INTRODUCTION • Using Electronic email one can send message to, can receive usages from other computer users anywhere in the world. Email is most common and powerful tool to exchange message. In this chapter you will learn how to configure Email for your system. • 1.Email: Email is like letter written and sent automatically. Its working begins from sender and ends with recipient and many postman in between to ensure proper delivery. These postal workers are network protocols to perform vital task in between ensuring email reaches to appropriate receiver. TCP/IP protocol suite is involved to achieve the above goal.
33
Embed
INTRODUCTION Using Electronic email one can send message to, can receive usages from other computer users anywhere in the world. Email is most common and.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
INTRODUCTION
• Using Electronic email one can send message to, can receive usages from other computer users anywhere in the world. Email is most common and powerful tool to exchange message. In this chapter you will learn how to configure Email for your system.
• 1.Email: Email is like letter written and sent automatically. Its working begins from sender and ends with recipient and many
postman in between to ensure proper delivery. These postal workers are network protocols to perform vital task
in between ensuring email reaches to appropriate receiver. TCP/IP protocol suite is involved to achieve the above goal.
Several elements are must for email to work and to configure the same is the duty of system administrator. These elements are as follows.
1.For users to be able to read and write email it requires A Mail User Agent (MUA) to be configured .
2.To deliver the E-mail messages between computers in a LAN it requires a Mail Transfer Agent(MTA) to be configured.
3.To deliver messages to user’s mail box, a local delivery agent(LDA) is to be configured.
4.To notify users that they have new mail, a mail notification program is to be configured.
5.The TCP/IP protocol for storing email messages and transferring.
• 6.Between MTA’s • 7.Miscallaneous communication and mail storage components ports, mail box
related files and mail questions.• 2.EMAIL DELIVERY PROCESS Email creation, transmission and delivery consist of several tasks, each of
which is handled by a program designed specially for that task. The usual email delivery process involves three components • 1.Mail uses agent(MUA)• 2.Mail Transfer Agent(MTA)• 3.Mail Delivery Agent(MDA)
• MAIL USER AGENT(MUA)- To be able to send mail, one needs a program called as Mail User
Agent(MUA)also known as mail client.
MUA provides user and interface for reading and composing/writing email messages. There are two types of MUA available-• 1.Graphical User Interface
(GUI)• Eg-Mozilla Thunderbird Kmain.• 2.Command Line Interface(CLI)• Eg-Mutt or Elm After mail is composed, the MUA sends it to MTA which is responsible to transfer it
over the network
• MAIL TRANSFER AGENT(MTA)- It is a program which plays a vital role in transferring the mail it is responsible to
send messages across the network It works without any interference by the users in fact most users are unaware of the
MTA.
Information is read by MTA about receiver from the TO: section of the email message and determines the IP Address of the receivers mail server .
MTA then tries to open a connection to recipients server using TCP/IP port no. 25(SMTP)
MTA queries a DNS about Domain Information or Read DNS’s MX Record to determine the host that is responsible for receiving mail for that domain .
After connection is established by MTA on sending machine to the destination MTA, it transmits the message using SMTP i.e Simple Message Transfer Protocol.
When email messages are not delivered immediately , so the sending MTA stores them in a local queue and attempt retransmission after an interval of time
The receiving MTA transmit the email message to yet another programme, the mail delivery agent (MDA), for delivering, to the recipients mail box
MAIL DELIEVERY AGENT –(MDA) It also refers to as LDA i.e Local Delivery Agent because it receives the
message from MDA to store the new messages in the recipients mail box file
This mail box file also known as Mail Spool, is always identified by the recipients user name and is located in /var/spool/mail/username
Proclaim is a good example of one of the mostly used MDA in RHEL The users who depend on POP or IMAP to retrieve there email need no
proclaim MDA also indicates some audio or visual notification when new
messages arrives although its optional and can be ignored Other optional activities is displaying icon when mail box is full,
incrementing counter when new mail arrives etc.
