Mail at CIMS

E-mail at Courant

The courant.nyu.edu (aka, cims.nyu.edu), cs.nyu.edu, and math.nyu.edu domains share a common mail gateway, through which all CIMS email passes, where each message is scanned for viruses and checked for the likelihood that it is spam before it is passed along to the mail server and spooled to disk. Because we use a common server for the various domains, all Courant users can receive email addressed to username@cims.nyu.eduusername@cs.nyu.edu, or username@math.nyu.edu, as well as username@courant.nyu.edu. However, since each user is likely to be most closely affiliated with just one of these entities, one would advertise to colleagues the address that is most appropriate.

With the exception of cases in which people have identical names, each user is also given an alias of the form firstname.lastname at any of these domainnames. That is, for user John Doe, each of the addresses john.doe@courant.nyu.edujohn.doe@cims.nyu.edujohn.doe@cs.nyu.edu, and john.doe@math.nyu.edu would be valid, and since these aliases are not case sensitive, John.Doe and JOHN.DOE would be valid as well. Mail to any of these addresses is all spooled to the individual's mail file on the on the mail server. But please keep in mind that you can not assume that because you know a persons first and last name that an alias exists for them in the form of first.last@cims.nyu.edu. That alias could have been taken by someone else or even have an alternate spelling (e.g joe.doe versus joseph.doe)

Accessing Your Email

Your mail can be directly accessed by logging into one of Courant's Solaris or Linux systems using one of several mail reading programs on the command line. It can also be accessed from the web using our web interface, or from a remote computer, such as an office or home PC, Mac, or laptop, using either the POP (Post Office Protocol) or IMAP (Internet Message Access Protocol) protocol with a remote mail client. Mail can be sent using the same mail programs that are used to read it.

Please note that mail services including web mail are reserved for PhD students, faculty, administration, and certain other special cases. E-mail sent to a Master's student CIMS e-mail address will be automatically forwarded to his/her NYU e-mail address. 

Please note that as of the summer of 2018 all new accounts (not just master's accounts) will have their email automatically forwarded from your_username@cims.nyu.edu to your_username@nyu.edu. To set up an alias such that emails sent from your_username@nyu.edu appear to have been sent from your_username@cims.nyu.edu, please see these instructions. Also, please note that you should never forward email back from your NYU Home account ( nyu.edu ) to your cims account as this will result in an alias loop.

Reading and Sending Mail in a Unix or Linux Terminal

You can read and send email from a terminal window logged into one of the Unix servers, such as access.cims.nyu.edu, or by opening a shell terminal on a Solaris or Linux workstation. This has the advantage that you can access mail directly on the system, rather than connecting via IMAP or POP and transfering mail and headers to a remote computer. However, some disadvantages are that you cannot directly open all attachments, and many operations can be complicated, because they each rely on keyboard input of extensive lists of command strings, rather than simple mouse clicks in a GUI interface. Moreover, as software becomes increasingly GUI or browser driven, command line interfaces are a dying breed.

Of the following standard Unix mail readers, all except Mail can be used to open attachments, but they need to be configured to open them directly using the appropriate program, and this can be cumbersome in some cases. They can readily be used to save attachments as files, then one can view them using the appropriate software. All except Mail can also be configured to download mail via IMAP or POP and to route outgoing mail through a specific SMTP server. All have help facilities within the programs. You can click on the links below to read the Unix man pages here.

If you're having problems viewing emails formatted with European or French characters, you will need to reconfigure your settings to include European characters.

  • Mail: The original Unix mail reading program. It is useful for those people who have been habitually using for many years, but is not recommended for users who are new to Unix, because the alternatives are better.
  • pine: Probably the most user-friendly of the command line mail readers, it handles attachments well, is relatively easy to configure to taste, and has a reasonable help facility.
  • mutt: A powerful mail interface, it is probably as good as any mail reading program in existence once one masters its use. However, it is complicated.
  • elm: A predecessor to mutt, it is no longer supported by its creators and does not work well on Linux systems. Its use is not recommended. Those who have used it in the past are encouraged to use mutt instead.

Accessing Your Courant Mail on the Web

You can access your Courant email from your web browser by logging in to our web interface at webmail.cims.nyu.edu using your Courant account. The system uses a customized version of Roundcube mail, a popular open source webmail client.

