DNS & mail 97/12/17

Agenda
DNS & mail n Internet mail basics
n DNS structure and management

InternetWeek ’98 Tutorial n Mail system design

1998/12/15 n SPAM countermeasures
Motonori Nakamura
[email protected]
[email protected]

E- mail System

n MUA (Mail User Agent)

n MTA (Mail Transfer Agent)
1. Internet Mail Basics n DNS (Domain Name System)

DNS
SMTP
MUA MTA MTA MUA
SMTP
POP/IMAP/...
MB mailbox 4

MUA (Mail User Agent) MTA (Mail Transfer Agent)

User application n Mail receipt

– reading mail n Determination of delivery point
– writing mail n Delivery of mail
– saving/searching mail – to remote, to local, to sender (error)
n UNIX
– ucbmail
ucbmail,, RMAIL, mush, MH (mh
(mh-- e), mew,....
l Store and Forward
n Windows – After receiving, attempt forwarding to next host
– OutLook
OutLook,, Netscape Mail, Eudora,....
5 6

InternetWeek'97 1
DNS & mail 97/12/17

Sending and Receiving Mail on the

MTA Programs
Internet
n sendmail http://www.sendmail.org
http:// www.sendmail.org//
n qmail http://www.qmail.org
http:// www.qmail.org// n SMTP - Simple Mail Transfer Protocol
n SMAIL (GNU) RFC821(S)
n MMDF (Multi
(Multi--channel Memo Distribution, CSNET) n TCP port number 25
n exim http://www.exim.org
http:// www.exim.org//
n VMail http://wzv.win.tue.nl/vmail
http:// wzv.win.tue.nl/vmail// n Most MTAs implement SMTP
n LSMTP http://www.lsoft.com/LSMTP.html
http:// www.lsoft.com/LSMTP.html – has coordination function with DNS
n PP (X.400)

7 8

Method of Determining Mail

SMTP Action
220 r.domain SMTP Server ready (Message from server)
Destination on the Internet
HELO s.domain (Message to server)
250 r.domain Hello s.domain n Extracting host name from destination mail
MAIL FROM:<[email protected]> (sender (sender’’s address) address
250 sender ok
RCPT TO:<[email protected]> (recipient
(recipient’’s address)
user@host
250 recipient ok
DATA
n Retrieval of IP address from host name
354 Enter mail, end with "." on a line by itself
e - mail data comes here host → 12.34.56.78
. (indicates end of data)
– /etc/hosts
250 Message accepted for delivery
QUIT – NIS (YP)
221 r.domain closing connection – DNS (Domain Name System)
9 10

DNS (Domain Name System) Terminology

n delivery
n Wide--area distributed directory service
Wide – local delivery → mailbox
– Distributed allocation – remote delivery → pass to another MTA
– Decentralized management
n transfer
– remote delivery
n Host name → IP address n acceptance (probably not a universal term)
n Mail address →
MXHost name → IP address – local delivery
n receive
– Sharing same domain space – delivered from remote
11 12

InternetWeek'97 2
DNS & mail 97/12/17

Mail Address %-Hack

n Used as sender information/receiver n RFC1123(S)

information
n User @ domain user % host @ relay
– motonori @ wide.ad.jp sender → relay → host
n Other formats çwhen relay is reached, rewritten as user @ host
– %- Hack
– Route Address user % host % relay2 @ relay1
– UUCP addressing sender → relay1 → relay2 → host
13 14

Route Address UUCP Addressing

n RFC822(S) n host ! user

n relay ! host ! user
@relay: user @ host
sender → relay → host n host ! user @ domain interpretation
çwhen relay is reached, rewritten as user @ host – “ host ! user”
user” @ domain (in terms of Internet)
» sender → domain → host

@relay1, @relay2: user @ host – host ! “ user @ domain”

domain ” (in terms of UUCP)
» sender → host → domain
sender → relay1 → relay2 → host
15 16

