Mail Server??? ????

1
Mail Server???????

• ????????
• ???
• chenyc_at_ntu.edu.tw

2
Outline

• ??????????
• ???????? sendmail
• ??????????

3
Part I

• ??????????

4
??????????

• ??????
• ????????
• ????SMTP??

5
??????
6
Mail User Agent

• ???????,????,???????
• ??/bin/mail, elm, outlook, netscape composer

7
Mail Transfer Agent

• ???????????
• ?MUA?????MTA,???????????MTA
• SMTP (Simple Mail Transfer Protocol)
• Sendmail, qmail, postfix

8
Mail Delivery Agent

• ??MTA??????????????mailbox?
• /bin/mail, /bin/sh, mail.local, procmail
• ???????
• A person
• ???email address
• A file
• mailbox
• A program
• Filter

9
Email delivery

• End-to-end delivery
• Based on TCP/IP end-to-end connectivity
• ????????????????????,????????????
• Mail gateway
• ?????????mail gateways
• Disadvantages
• Unreliability
• Delay
• Advantage
• interoperability

10
??????
11
TCP/IP standards for email service

• The Format for mail messages
• Header and body separated by a blank line
• Header -- keyword value
• From ltemail addressgt
• To ltemail addressgt
• The details of email exchange
• SMTP specifies how the underlying mail delivery
  system passes messages across an internet from
  one machine to another

12
SMTP

• ??SMTP session???client???server??
• SMTP??client?server????????
• HELO, MAIL, RCPT, DATA, QUIT

13
????SMTP??
14
john_at_hostAgt telnet hostB 25 Trying
140.112.2.3... Connected to hostB.ntu.edu.tw. Esca
pe character is ''. 220 hostB.ntu.edu.tw ESMTP
Sendmail 8.9.3/8.9.3 Wed, 4 Jul 2001 154558 0
CST) helo hostA 250 hostB.edu.tw Hello
john_at_hostA.ntuedu.tw 140.112.3.75, pleased to
meet you mail from ltjohn_at_hostB.ntu.edu.twgt 250
ltjohn_at_hostB.ntu.edu.twgt... Sender ok rcpt to
ltjohn_at_hostC.ntu.edu.twgt 250 ltjohn_at_hostC.ntu.edu.t
wgt... Recipient ok data 354 Enter mail, end
with "." on a line by itself test. 250
UAA02587 Message accepted for delivery quit
15
From john_at_hostB.ntu.edu.tw  Wed Jul 4 154558
2001 Received from hostB.ntu.edu.tw (hostB
140.112.2.3)         by hostC.ntu.edu.tw
(8.8.5/8.8.5) with ESMTP id UAA05162         for
ltjohn_at_hostC.ntu.edu.twgt Wed, 4 Jul 2001 154558
0800 (CST) Received from hostA
(john_at_hostA.ntu.edu.tw 140.112.3.75)        
by hostB.ntu.edu.tw (8.8.8/8.8.8) with SMTP id
UAA02587         for ltjohn_at_hostC.ntu.edu.twgt
Web, 4 Jul 2001 154558 0800 (CST) Date Wed,
4 Jul 2001 154558 0800 (CST) From staff
ltjohn_at_hostB.ntu.edu.twgt Message-Id
199805211246.UAA02587_at_hostB.ntu.edu.tw test  
16
??????

1. hostA??user1?MUA?????,??user2_at_hostC
2. ???????MTA??hostC
3. hostA??MTA?hostC??MTA??SMTP??,???????
4. ?????????hostC?,MTA?????????Mail Queue????????
5. hostC??MTA?????,???????????????hostC,?????MTA?????
   host?,???????????hostC,??????MDA??
6. ??MDA?????????????user2??
7. hostC??user2?MUA??????,???????????????