Downloading Email Using IMAP or POP

While both IMAP and POP can be used to access your mail remotely, and are both supported here at Courant, IMAP is functionally superior to POP, and it is the recommended protocol for online mail access. One of the advantages of IMAP over POP is multiple folder support. With IMAP, you can create remote folders other than your INBOX and still be able to access them from any machine. POP mail clients can only create folders locally. For example, if you create a local mail folder on your work/school PC, you will not be able to access it from home if you use POP. IMAP is also optimized for online performance, such that an IMAP client does not have to download an entire message in order to display information about it and its attachments. In general, you should consider using POP to access your Courant email only if you always access your mail from the same machine, which is very unlikely these days, or if your mail client only supports POP.

Whether you use IMAP or POP, you should specify imap.cims.nyu.edu as the server. For security reasons, we only support IMAP and POP over SSL. This guarantees that your IMAP or POP session is encrypted, and your password is not sent in plain text. Make sure you specify server port 993 for IMAP over SSL or port 995 for POP3 over SSL when you configure your mail client.

Outgoing Email, SMTP and Mail Relaying

SMTP (Simple Mail Transfer Protocol) is the common protocol for transferring mail over the Internet. Your mailer uses SMTP for sending messages. For sending mail from a Courant address, you should specify smtp.cims.nyu.edu as the SMTP (or outgoing mail) server.  You must configure your mailer to authenticate using your CIMS username and password. For security reasons, you should also specify TLS (or SSL if TLS is not an option) connection for SMTP in your mailer configuration if authentication is configured.

You can relay mail through our SMTP servers using the mail submission port (587) with TLS enabled.

Note for Outlook users: SMTP over TLS on port 587 may not work with Outlook. Try port 465 with SSL encryption.

Server Settings for using IMAP or POP, and SMTP

IMAP

  • Server: imap.cims.nyu.edu
  • SSL: enabled
  • Port: 993

POP3

  • Server: imap.cims.nyu.edu
  • SSL: enabled
  • Port: 995

SMTP (Outgoing)

  • Server: smtp.cims.nyu.edu
  • TLS: enabled
  • Port: 587
  • Authentication is required if outside Courant.

For detailed instructions on how to configure your settings for a specific mail reader, or "client," please look here.

Forwarding Mail

The address to which mail is delivered for a given user is based on email aliases maintained on the Courant mail gateway and in the directory service database that is queried each time a message is sent on a Unix or Linux system. You can use a .forward file directly or use the the web interface described below to forward mail to an address outside of Courant. Using a .forward file to reroute mail to another machine within the Courant network, however, will result in an alias loop due to the existence of your global alias, so this must be done carefully.

If you use the web interface, loops are checked for by the addition of an extra header.

To use your .forward directly to forward all your mail to an outside address from your CIMS address, simply open the .forward file in your home directory. Modify the file so that it contains only the e-mail address to which you would like all of your mail forwarded. If you would like to forward mail to another address while retaining a copy of each message in your Courant account, you would create an entry as follows:

  • \username, forwarding_address

To disable mail-forwarding, simply delete the file, or leave it completely blank. For more information on mail forwarding and mail aliases, please see the Unix man page.

Automated Replies to Incoming Messages

If you would like to set up an automated response to all of your incoming mail, you can use the vacation program or use the web interface described below. This can be useful if you plan to go on vacation and will not be reading your mail, or at any time you want to generate an immediate response to each sender. If you decide to use the web interface described below, do not set this up directly by typing vacation at the command line, use the web interface only.

The default length of time between auto-replies to each sender address is one week, so multiple messages from a given sender will not generate a new response to each message they send. However, it can be configured to respond more frequently or less frequently, such as once per day or once per 2 weeks, or to each message you receive from the same sender. All incoming messages will be processed and delivered as they would under normal circumstances in which automated replies were not being generated.

In order to configure the interval between repeat replies to the same sender, first make sure you have configured your away message on the web interface. Then you must edit the .vacationrc file in your home directory (/home/username/.vacationrc).

