240 likes | 434 Views
Electronic Mail. Peter D’Souza. Outline. Introduction Mail Systems Components of a Mail Message Administrative Principles/Practices Aliases Sendmail Security, privacy and other issues. Introduction. Essential to both businesses and individuals New standard of social behavior
E N D
Electronic Mail Peter D’Souza
Outline • Introduction • Mail Systems • Components of a Mail Message • Administrative Principles/Practices • Aliases • Sendmail • Security, privacy and other issues
Introduction • Essential to both businesses and individuals • New standard of social behavior • Cheaper/faster than postal services • Less formal than paper • Less personal than actual conversations
Mail Systems • Four distinct components • MUA - Mail user agent • MTA - Mail Transport agent • Delivery Agent • Access agent (optional) • Mail submission agent that speaks SMTP sometimes included
Mail Systems Internet UA DA Eudora mail.local TA TA Message Store sendmail (port 25) DA sendmail procmail UA mail SA UA=User Agent SA=Submission Agent TA=Transport Agent DA=Delivery Agent AA=Access Agent sendmail (port 587) DA To local user agents UA imapd Pine Host A - Sender Host B - Receiver
User Agents • Used to read and compose messages • Protect text embedded in contents • System wide and user-specific configuration supported
Transport Agents • Accept mail from user agent, understand recipient’s address, and get mail to correct host for delivery • Speak SMTP protocol • eg. sendmail, PMDF, PostFix, etc.
Delivery Agents • Accept mail from transport agent and actually deliver it to the appropriate local recipients • Speak SMTP protocol • eg. /bin/mail (local users), /bin/sh (mail going to a file), mail.local, smrsh
Other Agents • Access Agents • Connects user agent to message store • eg. IMAP or POP • Mail Submission Agents • Runs on a different port • Does all the prep work and error checking before the message can be sent out by TA • Sendmail acts as both MSA and TA
Anatomy of a Mail Message • Envelope From evi Wed Jan 19 19:01:11 2000 Received: (from evi@localhost) by xor.com (8.9.3/8.9.3) id TAA17820; Wed, 19 Jan 2000 19:01:11 –0700 (MST) Date: Wed, 19 Jan 2000 19:01:11 –0700 (MST) From: Evi Nemeth Evi.Nemeth@xor.com Message-Id: 200001200201.TAA17820@xor.com To: trent@xor.com Subject: xor.mc CC: evi@xor.com Status: R • Determines where the message will be delivered or, if the message cannot be delivered, to whom it should be returned.
Anatomy of a Mail Message (Contd) • Header 2: Return-Path: eric@knecht.sendmail.org 3: Received: from anchor.cs.colorado.EDU (root@anchor.cs.colorado.edu [128.138.242.1]) by columbine.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id HAA21741 for < evi@rupertsberg.cs.colorado.edu >; Fri, 1 Oct 1999 07:04:25 – 0700 (MST) 4: Received: from mroe.cs.colorado.EDU (mroe.cs.colorado.edu[128.138.243.151]) by anchor.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id HAA26176 for < evi@anchor.cs.colorado.edu >; Fri, 1 Oct 1999 07:04:24 – 0700 (MST) 5: Received: from knecht.sendmail.org(knecht.sendmail.org [209.31.233.160]) [128.138.242.1] by mroe.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id HAA09899 for < evi@anchor.cs.cs.colorado.edu >; Fri, 1 Oct 1999 07:04:23 – 700 (MST) 6. Received: from knecht.sendmail.org (localhost [127.0.0.1]) by knecht.sendmail.org (8.9.3/8.9.3) with ESMTP id GAA18984; Fri, 1 Oct 1999 07:04:25 – 800 (PST) • Collection of Property-value pairs formatted according to RFC822 • Body
Mail Philosophy • Servers for incoming and outgoing mail; or for really large sites, a hierarchy • Replication of incoming and outgoing servers • Typical UNIX hosts with minimal sendmail capabilities • Firewall • A mail home for each user at a physical site • Enforced through ‘aliases’ file, ‘maildrop’ field or LDAP database • Remote access provided via POP or IMAP • IMAP or POP to integrate PCs, Macs and remote clients • IMAP delivers messages one at a time • POP downloads all messages from server
Mail Aliases • Allow mail to be rerouted • Allow users to be referred by more than one name • Define mailing lists • Forward mail among machines • Defined in UA’s configuration file (sending user), /etc/mail/aliases (global) or in a .forward file(recipient) • Examples • Nemeth: evi • Evi: evi@mailhub • Authors: evi,garth,scott,trent • From mail point of view, alias supersedes /etc/passwd • Loops detected by sendmail
Mailing lists • Giant alias • Usually specified in /etc/aliases but maintained in external file • :include: directive in aliases • sabook: :include:/usr/local/mail/usah.readers owner-mylist: mylist-request mylist-request:evi owner-owner: postmaster • Maintenance done by list manager • eg. Majordomo, Mailman, etc.