17
Mail Retrieval and Mailbox Manipulation Protocols

• Post Office Protocol (POP3)
• POP3 client creates a TCP connection to a POP3
  server on the mailbox computer
• Internet Message Access Protocol (IMAP4)
• User can obtain info about msg or examine header
  without retrieving the entire msg
• Partial retrieval

18
MIME

• Multipurpose Internet Mail Extensions
• Allow transmission of non-ASCII data through
  email
• Each MIME message includes info
• The type of the data
• The encoding used
• From bill_at_acollege.edu
• To john_at_example.com
• MIME-Version 1.0
• Content-Type image/gif
• Content-Transfer-Encoding base64

19
???? Mail and DNS

• DNS Mail eXanger (MX) record
• MX records can point to hosts in different
  domains
• a MX record must point to a hostname that has an
  A record
• hostA IN MX 10 hostB lt- illegal
• IN MX 20 hostC
• hostB IN MX 10 hostC
• hostC IN A 123.45.67.8

20

• MX to CNAME causes extra lookups
• MX records are nonrecursive
• hostA IN MX 10 hostB
• hostB IN MX 10 hostB
• IN MX 20 hostC
• Wildcard MX records
• domain is sub.dc.gov
• .dc.gov. IN MX 10 hostB.dc.gov
• .sub.dc.gov. IN MX 10 hostC.dc.gov
• hostA IN MX hostB
• hostB IN A 123.45.67.8
• hostC IN A 123.45.67.9

21
Mail RelayhostC IN MX 50 hostB.cc.ntu.edu.tw.ho
stC IN MX 100 hostD.cc.ntu.edu.tw.
22
??Email????

• Outgoing traffic
• Email that originate from our server
• Incoming traffic
• Email that bypass/destined to our server

23
Patterns of modern email traffic

• ??
• ??? one-to-one email
• ???one-to-many, mailing lists
• Email???????
• ??
• ???one-to-many emails
• Email???????????????

24
???????????
????
SMTP-server
SMTP server
(1)
(1b)
(1c)
??
POP3/IMAP server
(2)

• MSIE , Netscape

????
25
?????????????
Internet ????
SMTP server
(2)

• ?????? server

SMTP-server
(1)

• MSIE, Netscape ?

????
26
Email Forwarders

• ??????????forwarder
• ??email??????
• ????????????SMTP???
• ????
• ???????
• ????????

27
Mail ???- ??????
Internet
outgoing
Local SMTP Server
28
Mail ???- ??????
Internet
????
Mail Forwarder
29
??email service????

• ?????relay???
• ????????
• ????????
• ?????ISP
• ??DNS?MX records

30
Mail ???- ??????
Internet
incoming

• Local SMTP Server

31
Mail ???- ??????
Internet
????

• Mail Relay

32
??????????

• ????????
• ????????????
• ??????????????

33
?????????

• ???????
• ???DNS??
• ????????
• ??/????/??(sendmail)
• ???????????
• ??DNS round-robin???????
• ???outgoing forwarder
• Backup servers
• relay servers
• ???DNS MX records??

34
?????????

• ???
• ??ccms
• ????ms.cc, ms1.cc, ms2.cc
• ???
• ??(???)ms86.ntu, ms87.ntu, ms88.ntu, ms89.ntu,
  ms90.ntu
• ????ms.ntu
• ??alumni.ntu
• ?????smtp.ntu, smtps.ntu
• Relay???relay1-gw.tp1rc.edu.tw

35
Part II

• ???????? sendmail

36
Sendmail

• Web site
• www.sendmail.org
• www.sendmail.net
• www.sendmail.com
• ftp site
• ftp.sendmail.org
• Latest version
• Sendmail 8.11.4
• Book
• OReilly bible sendmail

37
Sendmail three important parts

• The Configuration file
• The Queue Directory
• The Aliases and mailing lists

38
Configuration files

• /etc/mail
• main configuration file
• sendmail.cf
• relay control files
• relay-domains (text file)
• access (database)
• alias definition file
• aliases (text file or database)