In /home/username/.vactionrc, edit the line:

|  /usr/bin/vacation $LOGNAME

after "vacation' you can append -tN. A trailing s, m, h, d, or w scales N to seconds, minutes, hours, or weeks, respectively. The default (without having to append anything to this line) is 1 week. So if you wanted to change this to 3 days, for example, the line should look like this:

|  /usr/bin/vacation -t3d $LOGNAME

**Please note that this will have to be done every time you set a "vacation message" on the Mail Configurator.

 

Web Interface for Configuring Forwarding, Automated Replies and Filtering

If you use this web interface please be aware that it uses procmail and you should NOT use a .forward to set up Forwarding or Automated Replies (as described above). Both of these features can be handled via this interface.
When you use the web interface (the Mail Configurator) to forward mail, an X-Loop header is added to the forwarded mail. This header is used to detect mail loops, so if you forward to another account which also uses an X-Loop header to determine whether mail should be forwarded, the addition of this header will cause email at the other account not to be forwarded.
To access the web interface go to the Mail Configurator.

Mailing Lists

Mailing lists are used to send messages to multiple users who share a common need to receive certain messages, whether they are students in a class, researchers interested in a particular topic or series of talks, or administrators who need to be notified regarding University events. There are three types of mailing lists presently in use at Courant:

  1. Software Managed Mailing Lists

    These are used for class mailing lists, seminars, departmental lists, and other functions. They enable interested parties to subscribe and unsubscribe over the web, and provide list administrators with the ability to manage the lists and moderate messages posted to them. 

    Previously, the Courant Systems Group created GNU Mailman mailing lists on request. As of Spring 2018 we will be discontinuing this service in favor of the NYU Groups tool. Groups provides all the functionality of Mailman, plus additional features such as online discussion forums and the ability to share content from Drive. Information about requesting a Group can be found here:

    http://www.nyu.edu/servicelink/KB0013048

    NYU Groups can browsed here, when logged in with your NYUHome credentials:

    Legacy Mailman lists can be viewed and managed via the following links:

  2. Static Mailing Lists

    These fall into two types:

    • Those generated automatically. Inclusion on this type of list is based on the users home directory. However, it is possible to override this. Requests to be included or excluded should be sent to helpdesk@cims.nyu.edu

      The use of these lists is restricted. Restrictions are based on message content and type of user and vary for the different lists. The Institute takes these restrictions very seriously. Disregarding them could lead to the suspension of your account. If in doubt please contact us for clarification.

    • Those maintained by a staff or faculty member. These are primarily used by administrative staff. Use of these lists is not open to the general community. Requests to set up such a list are limited to faculty and staff. Such requests are normally only made for lists that are repeatedly used and that contain over 20 users.

  3. Personal Mailing Lists

    These lists can be set up by any user at any time. They have the disadvantage of normally listing all recipients. However this limitation is easily circumvented by blind copying (Bcc) the list. These lists are normally defined in your .mailrc file. For information on how to set up such a list see the documentation pertaining to the mailer you are using. It is, of course, up to the owner of such a list to maintain it.

Spam

Short of locking down our mailservers to the point that they are either useless or impossible for legitimate users to use, there's not a lot we can do at the system level.

It's the nature of electronic mail, and it really is similar to regular mail in that you can send a letter to anyone for whom you have an address, and, furthermore, you can put any return address on that letter, even that of the recipient. A person can send mail to guest1@cims.nyu.edu and pretend that the message is coming from guest1@cims.nyu.edu. The one thing we can prevent is that person sending mail as guest1@cims.nyu.edu to places outside of NYU. Normal, non-phishing spam can be forwarded to is.spam@nyu.edu

Phishing

Phishing is the act of trying to obtain confidential information from users of an e-mail service by crafting e-mail that looks legitimate and contains links to malicious websites. You should be suspicious of any e-mail that claims to be from NYU or CIMS, but contains many grammar/spelling errors, links to pages that don't begin with "cims.nyu.edu/" or "nyu.edu/", and other incorrect information. You can report phishing attempts to phishing@nyu.edu. And outside of nyu you can also report such scams to spam@uce.gov and/or reportphishing@antiphishing.org. When reporting phishing attempts, you should include the full email with full headers. In addition phishing attempts can also be reported as follows acording to the FTC.

