17. Electronic Mail - Sendmail
==============================
|
| next | back | WS 2012/13 - 1 |
Aufbau/Struktur eines Mailsystems:
Senden:
Nutzer
|
|
V
Frontend -------------+
| |
V |
Mailerdriver zum Empfangen | # Nullclient
Mailerdriver zum Senden |
^ |
| lokales Netz <--+
V # Mailserver
Mailerdriver zum Empfangen <---> Mailfilter (greylist, spam, viren)
globaler Mailerdaemon ----> Mailerdriver zum Zustellen
Mailerdriver zum Senden (mail.local, dovecot)
^
|
| Internet
|
V
Mailerdriver zum Empfangen
|
| next | back | WS 2012/13 - 2 |
Empfangen:
Mailerdriver zum Senden (entferntes Mailsystem)
^
|
| Internet
|
V #Mailserver
Mailerdriver zum Empfangen <---> Mailfilter (greylist, spam, viren)
globaler Mailerdaemon ------------------> Mailerdriver
| zum Senden
Mailerdriver zum Zustellen und Filtern(MDA - Mail Dlivery Agent)
| (mail.local, dovecot, sieve, filter)
|
V
globale Mailfolder des Nutzers
| |
| |
(nfs) | Mailfolderverwalter (dovecot, UW-Imap, Cyrus - IMAP,POP)
| |
| | imap/pop
V V
Frontend <----> locale Mailfolder des Nutzers
|
|
V
Nutzer
|
| next | back | WS 2012/13 - 3 |
Protokolle:
SMTP Simple Mailtransport Protocol
Mailerdriver zum Senden und Empfangen
Frontend des Nutzers zum Senden
ESMTP Extended Simple Mailtransport Protocol
IMAP Internet Message Access Protocol
POP Post Office Protocol (Version 2, Version 3)
Frontend des Nutzers zum Empfangen
Mailerdriver:
smtp-driver - intern
uucp - intern
x500 - extern
local - Zusteller: rmail, mail.deliver, deliver, mail.local
müssen sich synchronisieren können mit
dem Mailfolderverwalter, der die Zugriffe
des Nutzer-Frontends auf die globalen
Mailfolder des Nutzers ermöglicht.
Mailfilter:
vacation - Urlaubsverwaltung (serverseitig)
filter - Filterprogramm (serverseitig)
sieve - Filterprogramm (serverseitig)
procmail - Filterprogramm (serverseitig)
spamassassin - SPAM-Erkennungsprogramm
clamav - Virenfilter
|
| next | back | WS 2012/13 - 4 |
Mailsysteme:
Sendmail mit Milter
procmail
Smail
Herstellerspezifische Mailsysteme:
SUN: Solstice Internet Mail 2.0
COMPAQ: DEC MAILworks, MAILbus 400
|
| next | back | WS 2012/13 - 5 |
Konfiguration von Sendmail
Konfigurationsfile sendmail.cf wird durch M4-Macros erzeugt!!!
Konfiguration eines Nullclienten unter Solaris:
cd /etc/mail/cf/cf
make # sendmail.mc --> sendmail.cf
cp sendmail.cf /etc/mail/sendmail.cf
sendmail.mc file (Nullclient) für Institut:
divert(-1)
#
# Kommentare
#
divert(0)dnl
VERSIONID(`@(#)sendmail.mc 1.11 (Sun) 06/21/04')
define(`confCF_VERSION',`SOLARIS-INF-2.0c')dnl
OSTYPE(`solaris8')dnl
DOMAIN(`informatik.hu-berlin.de')dnl
define(`confPRIVACY_FLAGS', `goaway')dnl
FEATURE(nullclient, mailbox.$m)dnl
MASQUERADE_AS(informatik.hu-berlin.de)dnl
DAEMON_OPTIONS(`Name=MSA4, Family=inet, Addr=127.0.0.1, Port=25, M=E')dnl
|
| next | back | WS 2012/13 - 6 |
