary Duke email address to the primary one.

If your Sociology address is primary, set up NetID forwarding to Sociology as follows:

Right-click on Online@Duke and open a new tab or window. Select the Create e-mail forwarding option under E-mail services [NetID authentication is required].
The E-mail forwarding form appears. In the box under Set e-mail forwarding enter your Sociology email address. Leave the Keep Local Copy checked if you want to continue to receive copies of mail in your NetID inbox.r
Click the Start forwarding mail button.

If your NetID address is primary, set up Sociology forwarding to your NetID as follows:

Open an SSH terminal session to login.soc.duke.edu.
Authenticate with your Linux userid and password.
At the shell prompt type: pico .forward [Note the leading dot (.) is required in the file name.]
A blank editor window will open. Into this window type just your NetID email address.
Type Ctrl-X (hold down Ctrl key and type X) to save the file and exit the pico editor.
Type exit to terminate the terminal session.

These steps create a file called .forward. From the time of creation, all incoming mail is forwarded to the address listed in this file. To stop forwarding, open another terminal session and either delete or rename the .forward file:

Command to remove the file: rm .forward
Command to rename the file: mv .forward .forward~

9. Flagging Spam

The majority of mail flowing over the Internet is spam, so eliminating it is a priority. On the Sociology mail system a tool called SpamAssassin is used to score each message as to its likelihood of being spam. By default any message scoring 5 or higher is flagged as spam and the subject line of the message is prefixed with the string *****SPAM*****.

Experience suggests that the default score of 5 is too high and should be set lower to filter more spam. A better setting is typically in the 2 to 3 range. A setting can be in tenths, for example, 2.5. The lower the setting, the more mail that is caught and flagged as spam. This also increases the likelihood of some legitimate mail being flagged too.

The addresses of key people in your email world can be added to a whitelist to prevent their messages from ever being flagged. Conversely, a blacklist is used to ensure mail from certain addresses is always flagged as spam. Blacklists work best for junk mail from legitimate senders whose mail you just don't want to read.

How to do this is best illustrated by example. SpamAssassin settings are stored in file called user_prefs under your Linux account in the directory .spamassassin. Use a text editor to modify this file.

Under Linux, login via SSH to login.soc.duke.edu, change to the .spamassassin directory and open user_prefs for editing.

Sociology domain users (just a few people at this point) may go to this file via Windows from their L: drive to the .spamassassin directory. Open user_prefs with the WordPad or TextPad editor. (Do not use NotePad).

The listing below illustrates use of these settings.

Lines beginning with # are comments
The spam threshold is set to a score of 2.5
The whitelist_from examples shown allow mail from all Duke addresses.
The blacklist_from flags all mail from .biz addresses
Multiple entries, separated by spaces, may be placed on one line. You cannot continue a long list of entries to additional lines. But any number of separate whitelist_from or blacklist_from lines may be used.
The * symbols serve as wildcard characters (i.e.; *@duke.edu means any duke.edu address)

# How many hits before a mail is considered spam.
required_hits           2.5

# Whitelist and blacklist addresses are now file-glob-style patterns, so
# "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work.
# whitelist_from        someone@somewhere.com
whitelist_from          *@duke.edu  *@*.duke.edu

blacklist_from          *@*.biz

10. Redirecting Spam Away from Your Inbox

Flagging spam makes it easier to spot, but does not remove it from your inbox. So an additional step is to send spam flagged messages elsewhere. The safest option is to have them automatically redirected into a spam folder that can be periodically reviewed and cleaned out. A bolder approach is to automatically delete spam, but that runs the risk of losing legitimate mail, as spam detection is an imperfect endeavor.

To perform either option requires a special file in your Linux home directory that controls spam filtering. This file is named .procmailrc.

To redirect to a folder called spam, open .procmailrc for editing and paste in the following lines. Please consult a computing staff member if you need assistance on this.

SHELL = /bin/sh
PATH = /bin:/usr/bin:/usr/local/bin
SENDMAIL = /usr/sbin/sendmail
MAILDIR = $HOME/Mail
LOGFILE =

# Residual action - spam filter and deliver
:0fw
| /usr/bin/spamc

# Route spam-tagged messages to spam folder
:0 :
* ^X-Spam-Status: Yes
spam

To automatically delete spam, paste the following lines into .procmailrc.

SHELL = /bin/sh
PATH = /bin:/usr/bin:/usr/local/bin
SENDMAIL = /usr/sbin/sendmail
MAILDIR = $HOME/Mail
LOGFILE =

# Residual action - spam filter and deliver
:0fw
| /usr/bin/spamc

# Delete spam-tagged messages
:0 :
* ^X-Spam-Status: Yes
/dev/null

The last line in each listing controls the filtering outcome, so if you decide later to switch from folder redirection to immediate deletion, this the key item to change.

11. Email Best Practices

The following are some practices that we advise:

Develop a folder strategy for archiving received mail. Keeping a large INBOX is burdensome on the mail system and your mail client.
It is standard practice to save copies of messages you send in a special folder. The email client does this for you and the name of this folder varies by client. It is best to configure your email client to NOT save attachments that accompany those messages. This greatly reduces the size of this folder. Normally you have master copies of attachments saved elsewhere.
Instead of sending documents, pictures or other large attachments to the entire department, it is better to publish them on the department web page. Rob Marks can assist you in publishing such material, then a simple notification of availability can be sent out.
When receiving email with large attachments, save the ones you need to a hard drive and delete the message or determine how to save just the body of the message without the attachments.
Do not set your email client to automatically check for new mail more frequently than every 10 minutes. When time is of the essence, there is usually a manual check for new mail feature you can use for those occasions.
If you use a spam folder, regularly inspect and clean it out.
Do not give out or publish information regarding departmental distribution lists. These are for internal use only.
Avoid publishing online your email address or those of your colleagues. [As a deterrent to email address harvesting, the addresses published in our web page roster are graphic images.]
Keep up-to-date antivirus software installed on your home and laptop PCs.
Avoid phishing attacks. Never divulge sensitive personal or financial information by email.

Computing Home | Sociology Home | Trinity College Home | Duke Home