------------------------------
How to Report Phishing
If you got a phishing email or text message, report it. The information you
give can help fight the scammers.

Step 1. Report the suspicious email to NYU IT using the PhishAlarm button in NYU Email (Google) and include specific information about the incident. If you don’t see the PhishAlarm button, forward the email to phishing@nyu.edu. You can also report a security incident through this service link form.


Step 2. If you got a phishing email, forward it to the FTC at spam@uce.gov and to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726).


Step 3. Report the phishing attack to the FTC at ftc.gov/complaint.

------------------------------

Here is an example of a real phishing attempt that was sent to many of our users, followed by a bullet-point breakdown of how it could have been identified as illegitimate.

----------------------------------------------
<PHISHING EXAMPLE>
----------------------------------------------

From: New York University <abc123@anotheruniversity.edu>
Date: June 7, 2014 at 10:42:03 PM GMT+2
To: Recipients <abc123@anotheruniversity.edu>
Subject: Newsletter Subscription Service

Subscribe Now : EMAIL NEWSLETTER

Sign up to get monthly updates about our students, faculty, research, and alumni.with information on campus news and events, including plays, concerts, art exhibits, and athletic competitions, as well as local happenings.  Click Here to receive weekly New Letter CIM.NYU.EDU/SUBCRIBE

Browse through the archives of our(NYU) past publications and get the latest news about what is happening within the NYU Steinhardt community. Learn about students working within the community and studying abroad, the academic research of our faculty, and the exciting work being done by some of our Alumni. (Note: If you have a CIMS Login you'll be asked to login through CAS.

New York University :: Courant Institute of Mathematical Sciences :

----------------------------------------------
</PHISHING EXAMPLE>
----------------------------------------------

Breakdown:

  • Although the name in the From field is "New York University", the e-mail address that follows it is clearly not from NYU. Although not the case in this example, it is possible to fake the From address to look as though it came from a legitimate address. Never trust an e-mail based on the From field alone!
  • The very first sentence contains noticeably mistaken grammar ("and alumni.with information")
  • The second sentence displays inconsistency: the subject line refers to it as "Newsletter", and then the second sentence refers to it as "New Letter"
  • The URL provided is cim.nyu.edu/subcribe. This has TWO problems: 1) our domain is CIMS.nyu.edu (with an "s"). 2) they misspelled "subscribe".
  • In the original e-mail where the URL was a clickable link, the URL led to a "yolasite.com" address. This was observable simply by hovering over the link (no need to actually click it).
  • Spacing error: "our(NYU)"
  • "Alumni" is capitalized for seemingly no reason.
  • Their final "Note" has an opening parenthesis, without a matching closing parenthesis.
  • Most organizations, including CIMS, will not close an e-mail with something as vague as "New York University" or "Courant Institute of Mathematical Sciences" without some kind of contact information or link.

This is not to say that every e-mail that we will ever send will be perfect. However in the event that we do send out something as mangled and unprofessional as the above example, we will issue a correction e-mail.

----------------------------------------------

Here is another example of a real phishing attempt that was sent to many of our users. In this exampe we will delve a little more deeply into the full headers of the email. Note that this phishing example does not have a link to a website and instead relies on the recipient to respond via email. A particular email can appear to be sent from a legitimate address and yet not be. Each email includes a "From" header which can be easily forged and often is for legitimate reasons. A good way to think of an email’s “From” header is as the digital equivalent of the return address printed on envelope.

So, at first glance, an email can appear to be from a legitmate site such as your bank and yet not be. Scam emails like this often will include a link that will take you to a phishing site that is designed to look like a legitimate website. Before clicking on any link in an email, you should pass your cursor ver the link and make note of the URL it will take you to if you click on it. This is often all one needs to do to tell that the email is a scam.

However, not all scam emails have links to URLs in them and are instead designed to scam you once you reply. So how do you tell? The answer is simple, you just have to look at the full headers. All email applications have a way to do this. In Gmail, for example, you can examine this information by clicking the arrow at the top right corner of an email and selecting Show original.

