- MTA or Mail Transfer Agents - sendmail, qmail, etc - Links/Info
- Mail Retrieval Software - pop3, imap, etc - Links/Info
- Mail User Agent (MUA): E-Mail client - Netscape, MUTT, etc - Links/Info
Internet mail is sent from the e-mail client to the mail server which routes it to the intended destination which will also be an mail server. The protocol by which the mail servers communicate is called SMTP (Simple Mail Transfer Protocol) and the mail server software is known as the MTA or Mail Transfer Agent. This tutorial lists the popular MTA programs used and basic sendmail configuration. Also listed are Mailing List programs and the RFC's (Request For Comments) on which the internet e-mail standards are currently or eventually based.
Contents:
- Mail Transfer Agents (MTA)
- Ant-Spam sites
- Open Relay Check
- Basic sendmail configuration
- Mailing List Programs
- SMTP session
- RFC's
- Links
Mail Transfer Agents (MTA): |
- Sendmail
- Postfix - Fast and secure - Wietse Venema's mailer (son of VMailer and IBM Secure Mailer)
- Exim - University of Cambridge (son of Smail)
- QMail
- Life with qmail
- qmail-ldap - Central LDAP authentication for large user databases.
- FrankenRelay - QMail relay
- QMail Anti-Spam HOWTO
Commercial MTA's:
- 3R Soft: MailStudio - Scalable Web based e-mail
- Blue Tail: Mail Robustifier - Features traffic logging, load balancing and overload control
- Bynari - Email, messaging and collaboration. Replacement for Microsoft NT/Exchange Server, supporting functionality available in Outlook.
- HP: OpenMail - MS Exchange compatible
- Caldera: Volution Messaging Server - Outlook compatable [Software review]
- Skyrix.com: SuSE Mail server III
- IBM: Lotus Notes Domino Mail Server - E-mail, Web access, Calendaring and Scheduling, bulletin boards, newsgroups, mobile support
- Sendmail.com - commercial version of sendmail
- Stalker software: CommuniGate Pro - Features anti-Spam, clustering, web admin, web mail, multi-domain, Mail lists, LDAP, ACAP, SSL, CLL, SASL
Anti-Spam: |
- RFC2505 - Anti Spam
- Maps.vix.com: MAPS (Mail Abuse Prevention System LLC) Anti Spam - Mail-Abuse.org
- ORBS.org - Open Relays
- OpenRBL.org - Blackhole List and lookup
- ORDB.org - Open Relay Database - Test your server for open relay or in their open relay database.
- The SPAM-L FAQ
- Mail-Abuse.org: MAPS - Mail Abuse Prevention System
- Configuring sendmail for use with RBL - The Mail Abuse Prevention System's Realtime Blackhole List
- OSIRUSoft.com - [More info] - Spam blocking software
- CAUCE International - Coalition Against Unsolicited Commercial Email
- The SPAM-L FAQ
- SpamCop.net - Database and anti-spam services.
- How to sue an email spammer in small claims court and win money - by Richard Scott
- SpamMap - Relationships between spammers and commerce sites mapped out in a chart.
Open Relay Check: |
Execute the following from your SMTP server:
telnet mail-abuse.orgThis site will run a series of relay tests and return the results in the telnet session.
Basic sendmail configuration: |
Sendmail is the default MTA on the RedHat Linux distribution.
Do NOT use linuxconf to configure sendmail as it has NOT been updated to
work with current versions of sendmail!!!
(The tool linuxconf is no longer included with current versions of Red Hat Linux 7.3+)
Steps to run mail server using sendmail:
- The mail server must be identified by the DNS as the mail server in
order to recieve mail. See the
YoLinux tutorial on configuring DNS.
- /etc/mail/local-host-names (Red Hat 7.1)
/etc/sendmail.cw (Red Hat 6.x)-
This file contains all of the alternate host
names of the server. (i.e. domain-name.com)
Sendmail will not accept mail for a domain unless it is permitted to do
so by the contents of this file.
