DOCSLIB.ORG

Neuer Email Service in Zeuthen

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Renewal of the Email Services IMAP,IMAP, SMTPSMTP && Co.Co. WolfgangWolfgang FriebelFriebel Technical Seminar Zeuthen, 6.10.2009 Outline of the talk SchematicSchematic viewview ofof thethe mailmail flowflow inin ZeuthenZeuthen WhatWhat willwill whenwhen bebe changedchanged ReceivingReceiving emailemail andand configurationconfiguration ofof mailmail clientsclients SendingSending emailemail SpamSpam andand mailmail filteringfiltering FrequentlyFrequently askedasked questionsquestions NextNext stepssteps 6. Okt. techn. Seminar 2 The mail flow in Zeuthen SMTPSMTP forfor sendingsending mailmail external user SMTPSMTP AuthAuth ttoo sendsend fromfrom outsideoutside SMTP Auth SMTP IMAPIMAP forfor readingreading mailmail IMAP externalexternal mailmail serverserver currentlycurrently alsoalso ext. mail server mailmail storestore int. mail server externalexternal serverserver performsperforms spamspam spam & SMTP tagging and virus scanning on a virus filter SMTP tagging and virus scanning on a mail store separateseparate machinemachine IMAP UsersUsers cancan send/receivesend/receive emailsemails usingusing HamburgHamburg serversservers asas wellwell User 1 ... User n 6. Okt. techn. Seminar 3 Why a new IMAP Server dovecotdovecot cancan handlehandle 10001000 activeactive usersusers onon aa singlesingle computercomputer UW-IMAPUW-IMAP (with(with mboxmbox format)format) allowsallows nono concurrentconcurrent accessaccess ConcurrentConcurrent accessaccess toto mailsmails cancan causecause lockinglocking oror lossloss ofof emailsemails MboxMbox formatformat limitlimit 2GB2GB reachedreached soonsoon Mailbox sizes DESY Hamburg distribution of mailboxes by size SlowSlow accessaccess withwith mboxmbox formatformat 17 52 108 621 259 2088 157 270 Flexibility of dovecot 316 Flexibility of dovecot 379 ACL's for folders 3313 ACL's for folders Exchange compressedcompressed foldersfolders 1731 quotaquota UWimap SituationSituation withwith developersdevelopers under 10 10M – 100M 100M – 250M 250M – 500M 500M – 1G 1G – 2G 2G – 5G over 5G 6. Okt. techn. Seminar 4 New IMAP Server UW-IMAPUW-IMAP getsgets replacedreplaced byby dovecotdovecot ServerServer supportssupports additionaladditional foldersfolders besidesbesides INBOXINBOX (quota(quota ofof 11 GBGB inin additionaddition toto AFSAFS homehome directorydirectory quota)quota) mailmail quotaquota cancan getget displayeddisplayed usingusing check_inboxcheck_inbox (Linux)(Linux) nono moremore lockinglocking problemsproblems (AFS!!!)(AFS!!!) MuchMuch higherhigher speedspeed ofof emailemail accessaccess centralcentral mailmail filteringfiltering (sieve(sieve scriptsscripts onon imapimap server)server) centralcentral mailmail filterfilter byby defaultdefault movesmoves spamspam mailsmails intointo thethe junkjunk folderfolder UseUse ofof ownown filtersfilters possiblepossible butbut nono loginlogin onon imap,imap, hencehence uploadupload usingusing mailmail clientclient 6. Okt. techn. Seminar 5 Configuration changes for users separateseparate serversservers forfor sendingsending ((mailmail)) andand readingreading ((imapimap)) ofof mailmail INBOXINBOX ofof allall usersusers willwill bebe onon imapimap insteadinstead onon mailmail moremore thanthan 5050 usersusers alreadyalready moved,moved, othersothers willwill followfollow untiluntil endend ofof OctOct newnew internalinternal serverserver forfor sendingsending ((mail1mail1)) isis operationaloperational nownow onon aa virtualvirtual machinemachine nono moremore accessaccess toto foldersfolders inin AFSAFS spacespace usingusing thethe IMAPIMAP serverserver foldersfolders inin AFSAFS accessibleaccessible asas locallocal foldersfolders onlyonly foldersfolders onon IMAPIMAP serverserver areare notnot inin AFSAFS spacespace 6. Okt. techn. Seminar 6 Comparison of UW-IMAP and dovecot UW-IMAP dovecot Server INBOX Folder (dirs) INBOX a1 b 1 file with many mails Mails (files) AFS ~/mail ~/mail Folder (files) a1 a2 b c Folder (files) a2 c 6. Okt. techn. Seminar 7 Move from mail to imap (1) beforebefore OctoberOctober 15:15: movemove isis voluntary,voluntary, useruser isis sendingsending anan emailemail toto [email protected]@ifh.de whenwhen movemove shouldshould taketake place.place. OnOn requestrequest allall foldersfolders inin ~/mail~/mail inin AFSAFS spacespace cancan bebe copiedcopied toto thethe IMAPIMAP serverserver (max.(max. 500500 MB)MB) folderfolder namesnames containingcontaining certaincertain charschars (space,(space, .. )) cancan causecause problemsproblems useruser getsgets confirmationconfirmation mailmail sayingsaying thatthat thethe INBOXINBOX andand optionallyoptionally foldersfolders havehave beenbeen copiedcopied andand emailemail isis receivedreceived onon mailmail andand imapimap useruser cancan sendsend emailemail toto stopstop mailmail receptionreception onon mailmail AfterAfter atat mostmost 4848 hourshours mailmail receptionreception onon mailmail isis stoppedstopped finallyfinally thenthen thethe mailmail clientclient hashas toto bebe reconfiguredreconfigured (see(see later)later) NoNo furtherfurther configurationconfiguration changeschanges requiredrequired (e.g.