|< Day Day Up >|| |
If you have Linux installed on your computer, you can set up a powerful mail server. Perhaps the most common mail server on the Internet is sendmail, which may already be installed on your RHEL 3 computer. Once it is installed and configured, you can set up sendmail as your own personal mail server (subject to the limitations of your ISP). One alternative to sendmail that is installed on RHEL 3 is known as postfix.
|On The Job|| |
A number of alternatives to sendmail are not covered in this book; they include procmail, mail.local, exim, and uucp.
When you install sendmail and/or postfix, you also get huge and difficult-to-read configuration files. Do not be intimidated. There are only a few entries you are ever likely to have to change. A mail server has three major components, as described in Table 7-3. You need all three of these components to have a fully functional mail system.
Mail transfer agent
sendmail, postfix, qmail
Mail user agent
mail, Mozilla, elm
Mail delivery agent
On your Linux computer, you can configure your mail transfer agent (sendmail or postfix) for various outbound services, such as forwarding, relaying, method of transport (such as TCP or UDP), lists of computers with other MTAs, optional aliases, and spooling directories.
E-mail systems are heavily dependent on name resolution. While you could handle name resolution through /etc/hosts on a small network, any mail system that requires Internet access needs access to a fully functional DNS server.
The sendmail and postfix systems use SMTP to send e-mail. But that is only one end of the mail system. You also need to configure POP and or IMAP to receive e-mail.
SMTP, the Simple Mail Transfer Protocol, has become one of the most important service protocols of the modern era. Much of the Internet-connected world lives and dies by e-mail and relies on SMTP to deliver it. SMTP is a protocol, a set of rules for transferring data used by various Mail Transfer Agents. The default SMTP program for RHEL 3 is sendmail; the alternate is postfix.
The RPM packages associated with sendmail and postfix are both part of the Mail Server package group. It includes only eight RPM packages, as described in Table 7-4. You can install them with the rpm command or the Red Hat Package Management utility. You may not need to install all of these packages on your exam; read your requirements carefully!
Installs the most popular mail server of the same name
Supports both the IMAP and the POP incoming e-mail protocols
Adds a number of templates that you can use to generate your sendmail configuration file
Installs a program which you can start from sendmail or postfix to minimize spam
Installs a Web-based e-mail server
Includes an alternative to sendmail
Adds a GUI method for switching between sendmail and postfix
Time is of the essence on the Red Hat exams. Since you may not need all of these packages, it may be faster to install these with the rpm command, especially if you're configuring your Linux computer from the text console. It takes time to start the GUI. On the other hand, once you've started the installation process, you can work on other exam requirements while the Package Management utility is installing your Mail Server packages. For more information on the Package Management utility, see Chapter 4.
If all that you're asked to configure from Table 7-4 during your Red Hat exam is sendmail, all that you would need to install is the sendmail and sendmail-cf RPM packages. And sendmail should already be installed by default, since it is part of the Base package group.
|On The Job|| |
You can find a list of RPMs associated with each package group for an Intel 32-bit CPU installation in the /usr/share/comps/i386/comps.xml file.
The sendmail daemon is configured from a directory of files in /etc/mail and a directory of configuration files in /usr/share/sendmail-cf. There are two basic configuration files: sendmail.cf for incoming mail and submit.cf for outgoing mail. I describe the key configuration files in /etc/mail in a bit of detail here.
sendmail.cf The main sendmail configuration file.
sendmail.mc A macro which you can edit and then generate a new sendmail.cf file.
access Supports outgoing access control to your sendmail server. The default version of this file supports access from the local computer. You can add hostnames or networks to this list, with a message to REJECT with an error message, DISCARD without an error message, or RELAY to accept and send the e-mail.
domaintable Allows you to map different domains. For example, if you've changed your domain name from Compaq.com to HP.com, people might still send e-mails to addresses such as michael@Compaq.com. The following line would forward that e-mail to michael@HP.com.
helpfile Supports help commands when you manage your mail server from the sendmail prompt, which you can access with the telnet localhost 25 command.
local-host-names Allows you to add hostnames or aliases for your computer as a sendmail server. Enter one alias per line in this file.
mailertable Rarely used.
