SMTP Simple Mail Transfer Protocol

SMTP Lockdown

This entry is compiled and applied to the scientific entry of "Science China" encyclopedia. The SMTP (Simple Mail Transfer Protocol) is simply the message Transfer Protocol, which is a set of rules for sending mail from the source address to the destination, and it controls the way the letters are relayed. The SMTP protocol is a TCP/IP protocol cluster that helps each computer find its next destination when sending or relaying letters. Through the server specified by the SMTP protocol, e-Mail can be sent to the recipient's server, the whole process only a few minutes. An SMTP server is a sending mail server that follows the SMTP protocol and is used to send or relay e-mail messages. It uses a reliable data transfer service provided by TCP to transfer mail messages from the sender's mail server to the recipient's mail server. As with most application layer protocols, SMTP also has two ports: clients executed on the sender's mail server and server side executed on the recipient's mail server. The client and server side of SMTP are running on each mail server at the same time. When a mail server sends a mail message to another mail server, it is running as an SMTP client. There are many similarities between the SMTP protocol and the etiquette that people use to interact with each other. First, the SMTP client running on the sending-side mail server host initiates a TCP connection to the SMTP server port number 25 running on the receiving mail server host. If the receiving mail server is not currently working, the SMTP customer waits for a period of time before attempting to establish the connection. The SMTP client and server perform some application-level handshake operations first. Just as people tend to introduce themselves before they turn things around, SMTP clients and servers also introduce themselves before transmitting information. During this SMTP handshake phase, the SMTP client indicates to the server the e-mail address of the sender and recipient respectively. After we have introduced ourselves, the customer sends out an email message.

Chinese name

Simple Mail Transfer Protocol

Foreign names

Simple

Mail Transfer Protocol

Hereinafter

Smtp

Role

Message information between the transfer systems

Port

-

Directory

1. 1 Definitions
2. 2 Protocol Principle
3. 3 Configuration Methods
4. 4 working mechanism

1. 5 Working Process
2. application on 6 x.
3. 7 junk e-mail
4. 8 Service Extensions

