Mail agents. Introduction to Internet Mail. Message format (2) Authenticating senders



Similar documents
Mail system components. Electronic Mail MRA MUA MSA MAA. David Byers

CipherMail Gateway Quick Setup Guide

Introduction. Friday, June 21, 2002

Table of Contents. Electronic mail. History of (2) History of (1) history. Basic concepts. Aka (or according to Knuth)

Internet Security [1] VU Engin Kirda

Network Services. SMTP, Internet Message Format. Johann Oberleitner SS 2006

Electronic Mail

Internet Technology 2/13/2013

. Daniel Zappala. CS 460 Computer Networking Brigham Young University

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

1 Introduction: Network Applications

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Domain Name System (DNS)

security

Domain Name System WWW. Application Layer. Mahalingam Ramkumar Mississippi State University, MS. September 15, 2014.

The Application Layer: DNS

Glossary of Technical Terms Related to IPv6

Simple Mail Transfer Protocol

How To Write An On A Linux Computer (No Mail) (No ) (For Ahem) (Or Ahem, For Ahem). (For An ) Or Ahem.Org) (Ahem) Or An

on the RaQ 3. General. server. Services

Evolution of the WWW. Communication in the WWW. WWW, HTML, URL and HTTP. HTTP Abstract Message Format. The Client/Server model is used:

Collateral Damage. Consequences of Spam and Virus Filtering for the System. Peter Eisentraut 22C3. credativ GmbH.

How To Guide Edge Network Appliance How To Guide:

SMTP Servers. Determine if an message should be sent to another machine and automatically send it to that machine using SMTP.

QMAIL & SMTP: A Secure Application for an Unsecure Protocol. Orr Dunkelman. orrd@vipe.technion.ac.il. January 27, 2004 SMTP and QMAIL Slide 1

Linux Network Administration

Configuration Network Management Card-2

Libra Esva. Whitepaper. Glossary. How Really Works. Security Virtual Appliance. May, It's So Simple...or Is It?

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

The Application Layer. CS158a Chris Pollett May 9, 2007.

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server.

Mail Avenger. David Mazières New York University

Implementing MDaemon as an Security Gateway to Exchange Server

Author: Kai Engert, kaie at redhat dot com or kaie at kuix dot de For updates to this document, please check

Postfix. by Rod Roark

IMail Server. Getting Started Guide. Software Version 7. Ipswitch, Inc.

Mailing System: The Intra Mail

Evolution of the WWW. Communication in the WWW. WWW, HTML, URL and HTTP. HTTP - Message Format. The Client/Server model is used:

, SNMP, Securing the Web: SSL

- Domain Name System -

Exim4U. Server Solution For Unix And Linux Systems

4. Client-Level Administration

. MIME is the protocol that was devised to allow non-ascii encoded content in an and attached files to an .

Applications and Services. DNS (Domain Name System)

ECE 4321 Computer Networks. Network Programming

2- Electronic Mail (SMTP), File Transfer (FTP), & Remote Logging (TELNET)

DANE Secured Demonstration. Wes Hardaker Parsons

FTP and . Computer Networks. FTP: the file transfer protocol

How to Configure the Windows DNS Server

Electronic mail security. MHS (Message Handling System)

OpenSRS Service DNS Configuration Guide

CS43: Computer Networks . Kevin Webb Swarthmore College September 24, 2015

Management CSCU9B2 CSCU9B2 1

Computer Networks. Instructor: Niklas Carlsson

The Domain Name System

Cryoserver Archive Lotus Notes Configuration

Chakchai So-In, Ph.D.

Configuring MDaemon for Centralized Spam Blocking and Filtering

Networking Applications

IP Addresses in Clients

M1000, M2000, M3000. eprism User Guide

DNS and electronic mail. DNS purposes

DATA COMMUNICATOIN NETWORKING

How to Add Domains and DNS Records

Internet Technologies Internet Protocols and Services

How to set up the Integrated DNS Server for Inbound Load Balancing

Lecture 2 CS An example of a middleware service: DNS Domain Name System

ERserver. iseries. E mail

Section 1 Overview Section 2 Home... 5

Installing and Setting up Microsoft DNS Server

Math SMTP Server Configuration

Distributor Control Center Private Label/Channel Administrators

Technical papers How works

Emacs SMTP Library. An Emacs package for sending mail via SMTP. Simon Josefsson, Alex Schroeder

Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

Domain Name System (DNS) Fundamentals

PRECIS ANTI-SPAM GATEWAY AUTHENTICATION CASE STUDIES

Motivation. Domain Name System (DNS) Flat Namespace. Hierarchical Namespace

FTP: the file transfer protocol

Deployment Guide. For the latest version of this document please go to:

SMTP Status Codes & SMTP Error Codes Reference

eprism Security Appliance 6.0 Release Notes What's New in 6.0

Exchange mailbox users can access their from anywhere using the Outlook Web Access

Addressing SMTP-based Mass-Mailing Activity Within Enterprise Networks.

