How does the message work?

First, preface

Although QQ, and other real-time chat tools have become more prevalent, but most of the enterprise and Enterprise will use the mail system for information exchange. Therefore, as operations personnel, it is necessary to understand the principle of this technology. The following is a slow introduction to the component features of the message, which will be part of it. And how the message works.

Tip: The mail system is a relatively complex system, the process is cumbersome, but the understanding of the mail system after the building will play a big role. So please check with patience, let the crab introduce you slowly.

Second, the relationship between the mail server and DNS

The first Internet delivery is simple. Because the first computers are mainframe hosts, and keep 24 hours without downtime, users are also in real time online, and each host has a fixed IP address.

If the www.pangxie.com host in the Eric User idea mail to the www.windchaser.com host WQP users, he only need to sender [email protected] recipient as [email protected] You can send mail.

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150813/1439435880288084.png "title= "1439435880288084.png" alt= "before mail delivery. png"/>

But with the popularity of small PC PCs, PC PCs don't have to boot 24 hours, which makes it impossible for users to stay online. If Eric wants to send an e-mail to WQP when the WQP user's computer is already shut down, Eric will not be able to deliver the message to WQP users.

Based on this situation, we urgently need a mail server to uniformly receive and manage mail for all computers or servers in your domain.

Evolution to later, we now send mail will not need to directly write a host, but the @ domain name format. However, there is a problem, the domain itself is unable to receive mail. So we have to find out who the server in the domain uses to process the mail, and then we need to contact DNS.

DNS queries the mail exchanger based on the MX record. Mx:mail EXchange

When there are multiple MX records on the DNS host, how to determine which is the primary server, which is the secondary server? This is based on the DNS mail-level judgment. The smaller the value defined on the DNS, the higher its priority. But if there are more than one mail exchanger in the domain, is the workload balanced between them, or is it a hot standby backup? Please see the introduction

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150814/1439525895294498.png "title= "1439525895294498.png" alt= "Dns.png"/>

① when the sender needs to send mail to the other mail server, the DNS request needs to be queried for the MX record of the opposing mail server. ②dns by querying the MX table information. ③ returns the MX information that is queried to the sender. ④ the sender delivers the message to a higher Priority Mail server (MAIL1) based on the priority level. ⑤ if the primary mail server is too busy, or is not online, the message is delivered to the secondary mail exchanger (MAIL2). ⑥ when the main mail service is idle, MAIL2 will replace the received message to the main mail exchanger (MAIL1).

Tip: The secondary switch accepts mail and does not save the message. Instead, the secondary switch waits until the primary mail exchanger is idle and transfers the messages that are accepted in lieu of it to the main mail exchanger. So any mail processing is handled by the primary mail exchanger. So we actually, if there are 2 servers to do mail exchanger, high performance should be the main.

Iii. procedures required for mail transmission

MUA (mail user Agent): Features are programs that send outgoing mail and provide users with the ability to browse and compose messages.

MTA (Mail Transfer Agent): (Can be understood as a SMTPD server) to help deliver or receive messages from users.

MDA (mail Delivery agent): A program that stores incoming messages in the corresponding user mailbox.

Determine which user the message belongs to by analyzing the header or content of the message received by the MTA, and then decide which user's mailbox the message will be delivered to

Mra (Mail Retrieval Agent): Receive your own mail via the Postal Service Protocol (POP) provided by the MRA server

Iv. e-mail delivery process

650) this.width=650; "Src=" http://www.178linux.com/ueditor/php/upload/image/ 20150813/1439475280984662.png "title=" 1439475280984662.png "alt=" Send mail procedure. png "width=" "height=" 417 "style=" width : 800px;height:417px; "border=" 0 "hspace=" 0 "vspace=" 0 "/>

    ① user Eric wants to send a message to WQP, Log on to the mail.pangxie.com server through the terminal, write a message to the sender [email protected], the recipient for [email protected] Send mail      ②mail.windchaser.com host calls SMTP program ready to send outgoing mail     ③smtp see is sending mail via domain name, SMTP calls DNS client   The    ④DNS client queries the DNS server for the domain name information required by SMTP     ⑤dns the server finds the mail server information that the domain name points to by querying the MX record. After the       ⑥DNS server returns the queried information to the DNS client     ⑦smtp receives the DNS counterpart MX information, Start and the other mail server through the TCP/IP three-time handshake, and finally the mail server in the SMTPD service to establish a connection, the message is delivered to the mail.windchaser.com server host.      #小贴士: SMTPD is the daemon of the mail server, listening on port 25th on TCP      ⑧ when SMTPD receives a message from the mail.pangxie.com host, if it is a local user's message, it will continue to ⑨, otherwise it will continue to pass it out (this is the open relay)      ⑨ when SMTPD receives the message, it discovers that the message target is the local user, it calls MUA and stores the message in the mailbox (MailBox). The path to this mailbox is typically a file named after this user under/var/spool/mail     ⑩wqp the user logs on to the mail.windchaser.com server using a terminal, and the Mail command is used to check the message      checked emails are automatically moved to a folder called Mbox in the user's home directory. 