Makefile Supports compiling the sendmail.mc file.
spamassassin A directory which includes configuration files that can help you minimize spam. If you want to configure it on locally received e-mail, add the following line to /etc/procmailrc:
statistic Collects statistics on sendmail usage in binary format. You can read it with the mailstats command.
submit.cf The main outgoing sendmail configuration file.
submit.mc A macro which you can edit and then generate a new submit.cf file.
trusted-users Lists special users which can send e-mail without warnings. For example, you saw e-mail addresses in the Apache configuration file; if you include the apache user in this list, it can send messages to your Web server administrators without generating sendmail warning messages.
virtusertable Supports e-mail forwarding; if you have users outside your network who use your sendmail server, you can enter individual e-mail addresses or domains for allowed users.
If you don't see some of these files or directories, you may not have both sendmail RPM packages installed: sendmail and sendmail-cf. Use the rpm -q packagename command to check if you have these packages installed, and install them as required.
|Exam Watch|| |
If you forget the default value of the INCLUDERC variable, run the rpm -qi spamassassin command. You'll see it in the description.
When sendmail starts, it reads the /etc/sendmail.cf and /etc/submit.cf files. The sendmail.cf file is a long (around 1,800 lines) file that may seem difficult to decipher but includes a wealth of helpful comments. The submit.cf file is nearly as long. This file provides detailed rules (organized into rulesets) on how sendmail should process e-mail addresses, filter spam, talk to other mail servers, and more.
This file is extremely complex and uses cryptic syntax. Fortunately, most of the directives included in this file are standards that you don't need to change. Many are required by various Internet agreements relating to e-mail address, mail transfer agents, and more.
Red Hat tries to simplify this process with a smaller file, /etc/mail/sendmail.mc, which contains only the most relevant configuration directives. It is composed entirely of macros that define key sendmail.cf settings. Once you've configured this file, you can use the make command to compile a new, custom sendmail.cf file. However, the default RHEL 3 version of this file is still over 140 lines long. Remember, the Red Hat Exam Prep guide only requires that you configure the service for basic operation. Therefore, I'll highlight those commands that you may want to change or modify for that purpose.
While older versions of the submit.mc file required work, the default versions included with RHEL 3 (or Red Hat Linux 9) should work on the local computer without changes. Unless you're on an IPv6 network, you can focus entirely on the sendmail.mc file. If you are on an IPv6 network, you'll need to change the loopback address in the last line as described in a comment in the file.
The sendmail.mc file is made up of directives (macros) used to create content for sendmail.cf. (Other related .mc files follow the same criteria and use many of the same commands). These macros do the following:
Add comments to aid in comprehension
Define key variables and values
Enable or disable features
Create variables with specific settings
The most basic macro is dnl, which tells m4 to delete from this point through to the end of the line. It is used to comment out descriptive text or disable a feature that would otherwise be included.
The include directive instructs the make command to read the contents of the named file and insert it at the current location in the output. This is how additional configuration information (needed by sendmail but not relevant to mail configuration) is kept separately from settings you may wish to change.
The define directive sets files or enables features that you wish to use. In the preceding example, you set the path to your e-mail name user ALIAS_FILE as (/etc/aliases), identify where procmail lives (PROCMAIL_MAILER_PATH), and provide the path for the official database of e-mail users-in this case, in virtualusertable.db.
The FEATURE directive enables specific features. For example, you use FEATURE to set accept_unresolvable_domains. This allows you to accept mail where you can't figure out the domain of the user who sent the e-mail. Specifically, an unresolvable domain refers to a case where it isn't possible to find a domain name through a reverse IP address lookup. If you don't have reliable DNS access, you may need this feature, or else your sendmail configuration may refuse a lot of valid e-mail.
DAEMON_OPTIONS directly controls the SMTP daemon. In the default case, you do not accept any mail from outside your own system (note the loopback address on this line).
You'll notice unusual quote characters in most of these lines. The command inside parentheses starts with a back quote (`) and ends with a single quote (‘).
In this section, you'll modify the sendmail.mc configuration file. Back it up first! You only need to make a couple of adjustments to get your system ready for use on the Internet. By default, the following line limits sendmail use to the local computer:
You can allow other computers to use your sendmail server by commenting out this line. As described earlier, this requires a dnl command. The result would be:
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
Next, if you have reliable DNS access, comment out the FEATURE directive that allows you to accept_unresolvable_domains. This blocks spammers who use just an IP address or spammers who fake their domain name to hide themselves.