(e.g. registry)registry) !! 6. Okt. techn. Seminar 8 Move from mail to imap (2) afterafter OctoberOctober 15:15: useruser getsgets informedinformed byby emailemail thatthat hishis INBOXINBOX hashas beenbeen copiedcopied toto imapimap andand newnew emailemail isis receivedreceived onon mailmail andand imapimap useruser cancan sendsend mailmail toto stopstop mailmail receptionreception onon mailmail AfterAfter atat mostmost 4848 hourshours mailmail receptionreception onon mailmail isis stoppedstopped finallyfinally useruser hashas toto reconfigurereconfigure thethe mailmail clientclient detaileddetailed informationinformation onon thethe followingfollowing slidesslides ThereThere isis nono changechange inin thethe preferredpreferred addressaddress whenwhen sendingsending mail:mail: [email protected]@desy.de,, thethe realreal addressaddress ofof thethe INBOXINBOX inin thethe registryregistry staysstays unchangedunchanged ([email protected])([email protected]) 6. Okt. techn. Seminar 9 Configuration of mail clients mailmail clientsclients alpinealpine (successor(successor ofof pine,pine, texttext based)based) thunderbirdthunderbird mulberrymulberry (very(very powerfulpowerful,, MacOSMacOS looklook andand feel,feel, onon LinuxLinux buggy)buggy) others,others, e.g.e.g. evolution,evolution, outlook,outlook, ...... configurationconfiguration describeddescribed onon https://dvinfo.ifh.de/IMAPServerhttps://dvinfo.ifh.de/IMAPServer importantimportant parameters:parameters: serverserver namename imap.ifh.de,imap.ifh.de, protocolprotocol IMAP,IMAP, portport 143143 (TLS),(TLS), 993993 (SSL)(SSL) mailmail directorydirectory onon server:server: keepkeep emptyempty (or(or maybemaybe ~)~) correctcorrect installationinstallation ofof CACA CertificatesCertificates isis crucialcrucial forfor properproper functionality!functionality! 6. Okt. techn. Seminar 10 alpine inin ZeuthenZeuthen alreadyalready preconfiguredpreconfigured (server(server mailmail insteadinstead ofof imap)imap) configurationconfiguration changechange toto useuse thethe newnew serverserver inbox-path={imap.ifh.de}inboxinbox-path={imap.ifh.de}inbox inin .pinerc.pinerc oror changechange InboxInbox PathPath inin alpinealpine (Setup(Setup ->-> ConfigConfig Screen)Screen) oror exportexport IMAPSERVER=imap.ifh.deIMAPSERVER=imap.ifh.de inin .zshenv.zshenv (Zeuthen(Zeuthen only)only) oror setenvsetenv IMAPSERVERIMAPSERVER imap.ifh.deimap.ifh.de inin .cshrc.cshrc (Zeuthen(Zeuthen only)only) configureconfigure alpinealpine toto displaydisplay additionaladditional foldersfolders onon serverserver setupsetup ->-> collectionListscollectionLists ->-> addadd collectioncollection arbitrary nickname, server Name: imap.ifh.de, remaining fields empty in this collection the folder junk wil get displayed new folders in this collection are visible on all mail clients talking IMAP 6. Okt. techn. Seminar 11 Reply address in alpine settingssettings thatthat areare identicalidentical forfor allall usersusers areare writtenwritten toto thethe globalglobal alpinealpine configurationconfiguration filefile From:From: addressaddress isis differentdifferent forfor allall users,users, thethe builtbuilt inin defaultdefault willwill constructconstruct itit fromfrom domaindomain (ifh.de)(ifh.de) andand accountname.accountname. ThisThis shouldshould bebe changedchanged !! onlyonly aa problemproblem ofof (al)pine,(al)pine, otherother mailmail readersreaders willwill usuallyusually askask forfor thethe emailemail addressaddress toto bebe usedused inin thethe From:From: headerheader EvenEven worseworse onon computerscomputers notnot managedmanaged byby DESYDESY defaultdefault isis aa From:From: accordingaccording toto thethe templatetemplate [email protected]@host.domain atat DESYDESY thisthis regularlyregularly causescauses replyreply mailsmails toto bouncebounce thereforetherefore important:important: changechange From:From: inin setupsetup ->-> configureconfigure recommendedrecommended toto modifymodify asas well:well: alt-addressesalt-addresses (Alternate(Alternate Adresses)Adresses) 6. Okt. techn. Seminar 12 alpine and Multimedia Attachments handledhandled properlyproperly (graphics,(graphics, URLURL displaydisplay inin browser,browser, sound,sound, ...)...) requiresrequires correctcorrect MIMEMIME settingssettings inin alpinealpine allall attachmentsattachments dodo havehave aa MIMEMIME typetype characterizescharacterizes
Recommended publications
  • Oldschool E-Mail Setup Eine Freakshow