• As a last step of email delivery, receivers reads email messages using his/her own MUA.
2.SMTP AND ITS COMPONENTS POP AND IMAP The email messages are sent between MTA’S using SMTP (port
no.25) SMTP is a TCP/IP protocol for transferring email message between
computers on the network. SMTP is also referred as Store-and –Forward-Protocol because Messages transmitted via SMTP do not directly go to the senders MTA
from the receivers MTA The SMTP protocol can transfer only ASCII text, it is unable to handle
fast attachment on graphic if users wants to send this file he/she has to use another protocol with the SMTP i.e MIME
MIME starts for multi purpose Internet Mail Extension that enables in SMTP to add colours, sounds etc
Sending and receiving MTA’s are always connected to internet and if the internet goes down or fails to connect then this problem is overcome by POP and IMAP.
POP3- It stands for Post office Protocol version 3, and is a protocol which is used in Process of emailing
POP3 is developed to solve the problem of delivery of messages when the recipient is not connected to N/W
POP3 runs in server that is connected to the network and which continuously sends and receives mails
POP3 servers stores the messages when they are received and keep storing until the message receipt request them .
As soon as request for emails to MTA, this email messages are delivered to them and immediately discarded from the MTA server.
If users do not want their email messages to be deleted from MTA server then they have to opt for IMAP instead of POP
IMAP- IMAP4 is a protocol which is used in the process of emailing, it stands for
INTERNET MESSAGE ACESS PROTOCOL version4 (IMAP4) It provides much more features and functionalities than POP It enables user to store mail on a networked mail server like POP3 does. IMAP4 enables users mail to reside permanently unlike POP3 on remote server
from which user can access his mail whereas the POP3 requires to download users mail before MUA reads it .
IMAP4 needs more disk space as compared to POP3 as it stores emails permanently
CONFURING SENDMAIL• A number of mail transport agents are available for red hat enterprise linux
including qmail,sendmail,postfix etc. The most widely used MTA is sendmail.• Before confuring send mail,verify whether it is installed or not as follow: #rpmquery-a|grep send mail. it gives the o/p that whether the sendmail is intsalled.• If not found to be installed, then it is installed as follows: #rpm-ivh sendmail(name of the file) where name of the file is version of sendmail package• After intsalling,service of sendmail is started and it is enabled from boot as
follows : # service sendmail start #chkconfig sendmail on* Two more ways to verify sendmail is running is as follow: i.#ps uw –p $(pidofsendmail):If the above command doesn’t show o/p then start
it manually.
ii. telnet localhost 25 trying 127.0.0.1 connect to localhost.localdomain•If the user need to edit the configuration file,there is a need to make only few changes in it. The editable configuration file of sendmail:/etc/mail/sendmail.mc. The file contains following line: #”smart”relay(may be null). Dstyit.example.com where tyit.example.com is the name of mail server.•And finally starts the service of sendmail again for change s made in the configuration file to be brought into effect. #service sendmail restart #chkconfig sendmail on
MACRO PROCESSOR-m4
• m4 is a macro processor,i.e a tool that follows principle of shorthand writing.
• Macro is a symbolic link for a long string of characters. For eg: OSTYPE is a macro to declare operating systems TYPE.
• In RedHat,the location of sendmail macro file is /etc/mail/sendmail.mc and it also has some of its file in/usr/share/sendmail-cf.
• The macro file of sendmail is/etc/mail/sendmail.mc and contains rule to generate default sendmail configuration file i.e,/etc/mail/sendmail.cf.
• It is macro processor m4 to do the above task of reading rules and changes from sendmail.mc and implementing them into its configuration file.• The configuration file contains dnl token, which is m4-style of commenting a line.• The macros are predefines and can be regenerated using makefile utility of the installed package sendmail-cf.• For eg., OSTYPE (‘linux’) dnl: The above line from the conf file tells sendmail that O.S is running on as linux.
