Membership - Resources - Society Officers - Documents & Publications
Kingdoms & Groups - Activities - SCA Events
|
|
SCA Home Page
Membership - Resources - Society Officers - Documents & Publications Kingdoms & Groups - Activities - SCA Events |
On Sunday, 15 January 2006, the sca.org email system was moved to our new server, which offers improved speed and reliability as well as the potential for new features. This Frequently Asked Questions (FAQ) document has been created to answer questions from the populace concerning the changes. Please do not republish this document elsewhere, as we will probably be updating and adding to it during the transition period. Instead, publish the web link http://www.sca.org/docs/newserver-faq.html.
| BACKGROUND | |
|---|---|
| Q: | What's this all about, anyway? |
| A: | We are upgrading the sca.org email server by moving it to a newer, faster computer with newer software. Details have been published at http://sca.org/newserver-20060114.html . |
| Q: | I'm a technical person. Could you tell me the details? |
| A: | We'll be glad to, but please wait a few days to email with questions driven by curiosity. We'll be glad to respond to technical curiosity inquiries when things are less busy. |
| Q: | Are you discontinuing Known World Mail (KWM)? I can't get to my account! |
| A: | We are emphatically not discontinuing KWM; in fact, we have moved it onto a new server to improve performance and reliability. If you are having problems connecting after the change, you may need to adjust the settings in your email software. We have tried to minimize this, but some change is inevitable when moving to a new Internet server. Please read the questions and answers that follow to see if your specific problem is described. |
| Q: | But the KWM web site says the ordering page is disabled! |
| A: | That is a temporary situation during this brief transition period. New orders will be accepted again in a few days. |
| CONNECTING TO THE NEW SERVER | |
| Q: | I am trying to connect to the new server with Outlook (or Eudora, or some other software on a home computer). What settings should I use? |
| A: | Here are the settings you are likely to need. The name of the place
where you put each setting varies from one email program to another,
so we have in some cases listed multiple terms for the same setting.
Where multiple options are shown for the same setting, our server supports any of them, and you may choose according to your own preference or the capabilities of your software.
SETTINGS THAT APPLY TO BOTH SEND AND RECEIVE:
Login, or User Name (your full email address)
Password (same as before the upgrade)
Your "full email address" looks like this: somebody@example.sca.org
where "somebody" is the name you chose when you signed up, and
"example.sca.org" is replaced by the domain you selected from our
list of options (archer.sca.org, lady.sca.org, fighter.sca.org, etc.).
SETTINGS FOR RECEIVE:
For receiving email, you have your choice of either POP3 or IMAP4
communication protocols; our server supports either. Your email software
may refer to POP3 as POP and IMAP4 as IMAP; in this context, the terms
are interchangeable.
Server Name, or Host Name mail.sca.org
Port number for POP3 110
Port number for encrypted POP3 995
Port number for IMAP4 143
Port number for encrypted IMAP4 993
Encryption method (*) TLS or none
Authentication method PLAIN (also called clear
or cleartext) or CRAM-MD5
(we suggest CRAM-MD5)
SETTINGS FOR SEND:
The protocol we support for sending mail is SMTP.
Server Name, or Host Name mail.sca.org
Port number for SMTP 25 or 10025 (**)
Port number for SSMTP 465 (***)
Encryption method (*) TLS or none
Authentication method PLAIN (also called clear
or cleartext) or CRAM-MD5
(we suggest CRAM-MD5)
NOTES:
(*) A later section of this document provides more details about
encryption.
(**) Port 25 is the normal one, but some Internet providers (notably those
in many hotels and wireless "hotspots") may block you from using
this setting to reach our server, and may force port 25 to their
server. We provide port 10025 as an alternate that you may use in
such situations. From our end, the two are treated equivalently,
and they connect to the same software on the same machine. If you
use a laptop and travel a lot, you are probably better off to pick
port 10025 for the SCA (but not necessarily for your other email
providers).
(***) This is an obsolete protocol that very few people will be using.
