Email Management

Changing Your Password

Change your IMAP password ( CSAIL Login required)

Vacation Auto-responder Instructions

  1. Log into webmail.csail.mit.edu using your CSAIL username and IMAP (email) password
  2. Click the drop-down menu at top center labelled “Mail”.
  3. Click “Filters”.
  4. Click “Vacation” to edit the vacation rule.
    • “Subject of vacation message”: If blank, your response will have Subject: Re: [sender's original subject]. If filled in, your response will have Subject: [exact text you fill in].
    • “Reason” will be the entire message body sent out (original sender’s message will not be included at bottom)
    • Autoresponses will start and stop automatically according to “Start/End of vacation” only if the overall Vacation Rule is enabled.
  5. Click “Save and Enable”
  6. Click “Log out” in top right, if desired.

Spam Filtering

CSAIL provides spam filtering using SpamAssassin, a powerful free software solution. It works automatically on the mail server. You can change the settings so that it works better for you.

See also:

Email Forwarding

You have a choice of reading @csail.mit.edu email in a number of locations and formats. Many people choose to read email directly from the CSAIL IMAP server. Creating a CSAIL IMAP account will automatically revert any custom forwarding options specified using the below instructions.

Please note that the conventional UNIX means of forwarding email, placing a .forward file in your home directory, does not work at CSAIL.

To forward your email to an arbitrary address:

Visit WebINQUIR ( CSAIL Login required). Choose the “view and edit your personal information” link, then edit the field called “email forwarding”. Note that it may take up to one hour for the change to take effect. Also, be careful to make sure that your mail forwarding doesn’t loop – for example, sending you@csail.mit.edu to you@mit.edu when Athena forwarding sends it back to you@csail.mit.edu will result in lost mail.

To forward a copy of your email to an arbitrary address while maintaining standard delivery to your CSAIL IMAP mailbox:

Log into the CSAIL webmail. Next, click the “filters” icon along the top row. The icons will change; next click the “forward” icon. Check the “keep a copy” checkbox, then supply your secondary address and save.

Note 1: When using this configuration, please don’t let tons of mail pile up in your CSAIL IMAP mailbox.

Note 2: Mail from addresses on your whitelist will not be forwarded. We suggest you disable your webmail whitelist.

Note 3: Due to a bug in the webmail software, some users see an incorrect message that login was unsuccessful even after a successful login. If you see the webmail navigational sidebar on the left (with “Horde” and “Dynamic Mail” links) you can click on “Mail” or “Dynamic Mail” and ignore the message.

Phishing

Phishing messages are spammers’ attempts to obtain your username and password, either for direct financial gain or so that they can use your email account to send spam. As always, TIG is working to make sure these people can’t get such requests through to us, but it’s hard to predict what their next message will look like.

Virus filtering

The Clam anti-virus package checks all incoming email for viruses. Note that email virus scanning does not replace having up to date virus scanners on your own machine, but it should help cut down on the problems.

Encrypted (and/or signed) mail with PGP/GnuPG

Encryption can be used with mail in two ways: To encrypt a message so that only the recipient (or recipients) can read it, and it’s safe from snooping in transit (e.g., when it’s being stored on various mail servers on its way to its destination, or if a network connection between the sender and the recipient is being tapped), or to add a cryptographic signature to a message to prove that it was actually sent by the person it claims to be from. The only really common and widely supported mechanism for this is called PGP, originally the name of a commercial product called “Pretty Good Privacy”, but now often used in a generic sense for the encryption standard. The most common implementation of this standard is GnuPG, which is Free Software, and generally interoperable with commercial implementations. (Technically, PGP is the commercial software, GnuPG, a/k/a GPG, is the competing but interoperable Free Software package, and OpenPGP is the standard they and other interoperable pieces of software implement.)

The PGP/GnuPG standard relies on public-key cryptography, and identifies you by a secret key, which as the name suggests should be kept private, and a public key which you can share with others. These can be used for encryption, authentication (or “non-repudiability”), or both.

Using encryption with Thunderbird

Thunderbird, the most commonly used IMAP email client at CSAIL, supports PGP-style encryption through the “Enigmail” add-on. In Thunderbird, you can install add-ons (such as Enigmail) by choosing Tools Add-ons and using the search box in the upper-right. (You can also browse add-ons by selecting the “Get Add-ons” tab, but that’s a pretty hard way to search for a specific one.) Once you’ve installed “Enigmail” and restarted Thunderbird, you’ll have a new “Enigmail” menu, and you can get yourself set up to use encryption with the “Setup wizard” you’ll find on that menu. (If you already have a keypair, you can import it so Thunderbird can use it; otherwise you can create a new one.)

Using encryption with CSAIL’s webmail

CSAIL uses the Horde project’s software suite for our webmail interface (at https://webmail.csail.mit.edu). Horde’s mail component supports PGP-style encryption, so you can send or receive encrypted mail, sign your messages to prove they come from you, and verify the signatures on other people’s messages (assuming you have their public keys available).

To set up encryption, log into Horde and then from the white gear menu (next to “Others ▼”), choose “Preferences” “Mail”. Then on the “Preferences for Mail” page you get, at the bottom of the left-hand column, select “PGP” to “Configure PGP encryption support”. You can turn on “Enable PGP functionality?” (paying attention to the note that you need to configure your browser to allow pop-up windows from webmail.csail.mit.edu in order for that to work), and set the other options as you like.

In order to sign mail, or receive mail encrypted for you, you’ll need a keypair. You can have the webmail system itself create one with the “Create Keys” button, or you can import an existing key (as displayed with the command gpg -a --export-secret-keys your@email.address) with the “Import Key” button (which will pop up a new window, so you need your browser configured appropriately).

Sharing your IMAP folders with others

If you have a folder of messages you’d like to share with others:

  1. Log into CSAIL webmail
  2. Click the preferences cog Preferences Mail
  3. Choose Share Mailboxes
  4. In the bottom left, click the drop-down folder list (which starts out as “INBOX”) and select the folder you want to share
  5. The permission listed will be for the current mailbox selected. In the blank box underneath your own name, enter the CSAIL username of the person you want to share with and select a template for access from the dropdown next to it (e.g., “Read”, “All”, etc.) to set the permissions.
  6. Click “Save”
  7. Repeat as desired for additional users and/or folders.

Viewing folders shared with you

If you have shared IMAP folders you would like to view, they are generally not available by default in most email clients. *For Thunderbird:*The instructions below are for Thunderbird (MacOS and Windows.) Other email client configurations are not dissimilar.

  1. Click File Subscribe
  2. In your folder list, expand the “shared” folder, select the appropriate folder, and click Subscribe.
  3. Repeat until all desired folders have check marks next to them, then click OK
  4. The shared folder(s) will now be available for viewing messages at the bottom of your folder list

References