8.2. Mail Operation

I will consider mailbox operations using the KMail client as an example. You should have this graphical mail program if you are using the KDE graphical shell. It is launched by executing the Internet/More Internet Applications/KMail main menu sequence. This will open the program's main window, shown in Fig. 8.1.

Figure 8.1: The main window of the KMail program

The program does not know yet, with which mailbox you want to work; you will have to configure it. Execute the Settings/Configure KMail menu sequence. This will open the configuration dialog window. Select the Network section; this will open the Setup for Sending and Receiving Messages window in the right part of the configuration window with two tabs on it: Sending and Receiving (Fig. 8.2).

Figure 8.2: The network configuration window

On the Sending tab, you have to specify the parameters of the sending server. By default, the local sendmail is already configured, but what if the mail server is located on another computer? Delete the existing account (select it and click the Remove button) and then create new one.

Click the Add button to add a new account. This will open the protocol selection dialog window, offering a choice of two protocols: SMTP and sendmail . Select SMTP, because it is more universal, and click the OK button. This will open the Add Transport window. in which you will set the parameters of the SMTP server (Fig. 8.3).

Figure 8.3: The SMTP server configuration window

The following fields have to be filled in this window:

Name A server name. This can be any name you choose.
Host The SMTP server address. If the local server is used, local host or 127.0.0.1 can be specified.
Port The SMTP server port. Most often, port 25 is used, but a different port can be used.

If the server requires authentication, check the Server requires authentication box and fill in the Login and Password fields that open.

If you have worked with email before, creating SMTP server parameters should give you no problems.

Next, the receiving part of the server has to be configured. Open the Receiving tab; you will see a list of servers on it. Select all existing accounts and delete them. Click the Add button to add a receiving server. This will open a window, in which you have to specify one of the following the server types: Local mailbox, POP3, IMAP , or Maildir Mailbox . Most often, the POP3 server is used; the process for creating it is similar to that of the SMTP server. You also have to specify the server address, the port (port 110 by default), and a login and password.

Using a local mailbox may be the most interesting thing. Even if an SMTP server is not installed, a directory containing a local mailbox is created, into which security messages, in addition to regular email messages, are sent for the administrator. When working from the console, you will see a message saying "You have new mail;" this means that there is a new message in your mailbox in the local directory. The best way to check this mailbox is to use a mail client.

For this, create a new account so that you can read security messages in a convenient format. Click the Add button to open the server type selection window. Select the Local mailbox option and click the OK button. This will open the Add account dialog window shown in Fig. 8.4.

Figure 8.4: The Local mailbox configuration window

The following fields have to be filled in this window.

Name An account name. This can be any name you choose.
Location The mailbox location. By default, all mailboxes are stored in the /var/spool/mail/name directory, where name is a user name. The administrator's mailbox will be /var/spool/mail/root.

The rest of the parameters are most often set by default, unless the administrator messed up the configuration.

Try to read mail using different protocols. Make sure that messages come into your mailbox and reach the recipient. Everything should be working all right even with the default settings. Later, some specific settings will be considered to make your mail server more secure; before making any improvements, however, you have to ensure that the basic version is working as intended.

8.2.1. Message Security

Email messages are sent over a network medium in plaintext and can be easily read if intercepted. Thus, you should encrypt confidential messages before sending them.

The most common encryption techniques are the following:

Secure/Multipurpose Internet Mail Extension (S/MIME) This standard is mainly supported by Netscape and its clone mail clients . This imposes certain restrictions because not all users are accustomed to using these programs.
Pretty Good Privacy (PGP) This encryption program is used in many areas, including encrypting mail messages. Numerous mail clients support this standard. There are several PGP versions, but many specialists recommend using the GNU Privacy Guard (GnuPG) program. No, this version is not any better than the rest, because all of them are based on the same principle. What is good about this version is that it was developed beyond U.S. borders and, thus, out of reach of its key length-limiting laws.

But with any of these techniques, only messages are encrypted. The protocol itself does not use encryption, so all passwords are sent over the network in plaintext and have to be protected. This can be done by using one of the modern standards, such as RFC 1734 (MD5 APOP Challenge/Response) or RFC 2095 (MD5 CRAM-HMAC Challenge/Response), or by resorting to the stunnel utility.