Below is an example of an actual spam email with a forged email address. Notice the From line -> From: "Prof. Denis Zorin" <cs-chair@cs.nyu.edu>. This looks legitimate at first glance, but this line can contain anything like the return address printed on envelope. To find out where it's really from you have to follow the chain. Start from the bottom to find out where it originated from. Look for the "Received: from" headers. The important one has been highlighted below. You will see, in the example below, that it originated from "reagan.com" which would be a red flag in this case and indicate that there is something fishy going on. Also note the "Reply-To: godoverevery@gmx.com", which is another clue that this email is far from legit.

----------------------------------------------
<PHISHING EXAMPLE>
----------------------------------------------

 Delivered-To: xyz123@nyu.edu
Received: by 2002:ac2:43d6:0:0:0:0:0 with SMTP id u22csp2630521lfl;
        Tue, 9 Apr 2019 07:57:05 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxnV1v3qKhHyCwWJIEPZqQAVQSPqiSyeeCK/ZpTOg80Oe5X2HC1SyeSwFdMTmEz1/c7y/hH
X-Received: by 2002:ac8:28d0:: with SMTP id j16mr31540318qtj.15.1554821825630;
        Tue, 09 Apr 2019 07:57:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554821825; cv=none;
        d=google.com; s=arc-20160816;
        b=QKEv1S0d3Q+LQ4wkIG61+3mRhPd1a42/pnQcYlVYQ9WEYMuyJvboveAEkKUwpPuChJ
         d4bhTX+EZccndsUy292AQ/v8feZ9fSqCeVx4/2LKydNpLJhs9DgRnFxEO363L751+25n
         52QK9O/RfyQGH/RVxMR/4KUboOKkI3CtzeAFQ0n5uhGuYARG9+FD8lF283GUB9hnc3Sx
         N2euEzBxEWXXOn8b7/kWRzc7LHZZpEIMkzGWHd8dqhBu7ybY2Fz8ZIHPLu4cwn6RE6T2
         1wEI0wX+YtRITGvNoIh5rn47st/UMPMai+dhuQUqITWRG+cGnE+QoMFdP/csLED6LmEP
         jlow==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=message-id:importance:mime-version:reply-to:to:from:subject:date;
        bh=3mQVOIq5q7fsJp8KJljRhEzq8zmfYdV5CNPusP+1Rgw=;
        b=cNWcV5n+kh6wkNFnPf0G7K7uT2D/w82tC/8jisxHBnGjjR3KwYcujpaMmAaNbDinS+
         zXCEBD0v65Udf3B49Ad+0IpB+Mv5iSbD/WpUuZSHS9P7+lKIebCIT9wEebdgftlgDaeG
         8FyBB8bDIMA8IvDx7/M+gCCPZtz28eEu2TTQpL2ff7iYNbkEBu3cdXVq+qU+qj/Kij+c
         rVRUg+802L1OIS454YH+T7eYmlz9BCJJO/bNQR1J+OAiLQq9/OudXse3//wjRz/gk/+y
         PzobZOfR5GY/DU2qLEK7nLTYrsUt5K7FRvcORfVEaBfsNzu49lsHj0NKBIs1IhVh2ZN6
         evNg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of jdoe@mail.cims.nyu.edu designates 128.122.49.90 as permitted sender) smtp.mailfrom=jdoe@mail.cims.nyu.edu
Return-Path: <jdoe@mail.cims.nyu.edu>
Received: from gmx3.home.nyu.edu (gmx22.home.nyu.edu. [216.165.32.213])
        by mx.google.com with ESMTPS id a15si1608065qtk.344.2019.04.09.07.57.05
        for <xyz123@nyu.edu>
        (version=TLS1 cipher=AES128-SHA bits=128/128);
        Tue, 09 Apr 2019 07:57:05 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of jdoe@mail.cims.nyu.edu designates 128.122.49.90 as permitted sender) client-ip=128.122.49.90;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of jdoe@mail.cims.nyu.edu designates 128.122.49.90 as permitted sender) smtp.mailfrom=jdoe@mail.cims.nyu.edu
Received: from mx3.nyu.edu (mx3.local [10.100.100.243]) by gmx3.home.nyu.edu (8.14.9/8.14.9) with ESMTP id x39Ev4U6009127 for <xyz123@nyu.edu>; Tue, 9 Apr 2019 10:57:04 -0400 (EDT)
Received: from mx0b-00256a01.pphosted.com (mx0b-00256a01.pphosted.com [67.231.153.242]) by mx3.nyu.edu (8.14.9/8.14.9) with ESMTP id x39Ev4st009091 for <xyz123@nyu.edu>; Tue, 9 Apr 2019 10:57:04 -0400 (EDT)