Mail QUEUE• Emails at times arent sent immediately and remains under the queues that belong to MTA’s outgoing mail. • The reason for delay could be poor networl, bandwith problem, network connection error, MTA of receipient not available.• Irrespective of the above problems, users can still compose and send mails as sendmail is able to push them in the mail queue. These mails are kept sending in order within regular interval.• These intervals are specified in sendmail configuration file (sendmail.me) and can be edited too.For eg : #vim /etc/mail/sendmail.mcQUEUE=1hWhere, the above lines specifies retries sending of emails in an interval of 1 hour.• The retry interval can be specified in minutes(m) and seconds(s) also; for eg,QUEUE=15m ORQUEUE=5200s
Setting aliases for emails
Aliases allows users to set many names and also grant specific user permission to receive roots mail.Mail aliases are useful for creating distribution list and making access to users flexible.If there is trouble in spelling users name, then one can create aliases with alternate spellings, and still receive mails. one can also alias non-existent user to real user account. Eg: one can set up an alias john which redirects all mail intended to john to real user jack.Configuration file- /etc/aliases
Eg: [root@tyit~]#vim /etc/aliases daemon :root
shutdown :rootftpadm :ftp#person who should get root’s mailroot : shabnam#usersjohn: jack
In above file:i. There are user aliases such as johnii. Pseudo account such as shutdown daemon, daemon listed to
root.iii. Roots mails been aliased Run newaliases command for effect
• /var/spool/mqueue – directory holding mail queue
• /var/spool/mail – directory that holds users mail spools Eg: #ls –l /var/spool/mail/*
• /etc/mail/access – it runs user name,email address, domain name etc which are not allowed to send to ones’s sytem.
• /etc/mail/re-domains – shows host that are allowed to relay emails• /etc/mail/local-host-names – lists other names for one’s system• /etc/mail/virtusertable – aps email address to usernames
Postfix Mail Server• Postfix is used frequently and handle thousands of messages.• compatible with sendmail at command level.• eg: newaliases command used to register aliases.• high performance program• easier- to use, replacement for sendmail.• easy to configure sendmail as compared to sendmail.• syntax of defining mail relay host:o sendmail: Dsrelayexample.comoPostfix : relay.example.com
• reason for simple configuration of postfix compared to sendmail is, it need not any macro processor to generate or modify configuration files.
Configuration of postfix :• Before switching to postfix, its compulsory stop sending mail using command as follow: # service sendmail stop.
if sendmail is not stopped then send mail and not postfix will work as MTA • Postfix is verified for installation as follow• [root@tyit ~]rpm query postfix .• If postfix is not installed then its installation as follows• #rpm ~ivh postfix(name of file)• Where name of the file is the version of postfix packages• Postfix primary configuration file is /etc/postfix/main.cf. in these file, there is need to make changes as
follow:• A) my domain variable specifies the domain name of user: mydomainname=example.com• B) myhostname is a variable which identifies the local machine’s fully qual domain name myhostname=tyit.example.com• C) myorigin variable identifies the domain name appended to unqual addresses myorigin = $mydomain This causes all mail going out to have user domain name appended
• D)My destination variable tells the postfix what addresses it should delivered • My destination = $myhostname , localhost ,$ my domain.• Although there is large no of configurable variables, but these 4 changes• User needs aliases for postfix , postmaster & root so that mail sent to are received to real person. To achieve
these , the following entries /etc/aliases:• #vim/etc/aliasis:• Postfix : root• Postmaster: root• Root:shabnam• The alias database using postfix’s new aliases command is regenerated as /etc/aliases was modified. the common
is as shown below:• #newaliases.• Finally the daemon of postfix is stared as shown below:• #services postfix start• Starting postfix:[ok]• Postfix s enabled on boot as follow:• #chkconfig postfix on• To handle postfix log message user needs to modify the syslog configuration file add following entries:• #vim /etc/syslog.conf• Mail.*mail/var/log/maillog
• Mail.err/var/log/mail.err• Where /etc/syslog.conf is the file which
control the system log• To bring changes these change into effect ,
there is need to restart or start the services of syslog as follow:
# service syslog restart.
Running posting behind a firewall or gateway
• If system is not connected to internet on which postfix is configured or configure as a firewall or gateway , postfix will simply handover locally generated email to relay host. This relay host must be configured to relay to the respective receiver.
