E-Mail Tools David Hilley davidhi@cc.gatech.edu David Hilley, March 5, 2008 L A T EX - p. 1
Roadmap ■ Introduction / Overview ● Roadmap Introduction Local Mail Utilities ■ Local Mail Utilities & Configuration Mail Server Conclusion ■ Running Your Own Mail Server? David Hilley, March 5, 2008 L A T EX - p. 2
● Roadmap Introduction ● Email Pipeline/Components? ● Lifecycle Local Mail Utilities Introduction Mail Server Conclusion David Hilley, March 5, 2008 L A T EX - p. 3
Email Pipeline/Components? ■ MTA – Mail Transfer Agent (SMTP) sendmail, qmail, Postfix, exim, Courier ● Roadmap Introduction ● Email Pipeline/Components? ■ MDA – Mail Delivery Agent ● Lifecycle Local Mail Utilities procmail, maildrop (or MTA) Mail Server Conclusion ■ Remote Access to delivered mail POP3, IMAP , etc. Dovecot, Courier, Cyrus IMAP , SquirrelMail ■ MUA – Mail User Agent Mutt, Gnus, Pine, etc. ■ Mail tools Fetchmail, SpamAssassin, BogoFilter, etc. David Hilley, March 5, 2008 L A T EX - p. 4
Email Pipeline/Components? ■ MTA – Mail Transfer Agent (SMTP) sendmail, qmail, Postfix, exim, Courier ● Roadmap Introduction ● Email Pipeline/Components? ■ MDA – Mail Delivery Agent ● Lifecycle Local Mail Utilities procmail, maildrop (or MTA) Mail Server Conclusion ■ Remote Access to delivered mail POP3, IMAP , etc. Dovecot, Courier, Cyrus IMAP , SquirrelMail ■ MUA – Mail User Agent Mutt, Gnus, Pine, etc. ■ Mail tools Fetchmail, SpamAssassin, BogoFilter, etc. David Hilley, March 5, 2008 L A T EX - p. 4
Lifecycle ● Roadmap Local Machine Introduction ● Email Pipeline/Components? ● Lifecycle Local Local Mail Utilities MTA MDA SMTP Filters Mail Server Conclusion MTA Reads Reads Local Files POP3 Reads Remote IMAP MUA IMAP Outgoing MUA David Hilley, March 5, 2008 L A T EX - p. 5
Lifecycle ● Roadmap Local Machine Introduction ● Email Pipeline/Components? Outgoing SMTP MTA ● Lifecycle Local Local Mail Utilities MDA Filters Mail Server Conclusion Host Fetchmail MTA IMAP Outgoing s d a Local Files e R Host IMAP MUA David Hilley, March 5, 2008 L A T EX - p. 5
● Roadmap Introduction Local Mail Utilities ● One Possible Configuration ● Fetchmail Local Mail Utilities ● Procmail ● SpamAssassin ● SpamAssassin Plugins Mail Server Conclusion David Hilley, March 5, 2008 L A T EX - p. 6
One Possible Configuration ■ Remote server gets/sends mail ● Roadmap Introduction ■ Fetchmail – grabs mail to local machine Local Mail Utilities ● One Possible Configuration ● Fetchmail ■ Procmail – delivers mail on local machine ● Procmail ● SpamAssassin ● SpamAssassin Plugins ■ SpamAssassin – filters spam Mail Server Conclusion ■ Local MTA “smart-hosts” to remote server This is a useful configuration even if you run your own mail server, because you may want to fetch and store/read your mail locally on a desktop. David Hilley, March 5, 2008 L A T EX - p. 7
Fetchmail ■ Two ways to run: ● Roadmap ◆ From crontab/mail client/manually Introduction Local Mail Utilities ◆ As daemon – supports IMAP IDLE ● One Possible Configuration ● Fetchmail ● Procmail ● SpamAssassin .fetchmailrc : ● SpamAssassin Plugins poll email2.cc.gatech.edu with proto imap: Mail Server user "davidhi" pass "12345678" Conclusion is "davidhi" here keep mda "/usr/bin/procmail -d davidhi"; no rewrite ssl idle poll mikkeli.cc.gatech.edu with proto imap preauth ssh: plugin "ssh email 2> /dev/null"; user davidhi is davidhi here keep mda "/usr/bin/procmail -d davidhi" David Hilley, March 5, 2008 L A T EX - p. 8
Procmail ■ Filters/sorts/pipes mail, etc. ● Roadmap ■ Configure .procmailrc to specify mailboxes Introduction Local Mail Utilities and rules ● One Possible Configuration ● Fetchmail ● Procmail ● SpamAssassin MAILDIR=$HOME/.incoming ● SpamAssassin Plugins DEFAULT=$HOME/.incoming/inbox Mail Server LOGFILE=$PMDIR/log Conclusion :0: :0fw: spamassassin.lock * ˆX-GT-Spam-Rating: ######### * < 256000 spam | spamc :0: :0: * ˆContent-Transfer-Encoding: base64 * ˆX-Spam-Status: Yes * name=.*\.(exe|bat|scr|pif|com) spam spam David Hilley, March 5, 2008 L A T EX - p. 9