    Oldschool E-Mail Setup Eine Freakshow

    Oldschool E-mail Setup Eine Freakshow [email protected] Chemnitzer Linuxtage, 2016 (Screenshot GMX vor >15 Jahren: Waybackmachine zu www.gmx.net) (Screenshot GMX heute) (Screenshot Gmail heute) Lösungen? ● Claws ● Mutt ● Eudora ● Netscape Navigator ● Evolution ● Opera M2 ● GMX ● Outlook ● Gnus ● SquirrelMail ● Hotmail ● The Bat! ● Hushmail ● Thunderbird ● KMail ● … Flußgrafik Email Netz MTA MRA MDA MUA MSA MTA Netz Hipster! ● KISS ● YAGNI ● DRY ● NIH ● Divide And Conquer ● Everything is a file ● No vendor lock-in ● Mißtraue Autoritäten – fördere Dezentralisierung Netz Netz Emails Client, den ich Remote verwenden kann Leicht erweiterbar Emails lokal Filter Offenes Format Adressen Netz Netz Abholen Transportformat? Pull Subject 1 Email = 1 File Keine Spuren X-List-ID Mit Hierarchien am Server Beliebige Einfaches Suchen Header Verlässliches Suchen Verarbeitung mit Unix Tools Client, den ich Remote verwenden kann Leicht erweiterbar Emails lokal Filter Offenes Format Adressen Netz Netz Abholen Transportformat? Pull Subject 1 Email = 1 File Keine Spuren X-List-ID Mit Hierarchien am Server Beliebige Einfaches Suchen Header Verlässliches Suchen Verarbeitung mit Unix Tools mbox Maildir mh Client, den ich Remote verwenden kann Leicht erweiterbar Emails lokal Filter Offenes Format Adressen Netz Netz Abholen Transportformat? Pull Subject 1 Email = 1 File Keine Spuren X-List-ID Mit Hierarchien am Server Beliebige Einfaches Suchen Header Verlässliches Suchen Verarbeitung mit Unix Tools mbox Maildir mh tmp 1439306571.1269_0.elvis ~/Post/Technik/Wikitech new 1448267819.5940_0.spencer ... 1457079728.2000_0.spencer:2, cur 1456839383.9873_0.nepomuk:2,SR 1457166567.23654_0.spencer:2,S ... Client, den ich Remote verwenden kann Leicht erweiterbar Filter Adressen Netz Netz Abholen Pull Subject Maildir Keine Spuren X-List-ID am Server Beliebige Header Client, den ich Remote verwenden kann Leicht erweiterbar Filter Adressen Netz Netz Abholen Pull Subject Maildir Keine Spuren X-List-ID am Server Beliebige Header fetchmail getmail mpop ..
  • Business SITUS Address Taxes Owed # 11828201655 PROPERTY HOLDING SERV TRUST 828 WABASH AV CHARLOTTE NC 28208 24.37 1 ROCK INVESTMENTS LLC