This port number differs from the others in that it assumes an
SSL session immediately upon connecting, rather than allowing the
client computer to ask for SSL if it is wanted. If you don't know
what this means, you probably don't need this port.
|
| Q: | Why do I need to use authentication for sending? My home Internet provider doesn't require that. |
| A: | Your home Internet provider knows who you are because of the fact that you connected to the Internet through their wiring. We do not have that option at the SCA, so we need to ask for your username and password. Otherwise spammers could use our server to send bulk mail, and none of us would be happy about that. |
| Q: | When I go to the webmail URL https://secure.sca.org/webmail/src/login.php I find that I can't login any more. What's going on? |
| A: | Again, during the transition period, that URL may not work. Please use the URL http://webmail.sca.org/ and save that in your browser's Favorites or Bookmarks. We will ensure that this URL always points to where you need to go, depending on where we are in the transition process. If you still can't get in, try https://webmail2.sca.org/ (a temporary URL only valid during the transition). If that one still fails, contact us to ask for help. |
| Q: | I can get connected, but I get a message about a certificate not being authenticated, and my email software (or web browser) wants to know if I should accept it. Should I? |
| A: | The short answer is, in this particular case, yes. For more details, see the "using encryption" section below. |
| Q: | I get a "connection refused" message from mail.sca.org. What's wrong? |
| A: | Run this quick test: Bring up a command line on your computer, and
type "ping mail.sca.org". You should see output that looks like this:
PING mail.sca.org (64.39.30.44) 56(84) bytes of data. 64 bytes from mail.sca.org (64.39.30.44): icmp_seq=0 ttl=64 time=0.093 ms 64 bytes from mail.sca.org (64.39.30.44): icmp_seq=1 ttl=64 time=0.091 ms 64 bytes from mail.sca.org (64.39.30.44): icmp_seq=2 ttl=64 time=0.098 ms 64 bytes from mail.sca.org (64.39.30.44): icmp_seq=3 ttl=64 time=0.091 ms The number 64.39.30.44 is the Internet Protocol (IP) address of our new server. If your system shows 66.216.68.103 instead, then you are trying to connect to the old server. The Internet's "domain name service" (DNS) converts the friendly name "mail.sca.org" to the IP address 64.39.30.44. DNS servers are scattered all over the Internet, and your SCA's DNS is the authoritative source for anything in the sca.org domain or its subdomains (knight.sca.org and so on). When changes are made to the DNS data, as we have just done, it takes a little time for the new information to propagate to all corners of the Internet. Depending on your ISP, this could happen almost immediately or it could take a few hours or even a day or two. Before we changed the servers, we "tagged" our DNS data to warn other Internet servers that it would be changing soon, and that they should check every two hours for updates. However, we can't control whether or not individual ISPs respect that request. Most of the time, the answer to this problem is simply to wait. There is nothing that we or you can do to speed up the process, other than what we have already done as described above. If you run certain older versions of Windows (we unfortunately do not have a specific version list), there may be a need to reboot your computer to ensure that it sees the new information. If you are in doubt, and you run one of the "consumer" Windows versions (Windows 95, 98, or Me), try shutting down and rebooting. |
| Q: | I got a bounced email after you moved to the new server. Does this mean the problem is not fixed? |
| A: | No. The same factor that causes the DNS problem described in the previous question (see above) can also cause some email servers to fail to find our new server. Again, the only solution is just to wait until the new DNS information propagates outward from our server to the rest of the Internet. |
| Q: | I've been through all the above, and I still can't get connected! How can I get help? |
| A: | Use the "KWM Feedback" form on the Known World Mail site. Please let us know how urgent your problem is, or if it can wait, as we are very busy during this transition period. In fact, it would be very helpful if you could wait a day or two for non-urgent requests, so that we can give priority to urgent problems. By waiting, you may find that others have already reported the same problem and we have fixed it, saving you the trouble of reporting it. We trust the populace to use good judgment in whether a problem is urgent. |
| Q: | I've forgotten my password! Help! |
| A: | We can reset your password for you. Please follow the preceding instructions to request help, using your own judgment on when to do so based on how urgent your need is. |
| SPAM AND VIRUS FILTERING | |
| Q: | Does the new server have spam filtering like the old one? |
| A: | Yes, it does. In fact, we've upgraded to a new version of the SpamAssassin software. It isn't fully tuned yet; we hope to improve its performance over time. Filtering spam is an iterative process. You will soon have the option of personalizing your spam filtering settings as well. |
| Q: | I don't see any ***SPAM*** flag in the subject line. How do I filter spam in my email software? |
| A: | We will soon be adding the spam tag into the subject line of suspected
spam messages. In the meantime, you can already filter on the internal
headers that are part of each message but are only visible if you ask your
email software to show you the "source" text. A typical message header
looks something like this:
X-Spam-Score: 3.0 (+++)
X-Spam-Score-Int: 30
X-Spam-Report: SpamAssassin report. See the header X-Spam-Settings-User
to find out the account from report which user-specific preferences
(if applicable) were obtained.
