August 2008 Monthly Activitiy Report
1) Worked on an assortment of odd, challenging, and familiar helpdesk tickets.
2) After upgrading Proofpoint vanderbilt_production cluster from version 4.0.7.67 to 5.0.3.103, there were several issues that had to be resolved. a) Custom Sendmail configuration had to be reinstalled. b) Maillog rotation had to be reconfigured. Note maillog rotation occurs by size instead of date as proetection against DOS attacks. Had to recalculate how many rotations could be retained based on average disk space consumed by log files in order to retain approximately 30 days of logs. c) Several issues had arisen with the databases. They include corruption in the log db that was repaired, tuning the database for better response, adjusting the expiration and optimization cron jobs so the databases do not grow too large, and purging old replication logs that had consumed more that 30 GB of disk space. d) Discover that Email Firewall rules based upon scanning message content became more expensive in the new version and were a source of frequent and numerous filterd restarts. Proofpoint advised making use of Policy Routes in rules since they are less expensive with less impact when messages are scanned.
3) Discovered issue where Webroot Spyware could cause issues sending email from a Windows or Mac clients. Issue was resolved by disabling the email firewall in Webroot Spyware. Communicated solution to Partner Support.
4) Several errors were being reported in the inbound SMTP server logs related to TLS. Resolved by configuring TLS for various domains/hosts. The errors do not prevent email delivery. The errors simply communicate that a server is offering TLS but the client has not been configured to require it. The reason the client does not require it is no one has requested that it be configured for the domains/hosts.
5) Project for mailing list replacement. Frank Kyle and I continued to meet regarding loader development. Frank was able to successfully create and delete lists, add and delete subscribers from the lists. All current loader functionality was tested successfully. Kate per Zafar and Cindy has requested loaders to be altered so that specific types of list e.g. moderated, unmoderated, announce-only can be provisioned automatically. Frank is determining work effort and time frame required for these changes. Working with Troy we resolved issue with notebooks not working. Continue to work seeveral tasks that need to be completed before going production. Continue to lead role with developing standards, security model, configuration and customization of server, and providing assistance with development and customization.
6) Project to implement smtp and e-mail authentication. Nothing new to report.
7) Worked in conjuction with ITS Security on several incidences e.g. scams, threats, compromised hosts, and SWEs, etc.
8) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter several threats. Investigated over 100 spam false negatives.
9) Perform daily management of mail queues on mailgates. Remove hundreds of undeliverable messages daily in order to keep queues “clean”. Review messaging reports daily in order to spot trends, abuse, etc. and took appropriate action to deter threats.
10) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
July 2008 Monthly Activitiy Report
1) Worked on an assortment of odd, challenging, and familiar helpdesk tickets.
2) Upgrade of vanderbilt_production VUMailguard cluster was completed on July 9-10. It took approximately 22 hours due to various issues. After the upgrade an assortment of issues impacting performance continued over the next two weeks. Several bugs and configuration issues were discovered over the first week. Several patches were deployed to fix the bugs and configuration issues were resolved. Performance continued in a degraded state. A key issue impacting performance was discovered the second week after the upgrade. The vendor had changed how international characters are handled in rules in the new version. After disabling three rules that scanned message bodies for specific character strings, performance improved considerably and continues to operate at a much improved level. Additional patches are scheduled to be deployed on July 30 to address additional bugs and to assure the cluster is at a patch level equivalent to the next version. Note two calls remain open with the vendor regarding an issue where NTP is not working on VMs and slow queries for some reports due to database issues.
3) Certificates were renewed on all SMTP and IMAP servers totally 12 servers. Server roles were reviewed in order to access the need for a wildcard certificate. Thousands of dollars were saved by determining that six servers no longer required wildcard certificates.
4) Newlightimaging.com - Provided list of tasks and key personnel required to route email for this domain through the VU messaging system. Currently no time table has been set to complete this project due to contractual obligations with newlightimaging.com and their service provider.