    Business SITUS Address Taxes Owed # 11828201655 PROPERTY HOLDING SERV TRUST 828 WABASH AV CHARLOTTE NC 28208 24.37 1 ROCK INVESTMENTS LLC

    Business SITUS Address Taxes Owed # 11828201655 PROPERTY HOLDING SERV TRUST 828 WABASH AV CHARLOTTE NC 28208 24.37 1 ROCK INVESTMENTS LLC . 1101 BANNISTER PL CHARLOTTE NC 28213 510.98 1 STOP MAIL SHOP 8206 PROVIDENCE RD CHARLOTTE NC 28277 86.92 1021 ALLEN LLC . 1021 ALLEN ST CHARLOTTE NC 28205 419.39 1060 CREATIVE INC 801 CLANTON RD CHARLOTTE NC 28217 347.12 112 AUTO ELECTRIC 210 DELBURG ST DAVIDSON NC 28036 45.32 1209 FONTANA AVE LLC . FONTANA AV CHARLOTTE 22.01 1213 W MOREHEAD STREET GP LLC . 1207 W MOREHEAD ST CHARLOTTE NC 28208 2896.87 1213 W MOREHEAD STREET GP LLC . 1201 W MOREHEAD ST CHARLOTTE NC 28208 6942.12 1233 MOREHEAD LLC . 630 402 CALVERT ST CHARLOTTE NC 28208 1753.48 1431 E INDEPENDENCE BLVD LLC . 1431 E INDEPENDENCE BV CHARLOTTE NC 28205 1352.65 160 DEVELOPMENT GROUP LLC . HUNTING BIRDS LN MECKLENBURG 444.12 160 DEVELOPMENT GROUP LLC . STEELE CREEK RD MECKLENBURG 2229.49 1787 JAMESTON DR LLC . 1787 JAMESTON DR CHARLOTTE NC 28209 3494.88 1801 COMMONWEALTH LLC . 1801 COMMONWEALTH AV CHARLOTTE NC 28205 9819.32 1961 RUNNYMEDE LLC . 5419 BEAM LAKE DR UNINCORPORATED 958.87 1ST METROPOLITAN MORTGAGE SUITE 333 3420 TORINGDON WY CHARLOTTE NC 28277 15.31 2 THE MAX SALON 10223 E UNIVERSITY CITY BV CHARLOTTE NC 28262 269.96 201 SOUTH TRYON OWNER LLC 201 S TRYON ST CHARLOTTE NC 28202 396.11 201 SOUTH TRYON OWNER LLC 237 S TRYON ST CHARLOTTE NC 28202 49.80 2010 TRYON REAL ESTATE LLC . 2010 S TRYON ST CHARLOTTE NC 28203 3491.48 208 WONDERWOOD TREE PRESERVATION HO .
  • Znetlive SSL Compatible Applications, Platforms & Operating