domain-Konfiguration: /etc/mail/cf/domain/informatik.hu-berlin.de.m4 divert(-1) # # # J-P Bell 3.12.98 # fuer informatik.hu-berlin.de # divert(0) VERSIONID(`@(#)informatik.m4') # feature(local_procmail, `/bin/procmail')dnl define(`confDEF_CHAR_SET',`ISO-8859-1')dnl define(`confSMTP_LOGIN_MSG',`$j Sendmail $v/$Z; $b')dnl define(`confSMTP_MAILER', `esmtp')dnl define(`confMATCH_GECOS', `True')dnl define(`confME_TOO', `False')dnl define(`confCOPY_ERRORS_TO', `Postmaster')dnl define(`confPRIVACY_FLAGS',`authwarnings,needmailhelo,needexpnhelo,needvrfyhelo')dnl define(`confTRUSTED_USERS',`bell,kaempfer,majordom')dnl define(`confMAX_MESSAGE_SIZE',`20000000')dnl define(`confEIGHT_BIT_HANDLING',`pass8')dnl FEATURE(`allmasquerade')dnl MASQUERADE_AS(informatik.hu-berlin.de)dnl |
| next | back | WS 2012/13 - 7 |
Konfiguration Eingangs-Mailserver
Script zum Erzeugen und installieren von sendmail.cf
#!/bin/sh
# configurieren sendmail.cf fuer solaris master auf mail
. ./SENDMAIL
/opt/csw/bin/gm4 -D_CF_DIR_=${SENDMAIL_CF}/ ${SENDMAIL_CF}/m4/cf.m4 mail.mc | \
sed "/^CE/s/CE/#CE/" | \
sed -e "/Timeout.hoststatus/s/#O/O/" -e "/Timeout.hoststatus/s/30/10/" | \
sed "/Djinformatik/s/Djinformatik/Djmail.informatik/"> mail.sendmail.cf
cp mail.sendmail.cf /opt/csw/etc/mail/sendmail.cf
chmod 444 /opt/csw/etc/mail/sendmail.cf
chown root:bin /opt/csw/etc/mail/sendmail.cf
|
| next | back | WS 2012/13 - 8 |
Mailserver Konfigurationsfile mail.mc:
divert(-1)
#
#
# XOSTYPE(solaris8)dnl
# XOSTYPE(solaris2.ml)dnl
VERSIONID(`@(#)informatik.hu-berlin.de master')
OSTYPE(solaris2.ml)dnl
DOMAIN(informatik.hu-berlin.de)dnl
FEATURE(use_cw_file)dnl
FEATURE(redirect)dnl
FEATURE(smrsh,/opt/csw/lib/smrsh)dnl
FEATURE(relay_entire_domain)dnl
FEATURE(access_db, hash -T<TMPF> /opt/csw/etc/mail/access)dnl
FEATURE(`greet_pause', `20000')
FEATURE(dnsbl,spam.informatik.hu-berlin.de)dnl
FEATURE(`ratecontrol')dnl
FEATURE(`conncontrol')dnl
FEATURE(`local_procmail', `/opt/csw/libexec/dovecot/deliver',
`/opt/csw/libexec/dovecot/deliver -d $u')dnl
|
| next | back | WS 2012/13 - 9 |
define(`QUEUE_DIR',`/opt/csw/var/spool/mqueue')dnl define(`STATUS_FILE',`/opt/csw/etc/mail/statistics') define(`MAIL_SETTINGS_DIR',`/opt/csw/etc/mail/')dnl define(`confCF_VERSION',`INF-2.0-MA-SOLARIS-2.10-25')dnl define(`confDOMAIN_NAME',`informatik.hu-berlin.de')dnl define(`ALIAS_FILE', `/opt/csw/etc/mail/aliases')dnl define(`confFORWARD_PATH', `/usr1/Forward/$u.forward')dnl define(`confMAX_HOP',`40')dnl define(`confMIN_QUEUE_AGE',`5m')dnl define(`confCONNECTION_RATE_WINDOW_SIZE',`120')dnl define(`confDEF_USER_ID',`0:0')dnl define(`confMAX_MESSAGE_SIZE',`21000000')dnl define(`confMAX_DAEMON_CHILDREN',`200')dnl define(`confMATCH_GECOS',`False')dnl define(`confREFUSE_LA',`6')dnl define(`confDELAY_LA',`3')dnl define(`confREJECT_LOG_INTERVAL',`5m')dnl define(`confTO_IDENT',`0')dnl define(`confHOST_STATUS_DIRECTORY',`.hoststat')dnl define(`confTO_HOSTSTATUS',`5m')dnl define(`LOCAL_MAILER_PATH',`/opt/csw/libexec/dovecot/deliver')dnl define(`confCACERT_PATH',`/opt/csw/etc/mail/cacerts/')dnl