1. 9  communication model
2. 10  Communication security
3. 11  FAQ

Defining SMTP is an application-layer protocol supported by the TCP protocol that provides reliable and efficient e-mail transport. SMTP is a mail service that is built on TCP and is used primarily to transmit message information between systems and to provide notification of a letter. [1] smtp is independent of a specific transport subsystem and requires only reliable and orderly data flow channel support. One of the important features of SMTP is that it can transmit messages across the network, that is, "SMTP mail relay." Typically, a network can be composed of non-TCP Transport layer protocols by TCP-accessible hosts on the public Internet, TCP-IP networks that are separated by firewalls, and hosts in other Lan/wan. With SMTP, you can transfer messages between processors on the same network, or through a repeater or gateway to send messages between a processor and other networks. In this way, the message may be sent through a large number of intermediate repeaters or gateway hosts on the path from the sending side to the receiving end. The Domain Name Service system (DNS) mail Exchange Server can be used to identify the next IP address of the transmitted message. [1] smtp is a relatively simple text-based protocol. Above it specifies one or more recipients of a message (which in most cases is confirmed to be present), then the message text is transmitted. You can easily test an SMTP server with a Telnet program. SMTP uses TCP port 25. To determine an SMTP server for a given domain name, you need to use MX (Mail eXchange) DNS. [1]  in the early 80 's, SMTP began to be widely used. At the time, it was just a supplement to UUCP, and UUCP was better suited to handle sending messages between machines that were intermittently connected. Instead, SMTP works best when the sending and receiving machines are always connected to the network. [1] sendmail is one of the first mail transport agents to implement SMTP. By 2001, there are at least 50 programs that implement SMTP as a client (the sender of a message) or a server (the recipient of a message). Some of the other popular SMTP server programs include the qmail of Philip Hazel's EXIM,IBM, Postfix,d J. Bernstein, and Microsoft Exchange Server. [1]  since this protocol was initially based on plain ASCII text, it was not handled well on binary files. Standards such as MIME are developed to encode binaries so they can be transmitted through SMTP. Today, most SMTP servers support 8-bit MIME extensions, which make the transfer of binary files almost as simple as plain text. [1] smtp is a "push" protocol, it does not allow the message to be "pulled" from the remote server as needed. To do this, the mail client must use POP3 or IMAP. Another SMTP server can use ETRN to trigger a send on SMTP. The [1]  protocol principle smtp-Simple Mail Transfer Protocol (SIMPLEMAILTRANSFERPROTOCOL) is the most commonly used protocol for defining message transport, which is a TCP service-based application-layer protocol defined by RFC2821. The commands specified in the SMTP protocol are in clear text mode. To illustrate how SMTP works, we explain the example by sending a message to 163. In a Linux environment, use "Telnet smtp.163." COM 25 "Connection smtp.163. COM port 25th (the standard service port for SMTP), and the Telnet program under Windows, the remote host is specified as smtp.163. COM, and the port number is specified as 25, and then the smtp.163 is connected. com: The interactive process is as follows:
　　 SMTP[[email protected]] $telnet smtp.163. COM 25220 163. com Anti-Spam GT for Coremail System (163com[071018]) HELO smtp.163. com250 Okauth login334 Dxnlcm5hbwu6user Base64 encrypted user name 334 ugfzc3dvcmq6passbase64 encrypted password 235 authentication Successfulmailfrom:[email protected]. COM250 Mail Okrcptto:[email protected]. COM250 Mail OKDATA354 End data with. QUITSMTPThe $ mail okqueued as Smtp5,d9gowlarizfiftpixfx8aa==.41385s2helo is the customer's command to identify themselves to the other mail server, assuming the sender is ideal The Mailfrom command is used to indicate the sender's e-mail address; Rcptto: Identifies the recipient's email address, which indicates that you want to send mail to [email protected] COM, if the recipient is not a local user, such as Rcptto:ideal, Then you want the other mail server to forward (Relay) mail for itself, if the machine allows the forwarding of such messages, it means that the mail server is Openrelay, otherwise the server does not allow Relay;data to indicate that the following is the data portion of the message, after the input is completed, to a "." The starting line is identified as the end of the data part, and quit indicates the end of the message. This is a simple mail-sending session, in fact, when using outlookexpress and other customer software sent, the background of the interaction is such, of course, the SMTP protocol in order to deal with complex mail delivery conditions such as attachments, and so on, defined a lot of commands and rules, can be obtained by reading RFC2821. When one of your friends sends you an