    Znetlive SSL Compatible Applications, Platforms & Operating

    ZNetLive SSL Compatible Applications, Platforms & Operating Systems Certificate Authority Root Apple MAC OS 9.0+ (circa 2002), includes 10.5.X and 10.6.X Future proof at 2048 bit, embedded in all Microsoft Windows XP, Vista, 7 and 8 (all devices and browsers and capable of upgrading versions inc 32/64 bit) weak encryption to a strong one is the most reliable Certificate Authority Root-GlobalSign. It is very important to ensure a flawless interaction of your online solutions with Default API Support within Hosting Control customers making connection with your web Panels server, reading emails, trusting your e- Ubersmith documents or running your code. Every WHMCS standard machine that uses trust of Public Key Infrastructure (PKI), e.g. S/MIME, SSL/TLS, Document Signing and Code Signing, has GlobalSign’s Root Certification present in it. Email Clients (S/MIME) ZNetLive’s SSL Certificates authenticated by GlobalSign have 2048 bit strength throughout Mulberry Mail complete Digital Certificate portfolio and Microsoft Outlook 99+ comply with recommendations of National Microsoft Entourage (OS/X) Institute of Standards and Technology (NIST) Qualcomm Eudora 6.2+ according to which all cryptographic keys Mozilla Thunderbird 1.0+ should be 2048 bit strength from 2011 onwards. Mail.app Anything weaker than 2048 bit encryption is Lotus Notes (6+) considered insecure. Because of this, the Netscape Communicator 4.51+ Certification Authorities and Browsers insists The Bat that all the EV SSL Certificates should be 2048 Apple Mail bit encryption.
  • Getting Started with Eudora 5.1 for Windows 95/98/ME/NT/2000 Author Teresa Sakata

    Getting Started with Eudora 5.1 for Windows 95/98/ME/NT/2000 Author Teresa Sakata

    WIN9X003 July 2003 Getting Started with Eudora 5.1 For Windows 95/98/ME/NT/2000 Author Teresa Sakata Introduction ..............................................................................................................................................................1 POP and IMAP Servers ............................................................................................................................................2 Requirements ............................................................................................................................................................2 Changes From Version 4.3.x ....................................................................................................................................3 Issues ........................................................................................................................................................................3 Where do I get Eudora? ............................................................................................................................................4 Getting Started..........................................................................................................................................................4 Installation ................................................................................................................................................................4 Configuring Eudora ..................................................................................................................................................5
  • Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University

    Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University

    Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University ABSTRACT The attack surface concept provides a means of discussing the susceptibility of software to as-yet-unknown attacks. A system’s attack surface encompasses the methods the system makes available to an attacker, and the system resources which can be used to further an attack. A measurement of the size of the attack surface could be used to compare the security of multiple systems which perform the same function. The Internet Message Access Protocol (IMAP) has been in existence for over a decade. Relative to HTTP or SMTP, IMAP is a niche protocol, but IMAP servers are widely deployed nonetheless. There are three popular open source UNIX IMAP servers – UW-IMAP, Cyrus, and Courier-IMAP – and there has not been a formal security comparison between them. In this paper, I use attack surfaces to compare the relative security risks posed by these three products. I undertake this evaluation in service of two complementary goals: to provide an honest examination of the security postures and risks of the three servers, and to advance the study of attack surfaces by performing an automated attack surface measurement using a methodology based on counting entry and exit points in the code. Introduction Contributions and Roadmap System administrators frequently confront the The paper makes two major contributions. First, problem of selecting a software package to perform a I undertake an in-depth discussion of the relative secu- desired function. Many considerations affect this deci- rity postures of the three major open source IMAP sion, including functionality, ease of installation, soft- servers in use today.
  • GNU Guix Cookbook Tutorials and Examples for Using the GNU Guix Functional Package Manager

    GNU Guix Cookbook Tutorials and Examples for Using the GNU Guix Functional Package Manager

    GNU Guix Cookbook Tutorials and examples for using the GNU Guix Functional Package Manager The GNU Guix Developers Copyright c 2019 Ricardo Wurmus Copyright c 2019 Efraim Flashner Copyright c 2019 Pierre Neidhardt Copyright c 2020 Oleg Pykhalov Copyright c 2020 Matthew Brooks Copyright c 2020 Marcin Karpezo Copyright c 2020 Brice Waegeneire Copyright c 2020 Andr´eBatista Copyright c 2020 Christine Lemmer-Webber Copyright c 2021 Joshua Branson Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled \GNU Free Documentation License". i Table of Contents GNU Guix Cookbook ::::::::::::::::::::::::::::::: 1 1 Scheme tutorials ::::::::::::::::::::::::::::::::: 2 1.1 A Scheme Crash Course :::::::::::::::::::::::::::::::::::::::: 2 2 Packaging :::::::::::::::::::::::::::::::::::::::: 5 2.1 Packaging Tutorial:::::::::::::::::::::::::::::::::::::::::::::: 5 2.1.1 A \Hello World" package :::::::::::::::::::::::::::::::::: 5 2.1.2 Setup:::::::::::::::::::::::::::::::::::::::::::::::::::::: 8 2.1.2.1 Local file ::::::::::::::::::::::::::::::::::::::::::::: 8 2.1.2.2 `GUIX_PACKAGE_PATH' ::::::::::::::::::::::::::::::::: 9 2.1.2.3 Guix channels ::::::::::::::::::::::::::::::::::::::: 10 2.1.2.4 Direct checkout hacking:::::::::::::::::::::::::::::: 10 2.1.3 Extended example ::::::::::::::::::::::::::::::::::::::::
  • Proceedings Template

