Systems & Network Administration

CT106-3-2 (Version VE1)

Week 4, 5 & 6
Essential Services: Operation and Protocols
Email
 Lecturer Information

• Lecturer Name: Ts.Manimegalai

• Email: [email protected]
• Consultation Hours: Refer to iConsult

Module Code & Module Title Slide Title SLIDE 3

 Electronic Mail

E-mail is the original universal mission-critical application

• the only application that everyone depended upon was e-mail
• Became the model for all of our current messaging services
Keeping e-mail flowing is a required task for most system
administrators.
For the administrator this means:
– Choosing and configuring a mail transport agent
– Thinking through
• the site’s e-mail model,
• user agents, and
• hardware required to provide this critical service.

Module Code & Module Title Slide Title SLIDE 4

Module Code & Module Title Slide Title SLIDE 5
 Mail - Abstract Architecture

In our setup, SquirrelMail is the MUA; Postfix on the Gateway is a MTA;

Postfix on the Mailserver is the MSA when it receives mail from
SquirrelMail and the MDA when it receives mail from Postfix on the
Gateway; Dovecot on the MailServer is the LDA (called by Postfix for
putting messages in mailboxes) and the MAA (imap server).

MUA – Mail User agent

MSA – Message Submission agent
MTA – Mail Transport agent
MDA – Mail Delivery agent
MAA – Mail Access agent

Module Code & Module Title Slide Title SLIDE 6

 (dns 53)

(MX record)

(smtp 25)

relay host
(smtp 587) gateway

address
rewriting (smtp 25) mailhost
local
delivery
(imap 143)

vmail
accounts (ldap 389)
Module Code & Module Title Slide Title SLIDE 7
 Message, Envelope, Headers

The MSA places the message in an “envelope” for delivery.

• There is a header on the message and another header on the envelope.
– These contain addresses and other information about the message.
• Message headers can be (and are) easily forged by user.
• Users typically do not see the envelope.
– Envelope headers are (normally) created, changed, and deleted by
MTAs
• Every message is assigned a unique ID by each MTA that handles it.
– This allows tracing the message from end to end (if log files are
available).

Module Code & Module Title Slide Title SLIDE 8

 EMail Overview – SMTP

1. sending end introduces itself SMTP protocol

2. sending end tells who mail is from HELO – introduce yourself
AUTH – authenticate this user
3. sending end tells who mail is for MAIL FROM – who
RCPT TO – (message to)
If the destination user is valid / relaying VRFY – see if this user exists.
is permitted, open a spool, and EXPN – expand this address
continue the process. More on this and tell me who it is
in a minute… DATA – body of the message
DSN – delivery status notice
4. Sending end transfers data RSET – reset the connection
NOOP – do nothing
5. Sending end closes connection VERB – verbose mode
QUIT – close the connection

Module Code & Module Title Slide Title SLIDE 9

 RFC 2476 + RFC 4409:
Message Submission

smtp smtp smtp

MSA 587 MTA 25 25 MTA
(local) (initial) Relay MTAs (destination)

Defines the difference between mail transfer and message submission:

• Submission is intended to be from client to initial server.
– SMTP protocol, port 587
• Transfer is intended to be server to server (relay)
– SMTP protocol, port 25

Allows administrators to run two distinct services configured optimally for

each purpose rather than a single MTA service that has to make allowances
for different types of use

Module Code & Module Title Slide Title SLIDE 10

 Email – Submission

smtp smtp
MSA port 587 should be MSA 587 MTA 25
limited to internal hosts (local) (initial)

• MSA converts mail to “canonical form”, for example by adding

@domain to mail submitted with a simple user name
• MSA does other address rewriting, for example changing
[email protected] to Given.Family@domain (masquerading)
• MSA authenticates clients: able to require encryption and SMTP
authentication for port 587 sessions

Module Code & Module Title Slide Title SLIDE 11

 DNS Necessities

• Canonical name for hosts

– lookup record - Name to IP
• MX records
– so MTAs can find the address to connect to
example.com IN MX 10 mailhost.example.com.
– MSAs don’t really need MX, initial MTA can be hard coded
• Mailserver reverse lookup record - IP to Name
– for validation purposes

Module Code & Module Title Slide Title SLIDE 12

 Relaying

smtp smtp
MTA 25 25 MTA
(initial) Relay MTAs (destination)

• MX (Mail eXchanger) record

– priority allows multiple possibilities for getting mail delivered

• MTA configuration
– Accept mail for certain destinations, then pass it along

• open relay = bad netizen

– likely to be used for spam

Module Code & Module Title Slide Title SLIDE 13

 Many different configurations
are possible

• Local delivery for users with an account on the system

• Local delivery for virtual users (no account on the system)
• Virtual hosting for domains, mail delivered to local user (virtual or
actual)
• Mail sent to a gateway then forwarded on to individual mailservers
– MUA talks to configured gateway MSA
• Local mail sent to local mailserver, external mail sent to gateway –
MUA talks to localhost

Weird and wonderful combinations will work!

Lots of decisions to make, Lots of documentation to read

Module Code & Module Title Slide Title SLIDE 14

 How complicated is it?

• postfix
 sets 530+ defaults
• sendmail:
 55+ features
 180+ defines, many with several distinct options
these are used to configure

18 classes

16 rulesets

15 macros

9 m4 diversions (subroutines)
• dovecot:
 About 150 defaults plus (2*7) database options

Module Code & Module Title Slide Title SLIDE 15

Module Code & Module Title Slide Title SLIDE 16
 Web-based Mail

• A web-based mail client is a suite of CGI programs that act as a

mail client using a web browser as the user interface.
• Requires obtaining and installing the needed CGI programs and
supporting programs and adding them to the web server
configuration
– For example, SquirrelMail requires a webserver, PHP, and an
IMAP server, as well as the SquirrelMail software.
• Web-based mail can be used from any client platform that has a
web browser.

Module Code & Module Title Slide Title SLIDE 17

 Configure Webmail

Module Code & Module Title Slide Title SLIDE 18

 Web Services

• Uses HTML for message format and Each component of the page
HTTP for message transport is retrieved separately and
• HTTP: TCP port 80 combined for display in the
browser
• HTTPS: TCP port 443 (SSL)

Module Code & Module Title Slide Title SLIDE 19

 CGI/app
Can be written in
any language,
PHP, Python, C#
(ASP.NET), and
JavaScript are
all popular
Webserver itself only
serves HTML pages
(DocumentRoot)

• monkey is the TinyNet default server

Virtual Hosts : • apache is the most popular
Multiple Web sites
• lighttpd is preferred by many
managed by a single
server • Internet Information Server (IIS) is Microsoft
Module Code & Module Title Slide Title SLIDE 20
 (dns 53)

(MX record)

(smtp 25)

relay host
(smtp 587) gateway

address
rewriting (smtp 25) mailhost
local
delivery
(imap 143)

vmail
accounts (ldap 389)
Module Code & Module Title Slide Title SLIDE 21
 Reference

• [VirtualBox] Configure an Ubuntu 22.04 / 20.04 Virtual Machine for Web

Development (Complete Guide)
• https://www.wpdiaries.com/virtualbox-for-web-development/

Module Code & Module Title Slide Title SLIDE 22