email, his mail server and your mail server pass sSMTPMTP protocol communication, the message is delivered to the mail server indicated by your email address (assuming your local mail server is a Linux system), if you directly log on to the mail server through the Telnet protocol, you can use mail and other client software to read the message directly, However, if you want to use local MUA (mailuseragent, such as outlookexpress and other client software) to read the message, the local client interacts with the mail server via POP3 or IMAP protocol, passing the message to the client (e.g., the Win98 system). And if you reply to a letter to your friend, the MUA you use is also communicated via the SMTP protocol to the Mail Service (usually the email address corresponding to the email address), indicating that it wants the mail server to help forward a message to the mail server specified by your friend's email address. If the local mail server allows you to forward messages through it, the server sends mail through the SMTP protocol to the other's mail server. This is the whole process of receiving and sending messages. The configuration method installs POP3 and Smtpwindows Server 2003 by default, the POP3 and SMTP service components are not installed, so we will add them manually. 1. Install the POP3 service component to log on to the Windows Server 2003 system as a system administrator. Go to control Panel → add or Remove Programs → add/Remove Windows components, select the Email service option in the Windows Component Wizard dialog box that pops up, click the Details button, You can see that this option includes two parts: POP3 Service and POP3 Service Web management. For user-friendly remote Web management of mail servers, it is recommended that you select "POP 3 Service Web Management". 2. Install the SMTP Service component Select the "Application Server" option, click the "Details" button, then view the details in the Internet Information Services (IIS) option, select the "SMTP Service" option, and then click the "OK" button. In addition, if a user needs remote Web management for a mail server, be sure to select the remote administration (HTML) component in World Wide Web services. After completing the above settings, click the "Next" button and the system will start to install the configuration POP3 and SMTP service. Configure POP3 server 1. Create a mail domain Click "start → management tools →pop3 services" to eject the POP3 Service Console window. After selecting the POP3 service in the left column, click "New Domain" in the right column, pop up the "Add Domain" dialog box, then enter the domain name of the mail server in the "Domain Name" field, that is, the part after the email address "@", 2. Create user mailbox Select the new, click "Add Mailbox" in the right column , enter the message in the Mailbox name fieldUsername, then set the user password, and finally click on the "OK" button to complete the creation of the mailbox. Once the configuration of the POP3 server is complete, you can begin configuring the SMTP server. Click "Start → program → administrative Tools →internet Information Services (IIS) Manager", in the IIS Manager window right click on the "Default SMTP Virtual Server" option, select "Properties" in the popup menu, go to "default SM TP Virtual Server" window, switch to "General" tab , select the IP address of the mail server in the IP Address drop-down list box. Click "OK" button, at this time the SMTP server default is anonymous access, open switch to the "Access" tab, click on the "Authentication" button, in the dialog box to remove the "Anonymous access" option, select "Basic Authentication (authentication)." Such a Simple mail server is set up to complete. Working mechanism SMTP typically has two modes of operation: sending SMTP and Receiving SMTP. The specific mode of work is: Send SMTP after receiving the user's mail request, determine whether this message is a local mail, if directly delivered to the user's mailbox, or to DNS query the Remote Mail server's MX record, and establish with the remote receive SMTP between a two-way transmission channel, The SMTP command is then sent by SMTP, received by the receiving SMTP, and the reply is reversed. Once the routing channel is established, the SMTP sender sends the Mail command to indicate the sender of the message. Returns an OK answer if the SMTP recipient can receive mail. The SMTP sender then issues the RCPT command to confirm that the message was received. If the SMTP receiver receives, an OK response is returned, and if it cannot be received, a reject receive reply is issued (but the entire message operation is not aborted), and the parties are repeated so many times. A special sequence is received when the recipient receives all the messages, and if the recipient successfully processes the message, an OK response is returned. Work Process Simple Mail Transfer Protocol (SMTP) is a text-based e-mail Transfer protocol that is used in the Internet to exchange messages between mail servers. SMTP is an application-tier service that can be adapted to a variety of network systems. SMTP commands and responses