SpamAssassin ■ Two ways to run: ● Roadmap ◆ Per-invocation Introduction Local Mail Utilities ◆ spamc client / spamd daemon ● One Possible Configuration ● Fetchmail ● Procmail ■ system-wide config or ● SpamAssassin ● SpamAssassin Plugins Mail Server ∼ /.spamassassin/user prefs Conclusion required_hits 5 whitelist_from *@cc.gatech.edu blacklist_from *@microsoft.com rewrite_subject 0 subject_tag [SPAM] David Hilley, March 5, 2008 L A T EX - p. 10
SpamAssassin Plugins ■ ClamAV – detects malware attachments ● Roadmap ■ DNS-BL – blacklists like SORBS, Spamhaus Introduction Local Mail Utilities ● One Possible Configuration ■ DCC, Razor, Pyzor – distributed checksums ● Fetchmail ● Procmail ● SpamAssassin ● SpamAssassin Plugins ■ Hashcash, SPF Mail Server Conclusion ■ URI blacklists – SURBL.org ■ Bayesian filtering: BogoFilter or built-in: ◆ sa-learn ◆ use bayes 1 ◆ bayes auto learn 1 David Hilley, March 5, 2008 L A T EX - p. 11
● Roadmap Introduction Local Mail Utilities Mail Server ● Potential Issues Mail Server ● Blueprint ● Sender Policy Framework ● DomainKeys Conclusion David Hilley, March 5, 2008 L A T EX - p. 12
Potential Issues ■ Different game today due to spam ● Roadmap Introduction ■ Caveats: Local Mail Utilities Mail Server ◆ Port 25 filtering ● Potential Issues ● Blueprint ● Sender Policy Framework ◆ Dynamic IP blacklists ● DomainKeys Conclusion ◆ Reverse DNS doesn’t match: e.g. c-69-180-23-68.hsd1.ga.comcast.net ◆ Slightly used IP – already in DNSBL David Hilley, March 5, 2008 L A T EX - p. 13
Blueprint ■ Set up a mail server: ● Roadmap ◆ Postfix or exim Introduction Local Mail Utilities ◆ qmail Mail Server ● Potential Issues ● Blueprint ◆ sendmail ● Sender Policy Framework ● DomainKeys Conclusion ■ Make an MX record for your domain ■ Set up SPF records ■ Set up DomainKeys/DKIM ■ Don’t forget a backup MX David Hilley, March 5, 2008 L A T EX - p. 14
Sender Policy Framework ■ Specifies who is allowed to send mail for a ● Roadmap certain domain. Introduction Local Mail Utilities Mail Server mit.edu. 60 IN TXT ● Potential Issues ● Blueprint "v=spf1 ip4:18.7.7.0/24 ip4:18.7.21.0/24 ● Sender Policy Framework ● DomainKeys ip4:18.72.0.0/16 ˜all" Conclusion ibm.com. 600 IN TXT "v=spf1 -all" us.ibm.com. 600 IN TXT "v=spf1 ip4:32.97.182.0/24 ip4:32.97.110.0/24 a:d25xlcore010.ca.ibm.com a:isource.boulder.ibm.com ˜all" David Hilley, March 5, 2008 L A T EX - p. 15
DomainKeys ■ Cryptographic signatures ● Roadmap Introduction in email header: Local Mail Utilities DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; Mail Server ● Potential Issues d=gmail.com; s=gamma; ● Blueprint ● Sender Policy Framework h=domainkey-signature:received:received:message-id:date:from:to:s ● DomainKeys bh=...; Conclusion b=...= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:con b=...= lookup selector ._domainkey. domain : gamma._domainkey.gmail.com. 300 IN TXT "k=rsa\; t=y\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIhyR3oItOy22ZOaBr David Hilley, March 5, 2008 L A T EX - p. 16
● Roadmap Introduction Local Mail Utilities Mail Server Conclusion Conclusion ● Questions ● Resources David Hilley, March 5, 2008 L A T EX - p. 17
Questions Questions? ● Roadmap Introduction Local Mail Utilities Mail Server Conclusion ● Questions ● Resources David Hilley, March 5, 2008 L A T EX - p. 18
Resources ■ Fetchmail FAQ http://catb.org/~esr/fetchmail/fetchmail-FAQ.html ● Roadmap ■ Timo’s procmail tips and recipes Introduction http://lipas.uwasa.fi/~ts/info/proctips.html Local Mail Utilities ■ Sender Policy Framework: Project Overview Mail Server http://www.openspf.org/Project_Overview Conclusion ● Questions ■ DomainKeys Identified Mail (DKIM) ● Resources http://www.dkim.org ■ Postfix http://www.postfix.org/ ■ exim Internet Mailer http://www.exim.org/ ■ qmail homepage http://www.qmail.org ■ Sendmail FAQ http://www.sendmail.org/faq/ David Hilley, March 5, 2008 L A T EX - p. 19
Recommend
More recommend