Networking Domain Name System

DNS. The Root Name Servers. DNS Hierarchy. Computer System Security and Management SMD139. Root name server. .se name server. .

Computer Networks Prof. S. Ghosh Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture - 34 DNS & Directory

Installation Guide For Choic Enterprise Edition

SMTP Best Practices, Configurations and Troubleshooting on Lotus Domino.

SMTP Error Codes & SMTP Status Codes & SMTP Reply Codes Reference 2009

Simple Scan to Setup Guide

debops.postfix documentation

MailEnable Web Mail End User Manual V 2.x

DNS and issues in connecting UNINET-ZA to the Internet

Integrated Migration Tool

Concepts, Tools and Tricks

DNS. Computer networks - Administration 1DV202. fredag 30 mars 12

sendmail Cookbook Craig Hunt O'REILLY' Beijing Cambridge Farnham Koln Paris Sebastopol Taipei Tokyo

Understanding SMTP authentication and securing your IBM Lotus Domino 8 server from spam

Transcription:

Mail agents Introduction to Internet Mail Philip Hazel University of Cambridge MUA = Mail User Agent Interacts directly with the end user Pine, MH, Elm, mutt, mail, Eudora, Marcel, Mailstrom, Mulberry, Pegasus, Simeon, Netscape, Outlook,... Multiple MUAs on one system - end user choice = Mail Transfer Agent Receives and delivers messages Sendmail, Smail, PP, MMDF, Charon, Exim, qmail, Postfix,... One per system - sysadmin choice Message format (1) Cc: Mark Anthony <MarkA@cleo.co.uk> Subject: How Internet mail works Julius, I'm going to be running a course on... Format was originally defined by RFC 822 in 1982 Now superseded by RFC 2822 Message consists of Header lines A blank line Body lines Message format (2) An address consists of a local part and a domain julius@ancient-rome.net A basic message body is unstructured Other RFCs (MIME, 2045) add additional headers which define structure for the body MIME supports attachments of various kinds and in various encodings Creating/decoding attachments is the MUA's job Authenticating senders log in MUA Mailbox Embedded MUA uses inter-process call to send to May use pipe, file, or internal over a pipe knows the identity of the sender Normally inserts Sender: header if differs from From: MUA POP / IMAP Server Mailbox Freestanding MUA uses to send mail cannot easily distinguish local/remote clients No authentication in basic protocol AUTH command in extended Use of security additions (TLS/SSL) MUA can point at any whatsoever Need for relay control Host and network blocks

A message in transit (1) Headers added by the MUA before sending cc: Mark Anthony <MarkA@cleo.co.uk> Subject: How Internet mail works Date: Fri, 10 May 2002 11:29:24 +0100 (BST) Message-ID: <Pine.SOL.3.96.990117111343. 19032A-100000@taurus.cus.cam.ac.uk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=us-ascii Julius, I'm going to be running a course on... Headers added by s A message in transit (2) Received: from taurus.cus.cam.ac.uk ([192.168.34.54] ident=exim) by mauve.csi.cam.ac.uk with esmtp (Exim 4.00) id 101qxX-00011X-00; Fri, 10 May 2002 11:50:39 +0100 Received: from ph10 (helo=localhost) by taurus.cus.cam.ac.uk with local-smtp (Exim 4.10) id 101qin-0005PB-00; Fri, 10 May 2002 11:50:25 +0100 cc: Mark Anthony <MarkA@cleo.co.uk>... A message in transit (3) A message is transmitted with an envelope: MAIL FROM:<ph10@cus.cam.ac.uk> RCPT TO:<julius@ancient-rome.net> The envelope is separate from the RFC 2822 message Envelope (RFC 2821) fields need not be the same as the header (RFC 2822) fields s are (mainly) concerned with envelopes Just like the Post Office... Error ( bounce ) messages have null senders MAIL FROM:<> An session (1) telnet relay.ancient-rome.net 25 220 relay.ancient-rome.net E Exim... EHLO taurus.cus.cam.ac.uk 250-relay.ancient-rome.net... 250-SIZE 10485760 250-PIPELINING 250 HELP MAIL FROM:<ph10@cus.cam.ac.uk> 250 OK RCPT TO:<julius@ancient-rome.net> 250 Accepted DATA 354 Enter message, ending with. Received: from... (continued on next slide) An session (2) From:... To:... etc.... 250 OK id=10spdr-00034h-00 quit 221 relay.ancient-rome.net closing conn... return codes 2xx OK 3xx send more data 4xx temporary failure 5xx permanent failure Email forgery It is trivial to forge unencrypted, unsigned mail This is an inevitable consequence when the sender and recipient hosts are independent It is less trivial to forge really well! Most SPAM usually contains some forged header lines Be alert for forgery when investigating

