00d5cbd5c81f3abec054fa913346aae9.ppt
- Количество слайдов: 40
Sendmail X Version 10 or X Files? Oct/Nov 2005 Dusan Baljevic - Australia © Dusan Baljevic The information contained herein is subject to change without notice
Workshop Objectives The purpose of this short seminar is to provide a broad understanding of the various design principles and concepts that exist in Sendmail X. An extensive number of on-line manuals and other references exist that provide a more in-depth look into the topics discussed in this course. 1. Introduce Sendmail X 2. Provide basic installation and configuration tips 3. Questions and Answers 2
Why Sendmail X Sendmail is one of the oldest Message Transfer Agents (MTA). It was incepted around 1977, known as “Bill Joy period”, when everything seemed to be happening all at once. Heterogenous networks could not communicate via email effectively. The hooks for UUCP mail were done in /bin/mail. The hooks for Berk. Net were done in Berkeley Mail and the hooks for Arpanet were different altogether. Eric Allman worked on Ingres Project at Berkeley and recognised a need to have a common MTA. Initially, he called it delivermail, which was the precursor of sendmail. Many versions of Sendmail have been generated in the past. The current opensource version is at release 8. 13. 5. Several excellent competing products emerged in last several years: Exim, Postfix, Smail, Qmail. They have smaller code bases (typically being half the size of Sendmail, or less), do not support the legacy features, and generally had less programming bugs and security threats. 3
Sendmail X Main Features Its current version is Beta 4. 0. Project leader is Claus Assmann. Sendmail X has a slightly different license than Sendmail 8. It supports the Simple Mail Transfer Protocol (SMTP) as specified by RFC 2821 and various extensions, like STARTTLS, AUTH, PIPELINING, and other protocols (LMTP, for example). It was designed as a secure and efficient mail gateway. It does not provide any mail content modification capabilities like masquerading of addresses or changing (addition, removal) of headers. Later versions will probably add those features. 4
Sendmail X Main Features It is a modularized message transfer system consisting of at least five persistent processes, four of which are multi-threaded. A central queue manager (QMGR) controls SMTP servers (SMTPS) and SMTP clients (SMTPC) to receive and send email messages, an address resolver (SMAR) provides lookups in various maps including DNS for mail routing, and a main control program (MCP) starts the others processes and monitors them. The queue manager organizes the flow of messages through the system and provides measures to avoid overloading the local or remote systems by 5 implementing a central control instance.
Sendmail X – Key Principles Robustness Flexibility Scalability Extendability Maintainability Portability Automated Testing Backward Compatibility (as much as possible) It has three queues on disk ("persistent" queues): IBDB: incoming envelope information DEFEDB: deferred envelope information CDB: content database The first two are exclusively handled by QMGR, the third one is written by SMTPS, read by SMTPC, and entries are removed by QMGR. 6
Building Sendmail X The configuration file is generated by GNU autoconf. The simplest method to build it in the source tree (only use a privileged account if it is really required, but most of the programs refuse to run with root privileges): . /configure make check Other options: -enable-TLS -enable-SASL -with-sasl-libdir=path -with-sasl-incdir=path -disable-included-bdb -with-bdb-libdir=path -with-bdb-incdir=path -enable-pmilter 7