are text-based, with command-line units and newline characters cr/lf. The response information is usually only one line, starting with a 3-digit code, followed by a brief textual description.smtp SMTP has 3 stages of establishing connections, sending messages, and releasing connections. Specifically: (1) Establish a TCP connection. (2) The client sends the HELO command to the server to identify the sender's own identity, and then the client sends the Mail command. (3) The server side responds with OK, indicating that it is ready to receive. (4) The client sends the RCPT command. (5) The server side indicates whether it is willing to receive mail for the recipient. (6) End of negotiation, send mail, send input with command data. (7) End this send, quit with quit command. The SMTP server routes e-mail messages based on mail exchange (MX) records in DNS. The e-mail system locates mail servers based on the address suffix of the recipient. SMTP completes the editing, receiving, and reading of messages through the user agent (UA) and delivers messages to the destination through the Mail Transfer agent (MTA). X. 1. Status of this memorandum This memorandum describes an SMTP standard for virtual circuit services provided by the CCITT X. The publication of this memorandum is not subject to any restrictions. 2. Introduction in Appendix D to RFC821 ("Simplemailtransportprotocol", SMTP, Simple Mail Transfer Protocol), the possibility of placing SMTP directly on the X. Virtual Circuit (ISO layer 3rd) is mentioned. It is also recommended to "take advantage of a TCP-like reliable end-to-end protocol on X. In 1981, given the overall reliability of the psdns, this was undoubtedly feasible. The business was already very reliable in the 1989, allowing it to be placed directly on the virtual circuit business. Many of the products in 24 psdn networks, including 22 different countries, proved to be successful, and the results proved that even in some expensive psdn, this approach was very economical, and it was also successful in the X. NET and x. LAN. Each SMTP session must have a X. virtual circuit (VIRTUALCIRCUIT,VC) Open, and the SMTP session will use the full-duplex channel provided by the VC. Typically, a VC is closed by the party initiating the call. 3. Protocol ID and call user data the first 4 bytes of the call user data area should be 0xc0f7,0000 (hexadecimal), and decimal is 19224700. This field is typically used to identify a protocol ID, or Prid. However, in the actual operation, you should be able to configure the call user data on the base prefix address, including the Protocol ID field. 4. The data stream usually divides the SMTP data into a number of packets on the sending side, and correspondingly, the M-bit (indicates a subsequent packet) should be placed when the packet is encapsulated. The total length of a packet can reach 2048 bytes. Usually we recommend that the SMTP command and response be sent out in a data packets, or there is only one subsequent packet. As long as the debug co-To facilitate the discussion. But this does not require that it be necessary. 5. It is useless to identify the grouping and interrupt grouping of the data Q-bit set. If it is received, it should be ignored. 6. Circuit reset if you receive a 3-layer circuit reset indication, this VC should be cleared and the SMTP connection should be re-established. Re-establishment can lead to some delay or a different call business. 7. Call business any negotiation feature that is selected by the X. Call request business is available. You should be able to specify a business for each called address. 8. Character encoding X. The character encoding used is the full 8-bit ASCII code, without any omissions or modifications. A line should end with CRLF (decimal: 1310) or just LF (decimal: 10) To identify the end of a line. 9. Close the connection is different from the TCP protocol, in the process of purging the request, X. does not provide synchronous transmission of data, and when the virtual circuit is cleared, all packets being transmitted are discarded. Therefore, when a "service shutdown" message is received, the caller closes the SMTP session layer (on X.), which is either the response of the QUIT command or because the service must be aborted. 10. Timeoutsmtp SMTP usually does not provide a timeout session, and at X., the following items are valid: 10.1 Call request If you do not receive the "Call acceptance" message within 100 seconds, or if you do not receive the "Service ready" message within 120 seconds (in addition), you should clear the call and try again. 10.2 Established call when the protocol session is established, if no response is received within 10 minutes, the virtual circuit should be cleared. 10.3 The timeout period is reduced to 20 seconds after the quit command is closed. This may lead to a casual exit, but it does not affect the SMTP business that has already been completed. 