1 Sympa, un gestor de listas de distribución para las universidades PONENCIAS Sympa, a mailing list software for universities S. Aumont y O. Salaün Resumen Este artículo describe las funcionalidades de Sympa, un gestor de listas de correo desarrollado por el CRU, una agencia que presta servicios a las instituciones académicas francesas. La descripción de Sympa se concentra esencialmente en las necesidades específicas del entorno universitario y en cómo Sympa puede satisfacerlas. Muchas de estas necesidades requieren una buena interacción con el middleware instalado en los sistemas de la universidad, como directorios LDAP, portales Web y sistemas de single sign-on. Sympa es capaz de interaccionar con estos servicios a diferentes niveles: autenticación y autorización de usuarios, definición dinámica de listas, definición de grupos e integración de servicios Palabras clave: Lista de correo, groupware, colaboración, integración, middleware, LDAP, Single Sign-On, Shibboleth, PAPI, S/MIME, SOAP. Summary The article describes functionalities of Sympa, a mailing list software, developed by the CRU, an agency working for French higher education institutions. The description of Sympa highly focuses on universities specific needs and how the mailing list software fulfils them. Most of these needs require interaction with a university middleware; this includes the LDAP directory, a web portal, Single Sign-On systems. Sympa interacts with these services at different levels : user authentication and authorization, mailing lists definition, groups definition, service integration. Keywords: Mailing list, groupware, middleware integration, LDAP, Single Sign-On, Shibboleth, PAPI, S/MIME, SOAP. Sympa es un gestor de listas de correo desarrollado por el CRU, una agencia que presta servicios a las instituciones académicas francesas 1.- Introduction Mailing lists belong to the family of underlying Internet services that did not evolve much since the beginning of Internet services. Most popular mailing list software concentrate on basic features (subscribe, unsubscribe, distribute messages, digest delivery mode) and did not follow new user needs for better integrated groupware like Yahoo! Groups did. Nowadays, mailing list users request for a powerful web interface as a universal portal to the mailing list service. Because universities concentrate on building coherent information systems and middleware services, they expect mailing list services to integrate well within this rich framework. Sympa is an outcome of the CRU investments to provide a mailing list software that would meet the needs of French universities. Sympa has evolved to become an international open source project, now adopted by more than 5,000 sites worldwide, with a very active user community, especially among higher education institutions. Universities have shown that, using Sympa, they can build a professional mailing list service that copes well with their large student populations. Sympa is designed in order to delegate responsibilities, thereby providing better control for administrators and lower the administration tasks. Efforts have been done to fulfil security needs regarding user authentication and authorization through connectors with common Single Sign-On systems and integration of cryptographic technologies. Universities have shown that, using Sympa, they can build a professional mailing list service that copes well with their large student populations Integration between the mailing list service and the institutions information systems goes from the middleware layers up to the user interface. Dynamic mailing lists allow building mailing lists mapped with the groups defined in the LDAP directory. The mailing list web interface can be customized
2 through a set of templates. Mailing list features can be integrated within the institution s web portal thanks to a Sympa SOAP server. Sympa provides standard mailing list features with advanced MIME support, along with other webbased services for end users. The web interface is built as a central service for list members, list owners and listmasters. Users can browse the list archive, share documents with other list members, subscribe to list RSS feeds; list owners can create and configure their mailing lists; listmasters can activate new lists and manage virtual hosts. We will first describe the most original features that Sympa provides. Then we will concentrate on the way to integrate a mailing list service within your organization. Eventually we ll browse the possibilities that Sympa offers for high demanding services. Sympa provides standard mailing list features with advanced MIME support, along with other web-based services for end users 2.