Item 350. Minutes: Grex Board of Directors Meeting. Tuesday, July 25, 2006 S. Lynne Fremont (slynne) Tue, Aug 8, 2006 (18:40). 75 lines, 26 responses. Grex Board of Directors Meeting. Tuesday, July 25, 2006 Board Members in attendance: Mark Conger, Lynne Fremont, Joe Gelinas, Larry Kestenbaum, John Remmers, and Janc Wolter. Non Board Members in attendance: Steve Andre (by phone), Jim Diegart, Sindi Keesan, and Mary Remmers. TREASURERS REPORT: In June we took in $271.18 and spent $150. In July we took in $144 and spent $150. We have 51 members and 41 paid up with the others being in a grace period. Mark allows people to maintain memberships in a grace period, especially long term members. STAFF REPORT: Remmers installed an IRC client called IRCII. Only members can connect. It uses a wrapper. Steve made some changes to the kernel. Grex has been more stable. We are still having users break in. Grex is currently listed on two spam systems which is an improvement from what it was before. Steve is working on getting us off of those systems. Turning off mail to newusers has significantly decreased the amount of spam sent from Grex. There was one user recently (lullo) who was caught sending spam. The user attempted to send 110,000 pieces of mail but only 6000 were actually sent. We need to come up with a policy for giving new users email. The current policy is that staff will give newusers email on request. Some suggestions for policy: 1. Limit outbound email to some amount for newusers (e.g 5-20 outbound emails per day) 2. Continue with the status quo of keeping email turned off for newusers and grant it only by request but with a change to the text of the newuser program reflecting this policy 3. Grant email to members and former members so that email would still be mostly free. A person could become a member for one month for $6 and then allow membership to lapse but still have outbound email privileges There was discussion where the board decided that we should move in the direction of granting everyone email but with limits on outgoing email of perhaps five per day at first and then an increased limit after a period of time. MOTION by Mark Conger: We will continue with the present email policy until such time as we can implement a policy where users are subject to an adjustable email per day limit. Seconded by Lynne Fremont. Passed unanimously. The modems are still not answering sometimes. They are working now though. OLD BUSINESS: Lynne wants to extend the deadline of the web contest. MOTION by Mark Conger to give Lynne Fremont authority over web contest. John seconds. Passes (all in favor, Lynne abstains) Set date for next meeting: Tuesday Sept 26th at 8p at John Remmers s House NEW BUSINESS: Nharmon would like permission to submit the grex logo to wikipedia MOTION by Mark Conger to allow grex s logo to be used on wikipedia. Joe Gelinas seconds. Passed unanimously Keesan would like a script that would set up Spam Assassin for new users. Jan says that Spam Assassin takes up a lot of resources so if we set it up for all users, we would need to make it more efficient. This would be a good project for someone to work on. Someone does not necessarily need to have root access to work on that issue so anyone who wants to work on Spam Assassin is welcome to work on it even if they are not officially staff. Meeting adjourned 8:36p 26 responses total. !scholar ---------- (350) #1 By the way, this item has been archived offsite so you cannot erase it. (scholar) Tue, Aug 8, 2006 (20:43). 1 line. Wikipedia still won't let you use the image on Wikipedia, though. !cross ---------- (350) #2 Dan Cross (cross) Mon, Aug 28, 2006 (00:51). 8 lines. I wonder why people think spamassassin would be so hard on grex's resources? It seems pretty clear that relatively few people actually *use* grex for email, and certainly, a global spam daemon would be more efficient than n invocations for n different users. I'd strongly recommend against modifying something to make it "more efficient" unless (a) strongly committed to getting those modifications back into the project's mainline source base, or (b) measurements clearly indicate a need for such modification. I'm not sure grex is either. !ric ---------- (350) #3 Rick Root (ric) Mon, Aug 28, 2006 (15:32). 7 lines. relatively few people USE grex for email. That doesn't mean a horrific ton of email doesn't come to Grex accounts. spamd still spawns processes to scan each mail, even though it's running as a daemon. running spamd globally will almost certainly be a significant performance drain. !keesan ---------- (350) #4 Sindi Keesan (keesan) Mon, Aug 28, 2006 (15:46). 3 lines. Could people be allowed to specify that they do NOT want to receive any mail at grex and would this save some cpu time? Many people have abandoned their accounts to the spammers. !steve ---------- (350) #5 STeve Andre' (steve) Mon, Aug 28, 2006 (16:03). 2 lines. I'm not so sure about that Rick. I see lots of people using email here, and I think its on the rise. !cross ---------- (350) #6 Dan Cross (cross) Mon, Aug 28, 2006 (23:37). 8 lines. Define "lots". Certainly, many orders of magnitude fewer people than use, say, hotmail or gmail or yahoo or whatever. I'm not sure that running spamd would be that noticable on this hardware. Of course, there's also the option of moving mail to another machine which *does* run spamd. Come to think of it, this hardware is getting a bit long in the tooth. Maybe it's time to upgrade to a newer machine, move the users to that, and move mail to this machine, putting both in rackmount cases. We'd be taking up less room at provide.net than we presently are. !steve ---------- (350) #7 STeve Andre' (steve) Mon, Sep 4, 2006 (00:20). 