10.4 Clear when X. "Purge request" is emitted, this virtual circuit will time out within the time specified by x. 11. Other features of X. Other features, such as permanent virtual circuits and D-bit selection, are not used. One of the limitations of the initial SMTP of spam is that it does not have a mechanism for authenticating the sender. Therefore, the Smtp-auth extension is defined later. Despite the identity authentication mechanism, spam is still a major problem. But because of the network effect of the large number of SMTP installations, it is considered unrealistic to drastically modify or completely replace SMTP. Internet Mail 2000 is a recommended alternative to SMTP. As a result, there are some auxiliary protocols that work with SMTP. IRTF's anti-spam research team is working on a number of recommended solutions to provide simple, flexible, lightweight, and upgradeable source-side authentication. The most likely accepted proposal scenario is the Sender Policy Framework protocol. SMTP model SMTP provides a mechanism for message transfer that can be through balls to each other when both the recipient and the sender are on a network, and when the parties are not on the same network, they need to be forwarded through one or several intermediary servers. SMTP is first requested by the sender to establish a two-way communication channel with the receiver SMTP, which can be either the final recipient or the intermediate forwarding server. After the recipient server confirms that the connection can be established, the two-post can begin communication. The sender SMTP notifies the recipient of the identity of the sender by sending the Mail command, and if the recipient accepts it, it will answer OK. The sender then issues the RCPT command, informs the recipient of the identity, the receiving party SMTP confirms whether it is received or forwarded, and if so, answers OK; In the communication process, the sender side SMTP and the recipient SMTP using a dialogue-style interaction, the sender of the request, the recipient to confirm, confirmed before the next action. The entire process is controlled by the sender, and sometimes it needs to be confirmed several times. To ensure that the reply command is valid, SMTP requires the sender to provide the recipient's server and mailbox. The command and reply to the message has a strict syntax definition, and the reply has a corresponding numeric code. All commands are made up of ASCII code. The command code is case-insensitive, such as mailand Mail﹑mail are equivalent. Service extended SMTP provides a reliable and efficient delivery mechanism for sending e-mail messages. Although its role has been evident for more than 10 of years, the expansion of its function is essential. Extensions to the SMTP service let's take a look at the two things, including envelopes and content, in SMTP forwarded messages. We write and write envelopes and Chimpi, and we can borrow letters from our lives to help understand them. (1) SMTP envelopes are easier to understand, and are delivered as a series of SMTP protocol units, including sender address, transfer mode, and one or more recipient addresses. If you are unsure, please refer to the SMTP protocol standard.smtp (2) As for the content, it is composed of two parts, part is the letterhead, part of the letter body, the letterhead is a domain/value pair (a domain, a value), if the body has a structure, its structure is based on MIME constructs. Content is fundamentally text, and is generally made up of ASCII code, but because of the use of mime, so this limit should also be no, but the letterhead is not, generally should use ASCII code representation. Although the SMTP protocol is a good protocol, but the expansion of it is unavoidable, this article mainly describes an extension method, using this extension method, the server and the user can know each other using the extension, how much to use, if the communication. The Communication model SMTP protocol is a member of the TCP/IP protocol family, which is mainly about how to transfer e-mail from the sender address to the receiver address, that is, the rules of transmission. The communication model of the SMTP protocol is not complex, and the main work is on sending SMTP and receiving SMTP: First a mail request for a user is sent by SMTP to establish a duplex communication link to receive SMTP, where the receive SMTP is relative to the sending SMTP. In fact, it can be either the ultimate receiver or the intermediate transporter. Sending SMTP is responsible for sending SMTP commands to receive SMTP, while receiving SMTP is responsible for receiving and responding to feedback. From the previous communication model, you can see that the SMTP protocol between sending SMTP and receiving SMTP is done by sending SMTP SMTP commands and receiving SMTP feedback responses. After the communication link is established, Send SMTP send mail command instructions to the Mail sender, if receiving SMTP can receive mail at this time to make OK answer, and then send SMTP continue to issue the RCPT command to confirm whether the message received, if received to make an OK answer, otherwise issued a refusal to receive the answer, However, this does not affect the entire message operation. The two sides so many times until the mail processing is complete. The SMTP protocol contains a total of 10 SMTP commands, with the following list: SMTP command description helo<domain><crlf>; A Hello command that identifies the sender to receive SMTP mail From:<reverse-path ><CRLF>; is the sender's address. This command tells the receiver the start of a new message send and initializes all states and buffers. This command starts a message transfer process and eventually completes the delivery of the message data to one or more mailboxes. RCPT to:<forward-path><crlf>; identifies the address of each recipient of the message data<crlf> receiving SMTP will treat the subsequent behavior as mail data to <crlf>.