5) Project for mailing list replacement. Frank Kyle and I have been meeting regularly in order to determine the best strategy for implementing provisioning. I’ve provided documentation on the current loader code and guidance on how to adapt the current loaders for LISTSERV. Guy and I are attending courses on LISTSERV management. Fully licensed software has been ordered and is ready to be installed.
6) Project to implement smtp and e-mail authentication. Nothing new to report.
7) Worked in conjuction with ITS Security on several incidences e.g. scams, threats, compromised hosts, etc.
8) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter several threats. Investigated over 150 spam false negatives.
9) Perform daily management of mail queues on mailgates. Remove hundreds of undeliverable messages daily in order to keep queues “clean”. Review messaging reports daily in order to spot trends, abuse, etc. and took appropriate action to deter threats.
10) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
June 2008 Monthly Activitiy Report
1) Worked on an assortment of odd, challenging, and familiar helpdesk tickets.
2) Lifecycle replacement of mailgate01 was completed. Upgrade scheduled for June 18th was rescheduled due upgrade preparation issue. Worked with vendor in order to resolve issue. Upgrade has been rescheduled for July 9th.
3) User reported issue with VUWebmail related to QuickSave 2.3 plugin. Determine that bug existed that is resolved by installing QuickSave 2.4 or better. Relayed information to Peter who assigned task of upgrading QuickSave plugin to Troy.
4) Newlightimaging.com - Have worked with VUMC NCS in regards to messaging routing for the newlightimaging.com domain. Attended several meetings and exchanged several emails in order to perform fact gathering. Once it was determined that concerned parties at VUMC wished to route email for the domain permanently, contacted required parties in ITS in order to assure tasks required for message routing are completed.
5) Project for mailing list replacement. Meetings continue to determine what functionality will be implemented, migration strategy, loader development, test methodology, etc.
6) Project to implement smtp and e-mail authentication. Nothing new to report.
7) Worked in conjuction with ITS Security on several incidences e.g. scams, threats, compromised hosts, etc.
8) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter several threats. Investigated over 150 spam false negatives.
9) Perform daily management of mail queues on mailgates. Remove hundreds of undeliverable messages daily in order to keep queues “clean”. Review messaging reports daily in order to spot trends, abuse, etc. and took appropriate action to deter threats.
10) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
May 2008 Monthly Activitiy Report
1) Worked on an assortment of odd, challenging, and familiar helpdesk tickets.
2) Lifecycle replacement of mailgate02 and mailgate03 with new hardware was completed.
3) Lifecycle replacement of mailgate01. Former mailgate03 has been prepared for testing of the process to migrate the PPS master. Testing of process has been tentatively scheduled for June 2nd or 3rd timeframe.
4) Google Apps Mail project begins pilot phase in June 08.
5) Project for mailing list replacement. Continue to test LISTSERV eval. Was able to resolve issues with masqerading, message delivery, and logging. Continue testing to verify functionality, document differences between systems, and familarize myself with the product.
6) Project to implement smtp and e-mail authentication. Nothing new to report.
7) Worked in conjuction with ITS Security on several incidences e.g. scams, threats, compromised hosts, etc.
8) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter threat. Investigated and reported over 75 spam false negatives.
9) Perform daily management of mail queues on mailgates. Remove hundreds of undeliverable messages daily in order to keep queues “clean”. Review messaging reports daily in order to spot trends, abuse, etc.
10) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
April 2008 Monthly Activitiy Report
1) Filter daemon issues have improved considerably after working with PPS. Patches were deployed, PDR was enabled, some rules were cleaned up but the biggest impact was changing the maxsize rule to limit various properties of message attachments.
2) Since deploying PDR, message volumes and spam volumes have decreased although vendors continue to report increased spam volumes. Virus volumes continue upward trends due to several new virus outbreaks that continued beyond 1Q08.