- End user services User interfaces One of the main characteristics of Sympa is to offer 3 integrated interfaces ( , web and SOAP). Most functionalities are provided through both and web interface; the later being more adapted to advanced groupware needs, it includes additional services such as a message web archive, list creation and configuration, shared documents and RSS feeds. Authentication methods are therefore adapted to each user interface: challenge passwords and S/MIME for the mail interface, user/password or Single Sign-On on the web interface. The SOAP interface currently provides a limited set of features with adapted authentication mechanisms (standard user/password, CAS proxy authentication or trusted applications) The shared document repository While basic mailing list software require sysadmin privileges to perform list administration tasks, Sympa gives a complete autonomy to list owners through the web interface Let s go beyond describing traditional mailing list features to focus on the original document sharing functionality. List owners can open a shared document repository through the web interface. This lightweight file sharing tool is very useful to working group types of mailing lists that do not have other places to gather documents of interest for the group. The main benefit users get from mixing mailing list and document sharing is to enforce access control to sections of the document repository for list members. For example, given a set of documents, teachers can grant read access to their students, whereas themselves will have editing privileges on those documents List administration through the web interface While basic mailing list software require sysadmin privileges to perform list administration tasks, Sympa gives a complete autonomy to list owners through the web interface, thus decreasing the burden of the listmaster. The web administration panel allows list owners to manage list members, define privileges for user functionalities (subscription, message submission, member review, archive browsing, document editing ), customize service messages, add new list owners, etc. All of these administration possibilities can be restricted or extended by the listmaster himself, to keep control over the mailing list service at a global level. Boletín de RedIRIS, núm , diciembre 2006-enero 2007
3 PONENCIAS 3.- Integration with your information system LDAP-based mailing lists Connecting the mailing list server and your LDAP directory is probably the most interesting aspect for universities. User profiles and user groups are defined in the LDAP directory and a mailing list server also aims at defining groups for messaging purpose. Sympa allows defining mailing list members through an LDAP filter, thus ensuring that these mailing lists map the exact same group of users. For example, you could build such a dynamic mailing list that gathers all students studying mathematics, their teachers being defined as list moderators. These inclusions of LDAP groups, once defined, are automatically updated by the Sympa server; multiple data sources can be mixed for a single list, including SQL queries, flat files, other mailing lists, etc List families Although dynamic lists of members save list owners maintaining lists up to date manually, useful mailing lists still need to be created, named appropriately and configured. Sympa offers an interesting mechanism to create a set of lists automatically, using a common template that is instantiated ( list families in Sympa terminology). Data used for the instantiation are expected to be an XML format file, typically collected from the LDAP directory structure or any other data source. Mailing lists belonging to a family keep a relationship with the family definition, which allows to update those lists when templates or the set of data evolve. The update process will respect list owner s customizations, as long as it respects the new family rules. Let s give some common examples of list families: lists family for students in each course, list family for students of each faculty, list family for staff belonging to each service. Connecting the mailing list server and your LDAP directory is probably the most interesting aspect for universities The Sympa SOAP server When SOAP features where introduced in Sympa, they first aimed at allowing university web portals to include information about user list membership. Using web services would provide a safer and secured way to access information from the mailing list server. The SOAP server was later extended to use Sympa authentication backends from within other services. Latest SOAP features allow to trigger list creation and other list administration tasks; these were introduced to help integrating Drupal CMS and Sympa. The SOAP interface is currently used to connect Sympa with DokuWiki, Uportal, Drupal and a few other web applications. 4.- A professional software solution Scalability Scalability is an important concern in higher education software environments, as they have a large student population to cope with Scalability is an important concern in higher education software environments, as they have a large student population to cope with. Applied to the mailing list topic, this means a) mailing lists with lots of members and b) lots of mailing lists mapped with the complex course organization. To meet these needs, Sympa delegates data storage to a relational database; supported backends are MySQL, PostgreSQL, SQLite, Oracle and Sybase. LDAP-based and list families functionality also help maintaining a coherent mailing list service in spite of such large volumes. Universities that do not
