Chapter 11. E-Mail services (2.211)
Prev   Next

Chapter 11. E-Mail services (2.211)

Revision: $Revision: 446 $ ($Date: 2011-03-23 11:11:17 +0100 (Wed, 23 Mar 2011) $)

This objective has a weight of 7 points and contains the following objectives:

Objective 2.211.1; Using e-mail servers (3 points)

Candidates should be able to manage an e-mail server, including the configuration of e-mail aliases, e-mail quotas and virtual e-mail domains. This objective includes configuring internal e-mail relays and monitoring e-mail servers.

Objective 2.211.2; Managing local e-mail delivery (2 points)

Candidates should be able to implement client e-mail management software to filter, sort and monitor incoming user e-mail.

Objective 2.211.3 Managing remote e-mail delivery (2 points)

Candidates should be able to install and configure POP and IMAP daemons.

Using e-mail servers(2.211.1)

The key knowledge areas are the configuration files for postfix an basic knowlegde of the SMTP protocol, sendmail and exim.

The following is a (partial) list of the used files, terms and utilities: Configuration files and commands for postfix. Basic configuration of sendmail and the sendmail emulation layer commands. Mail related logs in /var/log. Files and directories: /etc/aliases, /etc/mail/*, /etc/postfix/* and /var/spool/mail.

Basic knowledge of the SMTP protocol

Since April 2001 RFC2821 is in use for describing the SMTP protocol. This RFC obsoletes RFC821, RFC974 and updates RFC1123. The SMTP protocol handles two way traffic with a SMTP server when a SMTP client has a message so transmit. During this two way communiction a mail message is presented and the server determines wether the mail message is to be transferred to a local matter or relays the message to an other destination based on the domainname.

For demonstration purposes a SMTP session can be done by using a telnet connection to a mail server: 

    telnet mx1.unix.nl 25

    Connected to mx1.unix.nl (213.154.248.146).
    Escape character is '^]'.
    220 mx1.unix.nl ESMTP Exim 4.63 Thu, 12 Aug 2010 08:50:30 +0200

    ehlo snow.nl

    250-mx1.unix.nl Hello mx1.unix.nl [81.23.226.83]
    250-SIZE 52428800
    250-PIPELINING
    250-AUTH PLAIN LOGIN
    250-STARTTLS
    250 HELP

With telnet <smtp servername> 25 we make the initial contact with the SMTP server, in this example I used mx1.unix.nl as server. The server responds with the maximum message size, pipelining, the authentication which the server is capable to handle, AUTH PLAIN LOGIN, the server can use STARTTLS and the HELP function is avaiable.

message size: when the size of the message the client want to sent exceed the limit the SMTP transaction will be aborted with an ERROR code pipelining: when enabled, a SMTP client can transmit a group of SMTP commands (eg. RSET, MAIL FROM, RCPT TO) without waiting for a response from the server.
AUTH PLAIN LOGIN: the SMTP server is capable of handling a plain password/username authentication. This can be handy for mobile devices using the SMTP server originating from different IPaddresses.
STARTTLS: The SMTP protocol does't include any form of encryption. With STARTTL the communciation can be encrypted using certificates and is fully described in RFC3207.

Since we have establised the initial connection we can now proceed: 

      mail from: mwijtkamp@snow.nl

      250 OK
      
      rcpt to: info@unix.nl

      250 Accepted

The server responds with 250 Ok but when eg. the MAIL FROM command is followed by a misformatted or incomplete emailaddress the server responds with 501: sender address must contain domain or simular error. With RCPT TO emailaddress the destination of the message is given. If the reciepents address is accepted the server responds: 250 Accepted

Now the mailserver knows who we are, to whom we want to transmit a message to. The emailclient knows what the SMTP server is capable of. We proceed the transmission:

    data

    354 Enter message, ending with "." on a line by itself

    mail from: Marc <mwijtkamp@snow.nl>
    From: <mwijtkamp@snow.nl>
    To: Info <info@unix.nl>
    Subject: Demo messages
    Date: 12-02-2010 08:53:00
    MesssageID: 31231233@snow.nl

    This is a demonstration mesage.
    .

