200 likes | 213 Vues
RACE Spanish academic mail network. Evaluating the Best Current Practices to Improve E-mail Quality. TERENA workshop on Improving the quality of email services Amsterdam, 9 December 2009. Jesus Sanz de las Heras jesus.heras@rediris.es. Index. Background RedIRIS mail services
E N D
RACE Spanish academic mail network Evaluating the Best Current Practices to Improve E-mail Quality TERENA workshop on Improving the quality of email services Amsterdam, 9 December 2009 Jesus Sanz de las Heras jesus.heras@rediris.es
Index Background RedIRIS mail services What RACE does it mean for RedIRIS and universities? RACE achievements RACE methodology RACE technical criteria
Background activities RedIRIS has been working for the last 15 years on coordinating a working group to improve e-mail services for the Spanish academic community: IRIS-MAIL This strong coordination has allowed us to generate knowledge and experience, as well as permitted the implementation of many initiatives and services
Previous activities • Iniciatives and services such as: • Online configurators for sendmail and postfix (1999) • Sensors network for virus and spam stats (2002) • http://ersi.inteco.es • Centralized access Webmail to all RedIRIS institutions (2000) • Collaborative evaluation of security email appliances (2007) • Difusion of SPF (2005) and DKIM (2007) technologies
Current activities • Reputation services of IPs • Spamtraps networks • Spanish Whitelist (http://www.abuses.es/eswl) • DNS black list service: IRISRBL (http://www.rediris.es/irisrbl) • Recommendations to improve Webmail users’ experiences such as: Zimbra, Horde, OpenXchange etc • External monitoring of mail services (SMTP,POP,IMAP etc)
What is RACE? RACE has differents approaches: It is a dynamic Best Current Practices guide It is an evaluation methodology It is a uniform strategy for RedIRIS mail comunity It’s a guideline to evolve together And also … its like a game
Objetives for RedIRIS Collect mail technical knowledge and experience of the community to define the best current practices Define a uniform strategy Create a tool for measuring the quality of mail service Be a reference guide in order to evolve and migrate E-mail services Create a best current practices Guide for new techies RACE acreditation and certification for universities
Objetives for institutions • Academic environment is almost homogeneous • RACE acreditation offers: • External evaluation of their services • Universities likes to receive experiences, ideas or comments from other similar institutions • Guarantee of work done for techies • Valued by users and managers
RACE: achievements • RACE iniciative has permitted • A uniform development of mail services • An evaluation of new mail technologies • The establishment of a basis to evaluate other services such as: security, eduroam etc • The creation of a real social network around academic mail services
RACE. Criteria • RACE has 33 technical criteria • Each item has a weight (points) • Criteria are annually reviewed and updated • Criteria don’t define the implementation • There are some mandatory criteria (legal or RFCs): • Anti-relay • Logs policy • Reverse DNS records • Abuse and postmaster mailbox
RACE. Weight and Criteria 2700points Advanced level 1600points Medium level 800 points Basic level 500points Mandatory
RACE Evaluation • Team of ten volunteers • RACE coordinator (Rediris person) • Nominates two evaluators for each evaluation, who are previously evaluated techies • Updates tools for RACE evaluation • Manages and update documentation to evaluators • Evaluators and the evaluated get in touch • Evaluators must fill out a technical report template
RACE Evaluation • When finished evaluation, coordinator: • Review techical people • Send a postal acreditation • Include institution into a RACE directory
RACE technical criteria Evaluating the Best Current Practices to Improve E-mail Quality
RACE Acreditation Guide (criteria) Directory RACE Universities Evaluation Metodology RACE. Overview Technical report RACE Routing SMTP Servers Platfom Services Security and Authetication RACE online (under construction)
Criteria for routing SMTP RACE criteria for routing SMTP 100 Port 25 control for in/outbound SMTP 100 55 Minimun and maximun number of recipients SPF DNS record and checkin SPF 100 100 Mail Log policy Anti-relay rules 80 95 User unknown control Controls for SMTP mail flow 100 • Reverse DNS records Message size limit 100 100 Spanish Whitelist
Criteria for SMTP servers platform RACE criteria for SMTP servers platform 100 High-Availability Load Balancing 100 RedIRIS NTP Synchronization
Criteria for security and authentication RACE criteria for security and authetication 60 Internal Secure transaction (MTA) 60 100 Secure POPs, IMAPs, External Secure transaction (MTA) 100 100 Central authentication Submision servicie (587)
Criteria for value-added services RACE criteria for value-added services Email Vacation services 40 Forwarding (-) -40 100 100 Public Mail Aceptable Use Policy Policy backup of mailbox 100 Online password change 100 AntiVirus MTA AntiSpam MTA 100 85 100 Custom antispam Abuse,postmaster@ mailbox 100 Mailing list service Secure remote acces (Webmail, vpn, ssh tunnels) 100