V. Open Relay Agent (open relay)

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150813/1439479090434821.png "title= "1439479090434821.png" alt= "open relay. png" width= "670" height= "454" style= "width:670px;height:454px;"/>

If the email sent by Eric was not sent to [email protected], it was sent to [email protected], but the message was sent to the mail.windchaser.com server by the local SMTP program. When the mail.windchaser.com server receives this message and discovers that it is not a user in its domain, it will find the mail server that the corresponding MX record points to a.com by querying DNS and then forward it again. This is the function of the relay agent.

But we will find a question, why does Eric's SMTP program not deliver the mail directly to the mail server in the a.com domain? The reason is because the network of the previous internet is very unreliable, in order to ensure that the mail can be passed to each other smoothly, each mail server is an open relay Agent function. If the Mail.pangxie.com mail server thinks its path is unreliable and finds mail.windchaser.com's path more reliable, it will post the message to the mail.windchaser.com server, mail.windchaser.com the server After receiving the mail, it is found that the user is not in the local domain, it will be friendly to send the mail again, and eventually deliver to the a.com. And windchaser.com is the server of the open relay. Open relay is a convenient way to send normal mail, but it also creates another negative place, that is, spam.

VI. Computer Client (MUA) Send mail

Before we introduced the MUA, we found that the user wanted to send the message through the terminal to connect to the server, and then use the editor to send the message. But this is not the case in our daily work. For example, when we use QQ mailbox, 126 mailbox, it is impossible to directly connect on their server to send mail, but through the client on the computer to send mail.

The specific process is as follows:

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150814/1439503867967510.png "title= "1439503867967510.png" alt= sends mail based on client. png "width=" 807 "height=" 437 "style=" WIDTH:807PX;HEIGHT:437PX; "/>

① the user to open the MUA program in the computer.    The delegate program has Outlook, Foxmail.    ② after the user has written the message, the mail server address that gives us the outgoing mail feature is indicated before the message is sent, and the local SMTP program begins to be called.    ③ Local SMTP establishes a connection with the mail server (mail.windchaser.com) based on the mail server address provided by the user through the SMTP protocol and sends the message to the local domain mail server. After the ④ mail server receives this message, it begins to check whether the destination address of the message is a local domain user.    If yes, perform step ④ if it is not performed step ⑤.    ⑤ analyzes the message's first-class information through the MDA and eventually delivers the message to a public mailbox (MailBox). ⑥ resolves the MX record for the target mail server by querying DNS, and finally delivers the message. The following steps are consistent with the above, and no more introductions are made here.

Tip: Here you can see, in fact, mail.magedu.com is also open the relay function, so the mail server still need to open the local network relay function. Mail is relayed only to clients on the local network, and Mail.a.org discovers that the recipient is a user in the domain and receives it unconditionally.

Vii. receiving mail via MUA (POP3,IMAP4)

The mail is received by the local SMTPD service, and the MDA is posted to the user's corresponding mailbox. At this point will establish another service, this server can enable users to connect to the service through the account password, the service can be based on the user's account password to verify the identity of the user, and in the user's identity after verification to the mailbox to remove the user's mail, and return it to the user, this is called Mra ( Mail retrieval or mail retrieve agent) and the entire service is a POP3 or IMAP4 service.

The detailed process is as follows:

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150814/1439528282167828.png "title= "1439528282167828.png" alt= "client receives mail. png" width= "863" height= "464" style= "width:863px;height:464px;" border= "0" Hspace= "0" vspace= "0"/>

① The local computer calls the MUA program.    ②WQP users will be their own account and password, through the POP3 protocol to connect POP3 services.    The ③POP3 service verifies the identity of the user, validates the pass, invokes the MRA program, and submits the user's account information to mailbox. ④mailbox according to the MRA request, take out the user's mail, and eventually return the message to the user.

Tip: This process explains why we need to configure MUA not only to configure the sending mail server, but also to configure the server to receive the mail.

Eight, webmail, send and receive mail via Web Form

Before sending or receiving mail using a Web page, the mail server must first establish a Web server, typically providing a script to the user through a CGI script.

The user can not through the MUA client program to send and receive mail, and only need to open the browser locally, enter the corresponding server address, and provide the user's account password, when the mail server authentication passed, the CGI script will send user account information to the MRA, From the MRA to mailbox to receive the corresponding user's mail, and then the Web interface to display to the user.

If the user needs to send an email, click on the email in the browser, will open an editor, after writing, click Send, we will call local SMTP CGI, send the message to the MTA, sent by Mtax outward. This program is called Webmail.