Sample:megawebhost.com yolinux.com yo-linux.com
-
This file contains all of the alternate host
names of the server. (i.e. domain-name.com)
Sendmail will not accept mail for a domain unless it is permitted to do
so by the contents of this file.
- File /etc/aliases lists alternative names for e-mail recipients.
Sample:webmaster: john, dave postmaster: kim, garret larry.anderson: larry moe.anderson: moe curly.anderson: curly
After creation or modification one must run the command newaliases which will generate a new version of the file /etc/aliases.db There is no need to restart the sendmail daemon. The changes are picked up automatically. - Relaying and recieving mail is controlled by the file:
/etc/mail/access. By default
relaying is only allowed by localhost and sendmail will accept
mail from all. (Red Hat 7.1 default is more strict but the restriction is not from the access file. More below.)
localhost.localdomain RELAY localhost RELAY 127.0.0.1 RELAY
Generate database file:[root prompt]# makemap hash /etc/mail/access.db < /etc/mail/access
The access file can be used to thwart spammers. List IP addresses or email address to deny in the file: /etc/access
After adding entries to the access file, generate the database file with the command above.XXX.XXX.XXX.XXX REJECT YYY.YYY.YYY.YYY ERROR:"550 We don't accept mail from spammers" spammer@isp.com REJECT " Spam not accepted" ZZZ.ZZZ.ZZZ.ZZZ OK - Override rules and allow ZZZ.ZZZ OK - Allow from ZZZ.ZZZ.*.* network
See the /etc/mail/access file I am currently using. It changes daily. Feel free to cut and paste this Sendmail access file to your system.
Other access lists:
Sendmail.org: More info on cf-readme (See Anti-Spam section) - Sendmail must be running. See the YoLinux init tutorial to learn how the sendmail daemon can be configured to be started by the system upon system boot. This may have been configured during installation.
The default configuration is fairly secure and usable.
For Red Hat 6 and earlier systems, you are ready to mail.
For Red Hat 7 systems, there is one more step.
See changes below required to recieve mail.
Note: A user defined in the aliases file is valid for all domains
hosted by the system, unless you have configured virtual hosting.
For alternate configurations change the file: /etc/sendmail.cf
Actually most people use the m4 macro package to generate this file from a sendmail.mc file. Preconfigured "mc" files can be found in the directory:
- /usr/lib/sendmail-cf/cf/ (Red Hat 7.1)
- /usr/share/sendmail-cf/cf/ (Red Hat 6.x)
Default Red Hat sendmail.cf configurations:
- Red Hat 7.1:
You will find that the files /etc/sendmail.cf and
/usr/share/sendmail-cf/cf/redhat.cf are the same and is the RedHat
default.
cd /usr/share/sendmail-cf/cf/ m4 redhat.mc > /etc/sendmail.cf
Note: the cf.m4 file is represented as an include file in the sendmail "mc" macro file. (include(`/usr/share/sendmail-cf/m4/cf.m4')) - Red Hat 6.x:
You will find that the files /etc/sendmail.cf and
/usr/lib/sendmail-cf/cf/redhat.cf are identical and is the RedHat
default.
cd /usr/lib/sendmail-cf/cf/ m4 ../m4/cf.m4 redhat.mc > /etc/sendmail.cf
Red Hat 7.1 default Sendmail change to allow sendmail to recieve mail:
If you just upgraded to red Hat 7.1 and noticed that your mail server no longer works, it is because Red Hat changed the default sendmail configuration. The default configuration for Red Hat 7.1 sendmail does not allow for the recieving of mail except from yourself (localhost). To recieve mail:- Backup the files /etc/mail/sendmail.mc and /etc/sendmail.cf
- Edit the file /etc/mail/sendmail.mc and change/comment the line:
From: DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') To: dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
or delete the line. Sendmail will then use the default which allows it to recieve mail from other systems. - Optional: Anti-spam option:
To turn on the anti-spam feature of sendmail add the directive: FEATURE(dnsbl)
This will use the Realtime Blackhole List for spam filtering. For more info see Mail-Abuse.org: MAPS RBLFYI: Sendmail Anti-Spam configuration options:
- Turn off relaying (Relaying is denied by default Red Hat configuration) Do NOT use the following directive: FEATURE(`promiscuous_relay')
- Check sender information:
- Accept mail from your own domain: FEATURE(`relay_entire_domain')
- Accept relay from your mail servers listed in MX record to destination in same domain: FEATURE(`relay_based_on_MX')
- Use /etc/mail/access file to deny spammers: FEATURE(`access_db') (See above example)
- Use Realtime Blackhole List: FEATURE(`dnsbl')
- Check headers. Define rule in sendmail.cf.