Received: from pps.filterd (m0119692.ppops.net [127.0.0.1]) by mx0b-00256a01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x39Ev3e0125652 for <xyz123@nyu.edu>; Tue, 9 Apr 2019 10:57:04 -0400
Authentication-Results: ppops.net; spf=none smtp.mailfrom=jdoe@mail.cims.nyu.edu
Received: from mail.cims.nyu.edu (mail.cims.nyu.edu [128.122.49.90]) by mx0b-00256a01.pphosted.com with ESMTP id 2rruwdtddf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <xyz123@nyu.edu>; Tue, 09 Apr 2019 10:57:04 -0400
Received: from mail.cims.nyu.edu (localhost [127.0.0.1]) by mail.cims.nyu.edu (8.15.1+Sun/8.15.1) with ESMTPS id x39Ev3DQ024631 (version=TLSv1.2 cipher=DHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <xyz123@nyu.edu>; Tue, 9 Apr 2019 10:57:03 -0400 (EDT)
Received: (from jdoe@localhost) by mail.cims.nyu.edu (8.15.1+Sun/8.15.1/Submit) id x39Ev3Fh024628 for xyz123@nyu.edu; Tue, 9 Apr 2019 10:57:03 -0400 (EDT)
Received: from mx2.cims.nyu.edu (mx2.cims.nyu.edu [216.165.22.57]) by mail.cims.nyu.edu (8.15.1+Sun/8.15.1) with ESMTPS id x39Ev25i024618 (version=TLSv1.2 cipher=DHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <jdoe@mail.cims.nyu.edu>; Tue, 9 Apr 2019 10:57:03 -0400 (EDT)
Received: from smtp124.iad3a.emailsrvr.com (smtp124.iad3a.emailsrvr.com [173.203.187.124]) by mx2.cims.nyu.edu (8.15.1+Sun/8.15.1) with ESMTPS id x39Ev074009373 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <jdoe@cs.nyu.edu>; Tue, 9 Apr 2019 10:57:01 -0400 (EDT)
Received: from smtp32.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp32.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 9384A5793 for <jdoe@cs.nyu.edu>; Tue,
  9 Apr 2019 10:38:20 -0400 (EDT)
Received: from app21.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by smtp32.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 832AF56B3 for <jdoe@cs.nyu.edu>; Tue,
  9 Apr 2019 10:38:20 -0400 (EDT)
X-Sender-Id: preacherco@reagan.com
Received: from app21.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by 0.0.0.0:25 (trex/5.7.12); Tue, 09 Apr 2019 10:38:20 -0400
Received: from reagan.com (localhost.localdomain [127.0.0.1]) by app21.wa-webapps.iad3a (Postfix) with ESMTP id 6E03B60054 for <jdoe@cs.nyu.edu>; Tue,
  9 Apr 2019 10:38:20 -0400 (EDT)
Received: by webmail.reagan.com
    (Authenticated sender: preacherco@reagan.com, from: cs-chair@cs.nyu.edu)
     with HTTP; Tue, 9 Apr 2019 09:38:20 -0500 (CDT)
X-Auth-ID: preacherco@reagan.com
Date: Tue, 9 Apr 2019 09:38:20 -0500 (CDT)
Subject: Hello James
From: "Prof. Denis Zorin" <cs-chair@cs.nyu.edu>
To: jdoe@cs.nyu.edu
Reply-To: godoverevery@gmx.com
MIME-Version: 1.0
Content-Type: multipart/alternative;boundary="----=_20190409093820000000_81464"
Importance: Normal
X-Priority: 3 (Normal)
X-Type: html
Message-ID: <1554820700.448429513@webmail.reagan.com>
X-Mailer: webmail/16.3.0-RC
X-Greylist: inspected by milter-greylist-4.6.2 (mx2.cims.nyu.edu [216.165.22.57]); Tue, 09 Apr 2019 10:57:01 -0400 (EDT) for IP:'173.203.187.124' DOMAIN:'smtp124.iad3a.emailsrvr.com' HELO:'smtp124.iad3a.emailsrvr.com' FROM:'preacherco@reagan.com' RCPT:''
X-Greylist: Delayed for 00:18:34 by milter-greylist-4.6.2 (mx2.cims.nyu.edu [216.165.22.57]); Tue, 09 Apr 2019 10:57:01 -0400 (EDT)
X-Virus-Scanned: clamav-milter 0.97.4 at mx2
X-Virus-Status: Clean
X-Scanned-By: MIMEDefang 2.80 on 216.165.22.57
X-Loop: beenherebefore
X-CLX-Shades: MLX
X-Orig-IP: 128.122.49.90
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-04-09_07:,, signatures=0
X-Proofpoint-Spam-Reason: safe
 