39
sendmail.cf

• ?????
• ???????????????
• ????,???sendmail?????
• ???????????
• Example
• O AliasFile/etc/mail/aliases
• O QueueDirectory/var/spool/mqueue
• FRo /etc/mail/relay-domains
• DSsmtp.ntu.edu.tw

40
aliases

• Sample
• Mandatory aliases
• postmaster root
• MAILER-DAEMON postmaster
• Five forms of aliases
• John_Adams adamj
• admin root, sysadmin_at_server
• staff inclue/etc/mail/list/staff.list
• nobody /dev/null
• ftphelp /usr/local/bin/sendhelp

41
Alias????
42
relay-domains

• Sample
• 140.112
• ntu.edu.tw
• 140.112.228.147 reject

43
/etc/mail/access

• ????????????
• ltSource IP/Domain/Usergt lt????gt
• ????
• RELAY ????
• REJECT ????
• DISCARD ?????
• OK ???????REJECT?Domain?????
• 550 ltmessagegt?????,???ltmessagegt?????
• Update
• makemap hash access.db lt /etc/mail/access

44
sendmail.cw

• Specify the names of hosts for which we receive
  email
• In sendmail.cf
• Fw/etc/mail/sendmail.cw
• ???ccms.ntu.edu.tw??
• ccms -gt ????/etc/resolv.conf????domain
• ccms.ntu.edu.tw -gt ???????

45
Smart Relay

• /etc/mail/sendmail.cf
• DSsmtp.ntu.edu.tw

46
Part III

• ?????????

47
Anti-Relay Anti-SPAM

• Anti-Relay
• ?Mail Server??????????????,?????????
• Anti-SPAM
• ?Mail Server?????IP?????,?????????IP????????,?????
  ???????,???????

48
Mail Relay

• Sendmail 8.9.0???????????????????????
• ??sendmail 8.8.x???????
• ?????domain??
• sendmail.cf????
• FR-o /etc/mail/relay-domains
• ???????domain??relay-domains???
• ????domain

49
??SPAM

• SPAM
• Send Phenomenal Amounts of Mail
• ?????????
• ???????
• ??Internet??
• ??????????

50
??Incoming SPAM

• ??????SPAM???
• ??????????????????spam
• ????????spam??
• MTA???????SPAM???
• Sendmail 8.9????????anti-spam?anti-relay??,???????
  ???
• ??http//www.sendmail.org/antispam.html

51
Anti-SPAM on MTA

• ??????????spam
• ?????????
• ?????spam??
• ????????spam???
• ????????
• ????????
• ????????????
• ????????????

52
??Filter??spam

• ????
• ??anti-spam filter ???????spam??
• ?????
• ??filter??????????,??,??,????????????

53
??outgoing SPAM

• ????domain??SPAM?????
• ????????
• ????relay??
• ??????????
• ????????????
• ?????????????relay?????????
• ?router??acl?????????Internet?????port 25???

54
Anti-SPAM reference

• Newsgroups
• News.admin.net-abuse.
• Web sites
• http//www.edu.tw/tanet/spam.html
• http//www.sendmail.org/antispam.html
• http//www.ecofuter.org/jmemail.html
• Spammer list
• BadMailFrom Spam list
• http//www.webeasy.com/w2/spam/
• Network Abuse Clearninghouse
• http//www.abuse.net/

55
Sendmail log

• /etc/syslog.conf
• mail.info /var/log/maillog
• /var/log/maillog
• date host sendmailpid qid whatvalue
• delay, from, to, stat, size
• ?????????????
• ??log??????,???????

56
Sendmail????

• ??log????
• ??from?size??????????????????
• sendmail.st??
• sendmail.cf???StatusFile
• O StatusFile/etc/sendmail/sendmail.st
• ??mailstats???????????
• ??cron???????????
• ?????sendmail.st??????
• ?crontab???