Content analysis details: (3.0 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.1 HTML_90_100 BODY: Message is 90% to 100% HTML
-2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
[score: 0.0000]
0.0 HTML_MESSAGE BODY: HTML included in message
3.2 NO_DNS_FOR_FROM DNS: Envelope sender has no MX or A DNS records
2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address
[68.206.188.130 listed in dnsbl.sorbs.net]
0.2 DNS_FROM_AHBL_RHSBL RBL: From: sender listed in dnsbl.ahbl.org
X-Spam-Level: +++
X-Spam-Settings-User: youraccount@yourdomain.sca.org
X-Spam-Flag: YES
The header you should check is the X-Spam-Score-Int header. That represents
an integer value from negative infinity to positive infinity indicating the
"spaminess" of the message. Negative values indicate mail from an impeccable
source such as messages sent from our own webmail, where we can vouch for the
authenticity of the person sending the message because we checked their password
at login. X-Spam-Score-Int is equal to ten times X-Spam-Score; the latter has
one decimal digit (e.g., Not all of the headers are present on every message. For suspected spam messages, the long X-Spam-Report is added to tell you why SpamAssassin thought the message might be spam. For messages that are clearly not spam, this report is omitted to save space. The header X-Spam-Settings-User is most often set to your own email address. This indicates whose preferences were used in determining the spam filtering options. For a few messages, it is not possible to use your personalized settings and the system will have to revert to its system-wide settings. This header will tell you when that has happened, so check it if you think your personal settings aren't working right. For messages above a certain threshold, the likelihood that they are spam becomes vanishingly small, and it is a significant resource drain on the server to scan them. In those few messages, you will see this header instead of the spam scores:
X-Spam-Skipped: Message not spam scanned (too large) Again, remember that these are headers that are not shown in most email software unless you ask to see them. |
| Q: | Does sca.org scan for viruses? |
| A: | Yes. Our virus scanner updates itself multiple times per day. There is no guarantee a virus can't slip through, but we do make a reasonable effort to prevent that. You should still run antivirus software on your computer. |
| EMAIL LISTS AT SCA.ORG | |
| Q: | I read that you are moving the lists. What does this mean to me? |
| A: | All of the sca.org email lists are now in their own subdomain, called lists.sca.org. The short answer is that right now you don't have to do anything different. Many of the lists (such as "Announcements") only send out official information and aren't used for discussions. You'll notice a new address (e.g., "announcements@lists.sca.org") on the mail you receive, and if you have your email software set up to automatically file SCA messages into a folder, you may need to tweak that filter. If you actually are subscribed to a discussion list at sca.org, you will eventually need to change your addressbook so that you send to (list name)@lists.sca.org instead of (list)@sca.org. |
| Q: | How long do I have to make the change? |
| A: | We currently are forwarding email from the old address to the new address automatically. After a week or two, we will continue to forward but you will receive a gentle reminder each time you send to the old address. Eventually, we will send the reminder only and will not forward the message. You're encouraged to make the change in your addressbook now, but you have some time if you're too busy today. |
| "WHAT AND WHY" OF THE UPGRADE | |
| Q: | Who exactly are the "we" mentioned in this FAQ? |
| A: | The SCA's information systems are maintained by a team of volunteers led by the Chief Technical Officer, Scott Courtney, who reports to the Society Seneschal, George Reed, and through him to the Board of Directors. We are a small team with varying skills, and each person makes an unique contribution. A limited amount of specific work, such as some of the software development, is done by outside paid contractors. But the core team are active SCA volunteers, as are the Seneschal and the members of the Board. |
| Q: | What's been going on with the old server? I keep getting bounce messages! |
| A: | The old server was due for replacement next month, and we were already working on building the new one. Unfortunately, some major technical problems on the old server caused its condition to deteriorate very rapidly. We spent hours trying to fix the old server, but realized that fairly quickly that the only viable strategy was to accelerate the migration to the new server. The old server, in the meantime, is actually still working, but its problems cause its performance to be extremely poor. Somtimes inbound email bounces because the originating server gets tired of waiting. The new server is much faster. |
