The Visible Part
For each member AEGEE offers an alias of the form email@example.com and all messages sent there are delivered to the personal mailbox of the member. Bodies can also have aliases, like firstname.lastname@example.org. Aliases for persons are created and updated automatically based on the intranet login and the stored there email address. In addition bodies and natural persons can get an alias by asking per email the AEGEE Mail Team. The mail server can handle domains other than aegee.org, that are related to AEGEE. Aliases can go to more than one destination mailboxes.
Members can use the provided aliases to show they feel part of AEGEE when communicating with friends and thus decently advertise AEGEE.
To start sending mail from your @aegee.org mail with Yahoo, go to “Settings” → “More Settings” → “Mailboxes” → “Send-only email address” → “Add”. For gmail the quide at https://mail.aegee.org/gmail.html sometimes works and sometimes doesn’t work. Hotmail/Live/Outlook.com describes the procedure at https://support.microsoft.com/en-ca/help/12407/microsoft-account-how-to-manage-aliases.
Updating Aliases from Intranet
In detail, the logic is:
- Aliases created manually/upon request by the mail team are valid and here nothing changes;
- Each user name in Intranet, which consists of the member’s user names, separated by fullstops, possibly followed by some number, is transliterated as described below to contain only ASCII-127 lowercased characters;
- The Intranet user names are sorted by registration time. For each transliterated user name an alias is created, if one does not exist;
- The synchronization happens every six hours.
If this algorithm doesn’t fit you, e.g. as your username contains numbers, you can contact the Mail team at email@example.com to check what can be done.
When testing the availability of your @aegee.org alias, keep in mind that some email providers show emails either as sent or as received, but not both. With such provider, when you send yourself an email, you cannot find out, whether you have received the message.
Email addresses must still contain only ASCII-127 characters, so è, ä or ğ in user names cannot be used for the alias name. For converting such letters to ASCII-127 since 17th September 2018 Unidecode is used. Names with the signs ə or ' are not considered.
This transliteration system is preliminary until end of October 2018. The reason is that the one who made it is not an expert in transliteration. If you have suggestion on how the transliteration shall be done more correctly, please approach firstname.lastname@example.org with suggestions, e.g. how transliteration from Greek alphabet shall be done, ideally by end of September 2018.
sam.perić is converted to sam.peric, efe.miño → efe.mino, anna.süß → anna.suss
Repetitio est mater studiorum (It is time for some examples)
- Your family is called “Commission” and your parents gave you the name “Network”. You register an account with username network.commission. As the alias email@example.com already exists on the mail server, you don’t get an @aegee.org alias automatically;
- Your username is x.y and your email address is a@b. You change in Intranet your email address to c@d. If you had an old alias on the mail server, the destination address of your alias doesn’t change (firstname.lastname@example.org → a@b) — you can ask from your old address the AEGEE Mail team to link the alias with your Intranet account, so than updates from Intranet update your alias destination. Otherwise the destination address is updated within six hours and then email@example.com → c@d;
- AEGEE-XYZ, the XYZ WG or the XYZ project wants to create or update the firstname.lastname@example.org alias. They contact the AEGEE Mail Team;
- If Äna.Morana, Aña.Morana, Ana.Morana and Anã.Morana were distinct accounts in Intranet, the alias email@example.com goes to the lady, that registered first. The other madames get nothing automatically and can contact the mail team to check what can be done.
We use Listserv, donated by LSoft for managing our mailing lists . Visit https://lists.aegee.org/new to create a new mailing list. To manage a mailing list a listserv-password is needed, that is independent of the other logins in AEGEE. Such a password can be obtained from https://lists.aegee.org/password.
Mailing lists can be used by teams:
- receiving emails from non-subscribers. Here the mailing list can get an alias firstname.lastname@example.org and from the perspective of the external world, this is just a normal contact address. When replying to emails, a copy is sent both to the sender and to the mailing list, so that the whole team ensures, that each email is answered. Many european bodies in AEGEE receive incoming mails over mailing list.