But that's not enough. If you want to allow remote computers or networks access to your sendmail server, you'll need to add their names or addresses to the /etc/mail/access file. For example, if you wanted to allow access to the 192.168.30.0 domain, you'd add the following line to that file:
It's also important to add names associated with your network's e-mail addresses, such as mail.example.com and www.example.com. Watch the notation; unlike other services, there is no dot (.) at the end of the address. It covers all computers on the 192.168.30.0 network. Alternatively, you could designate the example.com domain, or a specific computer name or IP address.
Back up the current sendmail.cf file. Then you can generate a new sendmail.cf file with the following command:
# cp /etc/mail/sendmail.cf /root # make -C /etc/mail/
Now you can reconfigure your e-mail clients such as Mozilla or even Microsoft Outlook Express to send outgoing e-mail through your sendmail server. You'll need to set your sendmail computer domain name or IP address as the SMTP outgoing mail server.
|On The Job|| |
In previous versions of sendmail, all you needed to do was process sendmail.mc; it was therefore sufficient to use the m4 macro command. But you may be processing more files. The make -C /etc/mail command shown processes all files in the /etc/mail directory.
Now start or restart sendmail to make sure it reads your new sendmail.cf configuration file:
# chkconfig sendmail --level 35 on # service sendmail restart
Your sendmail (SMTP) service should now be up and running and ready to accept mail from any (valid) source.
When name resolution is not working on your network, sendmail doesn't know where to send your outbound e-mail. These messages are placed in a queue that tries to resend your e-mail at regular intervals. Other mail forwarders and relay hosts on the Internet provide the same functionality if a network segment is not working. As an administrator, you need to monitor this queue. If it gets overloaded, you may wish to reconfigure messages for that network to be sent at more irregular times. See the following code for an example of a problem message:
# mail Mail version 8.1 6/6/93. Type ? for help. "/var/spool/mail/root" 1 messages 1 new >N 1 MAILER-DAEMON@localh Wed Dec 3 08:55 60/1914 "Returned mail: see tr" & # simply press <ENTER> key to see each message Message 1: From MAILER-DAEMON@localhost.localdomain Wed Dec 3 08:55:39 2002 Date: Wed, 3 Dec 2003 08:55:39 -0500 From: Mail Delivery Subsystem <MAILER-DAEMON@localhost.localdomain> To: email@example.com MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary="DAA03153.938948139/localhost.localdomain" Subject: Returned mail: see transcript for details Auto-Submitted: auto-generated (failure) This is a MIME-encapsulated message --DAA03153.938948139/localhost.localdomain The original message was received at Wed, 3 Dec 2003 08:55:39 -0500 from Enterprise3 --- The following addresses had transient non-fatal errors --- <firstname.lastname@example.org> (reason: 550 Host unknown) --- Transcript of session follows --- 550 5.1.2 <email@example.com>... Host unknown (Name server: mommabears.cob: host not found) .. (additional details deleted) .. & d # delete current read buffer & q # quit mail #
In the previous example, the destination name server (mommabears.cob) could not be resolved (it is mommabears.com). Consequently, sendmail notifies the sender (firstname.lastname@example.org) that the mail could not be delivered.
In this case, the problem is straightforward: you've specified a nonstandard domain. However, you may get a similar error for one of the following reasons:
No DNS server available, if so required in sendmail.mc.
Access from a computer not listed or specifically denied in the /etc/mail/access configuration file.
Some firewall blocking access. You can configure a firewall to allow incoming e-mail through TCP/IP port 25. You can find more information about this in Chapter 10.