Sendmail X - RFCs RFC 974 Mail Routing and the Domain System RFC 1123 Internet Host Requirements RFC 1652 SMTP 8 BITMIME Extension RFC 1869 SMTP Service Extensions RFC 1870 SMTP SIZE Extensio RFC 1891 SMTP Delivery Status Notifications RFC 1892 The Multipart/Report Content Type for the Reporting of Mail System Administrative Messages RFC 1893 Enhanced Mail System Status Codes RFC 1894 Delivery Status Notifications RFC 1985 SMTP Service Extension for Remote Message Queue Starting RFC 2033 Local Mail Transfer Protocol RFC 2034 SMTP Service Extension for Returning Enhanced Error Codes RFC 2045 Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies RFC 2476 Message Submission RFC 2487 SMTP Service Extension for Secure SMTP over TLS RFC 2554 SMTP Service Extension for Authentication RFC 2822 Internet Message Format RFC 2852 Deliver By SMTP Service Extension RFC 2920 SMTP Service Extension for Command Pipelining 8
Installing Sendmail X Unix accounts to provide separation of privileges and to enhance security: smxs: *: 260: Sendmail X SMTPS: /nonexistent: /sbin/nologin smxq: *: 261: Sendmail X QMGR: /nonexistent: /sbin/nologin smxc: *: 262: Sendmail X SMTPC: /nonexistent: /sbin/nologin smxm: *: 263: Sendmail X misc: /nonexistent: /sbin/nologin smx: *: 264: Sendmail X other: /nonexistent: /sbin/nologin Corresponding Unix groups: smxs: *: 260: smxq: *: 261: smxc: *: 262: smxs smxm: *: 263: smxs, smxq smx: *: 264: To check whether the required users and groups exist, run . /misc/sm. check. sh -p (in the build directory) 9
Sendmail X Block Diagram (Copyright Claus Assmann) 10
Sendmail X Directory Structure A shell script to setup the directories, files is available in misc/sm. setup. sh. It is is invoked when make install is run. Majority of default values in the installation script can be overridden through environment variables (defaults are listed in square brackets): SMXCONFDIR: [/etc/smx] configuration directory SMXQDIR: [/var/spool/smx] queue directory; communication sockets are created in this directory by default SMXLOGDIR: [. ] logging directory (relative to SMXQDIR). If logging is done via syslog(3) then this directory is not used SMXS [smxs] SMTP Server user and group SMXC [smxc] SMTP Client user and group SMXQ [smxq] QMGR user and group SMXM [smxm] address resolver (misc) user and group SMX [smx] generic (configuration) user and group SMXLG group for log files; the install program tries operator, sysadmin, and root 11
Sendmail X Directory and File Permissions The CDB directories (0 -9, A-F) must be owned by smxs and have group smxq with the permissions 0771: drwxrwx--x 2 smxs smxq 0/ The main (DEFEDB) and incoming queues (IBDB) must belong to smxq and should not accessible by anyone else: drwx------ 2 smxq defedb/ drwx------ 2 smxq ibdb/ibdb/ Mailertable, aliases map, and other maps for SMAR should belong to smxm and can be readable as local conventions require: -rw-r--r-- 1 smxm mt -rw-r--r-- 1 smxm aliases. db In general, maps should be owned by the user id of the program that uses them. 12
Sendmail X Directory and File Permissions (continued) The sendmail X configuration file smx. conf can belong to root or the generic Sendmail X user. The directories in which the communication sockets between QMGR and the other programs are located must belong to smxq and be group accessible for the corresponding program: drwxrws--- 2 smxq smxm qmsmar/ drwxrws--- 2 smxq smxc qmsmtpc/ drwxrws--- 2 smxq smxs qmsmtps/ The directory in which the communication socket between MCP and SMTPS is located must belong to smxs: drwxr-x--- 2 smxs smtps/ The log files must be owned by the corresponding user and may have relaxed group (or even world) read permissions: -rw-r----- 1 smxq operator qmgr. log -rw-r----- 1 smxm operator smar. log -rw-r----- 1 smxc operator smtpc. log -rw-r----- 1 smxs operator smtps. log 13
Sendmail X smx. conf (part 1) CDB_base_directory = “/var/spool/smx"; # activate this for local delivery using procmail and LMTP lmtp { listen_socket { type=unix; path = lmtpsock; umask = 007; user = root; group = smxc; } start_action = nostartaccept; min_processes = 1; max_processes = 8; user = root; path = /usr/bin/procmail; arguments = "procmail -z+"; } 14
