CIT 470: Advanced Network and System AdministrationSlide #1 CIT 470: Advanced Network and System Administration
CIT 470: Advanced Network and System AdministrationSlide #2 Topics 1.Mail Policies 2.Anatomy of a Mail Message 3.Components of an System 4.SMTP 5.IMAP & POP 6. Addresses 7.Aliases and Lists
CIT 470: Advanced Network and System AdministrationSlide #3 Mail Policies 1.Privacy Policy 2.Namespaces 3.Reliability 4.Scaling 5.Security
CIT 470: Advanced Network and System AdministrationSlide #4 Privacy Policy Personal Use Policy –Personal v. commercial use. –When may employee be read? By whom Under what circumstances –Automatic monitoring Retention Policy –Legal requirements.
CIT 470: Advanced Network and System AdministrationSlide #5 Namespaces Avoid first.last format addresses. –There will be duplicates: John.Smith. –Use middle initials? –Append numbers? Create unique organization-wide namespace. –Use directory to lookup addresses.
CIT 470: Advanced Network and System AdministrationSlide #6 Reliability Customers expect same reliability as power. –Failures generate many support calls. Reliability measures –Redundant servers. –Backup MX hosts. –RAID arrays. –Multiple NICs, power supplies, processors, etc.
CIT 470: Advanced Network and System AdministrationSlide #7 Scalability Types of scability –To address growth in avg messages/day. –To address spikes in mail traffic. Number of messages grows –faster than linearly with number of users. –with time, even if user base is constant. –due to spam too. Size of messages grows –due to technology: more + larger attachments.
CIT 470: Advanced Network and System AdministrationSlide #8 Security Mail server as a target –Complexity of mail leads to vulnerabilities. –Mail is an asset attackers want to take. as a conduit –Brings viruses and trojans into organization. –Leaks confidential information outward. –ex (2005): Apple sues bloggers over releasing data about upcoming products. relaying –Open relays used by spammers and scammers. Intercepting
CIT 470: Advanced Network and System AdministrationSlide #9 Anatomy of a Mail Message Received: from mailfe2.nku.edu ([ ]) by brahms.utoledo.edu (8.11.9) with ESMTP id k3CJCM for ; Wed, 12 Apr :12: (EDT) Received: from mailfac1.nku.edu ([ ]) by mailfe2.nku.edu with MS SMTPSVC( ); Wed, 12 Apr :15: Subject: Test Date: Wed, 12 Apr :15: Message-ID: From: “You" To: This is a test message. Header Body Blank
CIT 470: Advanced Network and System AdministrationSlide #10 Header Header Format –Header-name: Header-data Common headers –From: –To:, CC:, Reply-To: –Date: –Message-ID: –Subject: Multiple headers –Received: for each mail server handling message.
CIT 470: Advanced Network and System AdministrationSlide #11 Body Separated from header by blank line. Contains 7-bit ASCII text by default. Any non-ASCII text must be encoded: –uuencode –MIME
CIT 470: Advanced Network and System AdministrationSlide #12 MIME Multipurpose Internet Mail Extensions –Text in non-ASCII character sets. –Non-text attachments. –Multi-part message bodies. Identified by Content-Type: header. –text/plain: regular –text/html: HTML markup –multipart/mixed: text/plain + attachments –image/jpeg: JPEG image attachment –Many other formats
CIT 470: Advanced Network and System AdministrationSlide #13 Base64 Binary to text encoding scheme –Each character represents 6 bits. –Uses 64 characters from 7-bit ASCII: A-Za-z0-9+= Encodes in 3-byte chunks 3 bytes = 24 bits = 4 base-64 characters M a n | | | T W F u
CIT 470: Advanced Network and System AdministrationSlide #14 Multipart MIME Message Example MIME-version: 1.0 Content-type: multipart/mixed; boundary="frontier“ This is a multi-part message in MIME format. --frontier Content-type: text/plain This is the body of the message. --frontier Content-type: application/octet-stream Content-transfer-encoding: base64 PGh0bWw+CiAgPGhlYWQ+CiAgPC9oZWFkPgogIDxib2R5PgogICA gPHA+VGhpcyBpcyB0aGUg Ym9keSBvZiB0aGUgbWVzc2FnZS48L3A+CiAgPC9ib2R5Pgo8L2h0 bWw+Cg== --frontier--
CIT 470: Advanced Network and System AdministrationSlide #15 Envelope Headers aren’t the full story –Recipient isn’t necessarily on To: or CC: –Sender isn’t necessarily given on From: header. Envelope specifies sender/receiver –Specified via SMTP commands. –Envelope recipient used for BCC: –Envelope recipient used by mail lists. –Envelope facilities used by spammers too.
