Blogs

Netuxo is retiring Squirrelmail

How to transfer your addressbook to Roundcube

At the end of November 2015 Netuxo will retire Squirrelmail, which we know some of our clients still use to access their email. We started to provide the much more user friendly and modern Roundcube client a long time ago, and now it is time to retire Squirrelmail as it is no longer being developed very actively.

As some of our clients also use the Squirrelmail addressbook, we'll explain in this blog post how you can export your addressbook from Squirrelmail, and import it into Roundcube. This is a straightforward process and you should not encounter any problems.

So, if you are a Squirrelmail user, please follow the steps explained below BEFORE the end of November 2015. If you do not do so, you will no longer be able to access your Squirrelmail addressbook after that date.

1. Export your addressbook from Squirrelmail

Login to your email using the Squirrelmail client (https://mx.netuxo.co.uk/squirrelmail), and click on the "Addresses" link at the top. This will get you to your addressbook. You will now find some import and export options underneath. You can ignore the import options – if you want to import addresses, please do so into Roundcube only. What you need are the export options - at the very bottom.

You do not need to change any of the defaults here. Just click the button which says “Export to CSV File”. Depending on your browser, you might get different options.

In Firefox, you will be given the options “Open with” or “Save File”. You should save the file on your computer. Again, depending on your browser settings, you may be asked where to save the file (remember where you save it to!), or automatically save it in the default download location on your computer.

You have now successfully exported your Squirrelmail addressbook. The next step is to import the addressbook into Roundcube.

2. Import your addressbook into Roundcube

Now login into Roundcube at https://mx.netuxo.co.uk/roundcube and click on the "Address Book" link at the top. You will probably see in your left sidebar two address books: Personal addresses and Global addresses. The global addresses is relevant for all email accounts in your domain (ie all mailboxes @yourdomain), so if you want the addressbook to be available to all email accounts, you can import it there.

First, select the addressbook you want to import into. This is likely to be empty if you did not use Roundcube before.

You will see the icon for import at the top – it is marked in the screenshot.

When you click on this icon, you will be shown the import screen:

Under “Browse...”, select the file you exported from Squirrelmail. You can again select which addressbook the contacts will be imported into.

Click on “Import”, and the import will start. If you have a large addressbook, this might take a while.

You should finally get a message displaying the number of successfully imported addresses.

And that is it. Simple.

Of course, in the unlikely event you experience any problems, please do not hesitate to contact us.

Additional address book functions in Roundcube

We already mentioned above that Roundcube provides a global addressbook for each domain. This enables you to share your addresses among several email accounts within the same domain.

Roundcube also enables you to add external addressbooks from other servers in carddav format. Netuxo provides a carddav server, which enables you to synchronize your addressbook between Roundcube and other email clients – on your desktop or mobile phone. Please get in touch if you would like to find out more and/or read additional information here: https://mx.netuxo.co.uk/carddav.html

Netuxo fighting spam

Netuxo email hosting clients will have noticed that we have been stepping up our fight against spam in recent months. We have improved both spam and virus filtering, and we hope that you noticed many fewer spam emails getting through.

But filtering spam is only one part of the game - and it only deals with spam emails received by our servers. Now we are implementing two important email standards in relation to fighting spam, both of which deal with allowing the recipient of the email we are sending to verify that they are coming from an authorised server. Since August, we have been implementing SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) on our mailserver, and we urge all our email hosting clients to get in touch with us so that we can implement both standards also for their domain. Below we briefly outline how these two standards work.

Sender Policy Framework (SPF)

SPF (see https://en.wikipedia.org/wiki/Sender_Policy_Framework) is a simple way to expose email spoofing. It allows the receiving mailserver to check that the mail had been sent via an authorised server. It does so by publishing a DNS (Domain Name System) record for the domain, which includes:

  • what servers (by name and/or IP address) are authorised to send emails originating from that domain
  • what to do if mail from a server not included in the above list is received.

Most spam software (such as spamassassin – which is what we use) will check the SPF DNS record of a domain, and if it exists it will verify that the mail in question comes from an authorised server. If not, the spam software can penalise the mail, making it more likely that it will be considered spam. The mechanism is simple and, unfortunately, its effectiveness is limited. Nevertheless, it helps fighting spam and is a widely used standard.

DomainKeys Identified Mail (DKIM)

DKIM (see https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) goes further. As the Wikipedia article explains: DKIM “allow[s] receiving mail exchangers to check that incoming mail from a domain is authorized by that domain's administrators and that the email (including attachments) has not been modified during transport. A digital signature included with the message can be validated by the recipient using the signer's public key published in the DNS.”

DKIM consists of several parts. The outgoing mailserver (our smtp server at mx.netuxo.co.uk) signs outgoing email (the entire message including attachments) of a domain using a specific private key, which is unique for each domain. This dkim signature is then included as a special header in the email. The receiving mailserver will retrieve the public key of the domain from the published DKIM DNS record, which then it can use to verify the signature. Thus, dkim allows to verify that the email comes from an authorised server (as it is signed) and that it has not been tampered with en-route (as the signature can be verified).

As with SPF, what is required is a specific DNS record for the domain which includes the public domain key.