    Proceedings Template

    0 - IMAP in 90 Days or How to Migrate 25,000 Users to IMAP in Three Months Jay Graham Computing Services and Systems Development University of Pittsburgh 419 South Bellefield Avenue Pittsburgh, PA 15217 (412) 624-5244 [email protected] ABSTRACT Pittsburgh campus. Extensive use of user logs, forwarding data and distribution was critical to the process. The final phase The University of Pittsburgh began the Internet Message Access involved the migration of 25,000 users from VMS Mail, Unix Protocol (IMAP) Project in the spring of 1997 as an evaluation Pine and POP mail to the new environment by April 1, 2000. project investigating the replacement options for the legacy e-mail systems and a POP3 service. The project was initially divided into two phases---Phase 1 to deploy an IMAP server for campus- Keywords wide use and Phase 2 to identify and provide a reliable, high quality, enterprise-wide IMAP client. A sub-group of the IMAP IMAP, e-mail, POP, legacy, client-server project team was formed to identify requirements and evaluate clients. Cyrusoft International's Mulberry was found to meet the ever changing requirements of the campus computing labs and 1. INTRODUCTION have sufficient features and functionality that users would be compelled to switch from their legacy clients to the new Electronic mail has become a primary tool used by many large environment. organizations to enhance daily communication. E-mail between managers, workers, customers, students, teachers or parents often A critical third phase was added to the IMAP project which serves as a more efficient, cost effective and convenient form of required a phase-out of the legacy e-mail systems by April 1, 2000 interaction.
  • Sysinfotools Maildir Converter

    Sysinfotools Maildir Converter

    SysInfoTools MailDir Converter SysInfoTools MailDir Converter Table of Contents 1. SysInfotools MailDir Converter .................................................................................. 2 2. Overview ................................................................................................................... 2 3. Getting Started .......................................................................................................... 3 Installation procedure ............................................................................................... 4 4. Order and Activation .................................................................................................. 4 How to Order ............................................................................................................ 4 How to Activate ......................................................................................................... 4 5. Using SysInfoTools MailDir Converter ....................................................................... 5 Understanding the User Interface .............................................................................. 6 Button Used .............................................................................................................. 6 How to use MailDir Converter Tool ............................................................................ 7 6. Uninstall the Software .............................................................................................. 13 7. Legal Notice ...........................................................................................................
  • Design and Management of Email Service

    Design and Management of Email Service

    Design and Management of Email Service Source : homepage.ntu.edu.tw/~jsc/2005-mail.ppt Outline Introduction to the architecture and operation of SMTP Design of a suitable email system – Webmail solutions Postfix and simple configuration samples Spam and virus filtering Conclusion 2 Overview Electronic mail service has already evolved into one of the major Internet applications. It is not only fundamental, but also a must. Users may become impatient when mails were delayed, not to mention failed to access their emails. – Imagine we meet the situation of power failure or cut of water supply 3 Architecture of a Simple Mail System Consists of the following components – MTA - Mail transfer agent Sending and forwarding emails Server end – MDA - Mail delivery agent Delivering emails to recipients’ mailbox Server end – Pop3/Imap4 Daemons For users to download their mailboxs Server end – MUA - Mail user agent Reading and composing emails 4 Client end Architecture of a Simple Mail System Protocols Used for Mail System Protocols – For computer programs to communicate with each other – Similar to languages that human beings speak SMTP – Simple Mail Transfer Protocol – Too simple to provide any “advanced features” Authentication Authorization POP3 – Post Office Protocol version 3 – Simple IMAP4 – Internet Message Access Protocol version 4 – Fully compatible with internet message standards, e.g. MIME. – Allow messages to be accessed from more than one computer. – Provide support for online, offline, and disconnected modes. 6 – Multiple and share folders. Mail Forwarding Between Servers How to Find the Way to the Destination? How do we find the way to [email protected]? 8 DNS: The Key to All Internet Services Query DNS server by the address part of email address.([email protected]) 1.
  • Postfix Catch All and Mutt