<CRLF>; identifies the end of the data. rest<crlf>; exiting/Resetting the current message transfer noop<crlf>; requires receiving SMTP to only make an OK reply. (for testing) quit<crlf>; requires receiving SMTP to return an OK answer and close the transfer. vrfy<string><crlf>; verifies that the specified mailbox is present and the server prohibits this command because of security factors. expn<string><crlf>; verifies that a given list of mailboxes exists, expands the list of mailboxes, and is often disabled. help<crlf>; What commands are supported by the query server communication security SendMail is the most widely used messaging/acceptance mail Transfer agent in a UNIX environment. Because the SendMail mail server is characterized by its powerful and complex features, the following work is required to ensure the security of the SendMail. 1. The purpose of setting SendMail to use the "Smrsh" Smrsh program is to act as an alternative shell for SendMail defined in mailer. Smrsh is a restricted shell tool that explicitly specifies a list of executable files through the "/etc/smrsh" directory. In short, Smrsh restricts the assemblies that an attacker can execute. When used with the SendMail program, Smrsh effectively restricts the range of programs that SendMail can execute to the Smrsh directory. The first step: Decide Smrsh can allow SendMail to run a list of commands. The following commands should be included by default, but not limited to these commands: "/bin/mail" (if installed on your system) "/usr/bin/procmail" (if installed on your system) Note: You cannot include a command interpreter in the command list, such as SH ( 1), CSH (1), Perl (1), UUDecode (1), and Stream editor sed (1). Step two: Create a symbolic connection for programs that allow SendMail to run in the "/etc/smrsh" directory. Use the following command to allow the mail program "/bin/mail" to run: [[email protected]] #cd/etc/smrsh[[email protected]] #ln-s/bin/ Mailmail to allow the Procmail program "/usr/bin/procmail" to run with the following command: [[email protected]] #cd/etc/smrsh[[email protected]] #ln-s/usr/bin/procmailprocmail This will allow users in ". Forward" and "aliases" to use the "|program" syntax to run mail and procmail programs. The third step configures the SendMail to use the restricted shell. The mailer program has only one row in the SendMail configuration file "/etc/sendmail. CF". You must modify the SendMail. The line defined in the CF "Mprog" file. Replace "/bin/sh" with "/usr/sbin/smrsh". Edit the "sendmail. CF" File (vi/etc/sendmail. CF) and change the following line: For example: mprog,p=/bin/sh,f=lsdfmoqeu9,s=10/30,r=20/40,d= $z:/,t=x-unix,a=sh-c$u should be changed to: mprog,p=/usr/sbin/ smrsh,f=lsdfmoqeu9,s=10/30,r=20/40,d= $z:/,t=x-unix,a=sh-c$u To manually restart the SendMail process with the following command: [[email protected]]#/etc/ Rc.d/init.d/sendmailrestart2, "/etc/aliases" files are used to obtain privileges if they are not properly and strictly managed. For example, many distributions have a "decode" alias in the alias file. The situation is getting smaller. The purpose of this is to provide users with a convenient way to transfer binary files via mail. At the place where the message was sent, the user converted the binary file to an ASCII format using "Uuencode" and mailed the result to the "decode" alias of the receiving place. The alias sends the mail message to the "/usr/bin/uuencode" program through the pipeline, which completes the work of returning the original binary file from ASCII. Delete the "decode" alias. Similarly, for all the aliases that are used to execute programs that are not placed in the Smrsh directory, you have to examine them carefully, and perhaps they are questionable and should be deleted. To make your changes take effect, you need to run: [[email protected]]#/usr/bin/newaliases Edit the alias file (vi/etc/aliases) and delete the following lines: # Basicsystemaliases--thesemustbepresent.mailer-daemon:postmasterposTmaster:root#generalredirectionsforpseudoaccounts.bin:rootdaemon:rootgames:root?? Delete this line ingres:root?? Delete this line nobody:rootsystem:root?? Delete this line toor:root?? Delete this line uucp:root?? Delete this line #well-knownaliases.manager:root?? Delete this line dumper:root?? Delete this line operator:root?? Delete this line #trapdecodetocatchsecurityattacksdecode:root?? Delete this line #personwhoshouldgetroot ' Smail#root:marc should finally run the "/usr/bin/newaliases" program to make the changes effective 3, Avoid your sendmail being