The Domain Name Service The DNS is a worldwide, distributed database DNS servers are called name servers There are multiple servers for each DNS zone Secondary servers are preferably off-site Records are keyed by type and domain name Root servers are at the base of the hierarchy Caching is used to improve performance Use of the DNS for email (1) Two DNS record types are used for routing mail Mail Exchange (MX) records map mail domains to host names, and provide a list of hosts with preferences: hermes.cam.ac.uk. MX 5 green.csi.cam.ac.uk. MX 7 ppsw3.csi.cam.ac.uk. MX 7 ppsw4.csi.cam.ac.uk. Address (A) records map host names to IP addresses: green.csi.cam.ac.uk. A 131.111.8.57 ppsw3.csi.cam.ac.uk. A 131.111.8.38 ppsw4.csi.cam.ac.uk. A 131.111.8.44 Each record has a time-to-live field Use of the DNS for email (2) MX records were added to the DNS after its initial deployment Backwards compatibility rule: If no MX records found, look for an A record, and if found, treat as an MX with 0 preference MX records were invented for gateways to other mail systems, but are now heavily used for handling generic mail domains Other DNS records The PTR record type maps IP addresses to names 57.8.111.131.in-addr.arpa. PTR green.csi.cam.ac.uk. PTR and A records do not have to be one-to-one ppsw4.cam.ac.uk. A 131.111.8.33 33.8.111.131.in-addr.arpa. PTR lilac.csi.cam.ac.uk. CNAME records provide an aliasing facility pelican.cam.ac.uk. CNAME redshank.csx.cam.ac.uk. DNS lookup tools host is easy to use for simple queries host demon.net host 192.168.34.135 host -t mx demon.net nslookup is more widely available, but is more verbose nslookup bt.net nslookup 192.168.34.135 nslookup -querytype=mx bt.net dig is the ultimate nitty-gritty tool dig bt.net dig -x 192.158.34.135 dig bt.net mx DNS mysteries Sometimes primary and secondary name servers get out of step When mystified, check for server disagreement host -t ns ioe.ac.uk ioe.ac.uk NS mentor.ioe.ac.uk ioe.ac.uk NS ns0.ja.net host mentor.ioe.ac.uk mentor.ioe.ac.uk mentor.ioe.ac.uk A 144.82.31.3 host mentor.ioe.ac.uk ns0.ja.net mentor.ioe.ac.uk has no A record at ns0.ja.net (Authoritative answer)

Common DNS errors Final dots missing on RHS host names in MX records MX records point to aliases instead of canonical names This should work, but is inefficient and deprecated MX records point to non-existent hosts MX records contain an IP address instead of a host name on the right-hand side Unfortunately some s accept this MX records do not contain a preference value Some broken name servers give a server error when asked for a non-existent MX record Process local addresses Alias lists Forwarding files Routing a message Recognize special remote addresses e.g. local client hosts Look up MX records for remote addresses If self in list, ignore all MX records with preferences greater than or equal to own preference For each MX record, get IP address(es) Perform local delivery Delivering a message For each remote delivery Try to connect to each remote host until one succeeds If it accepts or permanently reject the message, that's it After temporary failures, try again at a later time Time out after deferring too many times Addresses are often sorted to avoid sending multiple copies Checking incoming senders A lot of messages are sent with bad envelope senders Mis-configured mail software Unregistered domains Mis-configured name servers Forgers Forgery seems to be the largest category nowadays Many s check the sender's domain It is harder to check the local part Uses more resources, and can be quite slow Bounce messages have no envelope sender Checking incoming recipients Some s check each local recipient during the transaction Errors are handled by the sending The receiving avoids problems with bad senders Other s accept messages without checking, and look at the recipients later Errors are handled by the receiving More detailed error messages can be generated The current proliferation of forged senders has made the first approach much more popular Relay control Incoming: From any host to specified domains e.g. incoming gateway or backup Outgoing: From specified hosts to anywhere e.g. outgoing gateway on local network From authenticated hosts to anywhere e.g. travelling employee or ISP customer connected to remote network Encryption can be used for password protection during authentication Authentication can also be done using certificates

Policy controls on incoming mail Block known miscreant hosts and networks Realtime Blackhole List (RBL), Dial-up list (DUL), etc. http://mail-abuse.org (now a charged service) and others Block known miscreant senders Not as effective as it once was for SPAM Refuse malformed messages Recognize junk mail Discard Annotate

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information