Comment Format Domain Part

n Fully Qualified Domain Name
n Full Name <user@domain>
– A complete host/domain name in the Internet domain
format
n user@domain (Full Name) n Fully Qualified Mail Address
– [email protected]
n user(User Name)@domain(Company Name) – means it ’ s not user@mailhost
– The ( ) comment may be inserted anywhere n Not Qualified Mail Address
– user
n Generic Address
17 18
– [email protected]

InternetWeek'97 3
DNS & mail 97/12/17

Message Format Sender and Recipient

n Header and body
RFC822(S): Standard for the format of arpa n Sender
internet text messages – one person
n The first blank line is the divider – the senders in the header may be plural
» representing the senders
From: [email protected]
To: [email protected]
n Recipient
Subject: InternetWeek ’98
← blank line (no space either) – one or more persons
InternetWeek ’ 98 announcement
19 20

Header and Envelope (cont.) Header and Envelope (cont ’d)

n Looks like an envelope
n Envelope n header
– Sender/destination – person who wrote body/person intended for
– Sender/destination as indicated on front – sender/recipient of enclosed text
» person who actually does procedure – generally cannot be rewritten
– Rewritten upon delivery n header and envelope sender/recipient
n RFC821(S): Simple Mail Transfer Protocol – may be the same
– Envelope is specified with command » to individuals
n UUCP – may be different
– Envelope is specified in rmail command line » mailing lists etc.
21 22

When the Envelope is Created Address Used for Reply

n Extracted from the header n Delivery error notice reply (automatic)

– The sending MUA does it – Sender of envelope
– The MTA which processes it first does it – “ Errors
Errors--To:
To:”” header
» For systems that don’
don’ t have the envelope concept
（do these still exist?）
exist?）
n The envelope is rewritten during the
n Response to content (person intervention)
delivery process
– Sender in header
– transfer
» From:, Reply-
Reply-To:
– mailing list
» (To:, Cc:)
23 24

InternetWeek'97 4
DNS & mail 97/12/17

From the Mailbox to MUA The 3 Points of Mail Delivery

1) Receipt (delivery from remote)
n Local mailbox – Sent from remote mail server
– UNIX etc.
2) Acceptance (delivery to local)
n POP
3) Sending/Forwarding (delivery to remote)
n IMAP – Sent to recipient’
recipient ’ s mail server

DNS DNS

MTA MTA
receive Send/transfer

accept MB
25 26
Range of configuration

DNS Records referred to for Mail

1) Settings for Mail Receipt
Delivery
How to convey destination to sender n A (Address) RR (Resource Record)
n Internet – IP address extracted from host name
– Direct delivery by SMTP n MX (Mail eXchanger
eXchanger)) RR
→ Define delivery destination to DNS – Destination host name extracted from mail
n Bucket relay system address
– UUCP etc. (From JUNET era) n CNAME (Canonical NAME) RR
→ Configure delivery destination in (all) hosts – Alternative host name extracted
along path
– Usage of mailconf
27 28
» sendmail.cf creation tool

Confirm A with nslookup (1) Hosts with Multiple IP addresses

mail.x.co.jp IN A 12.34.56.78
% nslookup sh.wide.ad.jp
sh.wide.ad.jp.. IN A 12.34.54.32
Server: localhost n If delivery to the first address doesn’
doesn ’t work,
Address: 127.0.0.1 it tries all addresses one by one
(implementation dependent)
n With the DNS round-
round -robin function, the
Name: sh.wide.ad.jp
address obtained through search is different
Address: 203.178.137.73 each time
– Load sharing
29
– Even it only tries first address, it may work 30
eventually after several time trial(?)

