#ServHelp - New NickServ Email System

Introduction (LadyDana)
---------------------------
Hiya all! And welcome to this #ServHelp session about DALnet's new email system. (:

There have been a lot of questions and even a bit of confusion about it, so we thought to organize this session to look over the new feature and what it involves.

I'm Dana and here beside me are my fellow "teachers" PrincessDi (also known as Marsha) and Hammer (known as Mike). :)

The email system was implemented in order to help DALnet with abuse issues and, perhaps most importantly, to help with forgotten password problems. It also leaves the door wide open to a number of future features. Think of all the possibilities! 

Before I go any further, I would like to emphasize the fact that the "deadline" of September 10th is fast approaching ...

Hurry up and set an email address for your nicks if you haven't done so already. All nicks which do *not* have an email address attached to them by September 10th will expire. 

If your nick expires at that time and someone else registers them then there is nothing DALnet can do to return the nick. So set your email address before you forget!

This session will be composed of the following elements:

1) New NickServ Commands
2) Security Disclaimers and Explanations
3) Half-registered Nick Considerations
4) How sending Passwords works
5) Troubleshooting
6) Questions & Answers Period

Our first topic will be: The New NickServ Commands. Hammer/Mike here will tell you about how all that works. =)

New NickServ commands (Hammer)
--------------------------------------
1. REGISTER

The format for the NickServ REGISTER command has altered from it's former version to include the email address as the last parameter. This address MUST be a valid email address because registering a nick is now a 2-part process.

When you issue the REGISTER command, services will send a confirming email to that address. If you don't include your real email address that you want to be connected to this nick, then services will send the email to the wrong address and the nick will drop.

2. AUTH (from email)
Step 2 of the registration process is when you get the email from services, using the name "DALnet User Registration", with the authorization number you need to use:
/msg NickServ AUTH YourNick 2349084362984750

This tells NickServ that you are who you say you are and that you got the email. It also completes the registration process.

The simplest method (for operating systems that support copy & paste) is to just copy the exact message from the email and paste it into your IRC client and hit the enter key (softly, of course).

If you reissue this command once you've already fully registered it, NickServ will just tell you "This nick is already fully registered."

You do not have to be using the nick to issue the AUTH command since the nick in question is supplied with the command.

You can also use the URL given in the email to go to http://users.dal.net/cgi-bin/verify.cgi? where the nick= will be the nick you're trying to confirm and the id= is the number given in the email.

3. SET EMAIL
If you want to change the email you have assigned to your nick, or if your nick was already registered prior to the new system, you can use the new NickServ SET EMAIL command.
/msg NickServ SET EMAIL username@somewhere.net

Services will issue another email to the new address to confirm that you can use that address. You'll get the standard /msg NickServ AUTH YourNick 234095840982 again; all you have to do is issue that exact command while you're using that nick on DALnet.

4. SET SHOWEMAIL
One of the concerns with attaching your email address to your nick is that people will be able to find out what your email address is.

By default, other users will not be able to see your email address when they use the NickServ INFO command on your nick.

If, however, you DO wish for others to be able to see the email address for your nick, you can use the new NickServ SET SHOWEMAIL <ON or OFF> command to allow anyone using the INFO command to view

Security Concerns (PrincessDi)
--------------------------------
There have been a lot of users who have voiced concerns about the security and their privacy with DALnet asking them for their email address and what not.

Please, put your mind at ease. We *assure* you that you will never ever have to worry about your email address being turned over to any companies or spammers by DALnet. By this, we are talking about DALnet as a network and also of any individual DALnet staff members.

Your email addresses will be handled with extreme care. They are not even directly viewable by any DALnet staff members and are only shown when an email address is specifically requested (only used for user assistance purposes). 

Even when an IRCop tells services to send the password, they will not be informed of what the actual email address is. 

You can read the announcement that taz, the CEO of DALnet, made regarding the privacy and security issues that this new feature brought out. It is located at http://www.dal.net/emailinfo.html. I strongly urge you to go and read it. :)

Finally, we would like to give you the standard advice and precautions to take where passwords and security are concerned.

A good password should be *at least* 4 to 6 characters to long, composed of a mix of letters and numbers. Passwords are CaSe SenSitiVE, which means that "star" is not the same as "STAR" or "StaR". So be mindful of what casing you enter for your password.

Passwords cannot contain spaces but they have the ability to contain other ASCII characters, even letters of other languages or symbols such as , , , , etc. 

You should be able to easily remember your password without always referring at a piece of paper or relying on a script. Please *do not, do not* use information such as your birthday, your name, your phone number or anything that is easily guessed.

We strongly recommend you to write your password down somewhere but to keep this note at a place where other people won't be able to get to it. Believe it or not, there are no small number of cases where siblings have stolen each other's nicks or channels.

You should never use auto-identification scripts or any other scripts that you are not quite certain about. There are some really malicious scripts out there that will steal your nickname password at best and completely corrupt your computer at worst.

DALnet can *not* be responsible for the security of your computer or the lack thereof. If you were infected with a virus or trojan and someone stole your nick/channel then there's nothing we can do for you. Nor can we be responsible for your email account. So please keep this in mind. :)

Half-registered nick considerations (Hammer)
-------------------------------------------------
Between the time when you have issued the NickServ REGISTER command and when you have entered the AUTH command to confirm it, your nick will be in what we call a "half registered" state.

While you do have some control over your nick at this point, there are some things you still can't do yet.

Let's first go over those things which you CAN do; then we'll cover what you can't do until you issue the AUTH command.

