LISTSERV 16.0 - MSUNAG Archives

We have been in serious discussion about what practices are being used 
on state-mail.com.  The site states that they do not store your 
password, and we've had people check their cookies locally and found 
nothing useful in them.

However, knowing that they make use of PHPSESSIONS would lead me to 
believe that there could be session files laying around in the /tmp 
directory on the state-mail.com server holding information in 
plaintext.  Otherwise, how could all of this magic work.  Now, it is 
likely that those sessions get torn down and the information properly 
discarded (automatically, as it should).  But yes, the potential exists 
for that server to get broken into leading to X, Y, and Z.  The 
potential also exists that the sessions are done in memory, so there's 
less worry there.

I don't see any huge problems with students wanting to use 
state-mail.com, but I think its being touted about as this great 
replacement when all it really is, is a web front-end to an IMAP client, 
plus a few little extra bells and whistles.  Upon logging into 
state-mail.com, it creates 3 IMAP connections.  Upon checking a message, 
it creates another 3 IMAP connections.  And so on...

I went ahead and ran some "infoporn" since I know all of you on NAG love 
that type of stuff.  I've compiled a list of unique logins for the past 
month and they are as follows:

For the month of November (thus far) there have been approximately 1081 
completely and totally unique NetIDs logging-in via state-mail.com

This is the breakdown of unique logins on a daily basis:

Wed, Nov 28th 2007  -  239 (as of 10:22am)
Tue, Nov 27th 2007  -  523
Mon, Nov 26th 2007  -  546
Sun, Nov 25th 2007  -  86

Sat, Nov 24th 2007  -  66
Fri, Nov 23rd 2007  -  57
Thu, Nov 22nd 2007  -  60
Wed, Nov 21st 2007  -  88
Tue, Nov 20th 2007  -  111
Mon, Nov 19th 2007  -  114
Sun, Nov 18th 2007  -  89

Sat, Nov 17th 2007  -  72
Fri, Nov 16th 2007  -  98
Thu, Nov 15th 2007  -  101
Wed, Nov 14th 2007  -  77
Tue, Nov 13th 2007  -  94
Mon, Nov 12th 2007  -  84
Sun, Nov 11th 2007  -  58

Sat, Nov 10th 2007  -  40
Fri, Nov  9th 2007  -  53
Thu, Nov  8th 2007  -  74
Wed, Nov  7th 2007  -  59
Tue, Nov  6th 2007  -  41
Mon, Nov  5th 2007  -  43
Sun, Nov  4th 2007  -  27

Sat, Nov  3rd 2007  -  17
Fri, Nov  2nd 2007  -  31
Thu, Nov  1st 2007  -  29
Wed, Oct 31st 2007  -  24
Tue, Oct 30th 2007  -  15
Mon, Oct 29th 2007  -  20
Sun, Oct 28th 2007  -  12

These numbers, at this point are manageable by both our servers and 
state-mail.com's server.  But with all newer connections onto 
state-mail.com's server, it will be interesting to see how well it will 
hold-up.  That's what everyone seems to be overlooking (well, everyone 
who is publishing these articles at the State News).

Just some thoughts and info for now...

./brm