sendmail • Transport agent developed at Berkeley • Can adapt to whims of standard-makers due to flexibiiity of its configuration file • Generates error messages and returns messages to sender if they are undeliverable • Components required for installation • sendmail binary • configuration file (/etc/mail/sendmail.cf) • Mail queue directory (/var/spool/mqueue) • Links to sendmail (newaliases, mailq, hoststat) • Local delivery agents, smrsh and mail.local
sendmail (contd) • Latest version available at www.sendmail.org • Steps for installation • Initialize Database format and strategy for interfacing with administrative databases such as NIS or NetInfo • Compile FOR LDAP - sh ./Build –c –f site.config.m4 • Should be explicitly started in rc files at boot time • Can be run on standalone clients as well by configuring it as null client (not run as daemon) • switch file used to exert fine grained control
sendmail – Config file • Raw config file designed for ease in parsing • Config file determines • Choice of delivery agents • Address rewriting rules • Mail header formats • Options • Security precautions • Spam resistance • At runtime, sendmail must be killed and restarted or sent a HUP signal if config file is changed • Commonly uses m4 macros
sendmail – config primitives • VERSIONID – embed version information (CVS) • OSTYPE – Vendor specific information for operating system details • DOMAIN – site-wide generic information (doing an include) • MAILER – must be included for every delivery agent
Spam control features • Rules that control relaying • Relaying used by spammers to disguise identity • Only hosts that are tagged with RELAY in access database can submit mail for relaying • Offers features for restricted relaying • Access database • Acts as mail specific firewall • Blocks mails from specific users and domains • Specify which domains a machine will relay for • Blacklists • Blocks local users or hosts • Header checking • Uses low level sendmail config file syntax to look for patterns in headers and reject these
Security in sendmail • Ships with built-in hooks for encryption • Later versions support both SMTP authentication and encryption with SSL (TLS–Transport Layer Security) • Includes DontBlameSendmail option to warn about potential risks in installation • Ownerships • DefaultUser : should not own any files • TrustedUser : can own maps and alias files • RunAsUser : run under after socket connections to port 25 are opened; switches identities to a different UID
Security (contd) • Permissions • Does not read files with lax permissions (world-writeable or that live in group or world-writeable directories) • Requires that entire path to any alias or forward file must be trusted i.e. no component can have group write permission • Does not read a .forward file with link count > 1 • SafeFileEnvironment option controls where files can be written and protect device files and directories
Security (contd.) • Authentication • Includes SMTP authentication to verify identity of sending machine • authwarnings option flags local attempts at forgery by adding Authentication-warning header to outgoing mail • identd daemon can be used to verify a sender’s real login name • Message Privacy • External encryption package needs to be used (PGP,TLS,etc) • Simple authentication and Security Layer • Generic authentication mechanism • Uses authorization identifier and authentication identifier to map to permissions on files, UNIX passwords, Kerberos tickets, etc. • Only authentication part used in sendmail
Other issues • Privacy • Lists privacy options in sendmail/conf.c • Controls what people can determine about your site from SMTP • States what you require of host on other end of SMTP connection • Defines whether users can see or run mail queue • DOS attacks • Flooding SMTP port with bogus connections • MaxDaemonChildren • limits number of sendmail processes • Prevents system from being overwhelmed with sendmail work • MaxMessageSize • Prevents mail queue directory from filling • ConnectionRateThrottle • Limits number of connections per second that are permitted • MaxRcptsPerMessage • Controls max number of recipients allowed on a single message