Sendmail X smx. conf (part 2) smtps { log_level = 11; log { facility=mail; ident="smtps"; } CDB_gid = 262; wait_for_server = 4; listen_socket { type=inet; port = 25; } start_action = pass; pass_fd_socket = smtps/smtpsfd; user = smxs; path = "/usr/local/libexec/smtps"; arguments = "smtps -f /etc/smx. conf"; } 15
Sendmail X smx. conf (part 3) smtpc { log_level = 11; log { facility=mail; ident="smtpc"; } wait_for_server = 4; start_action = wait; user = smxc; path = "/usr/local/libexec/smtpc"; arguments = "smtpc -f /etc/smx. conf"; } 16
Sendmail X smx. conf (part 4) qmgr { log_level = 12; log { facility=mail; ident="qmgr"; } wait_for_server = 4; wait_for_client = 3; start_action = wait; user = smxq; restart_dependencies = { smtps, smtpc, smar }; path = "/usr/local/libexec/qmgr"; arguments = "qmgr -f /etc/smx. conf"; } smar { log_level = 12; log { facility=mail; ident="smar"; } nameserver = 203. 62. 129. 196; start_action = wait; user = smxm; restart_dependencies = { smtps, qmgr }; path = "/usr/local/libexec/smar"; arguments = "smar -f /etc/smx. conf"; } 17
Sendmail X Mailertable Routing This file must exist, even if there are no entries. localhost lmtp: zorro 2. myfundom. dom lmtp: zorro 2 lmtp: loghost lmtp: island. myfundom. dom lmtp: localhost. myfundom. dom lmtp: mydomain. com smtp: [192. 168. 49. 25]: [10. 44. 18. 79] anotherdomain. net. au esmtp: antivirus. srv. net. au myrealdom. dom esmtp: pathetic. myfundom. esmtp: smart-relay. myfundom. dom 18
Sendmail X Aliases Berkeley DB hash map aliases. db is used. postmaster: dbaljevi root: dbaljevi: local: adm: local: Special-alias@island. myfundom. dom: dbaljevi 19
Sendmail X Access List (part 1) cltresolve: tempptr error: 451 4. 7. 1 reverse lookup failed mxbadip: 127. 0. 0. 1 error: 551 5. 7. 1 Bad IP address in MX/A list mxbadip: 10. 68. 2. 255 error: 551 5. 7. 1 Bad IP address in MX/A list from: @spammer. domai error: 551 5. 7. 1 No spammers n from: @. spammer. doma error: 551 5. 7. 1 No spammers in subdomains either in to: root error: 551 5. 7. 1 No mail to root to: abuse quick: ok cltaddr: 10 error: 551 5. 7. 1 No direct mail from 10. x. y. z cltname: spammer. dom an quick: error: 551 5. 7. 1 No mail from spammers to: @primary. domain relay cltaddr: 10 relay cltaddr: 127. 0. 0. 1 quick: relay 20
Sendmail X Access List (part 2) to: @myotherdomain. com server to: anotheruser@other. com to: postmaster@anydom. net. au error: 451 4. 3. 3 Try primary MX relay protectedrcpt: mail-list 1@mydom. com list:
Sendmail X Access List (part 2) ( Tags from: to: cltaddr: cltname: cltresolve: mxbadip: records certissuer: certsubject: protectedrcpt: envelope sender address (MAIL) envelope recipient address (RCPT) client IPv 4 address client host name result of forward and reverse client lookup IPv 4 addresses that are not allowed for MX - A DN of CA cert that signed that presented cert DN of presented cert restrictions for recipient address 22
Sendmail X SMAR Maps n n n n type: type of the map; currently one of hash (Berkeley DB hash), sequence, socket, and passwd. file: the filename of the DB file (including the extension) (for type hash). mapname: name of the map used in the protocol (type socket only). address: IPv 4 address of inet socket. (type socket only). path: the pathname of the Unix domain socket (for type socket). port: port for inet socket (type socket only). maps: list of map names to use in the map (type sequence only). Examples: map localusers { type = hash; file = "/etc/smx/localusers. db"; } map otherusers { type = hash; file = "/etc/smx/otherusers. db"; } map password { type = passwd; } map seq 1 { type = sequence; maps = { localusers, otherusers }; } map seq 2 { type = sequence; maps = { password, otherusers }; } 23