   1. IDENTIFY
Since you can identify for the nick, you can do a several other things as well.
    2. Change the email address using SET EMAIL
   3. DROP the nick
   4. REGISTER a channel
   5. Log in to http://users.dal.net and create a website at http://home.dal.net

Now for the bad news. Here are the things you can't do until you issue the AUTH command:
    1. You can't send memos
   2. You can't set ENFORCE/URL/NOOP/NOMEMO
   3. You can't use GHOST/RECOVER/RELEASE
   4. You can't use the ACCESS list

Sending Passwords (PrincessDi)
-----------------------------------
Now, how does sending passwords really work?

For nicks, it's pretty simple. If there's someone who has forgotten their password then they usually seek out an IRCop. The IRCop in question will take a brief look at the situation. 

If there's something that doesn't make sense (for example, the person has a different address than the one shown by NickServ) then a few questions will be asked. 

If the story makes sense, the IRCop will ask NickServ to send the password. NickServ will get the email address of the nick from its database and automatically write out an email and will send it. 

Usually, depending on the mail servers, you should receive the email within a few minutes.

As for channels, services will take the email address of the nick that is set as the founder of the channel and will repeat the process. 

Usually someone has to have identified to the founder's nickname before we ask services to send an email.

Very simple. =) Your email address isn't revealed to the IRCop during the process. Services takes care of it all on its own.

Troubleshooting (LadyDana)
-------------------------------
Now, here we are already to our last major section: Trouble shooting.

There are various problems that could arise within this new email system. We'll try to answer a few of the more common questions here. If you still have some questions after this then please ask them in Questions & Answers section.

Alright, here we go. :)

Question: What do I do if NickServ is telling me that the AUTH code is incorrect?

Answer: If that happens then it's because you changed the email address after first registering the nick. 

Say you registered your nick with emailaddy@whatever.com. After that, you decide to change your email to anotheraddy@whatever.com. An AUTH email will be sent to both emails. 

The one sent to emailaddy@whatever.com will NOT be valid. If you use the AUTH code present in that first email then NickServ will return the "invalid AUTH code" error to you. =)

The AUTH code in the email sent to anotheraddy@whatever.com will be the only one that works.

Question: I made a typo when entering my email address! What do I do?

Answer: Well, as long as you identify to your nick, you can always set the email address to something else within the first 24hours that your nick is "half-registered".

You would simply identify to your nick with: /identify your-password-here
... and then use the /nickserv SET EMAIL new-email-address-here command.

Since you can NOT ghost or recover nicks when they are half-registered, it's possible that someone may be using your nick in its half-registered state. 

In that case, try to find an IRC Operator (instructions on how to do that can be found at http://help.dal.net/faqs/findingoper.html). By identifying to the nick in question, you can prove your ownership. The oper will help you fix up the situation.

Question: I am not getting my AUTH email from services? Why is that?

Answer: Actually, there are a number of possible answers to this problem. First of all, are you certain that you entered the right email address? 

Verify the email address that you set by using the SHOWEMAIL command. Just type out the following: /nickserv SET SHOWEMAIL ON

(Don't forget to turn this off again later if you don't want everyone to see your email address in the NickServ INFO! Type: /nickserv SET SHOWEMAIL OFF)

That not the problem?

It's also quite possible that there is some lag between the mail servers. Usually an email should arrive within 5 minutes at the latest. But if there is lag, the amount of time that it takes for the email to arrive can get pretty unpredictable.

I have already had some emails take over 2 hours to reach me. So I would suggest waiting for a couple of hours and then checking your email again. If it still hasn't arrived then reset your email address.

You can set the email address to a secondary email account or an email alias that you possess. If you don't have one of those, then first set a bogus email. And then set it back to what it was.

Example:

(1) /identify your-password-here
(2) /nickserv SET EMAIL this@is.a.fake.addy.com
(3) /nickserv SET EMAIL your-real-email-addy-here

If you are *still* not getting results after this then try contacting an IRCop with this problem. You can also email help@dal.net with any questions that you may have. Tell them what you have already tried doing first though. =)

Question: I have a good idea for this email system! Who do I talk to?

Answer: Well, first I would say to go into #DALnetHelp and to tell them about what idea you have. 

If it's something that has already been discussed or if it's something that is probably completely unlikely to be developped then they maybe be able to tell you.

If they don't really have much to say on this subject then you can email your suggestion to dalnet-services@dal.net. The DALnet Services address is actually a mailing list that is composed by a great number of DALnet users.

A lot of future features were first suggested there. Try your luck. =) However, do keep in mind that you should make a detailed explanation of (1) what you want (2) why you want it and (3) how it is supposed to work.

Future Features (LadyDana)
-------------------------------
A final word on some possible future features that *might* be implemented now that this email system is in place. (Okay, we are really emphazing the word MIGHT here. NOTHING is guaranteed/promised. ;)

First of all, there has been a mention of putting a new section onto http://users.dal.net. It will allow users will be able to see which opers have used the GETEMAIL command on their nick(s). 

We just had word from the services coders and were informed that this feature WILL be implemented and might be done within a week or two. So keep your eye peeled for that. =)

After that, there have been some ideas. Just possibilities, nothing final but it should allow you to see just what promise this new email system has.

- You could have memos forwarded to your email address.
- Mailing lists for AOp/SOp lists.

All the features, if implemented, would be turned off by default. This will assure you your privacy where your email address is concerned. =)

User questions and answers can be viewed at: http://help.dal.net/events/servhelp/questions.html

 

Main Help Page          Events Page