• for the configuration, following 2 lines are added in /etc/postfixmain.cf relayhost =mailhost $mydomain disable_DNS_lookups = yes
• IP address of the relay host can also be specified as follow: relayhost =192.168.166.10
• Finally the service of postfix is restarted as follow:• #service postfix restart• Stopping postfix [ok]• Starting postfix[ok]
Running postfix on a mail host:• User can create a mail host that handles the incoming mail for the system• The configuration of mail host assumes that the relay host, named tyit.example.com
is the only of entry for all email traffic• User need to set the following configuration variables on tyit.example.com:• $myhostname• $mydomain• $myorigin• $mydestination• Tyit.example.com need to be told for which system it can relay mail. doing this
involves setting 2 additional configuration variable as shown in example below.• $ mynetwork=192.168.166.10• $relaydomains=example.com• Mynetwork defines a list of trusted client, i.e. the list of client that postfixwill allow
to relay mail.• $ relaydomains defines the destination to which postfix will relay mail.
SERVING EMAIL WITH POP3 AND IMAP:
• Suppose windows system used as desktop n/w client ordinarily do not have an MTA of theirs own .Then such system requires email access using IMAP & POP.
• A user can install both at a time i.e IMAP & POP but can use only one at a time.
• Setting up IMAP server require the following :
-vidit
(i) The IMAP implemation configuration is done with the help of dovecot IMAP sever.
(ii) Dovecot has many features like support POP3 & IMAP which simplify initial setup & on going maintainance it mean , If user is confiured IMAP server, he will gwt POP3 unless he disable the POP 3 services.
-vidit
(iii) Dovecot also support POP3 & IMAP , which work for authentication & data exchange process.
(iv) TO configure any of the service it is necessary to check whether it is installed or not . Command to check whether Dovecot is installed is as follows:#rpmquery dovecot
-vidit
(v) Configuring Devecot : If necessary package is installed ,then configure the dovecot at the boot time .
#chkconfig dovecot on.
- vidit
MAINTAINING E-MAIL SECURITY:
• E-mail security is always a privacy issue even if the user is not mailing credit card number or corporate secrets.
• using S/MIME for security is only one of many steps to take to protect the integrity of users E-mail.
• There are some most comm0n vulnerabilities that can affect E-mail security :
-vidit
(1) Protecting against Eavesdroping :
(a) Because of store and forward Technique the users msg goes not only through one computer. (b) There are more possibilities that cracker can easily attack the users mail using apacket sniffer program to intercept passing mail messages.
(2) Using encryption : (a)cryptography enables users msg to be encrypted. So that sender & receiver can encrypt & transmit safely. -vidit
(b) Best way to encrypt data is to use digital signature .
(3) Using Firewall:
(a) User should set up a firewall to protect the network while reciving mail from people outside the network.(b) The firewall is a computer that prevent unauthorized data from reaching the n/w.
- vidit
(4) Prevent being bombed , spammed or spoofed:
(a) Bombing : it happen when someone continually or maliciously send data .
(b) spamming : A spammer send non-reqd email to many user.(c) Spoofing : it happens when someone sends email from a
false address.
-vidit
(5) SMTP should be dealt with care :
(a) Use of a dedicated mail servers keep the no. of computers vulnerable to SMTP based attack to a least. (b) Network should have only or few centralized email servers, depending on the size of users organization. (c) Allow only SMTP connection that come from outside user firewall to get those few central email servers - vidit