3) Another attempted PPS upgrade of the production cluster failed once again. Continue to work with PPS in order to resolve issues. A new upgrade strategy has been adopted and folded into the project for life cycle replacement of mailgates. 4) Google Apps Mail project is nearing pilot phase. Completed configuration for inbound and outbound email routing, gateways, and configuring SMTP over TLS. Executed suite of test messages in order to test message size limits, attachment limits, routing to/from test mail accounts to/from other VU mail systems and other domains, etc.
5) Resolved several issues reported directly by VUMC e.g. issue sending to med.wayne.edu, issue receiving messages from cardinal.com, issues sending messages to pfizer.com, etc.
6) Project for mailing list replacement. Nothing new to report.
7) Project to implement smtp and e-mail authentication. Nothing new to report.
8) Worked in conjuction with ITS Security on several incidences e.g. scams, threats, compromised hosts, etc. Created script to search all filter logs and return date, time, sender, recipient, and subject for any mesage sent/received from specific email address.
9) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter threat. Investigated and reported over 50 spam false negatives.
10) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
March 2008 Monthly Activitiy Report
1) Spam volume increased considerably during this month. Spent a good portion of time collecting and reporting spam false negatives, analyzing threats, and creating methods to block the threats.
2) Deployed PDR in an attempt to reduce increased spam volume. Early results look promising but it is too soon to tell.
3) Continue to work with PP in order to resolve several issues. 1. upgrade failure issues 2. excessive filter daemon restarts 3. issue scanning .cma attachments
4) Successfully upgraded vanderbilt_lab PPS cluster from version 4.0.7 to 5.0.3. Began testing some of the new features e.g. web based digest management and LDAP authentication.
5) Project to reduce disk space on IMAP servers. Previousy I reported I had created a script to identify Exchange users and obtain the amount of disk space used for each vunetid on the IMAP servers. I created a spreadsheet of the information broken down by IMAP server and vunetid, sent it to Jeff who sent it to Zafar. The next step is to create a script in order to archive messages for each vunetid if the mailbox has not been accessed recently.
6) Project for mailing list replacement. PM has pushed for a test plan but no requirements document exists so I am not sure what to test. There are numerous new features that do not exist in the current mailing list server and someone must decide what will and will not be required. Regardless, I’ve starting the process of testing various functionality. For example, began creating various types of lists and testing LIST COMMANDS in respect to the type of list.
7) Project to implement smtp and e-mail authentication. Nothing new to report.
8) Worked in conjuction with ITS Security on several incidences e.g. scams, threats, compromised hosts, etc.
9) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter threat. Investigated and reported over 200 spam false negatives.
10) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
February 2008 Monthly Activitiy Report
1) Worked numerous helpdesk tickets.
2) Discovered issue with one DNSBL. Our mail exchangers were blocked from using the DNSBL due to increased query volume. DNSBL acknowledged and has requested subscription to professional service. In the meantime, enabled other free use DNSBLs in order to reduce message volume from mailicious sources with positive results.
3) Project to reduce disk space on IMAP servers. Created script to identify Exchange users then obtain disk space used on IMAP servers for those users.
4) Project for mailing list replacement. No new information to report.
5) Project to implement smtp and e-mail authentication. Developed questionaire in order to obtain list of hosts using ITS mail relay hosts for future use for smtp and e-mail authentication.
6) Worked in conjuction with several external entities in order to resolve e-mail issues e.g. resolved issue w/ former VU doctor who could not send messages through his ISP to vanderbilt.edu.
7) Resolved issue w/ VUMailgaurd vanderbilt_production clsuter not receiving latest upgrade. The master does not have enough disk space for the upgrade. Will work w/ vendor in order to remove logs in order to free disk space prior to upgrading the cluster on 3/5/2008.
8) Worked in conjuction with ITS Security on several incidences e.g. scams, threats, compromised hosts, etc.
9) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter threat. Investigated and reported over 200 spam false negatives.
10) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
January 2008 Monthly Activitiy Report
1) Worked numerous helpdesk tickets.
2) Worked in conjuction with vender to identify issue with VUMailguard Digest Command Processor where process was shutting down due to erroneous handling of alert signal. Patch 487 was deployed to resolve this issue. Issue has not been repeated since patch was deployed.
3) Completed project to move vanderbilt_production and vanderbilt_lab clusters behind CSM.
4) Project for mailing list replacement. Obtained new License Activation Key (LAK) in order to extend evaluaton of LISTSERV 15.5 through June 2008.
5) Project to implement smtp and e-mail authentication. Project was recently approved by Governance. Instrumental in creating materials presented to Governance.
6) Worked in conjuction with several external entities in order to resolve e-mail issues e.g. helped Austin Peay State University determine that their outbound mail hosts were having DNS caching issues.
7) Worked in conjuction with vendor in order to upgrade VUMailguard to most recent version. Will offer users the ability to manage digest from single URL w/ SSO.
8) Worked in conjuction with ITS Security on several incidences e.g. scams, threats, compromised hosts, etc.
9) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter threat. Investigated and reported over 50 spam false negatives.
10) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
December 2007 Monthly Activitiy Report
1) Worked numerous helpdesk tickets.
2) Worked in conjuction with vendoer to identify issue with VUMailguard Digest Command Processor where process was shutting down due to erroneous handling of alert signal. Patch 487 has been made available to resolve this issue.
3) Worked with project team to develop and test migration methodologies for the Project for load balancing mail exchangers. Successfully tested Plan A including joining a VM to a cluster, removing an agent from the cluster then adding it once it had been moved from private to public networks. Create documentation outlining migration strategy and perform walkthrough including documenting workarounds should something not work as expected e.g. provision to directly edit /etc/hosts file.
4) Project for mailing list replacement. Upgraded eval listserv with newly released revision of software which provides LDAP atuhenticiation a much desire feature. Passed security scan and system is ready for further testing and evaluation. Will continue to evaluate system while Idev resource becomes available to develop loaders and VSA tools.
5) Project to implement smtp and e-mail authenticaiton continues to make progress. Team members are getting closer to understanding the complexity of standards required to implement any startegy regarding SMTP and E-mail Authentication, its impact to Vanderbilt University, and the problems that an implementation will address.
6) Worked with ITS Security on several incidences e.g. scams, threats, compromised hosts, etc.
7) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter threat. Investigated and reported over 50 spam false negatives.
8) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
November 2007 Monthly Activitiy Report
1) Worked numerous helpdesk tickets.
2) VUMailguard SPF module bugs have finally been resolved. Worked with vendor in order to identify bugs and provide supporting evidence. Tested patches and verified operation.
3) Project for load balancing mail exchangers has seen some progress. Migration strategy is currently being tested but had a set back when dev agent could not be rejoined to dev cluster after being moved to public network. Workaround is being attempted and will be tested next week. VMDK has been obtained and is being readied for testing in dev cluster. Testing should begin next week.
4) Project for mailing list replacement is moving forward. Eval server has been installed, configured, and ready for security scan. Upon completion of successful security scan, more testing will be able to be completed. Determined method to rotate logs w/o requirement to restart list process and tested successfully.
5) Project to implement smtp and e-mail authenticaiton is starting to see progress. Team members are finally on same page. Goal is to produce recommendation for increased e-mail security using smtp and e-mail authentication and also address issues related to roaming users and securing relays.
6) Managed abuse@v.e and postmaster@v.e. mailboxes. Monitored abuse@v.e. and vumailguard-review@v.e. for daily reports of spam false negatives. Created or edited Proofpoint rules in order to deter threat. Investigated and reported over 75 spam false negatives.
7) Created monthly Email metrics report for dashboard. See \\vuspacegroups\ITS\common\dashboard\New Dashboard\Application Hosting.