    Postfix Catch All and Mutt

    Postfix Catch All and Mutt End goal: having postfix saving all of the emails for a domain to a single “mailbox” in maildir format, and being able to send email using mutt (or similar). Specifics to my setup I'm not going to open port 25 on my server, I'm going through Net7's spam filter, which will then forward to my server on port 8025. So I need to open port 8025. The rule was already there for port 25, I just need to edit the thing. Make Postfix listen to another port There is always the plan of using iptables to redirect the traffic. You can do it in Postfix as well. Open master.cf and find this line: smtp inet n - - - - smtpd The smtp word up front is actually a port. You can replace it with this line: 8025 inet n - - - - smtpd If you restart Postfix and check with netstat it should be listening to another port. Setting up Maildir delivery By default Postfix will output emails to a single file in /var/mail/. I'd rather have the Maildir format which separates emails into different files that I can individually move and/or delete. I'm going off the rails here trying out things. Looks like we're going to need these configuration options in main.cf: home_mailbox = Maildir/ mailbox_command = Make sure mailbox_command isn't set somewhere else in the file. Reload Postfix. We should be able to test that this is working using a known user on the system. You can telnet-test like so: EHLO test MAIL FROM:<[email protected]> RCPT TO:<william> DATA Test.
  • Snuffleupagus Documentation

    Snuffleupagus Documentation

    Snuffleupagus Documentation Release stable Sebastien Blot & Julien Voisin Aug 29, 2021 Contents 1 Documentation 3 1.1 Features..................................................3 1.2 Installation................................................ 11 1.3 Configuration............................................... 14 1.4 Download................................................. 22 1.5 Changelog................................................ 23 1.6 FAQ.................................................... 29 1.7 Propaganda................................................ 33 1.8 Cookies.................................................. 35 2 Greetings 39 i ii Snuffleupagus Documentation, Release stable Snuffleupagus is a PHP7+ and PHP8+ module designed to drastically raise the cost of attacks against websites. This is achieved by killing entire bug classes and providing a powerful virtual-patching system, allowing the administrator to fix specific vulnerabilities without having to touch the PHP code. Contents 1 Snuffleupagus Documentation, Release stable 2 Contents CHAPTER 1 Documentation 1.1 Features Snuffleupagus has a lot of features that can be divided in two main categories: bug-classes killers and virtual-patching. The first category provides primitives to kill various bug families (like arbitrary code execution via unserialize for example) or raise the cost of exploitation. The second category is a highly configurable system to patch functions in php itself. 1.1.1 Bug classes killed or mitigated system injections The system function executes an external
  • Visualization of Client-Side Web Browsing and Email Activity

    Visualization of Client-Side Web Browsing and Email Activity

    Calhoun: The NPS Institutional Archive Theses and Dissertations Thesis Collection 2009-06 Visualization of client-side web browsing and email activity Roussas, Gregory. Monterey, California. Naval Postgraduate School http://hdl.handle.net/10945/4738 NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS VISUALIZATION OF CLIENT-SIDE WEB BROWSING AND EMAIL ACTIVITY by Gregory Roussas June 2009 Thesis Advisor: Cynthia E. Irvine Second Reader: Chris S. Eagle Approved for public release; distribution is unlimited THIS PAGE INTENTIONALLY LEFT BLANK ii Form Approved REPORT DOCUMENTATION PAGE OMB No. 0704–0188 The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704–0188), 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202–4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS. 1. REPORT DATE (DD–MM–YYYY) 2. REPORT TYPE 3. DATES COVERED (From — To) 22–6–2009 Master’s Thesis 2007-09-21—2009-06-19 4. TITLE AND SUBTITLE 5a. CONTRACT NUMBER 5b. GRANT NUMBER Visualization of Client-Side Web Browsing and Email Activity DUE 0414102 5c.