Home | Sitemap | deutsch  | Legals | Data Protection | KIT

sprungmarken_marker_13005

Email servers at KIT

There are two official mail servers (SMTP) at the KIT for sending e-mails:

smtp.kit.edu and smarthost.kit.edu

 

smtp.kit.edu

User with the usual end devices (desktop, laptop, mobile phone) should usually use smtp.kit.edu;
our Autoconfig mechanisms also configure only smtp.kit.edu.

For detailed usage instructions, see Using the KIT Mailbox.

 

smarthost.kit.edu

smarthost.kit.edu is for the rest such as servers, multifunction office devices, applicances / blackboxes as well as components such as RAID controllers. These devices are often characterized by highly restricted configuration possibilities.

smarthost.kit.edu  is therefore accessible from the KIT network without restriction and registration on port 25. STARTTLS is optionally supported.

Please make sure that the sender's address and (if possible) the recipient's address can receive e-mail. Otherwise undeliverable messages will be deleted.

Note for users of external mailserver: Port 25 is blocked from the KIT network to the outside to prevent the recurring mail from the SPAM to the outside. Quasi all operators of SMTP servers additionally offer Message Submission (Port 587 with STARTTLS) or SMTPS (Port 465 with TLS).

 

If you have any questions, please do not hesitate to contact mailhost-team∂scc.kit.edu.

Rate Limiting on the central Mail Servers of the KIT

Motivation

Compromised KIT accounts are regularly misused for mass sending of SPAM or phishing emails. In these cases, the mail servers of the SCC are temporally flagged on so-called blacklists as known senders of SPAM. External mail providers that are using these blacklists to help to determine SPAM emails will then decline to accept emails that have been sent from the flagged KIT mail servers. Some examples in the past for such external mail providers have been Yahoo, Gmail, and Hotmail.

 

Implementierte Countermeasures

To alleviate this problem, rate limiting has been activated on the outgoing mail servers of the KIT. The rate limiting ensures that a sender can only send a certain amount of emails in a given time slot. If this threshold is exceeded, the outgoing mail servers will still accept the remaining emails from the sender, but they will be handled with a certain delay.

Until the end of 2015 the rate limit was around 100 mails per 15 minutes. This limit had to be adjusted to react to an increasing number of necessary exceptions. Since the end of 2015, the limit for each sender has been increased to 3000 mails per 5 minutes. To compensate the increased limit, the number of bounces generated by non-deliverable emails are now closely monitored.

With these limits the SCC is able to detect and block SPAM waves originating from compromised KIT accounts. This prevents that the outgoing mail servers of the KIT get listed on blacklists, which increases the availability and functionality of the mail service of the KIT.

The mail servers are closely monitored to adjust the rate limits if necessary or to determine if a sender should be added to the whitelist of the SCC for mass email sender. Further information is available from the mail-host team mailhost-team∂scc.kit.edu.

Office files with macros

To be able to send Office files with macros or macro-like content to mail addresses in KIT, these files must be e.g. packed into a password-protected archive .