If you are familiar with any one of the Unix distributions, such as SunOS or BSD, you will know about Sendmail (http://www.sendmail.org), the de facto email application for Unix platforms for so many years. Sendmail has been ported to many non-Unix operating systems, including OpenVMS, Windows, and Macintosh OS X. However, this is not to say that Sendmail is ideal software because it is fairly complicated to implement correctly and configure. It relies on obscure syntax invoked in text-based configuration files that are run through a macro processor. It's also closely tied to Unix conventions and standards, necessitating a significant knowledge base in both. TIP If you plan on tackling Sendmail, you'll want to make sure you have a good resource for installing and configuring the server. The sendmail book (ISBN 1-56592-222-0) from O'Reilly & Associates, coauthored by Sendmail developer Eric Allman, is considered to be the definitive guide on the subject. SLES 9 ships with several mail servers, among them Sendmail and Postfix. Developed by Dr. Wietse Venema of IBM's Thomas J. Watson Research Center (Yorktown Heights, New York), Postfix attempts to be a fast, easy-to- administer, and secure replacement for Sendmail. SLES 9 installs Postfix by default, even for a base system configuration. Therefore, the discussion in this section is about Postfix. NOTE Two other favored email server software packages (commonly referred to as Message Transfer Agents or MTAs) among the Linux/Unix community are Qmail (http://www.qmail.org) and Exim (http://www.exim.org). However, they are not included with SLES. WARNING The Postfix package conflicts with those of Sendmail and Exim. Therefore, if you have Postfix installed, it must first be uninstalled before installing Sendmail or Exim. (If you install, for instance, Sendmail via YaST, the dependencies check will warn you of the conflict and permit you to specify a resolution action.) One of the best things about Postfix is that it can be set up quickly and easily without sacrificing security. The following steps lead you to a Postfix quick-start:
NOTE Notice that the rc version of /etc/init.d/postfix is located in /sbin and not in /usr/sbin, like many other packages. In nine simple steps, you have installed, configured, and started the Postfix SMTP services for your SLES server and its local name domain. Your users can use it to send mail locally as well as out to the Internet. However, for inbound SMTP mail, you need to configure your DNS server to point your domain's MX record to this server. (See the "Network Name Services" section later in this chapter for details on how to do this.) It is a good idea to configure a valid "MX" record for your mail server so that your users can receive any bounced or undeliverable messages. CAUTION The preceding procedure is just enough to get Postfix working, but it probably isn't enough to secure this package fully, especially if you are connected to the Internet. Therefore, it behooves you to spend some time going over the various Postfix features, such as configuring access control for mail relaying, content inspection and "graylisting" for general spam and virus detection, TLS encryption and authentication, and address verification, in the Postfix documentation. TIP SpamAssassin (http://spamassassin.apache.org) is one of the most popular antispam packages available. You can find step-by-step instructions on how to get Postfix to use both SpamAssassin and Anomy Sanitizer (a virus blocking system) at http://advosys.ca/papers/postfix-filtering.html. To set up Postfix to run automatically on server bootup, use the insserv command as follows: Athena:/home/admin # /sbin/insserv /etc/init.d/postfix NOTE To configure Postfix using YaST, make sure the yast2-mail, yast2-mail-aliases, and yast2-mail-server packages are installed. Also, you need to first enable the LDAP Support Active option in the YaST DNS Server module. TIP You can test your Postfix configuration using one of the included email clients, such as KMail or even mail (from a terminal session). For KMail, create an Outgoing account under the Network configuration, specify SMTP as the transport type, and use localhost for the hostname. If you use mail, no special configuration is required. To send a message using mail, simply use mail username, and you will be prompted for additional information, such as subject. Telnet is often used to test mail servers (or other types of services, such as HTTP). The following illustrates how you can send a simple email message using Telnet: # telnet athena 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 Athena.UniversalExport.ca ESMTP Postfix EHLO ws1.UniversalExport.ca 250-Athena.UniversalExport.ca 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250 8BITMIME MAIL FROM: root 250 Ok RCPT TO: root 250 Ok DATA 354 End data with <CR><LF>.<CR><LF> TO: root, tasha FROM: root, tasha SUBJECT: Test mail via telnet This is a test mail sent via telnet. . 250 Ok: queued as 9C71D25D72 quit 221 Bye Connection closed by foreign host. The resulting message as viewed using the mail program looks like this: From root@Athena.UniversalExport.ca Mon Mar 14 06:28:52 2005 Return-Path: <root@Athena.UniversalExport.ca> X-Original-To: root Delivered-To: root@Athena.UniversalExport.ca Received: from ws1.UniversalExport.ca (localhost [10.20.4.1]) by Athena.UniversalExport.ca (Postfix) with ESMTP id 9C71D25D72 for <root>; Mon, 14 Mar 2005 06:28:19 -0500 (EST) To: root@Athena.UniversalExport.ca, tasha@Athena.UniversalExport.ca From: root@Athena.UniversalExport.ca, tasha@Athena.UniversalExport.ca SUBJECT: Test mail via telnet Message-Id: <20050314112819.9C71D25D72@Athena. UniversalExport.ca> Date: Mon, 14 Mar 2005 06:28:19 -0500 (EST) Status: RO This is a test mail sent via telnet. One of the most common routes for (software) virus "distribution" is via email. Included with SLES 9 are AMaVIS (A Mail Virus Scanner, http://amavis.sourceforge.net) and AVMailGate (http://www.hbedv.com) to help you protect your system. The packages are called amavisd-new and avmailgate, respectively, on the SLES media and are automatically installed when you install Postfix. Note that AMaVIS requires you to have a virus scanner already installed; refer to /usr/share/doc/packages/amavisd-new for more details. The following are some examples of commercial antivirus solutions that may meet your requirements:
|