4 have a flat organization will draw part of the Sympa virtual hosting feature that allows to run a cluster of mailing list services on a single server Light administration Sympa is designed in order to delegate responsibilities at each role level: listmaster, list owner, list moderator. Listmasters are in charge of activating mailing lists and they can define their default behavior. List owners are managing list members (subscription moderation, removal, user assistance) and may configure the list parameters, whereas list moderators are responsible for the contents (mail moderation, mail archive management). This hierarchical organization makes it possible for a single listmaster to manage a large mailing list service. The usual problem for list owners being bounce (non delivery reports) management, Sympa does automatic bounce management (this includes collecting and analysis of bounces and removal of members that can not be contacted). Sympa is designed in order to delegate responsibilities at each role level: listmaster, list owner, list moderator Thanks to the internationalization effort carried out, Sympa has been adopted by foreign universities (United States, Australia, Canada, Germany, Italy, Spain ) as well as ISPs and large companies Security While most mailing lists do not require more than trusting the From SMTP header field for message submission, other mailing lists or other services require stronger authentication methods. The standard challenge/response mechanism can be configured on a per mailing list basis to authenticate mail submission or mail commands. Stronger authentication can also be based on S/MIME signature; encrypted S/MIME processing has also been implemented in Sympa. The web interface can also be secured when user identification is required (usability for anonymous users is still preserved). Web authentication backends include the most Sympa s native password management, along with LDAPbased authentication and Single Sign-On. Sympa can delegate user authentication to the most widely used Single Sign-On systems: CAS, Shibboleth, PAPI, Pubcookie, Feide. Beside authentication, authorization is a central piece of Sympa s architecture, thanks to the so-called authorization scenarios. An authorization scenario can be defined for each list, and for each function of the list; authorization will be enforced the same way whatever Sympa interface is used (mail, web, SOAP). A scenario is made of rules; each rule defines an applying condition, an authentication method and an action. Given its extensibility, this authorization mechanism allows listmasters to define original behaviors such as anti-spam filtering, customized behavior for local IPs, conditional moderation based on contents, privileges based on LDAP filters. 5.- Future of the project Because the project started within the French higher education community, Sympa is widely used among French universities, schools and other institutions (ministries of education, culture, finance, foreign affairs, defence). But thanks to the internationalization effort that has been carried out, it has been adopted by foreign universities (United States, Australia, Canada, Germany, Italy, Spain ) as well as ISPs and large companies. Support on the software is provided by a very active user community that also contributes to Sympa evolutions by adding connectors or extensions for third party services. The CRU is also maintaining a list of companies world-wide that do commercial support on Sympa. Over the last years, Sympa has proven to adapt very well to new needs from universities including S/MIME (2001), LDAP (2002), Shibboleth (2003), SOAP (2003), RSS (2005). The CRU, which is actively developing and promoting new middleware technologies in France, will carry on this work of Boletín de RedIRIS, núm , diciembre 2006-enero 2007
5 PONENCIAS adapting Sympa to university infrastructures. A list of desirable new features is maintained on here is the selection of those that might be first introduced: a statistics panel for list owners; custom member data to allow provisioning of additional members information through Sympa web interface; support for alternative user addresses; DKIM support for message sender authentication; adaptations for cluster architectures; Serge Aumunt Olivier Salaün Comite Reseaux des Universites
Middleware integration in the Sympa mailing list software Olivier Salaün - CRU 1. Sympa, its middleware connectors 2. Sympa web authentication 3. CAS authentication 4. Shibboleth authentication 5. Sympa
MASTER THESIS TITLE: Infrastructure as a Service (IaaS): Application case for TrustedX MASTER DEGREE: Master in Science in Telecommunication Engineering & Management AUTHOR: Alberto Guirao Villalonga DIRECTOR:
Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered
M86 MailMarshal Exchange USER GUIDE Software Version: 7.1 M86 MAILMARSHAL EXCHANGE USER GUIDE 2011 M86 Security All rights reserved. Published November 2011 for software release 7.1 No part of this Documentation
TIPS FOR INTERNET USERS @ TIPS FOR INTERNET USERS TIPS FOR INTERNET USERS INDEX I. Introducción Introduction II. Servicios Browsers de Navegación III. Correo Electronic Electrónico mail IV. Virus, Viruses,
Google Apps as an Alternative to Microsoft Office in a Multinational Company The GAPS Project Thesis presented in order to obtain the Bachelor s degree HES by: Luc BOURQUIN Supervisor: Thierry CEILLIER,
ImageNow Administrator Getting Started Guide Version: 6.6.x Written by: Product Documentation, R&D Date: June 2011 ImageNow and CaptureNow are registered trademarks of Perceptive Software, Inc. All other
Aalborg University Department of Production Department of Civil Engineering Aarhus School of Architecture Department of Building Design Use of IFC Model Servers Modelling Collaboration Possibilities in
ESCUELA TÉCNICA SUPERIOR DE INGENIERÍA DE TELECOMUNICACIÓN UNIVERSIDAD POLITÉCNICA DE CARTAGENA Trabajo Fin de Master Food traceability using RFID and Wireless Sensor Networks in an Aquaculture Enterprise.
