electronic mail
Skip this Video
Download Presentation
Electronic Mail

Loading in 2 Seconds...

play fullscreen
1 / 24

Electronic Mail - PowerPoint PPT Presentation

  • Uploaded on

Electronic Mail. Peter D’Souza. Outline. Introduction Mail Systems Components of a Mail Message Administrative Principles/Practices Aliases Sendmail Security, privacy and other issues. Introduction. Essential to both businesses and individuals New standard of social behavior

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Electronic Mail' - janeeva

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
electronic mail

Electronic Mail

Peter D’Souza

  • Introduction
  • Mail Systems
  • Components of a Mail Message
  • Administrative Principles/Practices
  • Aliases
  • Sendmail
  • Security, privacy and other issues
  • Essential to both businesses and individuals
  • New standard of social behavior
    • Cheaper/faster than postal services
    • Less formal than paper
    • Less personal than actual conversations
mail systems
Mail Systems
  • Four distinct components
    • MUA - Mail user agent
    • MTA - Mail Transport agent
    • Delivery Agent
    • Access agent (optional)
    • Mail submission agent that speaks SMTP sometimes included
mail systems1
Mail Systems











(port 25)







UA=User Agent

SA=Submission Agent

TA=Transport Agent

DA=Delivery Agent

AA=Access Agent


(port 587)









Host A - Sender

Host B - Receiver

user agents
User Agents
  • Used to read and compose messages
  • Protect text embedded in contents
  • System wide and user-specific configuration supported
transport agents
Transport Agents
  • Accept mail from user agent, understand recipient’s address, and get mail to correct host for delivery
  • Speak SMTP protocol
  • eg. sendmail, PMDF, PostFix, etc.
delivery agents
Delivery Agents
  • Accept mail from transport agent and actually deliver it to the appropriate local recipients
  • Speak SMTP protocol
  • eg. /bin/mail (local users), /bin/sh (mail going to a file), mail.local, smrsh
other agents
Other Agents
  • Access Agents
    • Connects user agent to message store
    • eg. IMAP or POP
  • Mail Submission Agents
    • Runs on a different port
    • Does all the prep work and error checking before the message can be sent out by TA
  • Sendmail acts as both MSA and TA
anatomy of a mail message
Anatomy of a Mail Message
  • Envelope

From evi Wed Jan 19 19:01:11 2000

Received: (from [email protected]) by xor.com (8.9.3/8.9.3) id TAA17820; Wed, 19 Jan 2000 19:01:11 –0700 (MST)

Date: Wed, 19 Jan 2000 19:01:11 –0700 (MST)

From: Evi Nemeth [email protected]

Message-Id: [email protected]

To: [email protected]

Subject: xor.mc

CC: [email protected]

Status: R

  • Determines where the message will be delivered or, if the message cannot be delivered, to whom it should be returned.
anatomy of a mail message contd
Anatomy of a Mail Message (Contd)
  • Header

2: Return-Path: [email protected]

3: Received: from anchor.cs.colorado.EDU ([email protected]

[]) by columbine.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id

HAA21741 for < [email protected] >; Fri, 1 Oct 1999 07:04:25 –

0700 (MST)

4: Received: from mroe.cs.colorado.EDU (mroe.cs.colorado.edu[])

by anchor.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id

HAA26176 for < [email protected] >; Fri, 1 Oct 1999 07:04:24 – 0700 (MST)

5: Received: from knecht.sendmail.org(knecht.sendmail.org [])

[] by mroe.cs.colorado.edu (8.9.3/8.9.2) with ESMTP id

HAA09899 for < [email protected]hor.cs.cs.colorado.edu >; Fri, 1 Oct 1999 07:04:23 –

700 (MST)

6. Received: from knecht.sendmail.org (localhost []) by

knecht.sendmail.org (8.9.3/8.9.3) with ESMTP id GAA18984; Fri, 1 Oct 1999

07:04:25 – 800 (PST)

    • Collection of Property-value pairs formatted according to RFC822
  • Body
mail philosophy
Mail Philosophy
  • Servers for incoming and outgoing mail; or for really large sites, a hierarchy
    • Replication of incoming and outgoing servers
    • Typical UNIX hosts with minimal sendmail capabilities
    • Firewall
  • A mail home for each user at a physical site
    • Enforced through ‘aliases’ file, ‘maildrop’ field or LDAP database
    • Remote access provided via POP or IMAP
  • IMAP or POP to integrate PCs, Macs and remote clients
    • IMAP delivers messages one at a time
    • POP downloads all messages from server
mail aliases
Mail Aliases
  • Allow mail to be rerouted
    • Allow users to be referred by more than one name
    • Define mailing lists
    • Forward mail among machines
  • Defined in UA’s configuration file (sending user), /etc/mail/aliases (global) or in a .forward file(recipient)
  • Examples
  • From mail point of view, alias supersedes /etc/passwd
  • Loops detected by sendmail
mailing lists
Mailing lists
  • Giant alias
  • Usually specified in /etc/aliases but maintained in external file
  • :include: directive in aliases
    • sabook: :include:/usr/local/mail/usah.readers