| Q: | What are you doing to ensure that this never happens again? |
| A: | Right now, we are simply concerned with getting the new server up and running. However, as soon as that is done, we will immediately begin work on a secondary mail and DNS server that will take over as a "holding" server for inbound mail in the event of a failure of the primary. The Board had already approved funding for this before the current problem, but only recently, and the plan hadn't yet been implemented. As mentioned above, we were already working on moving to the new primary server, and the backup server was scheduled to be done right after the primary. ONce we have the backup server online, if the primary is offline you won't be able to receive mail, but the messages will continue to accumulate on the backup server and will be delivered when the primary is restored. |
| Q: | Why didn't someone create a backup server before? |
| A: | Leased servers at secure data centers are expensive. In the early days of the SCA's Internet presence, the server wasn't as critical a part of our organization as it is today. Like many growing organizations, we are continually adapting to an Internet that has grown rapidly. The backup server is part of a long-term plan that began last summer, rather than simply a reaction to the current problem. |
| USING ENCRYPTION ON THE NEW SERVER | |
| Q: | Did you change my username or password? |
| A: | No. Your username is your full email address, including the domain name (e.g., lady_whooziz@archer.sca.org). The login will not work if you only put the local part (e.g., lady_whooziz) without the domain. Your password has not changed. |
| Q: | I see a message about "the authenticity of the certificate for this server can't be validated", and it asks me if I should accept the certificate anyway. Is this a security problem? |
| A: | Not in this situation. The certificate is "signed" by an international authentication service and is specifically registered to the domain "secure.sca.org". At the moment, that URL (which also handles our online membership system and the online Stock Clerk catalog) is not yet moved to the new server. So we are using a temporary URL for the webmail for now, and will merge it back in when we move the rest of the web services over. In the meantime, the certificate is perfectly fine, but it is being used on a server that wasn't the one for which it was originally issued. You may tell your browser to accept this certificate, because in this case it is only being used for encryption of your email password and not for financial transactions. |
| Q: | If the above is true, why didn't you get another certificate for the other URL? |
| A: | Quite simply, they are rather expensive and we only need it for a short time. We're trying to spend your membership dollars wisely. |
| Q: | If I use encryption to connect to your server, will that keep people from snooping my email? |
| A: | No, the encryption only happens between your home computer and our email server. It doesn't affect the transmission of messages to servers not controlled by the SCA, Inc. TLS protects your password during login to our server, especially if you are using a public Wi-Fi network access point in a hotel or other public place. To encrypt your email, use a quality encryption system such as GNU Privacy Guard (GPG) or equivalent commercial products. |
| DETAILS OF INTEREST TO TECHIES | |
| Q: | Where exactly is the SCA's server? |
| A: | We lease our servers from a hosting company; both the old one and the new one are located in the central United States at a secure data center with high-speed, reliable Internet backbone connectivity. |
| Q: | What software do you use? |
| A: | Most of our web and email software is Open Source free software. For security reasons, we don't widely publish the names of some of the software, but if you are really curious, we'll answer questions sent by email to cto@sca.org. |
| Q: | I'm a technical professional, and I'd like to help. Are you looking for volunteers? |
| A: | Of course, just like the rest of the SCA! Because of the nature of this job, we can only accept a limited number of people, and the qualifications are pretty specific. Please send an SCA and modern resumé to cto@sca.org if you are interested in volunteering. |
In service to the SCA,
Scott Courtney
Chief Technical Officer, SCA Inc
(Maistor Iustinos Tekton called Justin)
|
SCA Home Page
Membership - Resources - Society Officers - Documents & Publications Kingdoms & Groups - Activities - SCA Events |
Maintained by the SCA Webfolk
Copyright © 1995 - 2008 Society
for Creative Anachronism, Inc. The copyright of certain portions of www.sca.org are retained by the original contributors.