technical white paper Synchronizing Data Among Heterogeneous Databases Principal Author Robert H. Wiebener, Jr. Robert.Wiebener@sybase.com www.sybase.com TABLE OF CONTENTS 1 Introduction to Heterogeneous
Getting Started Guide StarTeam Borland Software Corporation 100 Enterprise Way Scotts Valley, California 95066-3249 www.borland.com Borland Software Corporation may have patents and/or pending patent applications
Borland StarTeam 2009 StarTeam Server Help Borland Software Corporation 8310 N Capital of Texas Hwy, Bldg 2, Ste 100 Austin, Texas 78731 USA www.borland.com Borland Software Corporation may have patents
Mobile Device Manager v. 7.3 Admin Guide Document Revision Date: Oct. 14, 2014 MDM Admin Guide i Contents Introduction... 1 System Requirements... 1 Getting Started with AirWatch... 2 Environment Setup...
The Future of Mobile Enterprise Security Gearing Up for Ubiquitous Computing August 2014 795 Folsom Street, 1 st Floor San Francisco, CA 94107 Tel.: 415.685.3392 Fax: 415.373.3892 Contents Introduction...
ESET Remote Administrator Installation Manual and User Guide we protect your digital worlds contents Contents 1. Introduction... 4 2. ERA client/server architecture... 5 2.1 ERA Server (ERAS)...5 2.1.1
econstor www.econstor.eu Der Open-Access-Publikationsserver der ZBW Leibniz-Informationszentrum Wirtschaft The Open Access Publication Server of the ZBW Leibniz Information Centre for Economics Van Ooteghem,
Basic System Administration ESX Server 3.0 and VirtualCenter 2.0 Basic System Administration Revision: 20090213 Item: VI-ENG-Q206-219 You can find the most up-to-date technical documentation at: http://www.vmware.com/support/pubs
Joint UNECE/Eurostat/OECD Work Session on Statistical Metadata (METIS) Generic Statistical Business Process Model Version 4.0 April 2009 Prepared by the UNECE Secretariat 1 I. Background 1. The Joint UNECE
UNIVERSIDAD TÉCNICA DEL NORTE FACULTAD DE INGENIERÍA EN CIENCIAS APLICADAS ESCUELA DE INGENIERÍA EN SISTEMAS COMPUTACIONALES TECHNICAL RESUME THEME: ESTUDIO DE SEGURIDAD DE BASE DE DATOS MEDIANTE REPLICACIÓN
Virtual Internet Service Provider: Be Small and Act Big Dr. Sathya Rao *, Eric Mannie-Corbisier +, Leszek Siwik $ *Telscom AG, Sandrainstrasse 15-17, 3007 Bern, Switzerland, Rao@Telscom.ch + Perceval Technologies
User Manual Version 1.4.1... April 2009 Contents Contents... 2 Introduction... 4 About the Web Curator Tool... 4 About this document... 4 Where to find more information... 4 System Overview... 5 Background...
ADVANCED CAD PLM INTEGRATION IN A NAVAL SHIPBUILDING ENVIRONMENT F. Alonso, SENER Ingeniería y Sistemas S.A., Spain C. Gonzalez, SENER Ingeniería y Sistemas S.A., Spain R. Perez, SENER Ingeniería y Sistemas
BlackBird Monitoring System Performance Analysis and Monitoring in Information Systems J. P. Germano Vodafone Portugal, AV. D.João II, LT..04.0 Parque Nações 998-07, Lisboa, Portugal Email: email@example.com
Pearson Inform v4.0 Educators Guide Part Number 606 000 508 A Educators Guide v4.0 Pearson Inform First Edition (August 2005) Second Edition (September 2006) This edition applies to Release 4.0 of Inform
FRAUNHOFER RESEARCH INSTITUTION AISEC CLOUD COMPUTING SECURITY PROTECTION GOALS.TAXONOMY.MARKET REVIEW. DR. WERNER STREITBERGER, ANGELIKA RUPPEL 02/2010 Parkring 4 D-85748 Garching b. München Tel.: +49