owner-mylist: mylist-request


owner-owner: postmaster

  • Maintenance done by list manager
    • eg. Majordomo, Mailman, etc.
  • Transport agent developed at Berkeley
  • Can adapt to whims of standard-makers due to

flexibiiity of its configuration file

  • Generates error messages and returns messages to sender if they are undeliverable
  • Components required for installation
    • sendmail binary
    • configuration file (/etc/mail/sendmail.cf)
    • Mail queue directory (/var/spool/mqueue)
    • Links to sendmail (newaliases, mailq, hoststat)
    • Local delivery agents, smrsh and mail.local
sendmail contd
sendmail (contd)
  • Latest version available at www.sendmail.org
  • Steps for installation
    • Initialize Database format and strategy for interfacing with administrative databases such as NIS or NetInfo
    • Compile

FOR LDAP - sh ./Build –c –f site.config.m4

    • Should be explicitly started in rc files at boot time
    • Can be run on standalone clients as well by configuring it as null client (not run as daemon)
    • switch file used to exert fine grained control
sendmail config file
sendmail – Config file
  • Raw config file designed for ease in parsing
  • Config file determines
    • Choice of delivery agents
    • Address rewriting rules
    • Mail header formats
    • Options
    • Security precautions
    • Spam resistance
  • At runtime, sendmail must be killed and restarted or sent a HUP signal if config file is changed
  • Commonly uses m4 macros
sendmail config primitives
sendmail – config primitives
  • VERSIONID – embed version information (CVS)
  • OSTYPE – Vendor specific information for operating system details
  • DOMAIN – site-wide generic information (doing an include)
  • MAILER – must be included for every delivery agent
spam control features
Spam control features
  • Rules that control relaying
    • Relaying used by spammers to disguise identity
    • Only hosts that are tagged with RELAY in access database can submit mail for relaying
    • Offers features for restricted relaying
  • Access database
    • Acts as mail specific firewall
    • Blocks mails from specific users and domains
    • Specify which domains a machine will relay for
  • Blacklists
    • Blocks local users or hosts
  • Header checking
    • Uses low level sendmail config file syntax to look for patterns in headers and reject these
security in sendmail
Security in sendmail
  • Ships with built-in hooks for encryption
  • Later versions support both SMTP authentication and encryption with SSL (TLS–Transport Layer Security)
  • Includes DontBlameSendmail option to warn about potential risks in installation
  • Ownerships
    • DefaultUser : should not own any files
    • TrustedUser : can own maps and alias files
    • RunAsUser : run under after socket connections to port 25 are opened; switches identities to a different UID
security contd
Security (contd)
  • Permissions
    • Does not read files with lax permissions (world-writeable or that live in group or world-writeable directories)
    • Requires that entire path to any alias or forward file must be trusted i.e. no component can have group write permission
    • Does not read a .forward file with link count > 1
    • SafeFileEnvironment option controls where files can be written and protect device files and directories
security contd1
Security (contd.)
  • Authentication
    • Includes SMTP authentication to verify identity of sending machine
    • authwarnings option flags local attempts at forgery by adding Authentication-warning header to outgoing mail
    • identd daemon can be used to verify a sender’s real login name
  • Message Privacy
    • External encryption package needs to be used (PGP,TLS,etc)
  • Simple authentication and Security Layer
    • Generic authentication mechanism
    • Uses authorization identifier and authentication identifier to

map to permissions on files, UNIX passwords, Kerberos tickets, etc.

    • Only authentication part used in sendmail
other issues
Other issues
  • Privacy
    • Lists privacy options in sendmail/conf.c
    • Controls what people can determine about your site from SMTP
    • States what you require of host on other end of SMTP connection
    • Defines whether users can see or run mail queue
  • DOS attacks
    • Flooding SMTP port with bogus connections
    • MaxDaemonChildren
      • limits number of sendmail processes
      • Prevents system from being overwhelmed with sendmail work
    • MaxMessageSize
      • Prevents mail queue directory from filling
    • ConnectionRateThrottle
      • Limits number of connections per second that are permitted
    • MaxRcptsPerMessage
      • Controls max number of recipients allowed on a single message