You can configure the postfix mail server as a substitute for sendmail. The configuration files are stored in the /etc/postfix directory. The main configuration file, main.cf, is somewhat simpler than sendmail.cf, as it includes around 600 lines. Back up this file and open it in a text editor. There are several things that you need to configure in this file to get it working:
Activate and modify the following myhostname command to point to the name of your computer:
#myhostname = host.domain.tld
Activate and modify the following mydomain command to reflect the domain name or IP network of your system (if you substitute your IP network, use the same format as illustrated for the sendmail.mc file):
#mydomain = domain.tld
The following two commands set postfix to listen to only the local computer. Activate and deactivate the following commands to remove that limitation:
#inet_interfaces = all inet_interfaces = localhost
Activate and modify the following mynetworks command to point to the IP network address that you want to serve:
#mynetworks = 188.8.131.52/28, 127.0.0.0/8
Now start or restart postfix to make sure it reads your new /etc/postfix/main.cf configuration file:
# chkconfig postfix --level 35 on # service postfix restart
Your postfix service should now be up and running and ready to accept mail from any (valid) source.
One of the prerequisite skills for the Red Hat exams is to configure an e-mail client. This should be easy for anyone who has used Linux for any length of time. In fact, the process for graphical Linux clients such as Evolution or Mozilla is quite similar to the process for various Microsoft e-mail clients. But as you've seen earlier in this section, there are text-based mail clients as well.
To test your mail system, you can use the built-in command line mail utility, a simple text-based interface. The system keeps each user's mail in a system directory. Once users read a message, they can reply, forward, or delete it. If they do not delete the message before quitting the mail utility, the system stores the message in the /var/mail directory, in a file named after the applicable username.
You can certainly use any of the other mail readers, such as mutt, or the e-mail managers associated with different GUI Web browsers to test your system. Other mail readers store messages in different directories. For example, pine would create and store messages for user mj in the /home/mj/mail directory.
To send mail to another user, you can use the mail command line utility. There are two basic methods for using mail. First, you can enter the subject and then the text of your message. When you're done, press CTRL-D and then enter another addressee in the Cc: line, if desired. When you press ENTER, the message is sent and the mail utility stops and sends you back to the command line.
$ mail Michael Subject: Test Message Sent and received Cc: email@example.com $
Alternatively, you can redirect a file as the text of an e-mail to another user. For example, the following command sends a copy of /etc/hosts to the root user, with the Subject name of 'hosts file':
$ mail root@localhost -s 'hosts file' < /etc/hosts
By default, the mail system doesn't open unless you actually have e-mail in your in box. Once it is open, you'll see a list of new and already read messages. To read a specific message, enter the number of the message and press ENTER. If you press ENTER with no argument, the mail utility assumes you want to read the next unread message. To delete a mail message, use the d command after reading the message, or use d# to delete the message numbered #.
If you have a distribution list of people for the same e-mail, you can set it up in the /etc/aliases file. By default, it's set up to forward e-mail from pseudo-accounts such as system and apache to root. You can change it by adding a group list similar to the following:
groupname: user01, user02, othergroupname
You can then run the newaliases command to compile this database. Then all you need to do is name the group of users as addressees for your e-mail.
The sendmail and postfix services provide their own incoming e-mail support. If you've started them on your server, you won't need to activate the ipop3d service. You can enable the ipop3d service by editing the /etc/xinetd.d/ipop3 configuration file.
The Post Office Protocol (POP) is one of the two major mail delivery protocols. It includes some basic commands that allow you or an e-mail client to send and retrieve messages. A mail service can be configured to be a central depository for incoming mail messages from any other MTA service. Client applications then download the mail messages off the POP server for processing at the local host. The ipop3d service handles all requests.
|On The Job|| |
You can configure user accounts that are only designed to service POP user accounts, where users log in and receive mail only, and no interactive service is provided. Just set up the appropriate mail client in the login configuration sequence for a given user.
The IMAP service is the other major mail delivery protocol. While POP downloads all e-mail to the client, an IMAP server maintains all mail messages on the server, as a database. IMAP is commonly used by businesses that service users who log in from different locations. It's also the most common mail delivery protocol for Web-based mail services.
Both POP3 and IMAP4 servers are part of one Red Hat RPM package: imap-2002d-2.i386.rpm. Install it as required. No special configuration is needed. It includes SSL support; it's also one of the xinetd 'super servers.' These packages are configured in the /etc/xinetd.d directory. POP3 service is configured through the ipop3 file; IMAP4 service is configured through the imap and imaps files. All of these are disabled by default with the following line:
disable = yes
You can enable it in one of two ways: edit the file directly to change this line to disable = no. Alternatively, the following command activates the POP3 service:
# chkconfig ipop3 on
|< Day Day Up >|| |