RACE Spanish academic mail network
TERENA workshop on Improving the quality of email servicesAmsterdam, 9 December 2009
Evaluating the Best Current Practices to Improve E-mail Quality
Jesus Sanz de las [email protected]
Index
• Background RedIRIS mail services• What RACE does it mean for RedIRIS and
universities?• RACE achievements• RACE methodology• RACE technical criteria
2
Background activities
• RedIRIS has been working for the last 15 years on coordinating a working group to improve e-mail services for the Spanish academic community: IRIS-MAIL
• This strong coordination has allowed us to generate knowledge and experience, as well as permitted the implementation of many initiatives and services
3
Previous activities
• Iniciatives and services such as: Online configurators for sendmail and postfix (1999)
Sensors network for virus and spam stats (2002)
• http://ersi.inteco.es Centralized access Webmail to all RedIRIS
institutions (2000)
Collaborative evaluation of security email appliances (2007)
Difusion of SPF (2005) and DKIM (2007) technologies
4
Current activities Reputation services of IPs
• Spamtraps networks• Spanish Whitelist (http://www.abuses.es/eswl)• DNS black list service: IRISRBL (http://www.rediris.es/irisrbl)
Recommendations to improve Webmail users’ experiences such as: Zimbra, Horde, OpenXchange etc
External monitoring of mail services (SMTP,POP,IMAP etc)
5
What is RACE?
RACE has differents approaches: • It is a dynamic Best Current Practices guide• It is an evaluation methodology• It is a uniform strategy for RedIRIS mail
comunity• It’s a guideline to evolve together• And also … its like a game
6
Objetives for RedIRIS• Collect mail technical knowledge and experience of
the community to define the best current practices • Define a uniform strategy• Create a tool for measuring the quality of mail
service• Be a reference guide in order to evolve and migrate
E-mail services• Create a best current practices Guide for new techies• RACE acreditation and certification for universities
7
Objetives for institutions
• Academic environment is almost homogeneous
• RACE acreditation offers: External evaluation of their services Universities likes to receive experiences, ideas or
comments from other similar institutions Guarantee of work done for techies Valued by users and managers
8
RACE: achievements
• RACE iniciative has permitted A uniform development of mail services An evaluation of new mail technologies The establishment of a basis to evaluate other
services such as: security, eduroam etc The creation of a real social network around
academic mail services
9
RACE. Criteria
• RACE has 33 technical criteria• Each item has a weight (points)• Criteria are annually reviewed and updated• Criteria don’t define the implementation• There are some mandatory criteria (legal or
RFCs): Anti-relay Logs policy Reverse DNS records Abuse and postmaster mailbox
10
RACE. Weight and Criteria
11
800 points
Basic level
Medium level
Advanced level
500 points
1600 points
2700 points
Mandatory
RACE Evaluation• Team of ten volunteers• RACE coordinator (Rediris person)
Nominates two evaluators for each evaluation, who are previously evaluated techies
Updates tools for RACE evaluation Manages and update documentation to evaluators
• Evaluators and the evaluated get in touch• Evaluators must fill out a technical report template
12
RACE Evaluation
• When finished evaluation, coordinator: Review techical people Send a postal acreditation Include institution into a RACE directory
13
RACE technical criteria
Evaluating the Best Current Practices to Improve E-mail Quality
Guide(criteria)
DirectoryRACE
Universities
RACE
RACE. Overview
Routing SMTP
Servers Platfom
Services
Security and Authetication
RACEAcreditation
Technical report
RACE online(under construction)
EvaluationMetodology
16
Criteria Description
Routing SMTP Criteria related with inbound SMTP Servers platform Requiered resources to support a mail
service quality.Security and authetication
Security criterias to ensure , authentication integrity and privacy of mail data
Value-added services Basic and value- added servicesOthers Other criterias
Classification criteria RACE
RACE criteria for routing SMTP
Anti-relay rules
Reverse DNS records Message size limit
Spanish Whitelist
User unknown control Controls for SMTP mail flow
Port 25 control for in/outbound SMTP
Minimun and maximun number of recipients
Mail Log policy
SPF DNS record and checkin SPF
Criteria for routing SMTP
100 100
100
100
100
55
100
95 80
100
RACE criteria for SMTP servers platform
Criteria for SMTP servers platform
RedIRIS NTP SynchronizationHigh-Availability
Load Balancing
100
100
RACE criteria for security and authetication
Criteria for security and authentication
Internal Secure transaction (MTA)
Central authentication
Secure POPs, IMAPs,External Secure transaction (MTA)
Submision servicie (587)
60
100 100
60
100
RACE criteria for value-added services
Criteria for value-added services
Public Mail Aceptable Use
Policy
Abuse,postmaster@ mailbox
AntiVirus MTA
Secure remote acces (Webmail, vpn, ssh tunnels)
Policy backup of mailbox
Online password change
AntiSpam MTA
Custom antispam
Email Vacation servicesEmail Vacation servicesForwarding (-)Forwarding (-)
Mailing list service
100
100
100
100
100
100
10085
40-40
100
Top Related