Overview | Functionality | Domains | Accounts | Security
The Santa Clara County ARES/RACES network provides a standard Internet-style e-mail service. The service is specifically designed to provide e-mail functionality throughout Santa Clara County even if the entire Internet is completely down. The service can also send and receive e-mail to/from Internet e-mail addresses. But the service is not in any way dependent on the Internet.
This page describes the features and functionality of the service. Two fictitious entities are used in the examples below to avoid posting real e-mail addresses:
The Santa Clara County ARES/RACES network provides a standard, Internet-style e-mail service. The service works just like commercial e-mail services. It can send/receive e-mail to/from any e-mail address, whether that address resides within the ARES/RACES network or outside, in the public Internet. But the service is not dependent on any public Internet infrastructure. Therefore, if the Internet is completely down, the service will continue to operate within Santa Clara County.
The service is available for use at any time. But it is specifically designed to survive and be available during emergency scenarios when other systems may be down or unreachable. The service is provided by five sets of servers located at five different places in the county. Most locations in the county can reach at least two of the sites via amateur radio. Therefore, even if a site suffers a catastrophic failure, users that normally connect to that site can still get e-mail service from the other sites.
A standard e-mail client is used to create, send, receive and organize messages. Standard e-mail protocols are used: POP3 for retrieving mail, and SMTP for sending mail. The recommended client is Thunderbird.
Santa Clara County ARES/RACES operates five independent e-mail domains, each of which is located in a different part of the county and co-located with one of the packet BBS systems. The five different locations improve survivability in the event of a major catastrophe. Each domain can operate independently and all domains have identical functionality. Think of it as having accounts with different e-mail service providers so that a problem at one provider doesn't impact the service at another provider.
| E-mail Domain | Location | Co-located Packet BBS |
|---|---|---|
| email1.scc-ares-races.net | San Jose (Santa Clara County office bldg) | W1XSC |
| email2.scc-ares-races.net | Crystal Peak (south county) | W2XSC |
| email3.scc-ares-races.net | Mountain View | W3XSC |
| email4.scc-ares-races.net | Frazier Peak (above Milpitas) | W4XSC |
| email5.scc-ares-races.net | varies (training, backup, incident-specific) | W5XSC |
Each city/agency in Santa Clara County is assigned a primary and backup domain according to geography and overall number of users. The primary and secondary assignments are the same as in the packet network. All users in a given city/agency will normally connect to the servers for that's agency/city's primary domain. If those servers are unreachable, the backup domain is used. If both the primary and backup domain are unreachable, then any of the other servers can be used. The primary and backup assignments help ensure that the RF channel usage is optimized and that everyone knows where everyone else will be, even in the event that a site is completely down.
Santa Clara County ARES/RACES members can request an e-mail account. When access is granted, an email account based on the user's FCC call sign will be created in each of the production e-mail domains.
For example, Herman Munster, who's fictitious call sign is W6XRL4, would have the following e-mail accounts:
Herman would normally use the account on his primary domain. If the primary domain is not reachable, Herman would use his assigned secondary domain. If neither the primary nor secondary domains are reachable, Herman would use whichever domain he can reach.
Tactical e-mail accounts are similar to tactical call sign accounts in the packet BBS system, They are used when operating as a function or location, rather than as an individual.
Santa Clara County ARES/RACES leadership (EC/CRO or designated AEC/DCRO) can request tactical e-mail accounts. When access is granted, an e-mail account based on the tactical call sign will be created in each of the production e-mail domains.
For example, The fictitious City of Xanadu's EOC, with a tactical call sign of XNDEOC, would have the following email accounts:
The City of Xanadu's EOC would normally use the account on its primary domain. If the primary domain is not reachable, it would use its assigned secondary domain. If neither the primary nor secondary domain are reachable, the Xanadu EOC would use whichever domain it can reach.
Maximum message size = 10 MBytes
The maximum message size protects the system from abuse and helps control cost. It is large enough to handle large attachments, such as images, spreadsheets, PDFs, presentations, and other documents. It also helps to ensure that very large files are not sent over the shared RF access channels.
More information about message size is available here.
Mailbox quota = 50 MBytes
Each e-mail account has a "quota" or maximum size. This quota protects the system from abuse and helps control cost.
As an account is nearing the quota limit, the account owner will receive quota warning e-emails in his/her ARES/RACES mailbox and at the account owner's registered external e-mail address. If the quota is exceeded, the account owner will receive a "quota exceeded" e-mail and will not be able to receive additional e-mails until some of the e-mail in the mailbox is deleted and the account is once again under the quota.
Obviously, a full mailbox is not a good situation for emergency communications. Each user should check their e-mail accounts on a regular basis and be sure to keep their mailboxes clean by deleting mail from the server on each session.
More information about quotas is available here.
Maximum recipients per outgoing e-mail = 25
Rate limiting is applied to outbound e-mail. This helps to protect the service from a compromised e-mail client. Several different limits are used, including: connects per unit time, messages per unit time, recipients per message, and more. The most noticable limit is the number of recipients per message. In the rare case that you need to send a message to more recipients than the limit permits, simply break the recipient list into multiple messages. The other limits are designed to be unobtrusive to normal activity and yet prevent run-away clients from causing damage.
Expiry interval = 92 days
Each time a user connects to his/her e-mail account, he/she will download all messages and then delete the copy on the server. But if the user doesn't connect, or the user mis-configures their e-mail client, old messages can accumulate. At some point, the quota may be exceeded, preventing the account from receiving emergency communications. And, when the user does eventually connect, valuable airtime can be wasted at the start of an incident while downloading old, irrelevant e-mails.
To help keep mailboxes free of old, irrelevant messages, and to help keep mailboxes clear to receive emergency communications, e-mails older than the expiry interval will be deleted.
Accounts are scanned on a regular basis and messages that are older than the expiry interval will be deleted. Account owners will receive an "expiry notice" e-mail, listing summary information about any messages that were deleted. As added help to the user, the e-mail will also warn about any messages that are not yet expired but have been on the server for a period of time and should, therefore, be downloaded and removed. The e-mail is sent to the ARES/RACES mailbox and to the account owner's registered external e-mail address.
Note: this feature is not yet implemented.
The xscperm and xscevent notice areas on the packet BBSs contain important operational information. We plan to distributed these same messages to ARES/RACES e-mail accounts.
E-mail accounts may be terminated for various reasons, including:
If an e-mail account is terminated, a message explaining the reason for termination will be sent to the external e-mail address that was registered with the account.
The network is operated with state-of-the-art security. But security is everyone's responsibility. Each individual is responsible for making sure that they keep their passwords safe and protect their PC and amateur radio station from unauthorized access. The network also incorporates multiple security mechanisms to protect itself and its users. Some of those mechanisms are described below.
One of the easiest ways that an account can be compromised is through the use of a password that is easy to guess or that is the same as the password on another system that has been compromised.
To avoid that, passwords are required to be of sufficient length and contain sufficient variation in the type of characters used that they are not easy to guess. Users should choose a password that is different from the passwords they use elsewhere.
NEVER share your password with anyone else for any reason!
The network incorporates multiple levels of threat detection and prevention to block SPAM, viruses and other intrusions. Methods include signature-based, reputation-based, content-based, and heuristic analysis mechanisms. But, like any e-mail system, not all SPAM will be blocked.
NEVER click on links in e-mails unless you are certain about the validity of the e-mail. Can you ever be certain? Probably not!
| Web Site Home Page |
This page was last updated 11-Jan-2018