Monday, September 6, 2010

Mail server


Related protocols –


POP3 - port 110

    IMAP - port 143

    SMTP - port 25

    HTTP - port 80

    Secure SMTP (SSMTP) - port 465

    Secure IMAP (IMAP4-SSL) - port 585

    IMAP4 over SSL (IMAPS) - port 993

    Secure POP3 (SSL-POP) - port 995



ICMP – Internet control message protocol

  1. Layer -transportation layer

  2. TCP/IP

  3. purpose of these control messages is to provide feedback about problems in the communication environment.

Some function in ICMP

  • Announce network errors. - Packet unreachable

  • Announce network congestion. - Due to traffic give ICMP Source Quench message

  • Assist Troubleshooting. - Give support to Echo massage (ping)

  • Announce Timeouts. -IP packet's TTL field drops to zero(using traceroute easy to find out)



in Ubuntu we can find ICMP relate files in /proc/sys/net/ipv4 …







SMTP – Simple Mail Transfer Protocol



      1. port – 25 (TCP)

      2. Application Layer

      3. E-mail and other mail transfer argent use SMTP to send and receive mail message. user-level client mail applications typically only use SMTP for sending messages to a mail server for relaying. For receiving messages, client applications usually use either the POP or the IMAP or a proprietary system (such as Microsoft Exchange or Lotus Notes/Domino) to access their mail box accounts on a mail server.

POP -Post Office Protocol

1.Application Layer

      1. TCP/IP(110)

      2. POP and IMAP (Internet Message Access Protocol) are the two most prevalent Internet standard protocols for e-mail retrieval



POP3

IMAP

You only check e-mail from one computer.


May get confused if you need to check email both in the office and at home.

You check e-mail from multiple locations.

Easier to identify the unread email.

You want to remove your e-mail from the mail server.

You use Webmail.

All messages as well as their attachments will be downloaded into desktop PC during the 'check new email' process.

A whole message will be downloaded only when it is opened for display from its content.

Mailboxes can only be created on desktop PC. There is only one mailbox (INBOX) exists on the server.

Multiple mailboxes can be created on the desktop PC as well as on the server.

Filters can transfer incoming/outgoing messages only to local mailboxe

Filters can transfer incoming/outgoing messages to other mailboxes no matter where the mailboxes locate (on the server or the PC).

Outgoing email is stored only locally on the desktop PC

Outgoing email can be filtered to a mailbox on server for accessibility from other machine

Messages are deleted on the desktop PC. Comparatively, it is inconvenient to clean up your mailbox on the server.

Messages can be deleted directly on the server to make it more convenient to clean up your mailbox on the server

Messages may be reloaded onto desktop PC several times due to the corruption of system file

The occurrence of reloading messages from the server to PC is much less when compared to POP3.


Install postfix in ubuntu

first go to terminal

sudo aptitude install postfix

configuration

sudo dpkg-reconfigure postfix

Insert the following details when asked (replacing server1.example.com with your domain name if you have one):

  • General type of mail configuration: Internet Site

  • NONE doesn't appear to be requested in current config

  • System mail name: server1.example.com

  • Root and postmaster mail recipient:

  • Other destinations for mail: server1.example.com, example.com, localhost.example.com, localhost

  • Force synchronous updates on mail queue?: No

  • Local networks: 127.0.0.0/8

  • Yes doesn't appear to be requested in current config

  • Mialbox size limit (bytes): 0

  • Local address extension character: +

  • Internet protocols to use: all


    To configure the mailbox format for Maildir:

    sudo postconf -e 'home_mailbox = Maildir/'

You may need to issue this as well:

sudo postconf -e 'mailbox_command ='

Note: This will place new mail in /home/username/Maildir so you will need to configure your Mail Delivery Agent to use the same path.

Configure Postfix to do SMTP AUTH using SASL (saslauthd):

sudo postconf -e 'smtpd_sasl_local_domain =' sudo postconf -e 'smtpd_sasl_auth_enable = yes' sudo postconf -e 'smtpd_sasl_security_options = noanonymous' sudo postconf -e 'broken_sasl_auth_clients = yes' sudo postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination' sudo postconf -e 'inet_interfaces = all'

Next edit /etc/postfix/sasl/smtpd.conf and add the following lines:

pwcheck_method: saslauthd mech_list: plain login

Generate certificates to be used for TLS encryption and/or certificate Authentication:

touch smtpd.key chmod 600 smtpd.key openssl genrsa 1024 > smtpd.key openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt # has prompts openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 # has prompts sudo mv smtpd.key /etc/ssl/private/ sudo mv smtpd.crt /etc/ssl/certs/ sudo mv cakey.pem /etc/ssl/private/ sudo mv cacert.pem /etc/ssl/certs/

Configure Postfix to do TLS encryption for both incoming and outgoing mail:

sudo postconf -e 'smtp_tls_security_level = may' sudo postconf -e 'smtpd_tls_security_level = may' sudo postconf -e 'smtpd_tls_auth_only = no' sudo postconf -e 'smtp_tls_note_starttls_offer = yes' sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/smtpd.key' sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt' sudo postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem' sudo postconf -e 'smtpd_tls_loglevel = 1' sudo postconf -e 'smtpd_tls_received_header = yes' sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s' sudo postconf -e 'tls_random_source = dev:/dev/urandom' sudo postconf -e 'myhostname = server1.example.com' # remember to change this to yours

The file /etc/postfix/main.cf should now look like this:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version  smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no  # appending .domain is the MUA's job. append_dot_mydomain = no  # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h  myhostname = server1.example.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = server1.example.com, example.com, localhost.example.com, localhost relayhost = mynetworks = 127.0.0.0/8 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all smtpd_sasl_local_domain = smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_tls_auth_only = no #Use these on Postfix 2.2.x only #smtp_use_tls = yes #smtpd_use_tls = yes #For Postfix 2.3 or above use: smtp_tls_security_level = may smtpd_tls_security_level = may smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/ssl/private/smtpd.key smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom

Restart the postfix daemon like this:

sudo /etc/init.d/postfix restart

at

No comments:

Post a Comment