Employees.org - State of the Server Address

The admins of Employees.org having been working over the years since the
move to the new server to keep Willers running with minimal disruption
to the users. The system has been run primarily in a maintenance mode,
keeping the basic system running. However, we now need to make some
major changes to the system:

- Operating System Upgrade
- New spam controls (which will affect everyone)
- Disk Quota increase

I. Operating System Upgrade

We are getting ready to upgrade Willers from FreeBSD v4.11 to
FreeBSD v6.2, as v4.11 has been EOL'ed for security fixes. Once
we get onto v6.2, we will try to track the stable releases of FreeBSD
a little more closely. This is not a directly supported upgrade path,
so things might be a bit bumpy in the transition. We know that several
of our 3rd party packages are many versions behind the curve. Once
we get over this OS upgrade hump, we will be in a position to look
at migrating to newer versions of Perl, PHP, Apache, etc.

We are still working through the transition issues on a test system
and are not yet ready to schedule the actual transition date. It is
expected to occur around the end of February. We will post more
details on the timing of the transition on http://www.Employees.org
as they become available.


II. Spam

I doubt it will be a surprise to anyone that the spam problem on the
Internet is getting worse and worse. It's becoming a cat-and-mouse
game of filter strategies and new spamming techniques, much like the
software copy protection scheme wars in the 80s and 90s. Key phrase
filters are tried, spammers change their spelling and character sets.
Bayesian learning is applied, spammers load their messages with
nonsense text of valid words to poison the learning. Stronger filters
are applied, the spammers stick their messages in image files. It's
an ever increasing struggle.

Currently, many of the larger mail ISPs like Comcast, Charter, SBC,
AOL, and Mac.com have taken to blocking IP addresses that their users
identify as "sources of Spam". Unfortunately, these mechanisms are
simplistic and of the type of clicking a button that says "This is
Spam". Their system then looks at the IP address that the message
came into their system from and blacklists the address.

The problem with this system is that many folks on Employees.org have
simple .forward files with no spam filtering applied. As a result,
even though the Spam came from upstream, Employees.org is considered
the "source" of the spam and we are blacklisted. Those that are
using our SpamAssassin filtering system are still having issues. The
amount of leak-through is a small percentage but the sheer volume
of spam is making that leak-through unbearable.


Default Spam Filtering:

Starting Feb. 11th, all incoming mail to employees.org will be going
through a Barracuda Networks spam filter box donated to our use by
Layer42.Net before being handed off to Employees.org. The default will
be that users are "opted-in". The Barracuda Networks box has a web
interface that allows users to customize their personal settings and
disable the spam filtering altogether on a per-user basis. It sends
notifications of held mail for users to dispose of or allow through
to help train the Bayesian filters for each user.

Please note that the "opt-in" decision was not one made lightly.
Employees.org has a long history of user flexibility. However, the
vast majority of our user base just wants E-mail to work and does
not have the sophistication to set up and tune their spam filters.
These also tend to be the ones that are forwarded off-system,
resulting in the blacklisting problems with the above carriers.

* NOTE: The more sophisticated users with their own spam and mail
handling mechanisms will be able to opt-out of the Barracuda box.


Mailing lists:

In addition to the .forward problem, we have been getting dinged with
Spam reports from folks that are on mailing lists hosted by
Employees.org. Mailing list members and administrators of the mailing
lists need to keep in mind that membership on these mailing lists is
voluntary and must be kept that way. Mailing list administrators are
not to sign up folks without their expressed permission. The safest
way to do that is to let them use the normal membership interface to
request a subscription. We have had recurring complaints against
specific mailing lists on employees.org. Any mailing list which
subscribes users without their consent will be shut down by the
administrators.

Quite often it is difficult to determine what user is complaining
about a mailing list. We have enabled "personalization", which shows
up in the "Non-Digest" section of the Mailman interface. If we get
a complaint about a list, the admins will enable personalization and
add information to the list footer of a mailing list. This may
happen without warning.

Mailing list mail will be processed through the Barracuda box for spam
and virus filtering. The Barracuda management E-mail messages will
be sent to the <list>-owner@employees.org address for the mailing list,
rather than the entire list. In this manner, the owner of a mailing
list will be able to manage the list's spam greymail and filtering
settings. The mailing list admins can manage the settings for their
list by the http interface.


III. Disk Quotas

We are bumping up the disk quota limit to 250MB on home areas after
we complete the operating system upgrade.


Regards, The Admins of Employees.org:

Dan Wing - cisco
Javier Henderson - cisco
Robert Snyder - cisco
Ken Key - ex-cisco