Electronic mail
1 / 24

Electronic Mail - PowerPoint PPT Presentation

  • Uploaded on

Electronic Mail. Peter D’Souza. Outline. Introduction Mail Systems Components of a Mail Message Administrative Principles/Practices Aliases Sendmail Security, privacy and other issues. Introduction. Essential to both businesses and individuals New standard of social behavior

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Electronic Mail' - janeeva

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Electronic mail

Electronic Mail

Peter D’Souza


  • Introduction

  • Mail Systems

  • Components of a Mail Message

  • Administrative Principles/Practices

  • Aliases

  • Sendmail

  • Security, privacy and other issues


  • Essential to both businesses and individuals

  • New standard of social behavior

    • Cheaper/faster than postal services

    • Less formal than paper

    • Less personal than actual conversations

Mail systems
Mail Systems

  • Four distinct components

    • MUA - Mail user agent

    • MTA - Mail Transport agent

    • Delivery Agent

    • Access agent (optional)

    • Mail submission agent that speaks SMTP sometimes included

Mail systems1
Mail Systems











(port 25)







UA=User Agent

SA=Submission Agent

TA=Transport Agent

DA=Delivery Agent

AA=Access Agent


(port 587)









Host A - Sender

Host B - Receiver

User agents
User Agents

  • Used to read and compose messages

  • Protect text embedded in contents

  • System wide and user-specific configuration supported

Transport agents
Transport Agents

  • Accept mail from user agent, understand recipient’s address, and get mail to correct host for delivery

  • Speak SMTP protocol

  • eg. sendmail, PMDF, PostFix, etc.

Delivery agents
Delivery Agents

  • Accept mail from transport agent and actually deliver it to the appropriate local recipients

  • Speak SMTP protocol

  • eg. /bin/mail (local users), /bin/sh (mail going to a file), mail.local, smrsh

Other agents
Other Agents

  • Access Agents

    • Connects user agent to message store

    • eg. IMAP or POP

  • Mail Submission Agents

    • Runs on a different port

    • Does all the prep work and error checking before the message can be sent out by TA

  • Sendmail acts as both MSA and TA

Anatomy of a mail message
Anatomy of a Mail Message

  • Envelope

    From evi Wed Jan 19 19:01:11 2000

    Received: (from [email protected]) by xor.com (8.9.3/8.9.3) id TAA17820; Wed, 19 Jan 2000 19:01:11 –0700 (MST)

    Date: Wed, 19 Jan 2000 19:01:11 –0700 (MST)

    From: Evi Nemeth [email protected]

    Message-Id: [email protected]

    To: [email protected]

    Subject: xor.mc

    CC: [email protected]

    Status: R

  • Determines where the message will be delivered or, if the message cannot be delivered, to whom it should be returned.

Anatomy of a mail message contd
Anatomy of a Mail Message (Contd)

  • Header

    2: Return-Path: [email protected]

    3: Received: from anchor.cs.colorado.EDU ([email protected]

    []) by columbine.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id

    HAA21741 for < [email protected] >; Fri, 1 Oct 1999 07:04:25 –

    0700 (MST)

    4: Received: from mroe.cs.colorado.EDU (mroe.cs.colorado.edu[])

    by anchor.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id

    HAA26176 for < [email protected] >; Fri, 1 Oct 1999 07:04:24 – 0700 (MST)

    5: Received: from knecht.sendmail.org(knecht.sendmail.org [])

    [] by mroe.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id

    HAA09899 for < [email protected] >; Fri, 1 Oct 1999 07:04:23 –

    700 (MST)

    6. Received: from knecht.sendmail.org (localhost []) by

    knecht.sendmail.org (8.9.3/8.9.3) with ESMTP id GAA18984; Fri, 1 Oct 1999

    07:04:25 – 800 (PST)

    • Collection of Property-value pairs formatted according to RFC822

  • Body

Mail philosophy
Mail Philosophy

  • Servers for incoming and outgoing mail; or for really large sites, a hierarchy

    • Replication of incoming and outgoing servers

    • Typical UNIX hosts with minimal sendmail capabilities

    • Firewall

  • A mail home for each user at a physical site

    • Enforced through ‘aliases’ file, ‘maildrop’ field or LDAP database

    • Remote access provided via POP or IMAP

  • IMAP or POP to integrate PCs, Macs and remote clients

    • IMAP delivers messages one at a time

    • POP downloads all messages from server

Mail aliases
Mail Aliases

  • Allow mail to be rerouted

    • Allow users to be referred by more than one name

    • Define mailing lists

    • Forward mail among machines

  • Defined in UA’s configuration file (sending user), /etc/mail/aliases (global) or in a .forward file(recipient)

  • Examples

  • From mail point of view, alias supersedes /etc/passwd

  • Loops detected by sendmail

Mailing lists
Mailing lists

  • Giant alias

  • Usually specified in /etc/aliases but maintained in external file

  • :include: directive in aliases

    • sabook: :include:/usr/local/mail/usah.readers

      owner-mylist: mylist-request


      owner-owner: postmaster

  • Maintenance done by list manager

    • eg. Majordomo, Mailman, etc.