Over to you

For now, we are only signing our own emails with DKIM, and we published a DNS record for netuxo.co.uk and netuxo.com . However, we would very much like to also sign your emails - which you send via our server. To do so, we need your help:

  • if we also manage your domain, we can add the required DNS records. However, we need you to tell us if you also send emails via others servers and which ones they are, in order for us to be able to create the correct SPF policy and DNS record. For DKIM, we can create the DKIM key pair and publish the respective DNS record;
  • if you manage your domain yourself, but have set mx.netuxo.co.uk as your MX record (meaning we deal with your email), then you will need to add the DNS records for both, SPF and DKIM, yourself. We can give you the details of the DNS record for DKIM (which include the public key), and can assist you in creating your SPF record, and in adding the DNS records to your domain. However, as this depends very much on who your domain registrar is, and whether your registrar supports the required DNS record -this goes beyond this blog post.

According to Kaspersky Lab, in Q1 2015, the proportion of spam in email traffic was 59.2% (see https://securelist.com/analysis/quarterly-spam-reports/69932/spam-and-phishing-in-the-first-quarter-of-2015/). This is down from the high estimates of over 80% from five years ago, but it not only a nuisance but also puts stress onto email systems. Fighting spam requires our continued efforts. So please get in touch and help us to do so...

Wandering on and looking ahead

This summer we've been working on a few projects that we have felt very comfortable with. One of these is the development of a new site called "Lost in Samsara" (see their portfolio entry and visit directly here (offsite link)). The project brings together opportunities for grassroots fair trade, a local "shop" and the free exchange of goods and services ("The Wheel"). Founders Alessia and Marvi say that they "Needed to focus on what really matters to us and get the courage to change what we don't like. At the same time, we see this project as our way to break the samsara cycle of unsustainable production, a production that causes suffering for both people and the environment. We would like to start acting differently in order to get different results and 'Lost in Samsara is our contribution to a more sustainable and fair world".

The site was launched a few weeks ago and there is a live crowd-funder in operation for the next 40 days, so if you can support the women on their mission to develop the project further please visit their Indiegogo page - details below. Further information and registration for The Wheel (community exchange) can be found here.

Looking ahead

With Drupal 8 on the near horizon one of the other things we have been engaged with in recent months is early discussions with a few of our long-term Drupal 6 clients about the "end of life" for that version and the migration and/or rebuild options and opportunities that will become available with the long-anticipated release of D8. Over the coming weeks we will be writing to all our Drupal 6 (and earlier!) users outlining that end of life policy and the range of possibilities for the future.

If you are interested in the development of D8 and how close it is to a stable release candidate, keep your eyes on this page.

Get out on the streets! Why May Day matters

1st May – May Day, Labour Day, or International Workers' Day – is commonly seen as a day of struggle and celebration of the trade union movement. It has its origins in the strikes demanding an 8-hour working day and the Haymarket massacre in Chicago in May 1886. The international workers' movement later declared 1st May as a day of celebration of workers' struggles and rights. May Day has its roots in the confrontation between capital and labour.

As workers in a co-operative, we do not face the same exploitation by employers as workers employed in traditional companies or public administrations. We are our own bosses. If we are exploited then we only have ourselves to blame! So what does May Day mean for us when - as workers who are also their own bosses - it makes no sense to fight against ourselves?

I see the co-operative movement as a twin or close companion of the trade union movement. Both aim to not only better the economic and working conditions of workers, but – in the long run – to establish workers' control (well, I wonder how many of today's unions still remember that?). Trade unions, at their best, are about more than just higher pay, more holidays, and shorter working days – they can (and should) concern themselves with the content of the work itself, and with establishing more control by workers. We have seen many examples of workers occupying their workplaces when the owner of a company intends to close it, sometimes taking the management into their own hands, effectively transforming it into a co-operative. This happened in Argentina after the financial crash of 2001 and is happening a lot in Greece now .

The Co-operative movement is the other side of the coin: rather than fighting employers, we begin with workers' control, putting into practice our vision of a better society, and of organising work and the economy differently. In doing so, we gain the experience of managing our own work, managing our co-op, putting our – the workers' – and society's needs before profit. Working in a co-op – and the management of a co-op – requires a paradigm shift, where profit-oriented business and management practice and theory might be of little value to us. Self-organisation – autogestión in Spanish – is something we need to learn and practice now if we are genuinely serious in our aim for a self-managed and self-organised society. It is about empowering ourselves, about taking responsibility for our work (and the outcomes of our work), but also for our well-being at work. It is about co-operation instead of competition, about co-operative and democratic decision-making. While all this might sound a lot of effort (and it surely is), it also makes for much more fun and satisfaction at work.

We are still a long way away from a self-organised society - and our experiments with self-organisation in co-ops are incomplete and full of contradictions. To survive in a capitalist and competitive society, we too need to compete in the market, sometimes contradicting the co-operative values we (try to) practice. However, at Netuxo we also try to extend our practice of co-operation as much as possible in our external relationships too. We use and contribute to free and open source software (such as Drupal), which are made possible by voluntary co-operation, and we give back to the co-operative movement by putting into practice Principle 6 (of the Co-operative principles): “Co-operatives serve their members most effectively and strengthen the co-operative movement by working together through local, national, regional and international structures.” Check out our special discount for members of European member organisations of the International Co-operative Alliance at http://netuxo.co.uk/discounts.

While we may be without a traditional boss or business owner, as a worker I will be out on the streets on May Day, showing solidarity with other workers' struggles worldwide. Will you join me?

Further reading

Pages