CIT 470: Advanced Network and System AdministrationSlide #16 Components of a Mail System TA Sendmail TA Sendmail UA Eudora UA Outlook UA mutt DA mail.local Msg Store AA imapd UA mutt
CIT 470: Advanced Network and System AdministrationSlide #17 MTAs Mail Transport Agents –Receive mail from MUAs. –Route mail across internet. MTA Protocol: SMTP MTA Examples –sendmail –postfix –qmail
CIT 470: Advanced Network and System AdministrationSlide #18 SMTP 220 brahms.nku.edu ESMTP Sendmail ; Wed, 12 Apr 2006 helo mydomain.com 250 brahms.nku.edu Hello mydomain.com, pleased to meet you mail from: Sender ok rcpt to: Recipient ok data 354 Enter mail, end with "." on a line by itself Subject: Test From: To: This is a test k3GIcr Message accepted for delivery quit brahms.nku.edu closing connection
CIT 470: Advanced Network and System AdministrationSlide #19 SMTP Commands HELO hostname EHLO hostname MAIL FROM: addr RCPT TO: addr VRFY addr EXPN addr DATA QUIT RSET HELP
CIT 470: Advanced Network and System AdministrationSlide #20 Message Store Communication –Receives data from MDA (mail.local, procmail) –Provides data to MAA (IMAP, POP, NFS, web) Types of stores –Files (all messages for a user in one file) –Directories (directory per user) –Databases
CIT 470: Advanced Network and System AdministrationSlide #21 Mail Access Agents Older systems directly accessed mail files. Modern systems use network –POP: Post Office Protocol Simple download protocol for offline reading. –IMAP: Internet Mail Access Protocol Online and offline modes of reading. Partial message fetch (headers, attachments, etc.) Message state stored on server, not client. Multiple mailbox and multiple client support.
CIT 470: Advanced Network and System AdministrationSlide #22 IMAP IMAP Servers –Cyrus –UW IMAP Features –Message store types –Authentication –Security (SSL)
CIT 470: Advanced Network and System AdministrationSlide #23 Mail User Agents Text clients –mail –mutt –pine GUI clients –Eudora –Mozilla Thunderbird –MS Outlook Web clients –Run on remote web server.
CIT 470: Advanced Network and System AdministrationSlide #24 Mail Addressing Relative Addresses –mcvax!uunet!ucbvax!hao!boulder!air!evi Absolute Addresses MX Records –Mail clients use MX records, not A records. –Lowest preference # = highest priority. –Permits failover if server down.
CIT 470: Advanced Network and System AdministrationSlide #25 Aliases Allow mail to be rerouted. –Sysadmin: files (/etc/mail/aliases), local db, NIS, LDAP –Personal: ~/.forward Alias destinations –Local: address –Remote: –File: :include:pathname –Program: |pathname Required aliases –postmaster, abuse, root
CIT 470: Advanced Network and System AdministrationSlide #26 Mailing List Aliases mylist: :include:/etc/mail/include/mylist owner-mylist: mylist-request mylist-request: me owner-owner: postmaster Purpose owner : Messages appear to be from owner. Receives bounces, list management mail. request : Indirection ensures owner’s real address doesn’t appear on Return-Path. owner-owner : Receives errors from messages destined for owner-* aliases.
CIT 470: Advanced Network and System AdministrationSlide #27 Mailing List Software Automate list management. – interface. –Web interface. Packages –Mailman –Majordomo –Listserv List Archiving –Mailman –MHonArc
CIT 470: Advanced Network and System AdministrationSlide #28 References 1.Bryan Cosales with Eric Allman, Sendmail, 3 rd edition, O’Reilly, David H. Crocker, RFC 822: STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT MESSAGES, Aeleen Frisch, Essential System Administration, 3 rd edition, O’Reilly, MIME, 5.Evi Nemeth et al, UNIX System Administration Handbook, 3 rd edition, Prentice Hall, Thomas A. Limoncelli and Christine Hogan, The Practice of System and Network Administration, Addison-Wesley, RedHat, Red Hat Enterprise Linux 4 System Administration Guide, Manual/sysadmin-guide/, Manual/sysadmin-guide/ 8.Alan Schwartz, Managing Mailing Lists, O’Reilly, 1998.