define(`confCACERT',`/opt/csw/etc/mail/certs/ca-chain.pem')dnl define(`confCRL',`/opt/csw/etc/mail/certs/ca-chain-crl.pem')dnl define(`confSERVER_CERT',`/opt/csw/etc/mail/certs/mail.pem')dnl define(`confSERVER_KEY',`/opt/csw/etc/mail/certs/mail-key.pem')dnl define(`confCLIENT_CERT',`/opt/csw/etc/mail/certs/mailc.pem')dnl define(`confCLIENT_KEY',`/opt/csw/etc/mail/certs/mailc-key.pem')dnl define(`confAUTH_MECHANISMS', `PLAIN LOGIN DIGEST-MD5 CRAM-MD5')dnl |
| next | back | WS 2012/13 - 10 |
TRUST_AUTH_MECH(`PLAIN LOGIN DIGEST-MD5 CRAM-MD5')dnl
define(`confLOG_LEVEL',`9')dnl
MODIFY_MAILER_FLAGS(`LOCAL', `-f')dnl
MAILER(procmail)dnl
MAILER(local)dnl
MAILER(smtp)dnl
INPUT_MAIL_FILTER(`spamassassin',
`S=local:/var/run/sendmail/spamass.sock,
F=T, T=C:15m;S:4m;R:4m;E:10m')dnl
INPUT_MAIL_FILTER(`clamav',
`S=local:/var/run/sendmail/clamav-milter.socket,
F=T, T=C:15m;S:4m;R:4m;E:10m')dnl
INPUT_MAIL_FILTER(`greylist',
`S=local:/var/opt/csw/miltergreylist/milter-greylist.sock')dnl
define(`confMILTER_MACROS_CONNECT',
`b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_ENVRCPT',
`r, v, Z, {greylist}, {rcpt_mailer}, {rcpt_host}, {rcpt_addr}')dnl
define(`confMILTER_MACROS_ENVFROM',
`i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author},
{mail_mailer}, {mail_host}, {mail_addr}')dnl
define(`confMILTER_MACROS_HELO',
`{tls_version}, {cipher}, {cipher_bits}, {cert_subject},
{cert_issuer}, {verify}')dnl
define(`confINPUT_MAIL_FILTERS', `greylist,clamav,spamassassin')dnl
|
| next | back | WS 2012/13 - 11 |
Mailsystem am Institut - Sendmail
- Entwicklung der Struktur
- Struktur von Mailclienten und Mailservern
- Sicherheit und Mail
- Statistik, Wartungstechnologien und Umstellung
Test für Mailserver:
telnet mail 25
ehlo hostname
openssl s_client -starttls smtp -connect mail:25 -showcerts
ehlo hostname
|
| next | back | WS 2012/13 - 12 |
Mail lesen
Protokolle:
( NFS - elm, mutt, pine )
IMAP, IMAPS - pine, thunderbird, ...
POP, POPS - pine, thunderbird, ...
IMAP/POP - Server
UW IMAP Toolkit - University of Washington
POP2, POP3, POP3S, IMAP, IMAPS
MDAs für sendmail, postfix, procmail
Mailbox-Format: File
INBOXes auf Mailserver, USERBOXes das Homedirectory des Nutzers
Letzte Fassung 2008
Mailserver Cyrus - Carnegie Mellon University
POP3, POP3S, IMAP, IMAPS, KPOP
MDAs für sendmail, postfix, procmail
Mailbox-Format: eigene Datenbank
INBOXES und USERBOXes auf dem Mailserver
(user.bell, user.bell.sent)
Shared Folders
Quotas
sieve
|
| next | back | WS 2012/13 - 13 |
Courier Mail Server
POP3, POP3S, IMAP, IMAPS
MDAs für Courier Mail Server, Qmail, Exim, Postfix, Sendmail
Mailbox-Format: mdir
Quotas
Dovecot - OpenSource
POP3, POP3S, IMAP, IMAPS
MDAs für sendmail, postfix, procmail
Mailbox-Format: mbox, mdir, mdbox
INBOXes auf Mailserver, USERBOXes konfigurierbar
(im Directory im Homedirectory des Nutzers,
auf dem Mailserver)
sieve: Server-seitige Mailfilterung
|
| back | WS 2012/13 - 14 |