3 lines. I've been trying to come up with some numbers on mail usage. I'd say at least 1000 users are routinely using Grex for mail. It may well be higher. !cross ---------- (350) #8 Dan Cross (cross) Mon, Sep 4, 2006 (18:13). 2 lines. I wonder how many resources setting up spamassassin in a daemon configuration for about 1,000 users would require. I doubt it would be that many. !remmers ---------- (350) #9 John H. Remmers (remmers) Tue, Sep 5, 2006 (13:45). 11 lines. Well, we're currently running spamd, the daemonized version of spamassassin. Also, spamc and procmail are available to users. So we're certainly in a position to test this. Yesterday, I set up a procmail/spamc configuration for myself. It's managed to catch about 90% of my spam, with no false positives, in the last 24 hours. I'm planning to enter an item in Agora describing how to do this. If system performance goes down the tubes then, well, we'll have to rethink our spam-handling strategy. !tod ---------- (350) #10 Todd (tod) Tue, Sep 5, 2006 (14:03). 2 lines. I have a .forward pointing to my gmail account and it works beautifully at detecting spam. !nharmon ---------- (350) #11 Nathan Harmon (nharmon) Tue, Sep 5, 2006 (14:57). 2 lines. What is the difference between allowing people to have POP access to their e-mail and allowing them to .forward their mail? !tod ---------- (350) #12 Todd (tod) Tue, Sep 5, 2006 (15:02). 8 lines. re #11 What is the difference between allowing people to have POP access to their e-mail and allowing them to .forward their mail? 1.Storage locally vs offsite 2.Nodes in use 3.The .forward is available to all (right?) 4.It opens another service for possible exploit 5.POP3 complaints may overburden the overburdened existing staff !nharmon ---------- (350) #13 Nathan Harmon (nharmon) Tue, Sep 5, 2006 (15:10). 2 lines. So in regards to bandwidth use (which seems to be the only reason to stop POP access)...nothing? !tod ---------- (350) #14 Todd (tod) Tue, Sep 5, 2006 (15:11). 4 lines. Bandwidth issues could arise from attachments. I've seen POP hang on systems where people have over a thousand emails some of which have over a Meg of data file attachments. It really depends on the rules that are put on mailboxes and the amount of folks accessing POP at once. !mcnally ---------- (350) #15 Mike McNally (mcnally) Tue, Sep 5, 2006 (16:03). 8 lines. One of the problems with running a POP or IMAP service is that in order for such a thing to be useful it more or less implies that we will set up a corresponding facility to allow clients to *send* mail from their remote locations. Securing such a service against e-mail abuse requires FAR more staff time and attention than just setting up a POP or IMAP service and staff time is in very short supply as it is. !kingjon ---------- (350) #16 Jonathan Stuart Lovelace (kingjon) Tue, Sep 5, 2006 (16:07). 12 lines. If members were given POP access I would never use it, except perhaps to alleviate an over-full mailbox during a period in which I had no access to a SSH or telnet client and was outside the area code. If members were given IMAP access I would use it only if I had no access to a SSH or telnet client, if at all (since my preferred mail client that handles IMAP is pine). My other email accounts that I use these protocols on, I do so only because they don't offer direct access and there's nothing on those servers for me besides email anyway. (POP has stopped working for me on the one address I used it for -- GMail -- by reporting every message as new every time; I use IMAP for my college-provided mail and much prefer it to webmail because of its strange handling of mailing-list digests.) !tod ---------- (350) #17 Todd (tod) Tue, Sep 5, 2006 (16:51). 2 lines. I think POP might work if there was a way to not permit "keep copy on server side" after its been read. !remmers ---------- (350) #18 John H. Remmers (remmers) Wed, Sep 6, 2006 (09:19). 2 lines. I was on the fence about this proposal until I read McNally's #15, which sounds to me like a strong reason for *not* implementing it. !remmers ---------- (350) #19 John H. Remmers (remmers) Wed, Sep 6, 2006 (09:32). 2 lines. (Oops, thought I was reading the proposal item about POP access. Please mentally transfer #18 and #15 to that discussion.) !naftee ---------- (350) #20 Arc! Sin! Weld! (naftee) Wed, Sep 6, 2006 (16:06). 1 line. okay, remmers. i've never heard the expression, "on the fence" before. !remmers ---------- (350) #21 John H. Remmers (remmers) Fri, Sep 8, 2006 (08:19). 1 line. It means "undecided". !naftee ---------- (350) #22 Arc! Sin! Weld! (naftee) Fri, Sep 8, 2006 (13:52). 1 line. fanks. !nharmon ---------- (350) #23 Nathan Harmon (nharmon) Fri, Sep 8, 2006 (15:25). 1 line. fanks? When did jerryr return to Grex? !naftee ---------- (350) #24 Arc! Sin! Weld! (naftee) Fri, Sep 8, 2006 (19:14). 1 line. he writes "fanx", nate !tod ---------- (350) #25 Todd (tod) Fri, Sep 8, 2006 (20:39). 1 line. This is me caring !other ---------- (350) #26 Eric R Bassey (other) Sat, Sep 9, 2006 (12:46). 16 lines. How much system resources are used if a user's mail is .forwarded to /dev/null, and can this be done as a default unless a user specifies (perhaps in a modified newuser) that he or she specifically wishes to receive email at Grex? I there a better way to make spam to user accounts that are not used specifically for mail less of a drain on both Grex and the internet generally? (Bouncing would usually end up with an innocent spoof-victim receiving the bounce anyway.)