- Optional: Identify outgoing mail as coming from specified domain:
MASQUERADE_AS(your-domain.com) MASQUERADE_DOMAIN(your-domain.com) FEATURE(masquerade_entire_domain) FEATURE(masquerade_envelope)
This will overide a default of localhost or node.your-domain.com to be that specified. i.e. your-domain.com. This is so that you do not look like a spammer. Domain localhost is often blocked. - Generate a new configuration file: m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
- If sending/relaying mail I then recommend you change the line in /etc/sendmail.cf:
Cwlocalhost.localdomain
to your actual fully qualified node name (Cwnode-name.your-domain.com). This will allow you to send mail without having the mail look like it came from "localhost.localdomain" which is often blocked by spam filters.
You can also add the statement: DMyour-domain.com - Restart sendmail: /etc/rc.d/init.d/sendmail restart
Also see: Sendmail.org: Sendmail 8.9.x configuration files
[Potential Pitfall]: Some distributions have a default configuration which causes failure. The /etc/hosts.deny entry ALL:ALL will cause failure to recieve mail.
/etc/mail/sendmail.mc: |
-
Directive Description divert(-1) m4 macro directive. File output not diverted OSTYPE(`linux') Required before definitions. Definitions tied to OSTYPE. define('VARIABLE','VALUE') Change a setting in sendmail.
See listundefine(`UUCP_RELAY') Remove UUCP email processing capability undefine(`BITNET_RELAY') Remove BITNET addressed email processing FEATURE() See list of features FEATURE(redirect) Reject redirected email addressed to user@domain.com.REDIRECT
Message returned to announce that one should send email to address defined by alias.FEATURE(always_add_domain) Append fully qualified domain name of host to user name. FEATURE(use_cw_file) File /etc/sendmail.cw defines alternate names of host. MAILER() See list of Mailers MAILER(procmail) Defines procmail as the local mail program on server. MAILER(smtp) Remote mail program.
dnl: m4 directive to delete whitespace in input
See Sendmail.org: cf-readme - HTML version (not as up to date)
Examples:
-
Directive Description define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl Disable "vrfy" so that spammers cannot "verify" typical email addresses such as info, admin, staff, etc. define(`ALIAS_FILE', `/etc/aliases')dnl This states the obvious. Email adress aliases are defined in the file: /etc/aliases FEATURE(`smrsh',`/usr/sbin/smrsh')dnl Execute Sendmail using the Sendmail restricted shell
Sendmail documentation:
- Red Hat 7.1:
- Red Hat 6.x:
- /usr/doc/sendmail
- /usr/doc/sendmail - local on your system
- Sendmail configuration w/ domain masquerading & spam filters
- Sendmail.org
DNS and Sendmail Presentation at LUGFest 2000 - (Star Office 5.2 "sdd" file) - More configuration insight and information.
Sendmail tools:
- mailq : Print a summary of the mail messages queued for future delivery.
Mail is queued in directory: /var/spool/mqueue/ - mailstats : Display current mail statistics.
Mail statistics stored in file: /var/log/sendmail.st/ - purgestatmailstats : Purge mail statistics.
- praliases : Display current mail aliases
Files used by sendmail for a mail server.
Mailing Lists: |
- List.org: GNU Mailman
Also see the YoLinux Mailman Tutorial - Majordomo
- Sympa: LDAP enabled mailing list software - Supports Sendmail, qmail or Postfix.