----------------------------------------------
</PHISHING EXAMPLE>
----------------------------------------------

Greylisting

Greylisting is a spam fighting technique that temporarily rejects incoming mail in the hope that, unlike legitimate mailers, spammers will not try to resend. Technical information can be found greylisting website.

Effective August 31st, 2006, we made greylisting the default for all new users, and those whose accounts showed no recent activity. To avoid any disruption in correspondence, accounts which showed recent activity were not set to use greylisting by default. (If your mail is not being greylisted, we say your mail is being whitelisted). For all accounts that existed prior to August 31st, 2006, a file called .greylist.cfg was created. If it exists, and has the line

whitelist

in it, mail to you is not being greylisted. Otherwise, or if the file does not exist, mail to you is being greylisted.

For your convenience, incoming mail from any .edu, .gov, or .mil domain is not greylisted, and otherwise we use a dynamic whitelist that is updated daily, so over time many legitimate domains have become whitelisted, including most major ISPs and open mail services, such as yahoo and gmail.

In general, at the point most users probably do not have to make any customizations to their greylist configurations. However, inevitably there will be users who correspond with senders who use relatively obscure domains, making it desirable to use such customizations. To change your greylisting configuration, you can create and/or edit your .greylist.cfg file to whitelist specific addresses. To whitelist everything coming from friendly.org, for example, you would use the line

whitelist domain friendly.org

in the file. To whitelist a particular address, put the line

whitelist from abc@xyz.com

You can have as many whitelist directives as you like, one per line. Similarly, you can have explicit greylist directives, also one per line.

When you have finished editing your .greylist.cfg file, run greylist-update.

to update the global configuration. Your changes should take effect within about 5 minutes.

An example .greylist.cfg file:

 # Below is a sample greylist configuration file. Lines begining with
 # a '#' (hash) are considered a comment and are mearly for human consumption
 # lines begining with a hash will be ignored by our system. Uncommented lines
 # (lines without a #) will be used by our system for grey/white listing.
 # 
 # Below we have several examples for greylisting setups. Please uncomment and
 # tailor to your needs.
 # 
 # NOTE: THE FIRST RULE THAT MATCHES AN EMAIL WINS. ALL SUBSEQUENT RULES WILL
 # BE IGNORED.
 # 
 # Please see # http://www.cims.nyu.edu/systems/resources/mail/index.html#Greylisting
 # for more details
 # 
 # Short Instructions:
 # 
 # 1) Modify this file
 # 2) Save your file as .greylist.cfg in your home directory
 # 3) Run: greylist-update
 # 
 # ########
 # 
 # HOWTO: whitelist/greylist specific email addresses
 # (Uncomment & modify to your liking)
 # 
 whitelist from anytrusteduser@somedomain.com
 greylist from anyspammer@somedomain.com
 # 
 # ######## 
 # 
 # HOWTO: whitelist/greylist mail from a specific domain
 # (Uncomment & modify to your liking)
 # 
 whitelist domain sometrusteddomain.org
 greylist domain somespammerdomain.org
 # 
 ### DEFAULT SETTINGS ###
 # The last rule in this file is your user default settings.
 # it should either be to whitelist all other mail or greylist all other
 # mail. CHOOSE ONLY ONE and leave the other commented out.
 # 
 greylist
 #whitelist