    250 OK id=1OjReS-0005kT-Jj

    quit

With the DATA command the content of the message is started. The server responds with: 354 Enter message, ending with "." on a line by itself

Then the messagecontent is started with the message-headers. These headers are used by the emailclient. In this example Mail From, To, Subject, Date and Message-ID is used. Message-ID is an unique identifier generated by the SMTP client. These headers are required as described in RFC822.

After the heades are given, a blank line indicates that the actual text of the message starts. The message ends, as the responds to the DATA command already has shown, with a "." (without the quotes) on a blank line. The server responds with: 250 OK id=1OjReS-0005kT-Jj. The id is an unique SMTP server identifier and can be used for problemshooting.

Note

When fighting spam some SMTP servers can checking if the message is RFC822 compliant. Regular SMTP clients are RFC822 compliant, but spammers are often using not so regular SMTP clients and sending malformed messages.

Postfix

The default location for the postfix configuration files is /etc/postfix, there we find the two main configuration files main.cf and master.cf. After making changes to the configuration of postfix you need to reload postfix using: postfix reload.

Before postfix can be used it needs to know:

what domains to receive mail for
which domainname to use for outbound mail
which domain(s) postfix is allow to relay mail for
what delivery method to use

myorigin

The myorign parameter specifies the domain that appears in outgoing email. This can be done using one of the following examples: 

myorigin = $myhostname

or 

myorigin = $mydomain

The $myhostname or $mydomain are replaced by postfix with the according hostname or domainname of the server it is running on.

mydestination

Postfix needs to know also for which domain(s) it will receive mail for. Therefore the parameter mydestination is used. There can be more than one domain specified. The multiple domainnames can be seperated using a whitespace or a comma. Also a pattern can be used to point to a lookup table (hash, btree, nis, ldap or mysql)

mydestination = $mydomain, localhost.$mydomain, hash:/etc/postfix/moredomains

Note

You have to include $mydomain when the server is used a mailserver for the entire domain.

relay_domains

The default configuration of postfix will try to deliver incoming mail to authorized destinations only. Using the relay_domains parameter we can control for which domains postfix relays to. The values can be formatted in the same way as we can with the myhostname parameter: 

relayhost = $mydomain

or 

relayhost = $mydomain, example.com, anotherdomain.com

relayhost

Default postfix tries to deliver directly to the internet depending on the domainname of the destionaddress in the mailmessage. Using the relayhost parameter we can specify to use another SMTP server as relay: 

relayhost =

This is the default, direct delivery to the internet, or using an other ISP SMTP server: 

relayhost = mail.myisp.com

logging

Postfix is using the syslog daemon for it's logging. The syslog configuration itself is out of scope for this document. When /etc/syslog.conf is configured as in the example below, postfix's log is written to /var/log/maillog. Error messages are, in this example, redirected to the console. 

    mail.err    /dev/console
    mail.debug  /var/log/maillog

Tip

Using egrep '(reject|warning|error|fatal|panic):' /var/log/maillog will help you to find any problems postfix encountered

virtual domains

Generally a postfix server is final destination for a limited number of domains. But postfix can also be configured to handle mail for additional domains which are different from eg. the domainname the postfix server is working. These destinations are called virtual hosts. Using the virtual_alias_domains parameter we can specify for which virtual hosts we want te receive mail for. The format of the parameters is the same as in the samples above. Seperate multiple virtual hosts using a space or a comma and also a link to a (hashed) file on disk is possible: 

    virtual_alias_domains = example.com, anotherexample.com

or when using a hashed file (using the postmap utility): 

    virtual_alias_domains = hash:/etc/postfix/virtual

The content of /etc/postfix/virtual can be: 

    postmaster@example.com    peter
    info@anotherexample.com   gerda
    sales@example.com   petra
    @example.com    jim

In the above example peter receives the postmaster@example.com email. Gera receives the info@anotherexample.com email and to sales@example.com goes to petra. The last line is a "catch all" rule, all email for example.com without a valid destination goes to jim.

Note

Use postmap /etc/postfix/virtual to create the hashed file and issue a postfix reload after updating the virtual file.

Copyright Snow B.V. The Netherlands
Prev   Next
LDAP configuration (2.210.3)  Home Managing local e-mail delivery