- Trunk
- Mojo Mail
- Listserv - Commercial Product
SMTP dialog: |
This is a sample of the dialog an e-mail client makes when connecting to an SMTP server for sending mail:
telnet server-name 25 - SMTP communicates on port 25. See: /etc/services HELO your-domain - This identifies the source of the mail. HELP - List the SMTP commands that are supported. (Included FYI and not part of a typical dialog) MAIL FROM: your-email-address RCPT TO: recipient-email-address DATA - End of DATA section is punctuated with a single dot on it's own line. Subject: E-mail-Subject Text of e-mail goes here . - The single dot QUIT
SMTP return codes let the e-mail client know if all went well.
See: RFC 822 for more information.
Mail headers and tracking a spammer: |
-
Return-Path: <sender-of-email@domain-of-sender.com> - This is the information that they provide and may easily be forged Received: from domain-of-spammer-mail-server.com (MTA-node-name.domain-of-spammer-mail-server.com [XXX.XXX.XXX.XXX]) - Where XXX.XXX.XXX.XXX is the IP address of the MTA relay server used by the spammer. Block this IP. by MTA-node.domain-name-of-server-recieving-spam.com (8.11.6/8.11.6) with ESMTP id fAR2XXXX2155 for <victim@isp.com>; Mon, 26 Nov 2001 20:04:23 -0600 Received: from domain-of-sender.com ([XXX.XXX.XXX.XXX]) by MTA-node-name.domain-of-spammer-mail-server.com - Where XXX.XXX.XXX.XXX is the IP address of the computer which sent the email to the MTA relay. Block this as well if you want to double protect yourself. (iPlanet Messaging Server 5.1 (built May 7 2001)) with ESMTP id <0GNG0XXXXXXXVQ@MTA-node-name.domain-of-spammer-mail-server.com> for victim@isp.com; Tue, 27 Nov 2001 06:10:28 -0600 (CST) Date: Tue, 27 Nov 2001 06:04:36 -0600 From: Claimed Name of Spammer <sender-of-email@domain-of-sender.com> Subject: Re: FYI To: victim@isp.com
Links:
SMTP RFC's: |
- RFC 2645 - ON-DEMAND MAIL RELAY (ODMR) SMTP with Dynamic IP Addresses
- RFC 2554 - SMTP Service Extension for Authentication
- RFC2505 - Anti Spam
- RFC 2487 - SMTP Service Extension for Secure SMTP over TLS
- RFC 2442 - Batch SMTP Media Type
- RFC 2197 - SMTP Service Extension for Command Pipelining
- RFC 2034 - SMTP Service Extension for Returning Enhanced Error Codes
- RFC 1985 - SMTP Service Extension for Remote Message Queue Starting
- RFC 1891 - SMTP Service Extension for Delivery Status Notifications
- RFC 1870 - SMTP Service Extension for Message Size Declaration
- RFC 1869 - SMTP Service Extensions
- RFC 1846 - SMTP 521 Reply Code
- RFC 1845 - SMTP Service Extension for Checkpoint/Restart
- RFC 1830 - SMTP Service Extensions for Transmission of Large and Binary MIME Messages
- RFC 1652 - SMTP Service Extension for 8bit-MIMEtransport
- RFC 1428 - Transition of Internet Mail from Just-Send-8 to 8bit-SMTP/MIME
Books on internet email programming: (Amazon)
- Programming Internet Email - by Dave Wood, David Wood, Mark Stone (O'Reilly & Associates; ISBN: 1565924797)
- Internet Email Protocols: A Developer's Guide - by Kevin Johnson (Addison-Wesley Pub Co; ISBN: 0201432889)
- Programmer's Guide to Internet Mail - by John Rhoton (Digital Press; ISBN: 1555582125)
- Internet e-mail: Protocols, Standards, and Implementation - by Lawrence Hughes (Artech House; ISBN: 0890069395)
Links: |
- Discussion on various MTA's
- How to set up an autoresponder using procmail - by Shane Chen
- VRFY -- Verifies Email Addresses - RPM
- Stokely Consulting: Email/Sendmail resources/links
- CERT: Spoofed/Forged Email
- CERT: Email Bombing and Spamming
- CA (Computer Associates) eTrust Antivirus
Books: |