  • Transport agent developed at Berkeley

  • Can adapt to whims of standard-makers due to

    flexibiiity of its configuration file

  • Generates error messages and returns messages to sender if they are undeliverable

  • Components required for installation

    • sendmail binary

    • configuration file (/etc/mail/sendmail.cf)

    • Mail queue directory (/var/spool/mqueue)

    • Links to sendmail (newaliases, mailq, hoststat)

    • Local delivery agents, smrsh and mail.local

Sendmail contd
sendmail (contd)

  • Latest version available at www.sendmail.org

  • Steps for installation

    • Initialize Database format and strategy for interfacing with administrative databases such as NIS or NetInfo

    • Compile

      FOR LDAP - sh ./Build –c –f site.config.m4

    • Should be explicitly started in rc files at boot time

    • Can be run on standalone clients as well by configuring it as null client (not run as daemon)

    • switch file used to exert fine grained control

Sendmail config file
sendmail – Config file

  • Raw config file designed for ease in parsing

  • Config file determines

    • Choice of delivery agents

    • Address rewriting rules

    • Mail header formats

    • Options

    • Security precautions

    • Spam resistance

  • At runtime, sendmail must be killed and restarted or sent a HUP signal if config file is changed

  • Commonly uses m4 macros

Sendmail config primitives
sendmail – config primitives

  • VERSIONID – embed version information (CVS)

  • OSTYPE – Vendor specific information for operating system details

  • DOMAIN – site-wide generic information (doing an include)

  • MAILER – must be included for every delivery agent

Spam control features
Spam control features

  • Rules that control relaying

    • Relaying used by spammers to disguise identity

    • Only hosts that are tagged with RELAY in access database can submit mail for relaying

    • Offers features for restricted relaying

  • Access database

    • Acts as mail specific firewall

    • Blocks mails from specific users and domains

    • Specify which domains a machine will relay for

  • Blacklists

    • Blocks local users or hosts

  • Header checking

    • Uses low level sendmail config file syntax to look for patterns in headers and reject these

Security in sendmail
Security in sendmail

  • Ships with built-in hooks for encryption

  • Later versions support both SMTP authentication and encryption with SSL (TLS–Transport Layer Security)

  • Includes DontBlameSendmail option to warn about potential risks in installation

  • Ownerships

    • DefaultUser : should not own any files

    • TrustedUser : can own maps and alias files

    • RunAsUser : run under after socket connections to port 25 are opened; switches identities to a different UID

Security contd
Security (contd)

  • Permissions

    • Does not read files with lax permissions (world-writeable or that live in group or world-writeable directories)

    • Requires that entire path to any alias or forward file must be trusted i.e. no component can have group write permission

    • Does not read a .forward file with link count > 1

    • SafeFileEnvironment option controls where files can be written and protect device files and directories

Security contd1
Security (contd.)

  • Authentication

    • Includes SMTP authentication to verify identity of sending machine

    • authwarnings option flags local attempts at forgery by adding Authentication-warning header to outgoing mail

    • identd daemon can be used to verify a sender’s real login name

  • Message Privacy

    • External encryption package needs to be used (PGP,TLS,etc)

  • Simple authentication and Security Layer

    • Generic authentication mechanism

    • Uses authorization identifier and authentication identifier to

      map to permissions on files, UNIX passwords, Kerberos tickets, etc.

    • Only authentication part used in sendmail

Other issues
Other issues

  • Privacy

    • Lists privacy options in sendmail/conf.c

    • Controls what people can determine about your site from SMTP

    • States what you require of host on other end of SMTP connection

    • Defines whether users can see or run mail queue

  • DOS attacks

    • Flooding SMTP port with bogus connections

    • MaxDaemonChildren

      • limits number of sendmail processes

      • Prevents system from being overwhelmed with sendmail work

    • MaxMessageSize

      • Prevents mail queue directory from filling

    • ConnectionRateThrottle

      • Limits number of connections per second that are permitted

    • MaxRcptsPerMessage

      • Controls max number of recipients allowed on a single message