- to manage internal communication. Emails from non-members to the team go to a different email address.
- to make one-way announcements, like ANNOUNCE-L.
Which form your team chooses is up to you, as far as it is ensured that no emails are forrgotten unanswered.
Some providers of mailboxes offer to send notification to the sending server, if a user marks an email as spam. Some of those provider even include information which user has clicked an email as spam. When the AEGEE mail server receives such notification, it removes the address from the mailing list, notifying both the subscriber and the listowners.
The Invisible Part
The communication over email consists of several evolving standards, that are deployed for @AEGEE.org. These are mentioned only briefly here, in internet you can easily find more information on the terms:
- DNSSEC all aegee.org DNS records can be retrieved in secure way, so that the consumers can be sure the records can be trusted
- Let's encrypt certificates - to encrypt connections towards the AEGEE Mail server certificates from "Lets' encrypt" are used. This includes the website lists.aegee.org, that you can open in the browser using the https protocol, but also the SMTP connection, used between email servers when exchanging emails.
- DANE this standard allows publishing in DNS which certificate exactly is used to encrypt a connection for a service, making it impossible for other certification authorities to issue certificates not requested by AEGEE.
- Content Security Policy: when you visit https://lists.aegee.org your browser is told not to load content from remote sites, e.g. included embedded frames in spam emails, that you try to load over the archives, protecting you from loading malicious content.
- HTTP/2 - allowing connection multiplexing and other speed up.
- DKIM emails leaving the AEGEE mail server are signed by "Domain Key Identified Mail", where the public key is published in DNS. The recipient can then verify, that emails it receives passed the AEGEE mail server, and can decide, based on evaluation of the emails, to trust emails with valid DKIM signature in the aegee.org domain more.
- SPF - we publish information for the mail.aegee.org and lists.aegee.org domains, stating which hosts are allowed to send emails for that domains.
- DMARC- domain owners can publish information, that all emails from their domain need to have either a valid DKIM signature or valid SPF record associated with the domain. All incoming emails are checked, if the sending domain has published DMARC policy and if the email does not match the policy, it is rejected. For @lists.aegee.org we also publish the policy, that emails not matching shall be rejected, hence prohibiting (spam) pretending to be from the @lists.aegee.org domain, that has not passed the AEGEE mail server.
- OSCP stapling - rather than expecting from the client, after it gets a certificate from the server, to ask the certificate issuer whether the certificate was revoked, the webserver behing lists.aegee.org periodically obtains such confirmation from the certificate issuer and sends it to the clients, when the TLS connection is established.
- ssllabs.com and testssl.sh are two tools, checking the security aspects of an encrypted/TLS connection. These are periodically used to verify that everything is fine. Unfortunately enforcing secure connections means not allowing old clients to connect.
- Mails are checked for viruses using ClamAV.
- Spam filtering with SpamAssassin - When an email arrives, its hash is compared to lists in internet, whether emails with the same hash already have been evaluated as spam. The server sending the email is checked in other lists published on internet about its reputation (of not sending spam). Then the filter considers what the secretary general has put manually in its Spam folder and at the end a score is evaluated, whether the email is spam. If it is spam, the server does not accept the email. Some addresses get more spam than others, so for them the spam filter is (or can be made) more aggressive.
- Sieve is a language for filtering emails. We generate it for each mailing list, so that the emails get rejected, if listserv would rejected them later anyway, e.g. an email from non-subscriber sent to a mailing list, where only subscribers can write messages. Sieve is used also e.g. to evaluate the outcome of SpamAssassin and return messages having five or more scores telling the sender the address of the AEGEE headoffice, incl. telephone number. Hence if a mail was incorrectly identified as spam, the sender can still reach us.
Regular members do not have an IMAP-Mailbox. Infos to IMAP-Mailboxes on the AEGEE-Server can be found here: IMAP Mailboxes