Ix. about the authentication of sending mail

Although it seems that the mail delivery process is complete, but there is still another problem, that is, we in the mail delivery process, the mail server in the domain does not verify the identity of the user who sent the message, but only the IP address of the internal network for relay Agent release. Then assuming that the company has someone working in the field, then the user's network is certainly not the IP address of the intranet, the mail server detects that the IP address is not allowed to relay, will refuse to forward the message. But he is really a user of our company, so certainly not and common sense. It is also important to note that because the IP address can be disguised, it is possible that the company's mail server is compromised by insiders. So authenticating users is essential. However, because SMTP is too simple, so he did not authenticate the sending user, then need to use an additional mechanism, this mechanism is SASL.

Sasl:simple authentication Security Layer Simple authentication layers, is a protocol, is a library file, the user for other services that do not have authentication capabilities to provide authentication capabilities

The software that provides SASL This function is called CYRUS-SASL, which is a generic component

Tip: SASL default function is not turned on

For the detailed certification process, please see:

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150814/1439519291696266.png "title= "1439519291696266.png" alt= "certified. png"/>

① user requests to the server to send mail, and the user account password to the mail server ② mail server call SASL program ③SASL is just a certification framework, itself does not have authentication capabilities. It is therefore necessary to look for additional authentication mechanisms. From the authentication mechanism than the user's account password, certification through the implementation of step ⑤, or the implementation of step ④ ④ authentication does not pass, the mail server refused to forward this message ⑤ authentication through, mail server after DNS resolution MX record, post mail to the target mail server.

Tips: Common authentication mechanisms and PLAIN,LOGIN,MYSQL,LDAP, these authentication mechanisms need a module to implement, which mechanism indicates which library to go to find the account password.

10. For sending and receiving mail Dense

If you send an email with a trade secret or military secret, and you don't want others to see it, you need to encrypt the message. However, SMTP is too simple to encrypt messages at all. So in the mail delivery process, SMTP, POP3, IMAP4 are clear. Since all three protocols belong to different programs, it is not guaranteed that the message is secure if only one of the programs is encrypted. So need to separate the encryption.

For POP3 and IMAP4, because the processing is in their own domain, so through negotiation with each other can use the Pop3s,imaps encryption method to encrypt the recipient. However, it is relatively difficult for SMTP, because in the mail delivery process, SMTP is not only in its own domain delivery, but also with other mail servers, so the direct use of encryption of a SMTPS protocol is difficult to achieve.

So SMTP needs to use S/MIME,GPG-based programs to encrypt the message sending process.

The encryption method is as follows:

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150814/1439523579282160.png "title= "1439523579282160.png" alt= "encryption. png" width= "1100" height= "288" border= "0" hspace= "0" vspace= "0" style= "width:1100px; height:288px; "/>

Tip: The encryption process is another big area of knowledge and is not described in detail here. This blog will be updated in the future, please be patient and wait for HA (*^__^*)

Xi. filtering for spam and viral messages

Because the SMTP itself is relatively simple, but now to the mail user more harmful attention to 2 kinds of, spam and virus mail.

Common anti-spam messages are spam assassin

Common anti-virus messages have ClamAV virus mail Protection gateway

But SMTP does not call both components to protect against viruses and spam, and he also needs to borrow the caller mechanism to implement it. And caller can be sent to the mail after the first anti-Virus mail filter filter once, to prevent spam filtering once, if there is no problem, then outward.

Tip: The famous caller have Mailscanner, Mmedefang, Amavised-new.

The detailed message filtering process is as follows:

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150814/1439525274439933.png "title= "1439525274439933.png" alt= "filter. png"/>

①eric a user sends a message to a mail server (mail.pangxie.com) ② The mail server eventually sends the message to the Mail.windchaser.com mail server by querying the DNS's MX record ③mail.windchaser.com Mail server after receiving the message, call the caller program ④caller call the anti-virus message detection program, the message virus detection ⑤caller call anti-spam detection program, spam detection ⑥ If the anti-virus mail program and anti- The spam program detects the results correctly, and the mail.windchaser.com server receives the message and puts it in the user's mailbox.

12. Summary

1. Procedures required for mail transfer: MUA, MTA, MRA, MDA

2, because SMTP is too simple, so to improve the entire message process requires additional programs and applications. For example: DNS, Web, POP3, IMAP4, pop3s, Imaps, SASL, caller, etc.

3, [email protected] sent to [email protected] the completion process

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20150814/1439531803925811.png "title= "1439531803925811.png" alt= "summary. png"/>

Note: This blog for my study summary, write not too detailed, write bad or wrong place also hope to forgive. I hope I can communicate with you more.

This article is from the "Crab Learn Linux" blog, please be sure to keep this source http://windchasereric.blog.51cto.com/5419433/1684636

How does the message work?