abused by unauthorized users with the latest version of SendMail (8.9.3) to add a strong anti-spoofing feature. They can prevent your mail server from being abused by unauthorized users. Edit your "/etc/sendmail.c F" file, modify this configuration file, so that your mail server can block spoofed mail. Edit the "sendmail.c F" file (Vi/etc/sendmail. CF) and change the following line: Oprivacyoptions=authwarnings instead: Oprivacyoptions=authwarnings,noexpn,novrfy set "NOEXPN" Causes SendMail to disallow all SMTP "EXPN" commands, and it also causes SendMail to reject all SMTP "VERB" commands. Setting "Novrfy" causes SendMail to disallow all SMTP "VRFY" commands. This change prevents the EXPN and VRFY commands from being used by the perpetrators, which are abused by those who do not obey the rules. 4, SMTP greeting information when SendMail accepts an SMTP connection, it sends a greeting message to that machine, which is the identity of the host, and the first thing it does is tell the other person that it's ready. Edit the SendMail. CF "File (vi/etc/sendmail. CF) and change the following line: osmtpgreetingmessage= $jSendmail $v/$Z; $b change to: osmtpgreetingmessage= $jSendmail $v/$Z; $bNOUCEC =xxl=xxManually restart the SendMail process so that the changes you just made take effect: [[email protected]]#/etc/rc.d/init.d/ Sendmailrestart the changes above will affect the flag information that SendMail displays when a connection is received. You should replace "XX" in the "' C=xxl=xx" entry with your country and region code. The subsequent changes do not actually affect anything. But this is the legal practice recommended by the partners of the "news.admin.net-abuse.email" newsgroup. 5. Restrict who can audit message queue content in general, anyone can use the "MAILQ" command to view the contents of a message queue. To limit who can audit message queue content, simply specify the "RESTRICTMAILQ" option in the "/etc/sendmail. CF" file. In this case, SendMail only allows users with the same group owner as the directory in which the queue is located to view its contents. This will allow the mail queue directory with a permission of 0700 to be fully protected, while our qualified legitimate users can still see its contents. Edit the SendMail. CF "File (vi/etc/sendmail. CF) and change the following line: Oprivacyoptions=authwarnings,noexpn,novrfy instead of: Oprivacyoptions=authwarnings,noexpn,novrfy, RESTRICTMAILQ We change the permissions of the mail queue directory to make it fully protected: [[email protected]] #chmod0700/var/spool/mqueue Note: We have been in Sendmail.c F's " privacyoptions= the "noexpn" and "novrfy" options are added to the line, now we add the "restrictmailq" option in this line. Any user who has no privileges will receive the following message if they attempt to view the contents of the message queue: [[EMAIL&NBSP;PROTECTED]]$/USR/BIN/MAILQYOUARENOTPERMITTEDTOSEETHEQUEUESMTP6, Restrict the permission to process message queues to "root" Typically, anyone can use the "-q" switch to process the message queue, to restrict root processing to only the message queue, which needs to be in "/etc/sendma il." CF "file, specify" Restrictqrun ". Edit the SendMail. CF "File (vi/etc/sendmail. CF) and change the followingLine: OPRIVACYOPTIONS=AUTHWARNINGS,NOEXPN,NOVRFY,RESTRICTMAILQ instead of: Oprivacyoptions=authwarnings,noexpn,novrfy, Restrictmailq,restrictqrun any non-privileged user who tries to process the contents of the message queue receives the following message: [[email protected]]$/usr/sbin/ Sendmail-qyoudonothavepermissiontoprocessthequeue7, setting non-changing bits on important sendmail files can be done by using "chattr" command to make important sendmail files not changed arbitrarily, can improve the security of the system. A file with the "+i" attribute cannot be modified: it cannot be deleted and renamed, cannot create a link to this file, and cannot write data to this file. Only super users can set and clear this property. As "SendMail." CF "File setting cannot change bit: [[[email protected]] #chattr +i/etc/sendmail. CF sets the immutable bit for the "SENDMAIL.CW" file: [[[email protected]] #chattr +I/ETC/SENDMAIL.CW to "SendMail". MC "File setting cannot change bit: [[[email protected]] #chattr +i/etc/sendmail. MC is "null." MC "File setting cannot change bit: [[[email protected]] #chattr +i/etc/null. MC Sets the immutable bit for the "aliases" file: [[[email protected]] #chattr +i/etc/aliases set the immutable bit for the Access file: [[email protected]] #chattr +i/etc/mail/accessqmail Security QMail has a configuration file named Rcpthosts that originates from the Rcptto command, which determines whether to accept a message. The message is accepted only if the domain name of the recipient address in the Rcptto command is present in the Rcpthosts file, or the message is rejected. If the file does not exist, all messages will be accepted. When a mail server is forwarding (relay) all messages, regardless of who the recipient or recipient of the message is, the mail serviceis called Open forwarding (openrelay). When the QMail server does not have rcpthosts, it