Mailers

1
Mailers

• The actors local, network, POP/IMAP
• Protocols SMTP, MIME, RFC822, etc
• Address transformation
• Administration on networks

2
The actors

• Mail transport agent (MTA)
• Transfers mail across a network to/from local
  mail agents
• Performs address transformation and service type
  choice
• Mail user agent (MUA)
• Composes outgoing mail and passes to MTA
• Reads and displays incoming mail
• Delivery agent
• Passes mail to an MUA
• Mail access agent
• Transfers mail from a server with a mail transfer
  agent to/from a non-serving machines MUA

3
The protocols

• SMTP and ESMTP
• Standard port is 25
• Sendmail server lives on port 25 and speaks SMTP
• SMTP/ESMTP transfer mail using a relatively
  simple session protocol it provides address and
  text transfer and inquiries
• Contents are RFC 822-based and may include MIME
  enclosures
• RFC 822 header and text fields
• MIME embedded in RFC-822

4
Address transformation

• Problems
• Large number of non-internet mail types
• Source routing
• DEC, X400, uucp
• Some quoted string types
• Spammer problems
• Blind forwarding
• Abuse.org blacklists
• Fraudulent mail
• Basics
• Sendmail.cf contains language-based rules for
  translation
• Simple example ihnpr!rumee!noack_at_ece.uprm.edu
• Simple example ihnpr!rumee!noackece.uprm.edu
• With parens for example only (ihnpr!rumee!noack)
  _at_ece.uprm.edu
• With parens for example only ihnpr!rumee!(noack
  ece.uprm.edu)

5
Some typical agents

• MTAs
• Sendmail
• DAs
• Procmail, mail.local, rmail
• MUAs
• Mail, xmail, elm, pine, Eudora, netscape, outlook
• MAAs
• Eudora, netscape, outlook
• Most modern MUAs perform MAA function

6
Anatomy of a mail message

• Envelope
• Normally visible to sendmail but invisible to
  users, contains same addresses as headers
• Headers
• User-visible addresses, subject, etc., in RFC 822
• Body
• Plain text, often containing enclosures
• Nontext enclosures must have content-transfer
  encoding (base64, quoted-printable, etc.)

7
Configurations for multimachine sites

• Objectives
• Use-anywhere service
• SPAM and virus filtering
• Firewalling
• Aliasing and mailing list maintenance
• Avoiding NFS problems
• Handling DNS correctly
• Global alias database
• Avoiding configuration errors
• Central database using rdist or equivalent

8
Common mail-wrangling utilities

• Objectives
• Automatic mailing list maintenance
• SPAM avoidance
• Packages
• Majordomo
• Mailman (more robust configuration and spam
  control)
• Listproc (commercial and obsolete)
• Listserv and listserv lite also not recommended
• LDAP
• Generic directory-handling package usable with
  other packages mailman, etc.
• Try www.openldap.org

9
Sendmail installation and problems

• Ancient package
• 1983 Eric Allman BSD
• Many versions majors from 5 to 9
• Make sure you can compile new versions
  especially on proprietary systems
• Needs regular maintenance because of exploit
  research
• Use with safer mail delivery agents, not /bin/sh
• Configuration is messy for complex situations
• Relaying issue open relays are what spammers
  seek
• Book shows spam examples a few virus examples
  also
• Let users do encryption PGP is recommended

10
Postfix an alternative to sendmail

• Multiprocess, unlike sendmail
• Queues are
• Maildrop
• Incoming
• Active
• Deferred
• Security
• Most queues can run chrooted
• Breaks up lines to avoid buffer overruns
• Mail drop queue is world-writable only (not
  world-readable)
• Configuration
• Large, and a lot of spam-filtering options

11
SMTP/ESMTP

• Command list
• HELO hostname
• EHLO hostname
• MAIL from ltrevpathgt
• RCPT to ltfwdpathgt
• VRFY address
• EXPN address
• DATA ltmessage bodygt
• QUIT
• RSET
• HELP
• You can often debug and fake with telnet 25 (if
  allowed)