Arnaud Taddei (CERN)
Mail architecture: Exemple at CERN
The CERN Mail Architecture implements a true Internet Protocols based
service (using SMTP, IMAP, LDAP). It consists of a set of servers having
a clear role and is using a mechanism to scale almost indefinitely the
service. I will report as well on the client side and its immaturity and
how things can go really wrong, in particular with the exemple of Netscape
4 Mail and how we solved the problems.
Philippe Gaillardon (CCIN2P3)
OPERATMS - an X-Window operator tool for tape movements
Presentation of an X-Window operator tool for managing tape movements
using TMS and STK robots.
Mailrouter - correction of mistyped email addresses using fuzzy
The standard format of email addresses at CERN is "Firstname.Familyname@cern.ch".
The Mail Transfer Agent (MTA) translates this symbolic address to a corresponding
physical address which points to a user mail account.
If a translatation fails due to any mistakes in the address, a fuzzy
match program is invoked to correct the recipient address. This program
combines various fuzzy match techniques (approximate
match, soundex algorithm) to find the best match in a reasonable time
and returns a message to the sender if no exact match can be found.
Robert Zelazo (CERN)
Anti-Spam War : Status at CERN
Since November last year we have been actively trying to reduce the
amount of unsolicited electronic mail, commonly known as SPAM mail, that
arrives in CERN mailboxes. Since it is difficult to distinguish between
spam mail and genuine mail, "innocent" people may occasionally be affected
by our anti-spam measures.
These are based on the the relay host IP address and the SMTP envelope
"MAIL From:", "RCPT To:" lines. In our case analysing the body of each
message we receive at CERN would be too much resource consuming.
That is why we focused on the envelope information. This also lets
us refuse spams in the very first moment, without accepting the bod of
the message. Our anti-spam measures are implemented in the sendmail's
check_mail and check_rcpt rules and will be summarized by me during the
HEPIX meeting, so that you will be aware of what we are doing to stop accepting
and relaying spams at CERN.
LDAP: implementation at CERN
A new Internet protocol for directory services - LDAP - becomes more
and more popular. It is supported by major software producers and implemented
in many products (Netscape, etc).
At CERN we use LDAP directory services to store user data and for searching
of email addresses, people, phone numbers etc. The database contains both
free-access data (email, phone, office, experiment) as well as confidential
information (personal data, account information).
Due to wide access control rules defined in LDAP the internal data
are protected against un-authorized access. For update we use fast off-line
access to the database which allows everyday update without stopping the
service for a longer time.
James W. DeRoest (UoW)
Architecture of a Mail Service: Example at University of Washington
The University of Washington has been involved in developing large
scale electronic mail clusters for a number of years. Currently we support
time shared and desktop IMAP/POP3 access to a centrally managed inbox and
folder repository for a community of 70,000 users.
I will describe our mail cluster architecture including a per-user
DNS mechanism used for identifying inbox servers. I will also discuss plans
for Kerborizing access to the mail cluster and campus LDAP support for
the new generation of mail clients.
Maria Dimou (CERN)
A study of shared calendar products
HEP experimental collaborations are often composed of hundreds of people
based in many different locations. In order to schedule common events and
check each-other's availabilities we need a shared calendaring system,
which can be available on all our supported platforms and remotely accessible.
A web-based client-server tool is most suitable for the task and with
such specifications we started collecting products and requirements in
a small study group at CERN. In this talk we hope to share interest and
experience with HEPiX peers in calendar products and service requirements.
Michel Jouvin (IN2P3/LAL)
IMSP and ACAP experience at LAL
The Application Configuration Access Protocol (ACAP) and its predecessor
Internet Mail Support Protocol (IMSP) allows users to access and store
their personal profile, addressbook, etc. Based on IMSP experience at LAL,
Michel will expose the goal of such companion protocols in IMAP based server
environment, discuss benefits and weakness from a client perspective, and
introduce how ACAP should improve service and manageability.
German Fernandez (CERN)
Mailing Lists: Successful deployment with a Web interface
MOWGLI is a web interface, developed at CERN, to the mailing list server
Majordomo. It's a set of CGI programs and libraries, written in Perl, integrated
in the core of a dedicated Apache HTTP server.
Alf Wachsmann (DESY/Zeuthen)
Cfengine as New Installation and Administration Tool at DESY
In the past DESY Hamburg had used a home grown tool for systems installation
and administration. This talk presents the reasons why DESY needs a change
to another tool which will be used at both sites of DESY in Hamburg and
This talk also presents a list of tools which were evaluated by a small
group of SysAdmins in order to find the appropriate successor of the currently
Dirk Wetter (DESY/Hamburg)
Linux Workgroupserver @ DESY/Hamburg
Similar to the existing ~150 AFS workgroupservers from different UNIX
flavors (mainly SUN, SGI, HP, AIX) DESY offered limited recently support
for another operating system: Linux. The challenge was to build up a model
for a Linux AFS workgroupserver which fits into the DESY environment. This
should be done with a minimum effort for installation and administration
so that the low costs for the hardware should not be compensated by high
costs for the support. The basic installation procedure is provided by
the S.u.S.E distribution and the workgroupserver postinstallation was made
by DESY. In this way it was possible to guarantee a totally unattended
installation starting from inserting the floppy to the ready-to-go-system
within < 45 min.
Thorsten Kleinwort (DESY/Zeuthen)
Computer Security at DESY-Zeuthen
The main goal of this talk will be to present the recent measures we
made in Zeuthen to increase our computer security on our unix-machines.
This is due to hacker attacks and a general improvement of security. I
will also mention the special role of LINUX in this context.