is open-forwarded. The simplest way to set up your own server for non-openrelay is to include all of your mail server's domain names (if your DNS's MX record points to that machine). However, this will cause your local customers to also be denied the use of your server to forward mail, and to enable customers to use MUA to send mail, customers must be allowed to use the server to forward mail. QMAIL-SMTPD supports a selective way to ignore rcpthosts files: If the QMAIL-SMTPD environment variable relayclient is set, the Rcpthost file will be ignored and relay will be allowed. But how to identify whether a mail sender is his or her client? QMail does not use Password authentication method, but to determine the sender's source IP address, if the IP address belongs to the local network, the sender is considered to be their own customers. This is where the UCSPI-TCP package will be used. Here we are going to use the TCPServer program for this software package. The program functions similar to inetd-listening for incoming connection requests, setting various environment variables for the service to be started, and then starting the specified service. The TCPServer configuration file is/etc/tcp.smtp, which defines relayclient environment variables for a network setting. For example, if the local network is a class C address with address 192.168.10.0/24, the contents of TCP.SMTP should be set as follows: 127.0.0.1:allow,relayclient= "" 192.168.10.:allow,relayclient = "": Allow these rules mean that if the connection comes from 127.0.0.1 and 192.168.10 are allowed, and the environment variable relayclient is set for it, otherwise the connection is allowed, but the relayclient environment variable is not set. This will allow 25th connections from other places to the local, but because the environment variable is not set, the connection will be rejected by QMAIL-SMPTD. However, Tcopserver does not use the/etc/tcp.smtp file directly, it needs to convert the file into a CBD file first: [[email protected]/etc]$# TCPRULESTCP.SMTP.CDBTCP.SMTP.TEMP&LT;TCP.SMTP and then look back at the run file in the/SERVICE/QMAIL-SMTPD directory/usr/local/bin/ TCPSERVER-V-P-X/ETC/TCP.SMTP.CDB can see that TCpserver used the/ETC/SMTP.CBD file. If you have multiple networks locally, you need these networks to appear in the/etc/tcp.smtp file. This enables local customers to relay messages and prevent relay from being abused. FAQ 1. What's the purpose of SMTP? SMTP is the acronym for Simple Mail Transfer protocol, the simpler message Transfer Protocol, a protocol that provides efficient and reliable delivery of e-mail messages that are exchanged between two mail servers. The server responsible for sending mail is called an SMTP client, and the server responsible for receiving mail is called an SMTP server. For example, in this animation SMTP-1 is the customer, SMTP-2 is the server. If Alice takes the form of a user agent, then the user agent is the customer, and SMTP-1 is the server. 2. What are SMTP commands and replies? The SMTP client uses commands to deliver message information to the server. A total of 4 letters, such as the Mail command to send sender information, data transfer message content, and so on. The server responds to this response by using a simple text description that consists of 3 digits, such as "OK" to indicate the consent of the customer to the order. 3. Why send the RCPT command before sending the message instead of sending it directly? The purpose of sending the RCPT command first is to determine whether the server is ready to receive the message before sending the message. This avoids wasting network resources, does not send the very long mail to discover the recipient account has the problem, for example does not have the person, the mailbox storage space is not enough. 4. Mail transfer between email servers uses the TCP protocol, and why are messages sometimes lost? The SMTP protocol between mail servers uses a TCP connection. You can ensure that messages are transferred between mail servers with accuracy. However, due to the failure of the mail server itself, such as insufficient mail space, the message could not complete the transmission resulting in loss. 5. Why is the sender User agent not sending the message directly to the recipient's user agent, but rather through the mail server? Because the user's computer, mobile phone performance is limited, can not run the program to send and receive mail, and can not run continuously and connected to the Internet. Therefore, the Mail can only be stored temporarily in the email server, the user will be able to download the letter when needed. 6. Why does the user not feel the SMTP process when sending and receiving mail? If users use the user agent software, this complex process is blocked by the user agent, the user only need to carry out a simple send operation to complete the mail delivery. If the user is using Web mode, all procedures are completed by the mail server.more Atlas of the term bookEntry picture(7)

Resources

• 1. (US) Ms. Baum, Pan . "Computer network": Tsinghua University Press, August 1, 2004

SMTP Simple Mail Transfer Protocol