Sendmail X DNS Lookups in Blacklists smar { dnsbl { domain = rbl-plus. mail-abuse. org; tag = dnsblmain; } } smar { dnsbl { domain = dnsbl. njabl. org; tag = dnsbldue; } } smar { dnsbl { domain = bl. spamcop. net; tag = dnsbltre; } } smar { dnsbl { domain = dnsbl. sorbs. net; tag = dnsblqua; } } dnsblmain: 127. 0. 0. 1 error: 550 5. 7. 1 Listed at rbl-plus. mail-abuse. org as open relay dnsbltdue: 127. 0. 0. 2 error: 550 5. 7. 1 Listed at dnsbl. njabl. org as spam source dnsbltre: 127. 0. 0. 9 error: 451 4. 7. 1 Listed at bl. spamcop. net as possible spammer dnsblqua: temp error: 451 4. 7. 1 Temporary lookup failure at dnsbl. sorbs. net If multiple RBLs are specified, the DNS queries are initiated at the same time. Note that the lookups in the access map are performed in the order in which the blacklists are given; the first successful lookup is used as result, no further queries are performed. 24
Sendmail X Greylisting (part 1) Supports a very simple form of greylisting. Uses the client IP address as key instead of a tuple consisting of client IP address, envelope sender, and envelope recipient. Design goal was: do not accept mail from an unknown source on the first connection, but reject it with a temporary error. Any MTA that conforms to RFC 2821 will try to send the mail later on, however, spamming systems often do not do that. An IP address can be in three different states: unknown: the client has not connected before or the entry is expired from the database, greylisted: the client has connected before but it did not yet connect again within the configured time interval, whitelisted: the client has connected before and it connected again within the configured time interval. Greylisting is performed at the RCPT stage of the SMTP dialogue. It is only 25
Sendmail X Greylisting (part 2) Greylisting can be disabled for selected hosts by adding them to the access map: cltaddr: 10. 15 cltaddr: 192. 168. 38 cltaddr: 127. 0. 0. 1 relay quick: relay Some mailers do not behave properly and will not retry a mail that had a temporary error. This can cause mail loss in various situations like when the receiving system is currently out of some resources. To minimize the impact: cltaddr: 192. 168. 17. 45 ok cltaddr: 203. 18. 150. 1 ok A list of broken mailers can be found at: http: //cvs. puremagic. com/viewcvs/greylisting/schema/whitelist_ip. txt A related problem are server farms where a mail could be sent from a different IP address each time, or if a client authenticates via STARTTLS or AUTH. 26
Sendmail X Startup (part 1) /etc/rc 2. d/S 88 smx #!/bin/sh # start sendmail X via MCPPID=mcp. pid MCPOUT=mcp. out start_mcp() { /usr/local/sbin/mcp -l -p ${MCPPID} /etc/smx. conf > ${MCPOUT} 2>&1 & } stop_mcp() { if test -s ${MCPPID}; then kill `head -1 ${MCPPID}` else echo "$0: pid file ${MCPPID} does not exist or is empty“ fi } 27
Sendmail X Start (part 2) if cd "/var/spool/smx"; then : else echo "$0: cd /var/spool/smx failed" exit 1 fi case "$1" in 'start') start_mcp ; ; 'stop') stop_mcp ; ; 'restart') stop_mcp start_mcp ; ; *) echo "Usage: $0 { start | stop | restart }" exit 1 ; ; esac exit 0 28
Sendmail X Misc (part 1) Strict RFC Compliance The SMTP server currently enforces fairly strict RFC 2821 compliance. For example, a MAIL command must be given in the following format MAIL From: user@some. domain The angle brackets are required, there must be no space after ": ", etc. This has the useful side effect of catching some spam programs: 5. 5. 0 Syntax error. , input=MAIL FROM:
Sendmail X Misc (part 2) root 7950 1 0 Oct 12 pts/25 0: 00 /usr/local/sbin/mcp -l –p mcp. pid /etc/smx. conf smxs 7954 7950 0 Oct 12 ? 0: 00 smtps -f /etc/smx. conf smxm 7951 7950 0 Oct 12 ? 0: 00 smar -f /etc/smx. conf smxc 7953 7950 0 Oct 23 ? 0: 00 smtpc -f /etc/smx. conf smxq 7952 7950 0 Oct 23 ? 0: 00 qmgr -f /etc/smx. conf n n /usr/local/bin/runas smxq /usr/local/bin/mailq -B/var/spool/smx /usr/local/bin/runas smx /usr/local/libexec/smar –D /usr/local/bin/runas smxc /usr/local/libexec/smtpc –P 25 /usr/local/bin/runas smxs /usr/local/libexec/smtps – 8 Does not offer some of the features that are available in other MTAs. n Address Masquerading: The best way to use the correct e-mail addresses is to properly configure your MUA. Some MUAs offer more flexibility for this than the default masquerading features of sendmail 8. Alternatively a mail submission program (MSP) can be used which offers address rewriting capabilities (example, MSP from sendmail 8). n. forward: procmail can be used as LDA and its configuration file. procmailrc allows to implement the same functionality as a. forward from sendmail 8 and some other MTAs. n Sending mail to programs: Recommended to use procmail. n Appending mails to files: Recommended to use procmail. 30
Sendmail X Makefile for Maps (part 1) # Makefile to create sm. X maps MM=/usr/local/bin/createmap all: aliases. db access. db qmgr_conf. mailertable. db aliases. db: aliases -test -f aliases. db && mv aliases. db ${MM}
Sendmail X Makefile for Maps (part 2) mailertable. db: mailertable -test -f mailertable. db && mv mailertable. db ${MM} -w -F mailertable. db < mailertable chown smxm mailertable. db chmod 664 mailertable. db echo "kill -USR 1 smar" qmgr_conf. db: qmgr_conf -test -f qmgr_conf. db && mv qmgr_conf. db ${MM} -w -F qmgr_conf. db < qmgr_conf chown smxq qmgr_conf. db chmod 664 qmgr_conf. db echo "kill -USR 1 qmgr" 32
Sendmail X Typical Message with Headers From root@island. myfundom. dom Mon Oct 10 10: 49 2005 Return-Path:
Sendmail X (Sys)Logging (part 1) Oct 4 12: 55: 26 zorro 2 sendmail[13189]: [ID 801593 mail. info] j 942 t. QPB 013189: from=root, size=52, class=0, nrcpts=1, msgid=<200510040255. j 942 t. QPB 013189@island. myfundom. dom>, relay=root@localhost Oct 4 12: 55: 26 zorro 2 smtps: [ID 197553 mail. info] sev=INFO, func=ss_hdl_session, ss_sess=S 00000001 D 00, client_ipv 4=127. 0. 0. 1, client_name=Hostname_Not_Determined Oct 4 12: 55: 26 zorro 2 smar: [ID 197553 mail. info] sev=INFO, func=smar_rcpt_rslv, status=resolved, pa=
Sendmail X (Sys) Logging (part 2) Oct 4 12: 55: 26 zorro 2 smtps: [ID 197553 mail. info] ss_sess=S 00000001 D 00, ss_ta=S 00000002600, msgid=<200510040255. j 942 t. QPB 013189@island. myfundom. dom>, size=546, stat=0 Oct 4 12: 55: 26 zorro 2 smtpc: [ID 197553 mail. info] sev=INFO, func=sc_rd_reply, thread=0, da_sess=C 01000000020000, da_ta=C 01000000030000, ss_ta=S 00000002600, mail=
Sendmail X - Personal Comments Very different from previous versions of Sendmail; Large leap forward with lot of changes; Maybe came too late, considering the market penetration and successes of Exim and Postfix especially; HP, for example, currently uses Postfix with two RBLs: MAPS (Mail Abuse Prevention System) – http: //www. mail-abuse. org Spam. Haus – http: //www. spamhaus. org Designed as a secure and efficient mail gateway. The current version does not provide mail submission programs: n Sendmail 8 mail submission program; n Msmtp; n Esmtp; Good log file analysers not yet available; Large source tree (about 3. 8 MB gzip-archive versus 1. 9 MB for Sendmail 8. 13. 5); 36
Sendmail X – Personal Comments (continued) No support for: MIME conversion (7/8 bit); it will just send 8 bit data (or maybe reject delivery based on some configuration option); n UUCP support (other than external delivery agent). Support for other protocols: Bitnet, FIDO, DECNet, (and so on), address parsing/syntax is RFC (2)821/(2)822; n Dialup systems; n Localization. Those features may be added in the future. n 37
Sendmail X References and Feedback Main URL: http: //www. sendmail. org/sm-X/index. html All feedback should be sent to: smx+feedback@sendmailx. org SMTP surveys: http: //www. falkotimme. com/projects/survey_smtp_032004. php http: //www. credentia. cc/research/surveys/smtp/200304/ http: //cr. yp. to/surveys/sendmail. html 38
SMTP Survey March 2004 (Copyright 2005, Falko Timme) 39
40