InternetWeek'97 5
DNS & mail 97/12/17

Confirm A with nslookup (2) Generic Mail Address

% nslookup jp
jp--gate.wide.ad.jp n No host name part
Server: localhost – Not dependent on host reorganization
Address: 127.0.0.1 n Uses MX (Mail eXchanger
eXchanger)) RR
n Mail to [email protected]

Name: jpjp--gate.wide.ad.jp
gate.wide.ad.jp.. is sent to specified host
– Look up MX, and with obtained host name
Addresses: 203.178.137.17, 203.178.136.81, around the right, look up A and obtain IP
203.178.137.75, 203.178.136.89 address

31 32

Confirm MX with nslookup Preparing for Failures (for MX)

% nslookup - q=q=mx
mx wide.ad.jp
wide.ad.jp.. n Mail receipt back-
back-up
Server: localhost x.co.jp preference=
preference=10
10,, mx
mx=mail1.x.co.jp
=mail1.x.co.jp
Address: 127.0.0.1 preference=50
preference= 50,, mx
mx=mail2.x.co.jp
=mail2.x.co.jp
wide.ad.jp preference = 10, mail exchanger = n Smaller the number, Higher the priority
sh.wide.ad.jp (cost value)
: (additional information)
– Until the sender succeeds in sending,
sh.wide.ad.jp internet address = 203.178.137.73 higher cost attempts are gradually made
n Please note: for destination when MX can’ can’t be
n Mail2 transfers to mail1 upon its recovery
found, it follows A, and if both are found, MX has
priority. – Be aware of mail saving period for mail2
– Therefore it’
it’ s possible for mail to go to another host mail2
using MX setting. 33 34
sender mail1

Lower MX Conditions
Load Sharing
(Conditions to avoid mail loop)
x.co.jp preference=10, mx
mx=mail1.x.co.jp.
=mail1.x.co.jp.
n Awareness of own name on right of MX RR Preference=10, mx
mx=mail2.x.co.jp.
=mail2.x.co.jp.
– Prevent connection to oneself
» confirm with $=w at sendmail -bt
» automatic registration of interface address names n When cost is the same, sender chooses
» qmail is confirmed by IP address destination randomly
n Connection is not made to IP address of oneself
n In the end, sent to one mailbox
n RR costs higher than the MX RR preference – recipient needs some settings
» static delivery definition, etc.
for oneself are thrown out
– Prevent ping-
ping- pong between Lower MX
35 36

InternetWeek'97 6
DNS & mail 97/12/17

Configuration of Accepting
2) Acceptance of Mail
Address
n Recognize that received mail is to oneself n Sendmail (CF)
– local delivery (acceptance) – set as ACCEPT_ADDRS
– not “ received = to oneself”
oneself” n qmail
– set as /var/qmail/control/locals
/var/qmail/control/locals
n If decided that it’
it ’s not to oneself
– search transfer destination

37 38

Summary of Receive Mail

3) Mail Delivery Settings
Settings
n Convey destination to sender Variations of delivery methods
– Define MX record
n Delivery by reference to DNS MX RR
n Recognize that received mail is to oneself – Prepare MTA to refer to MX
– Delivery to local (acceptance) n Delivery based on host name only
n Delivery based on set rules
Separate configurations are necessary – Consider need of referring to DNS

39 40

Basic Configuration for Referring

/etc/
etc/resolv.conf
resolv.conf
to DNS
n /etc/
etc/resolv.conf
resolv.conf n Designation of name server
nameserver 0.0.0.0 (interpreted as localhost - 127.0.0.1)
nameserver 12.34.56.78
n service switch file nameserver 12.34.56.79
– up to 3 (MAXNS in resolv.h
resolv.h))
» time out is same regardless of how many (75s)
domain sub.x.co.jp
search sub1.x.co.jp sub2.x.co.jp x.co.jp
– Used for address supplement
41 42

InternetWeek'97 7
DNS & mail 97/12/17

Service Switch file When referring to DNS MX

n Solaris n MTA referring to MX

– /etc/
/etc/nsswitch.conf
nsswitch.conf – sendmail.mx
» hosts: files dns » link to libresolv.a
n DEC – sendmail.cf for reference to MX
– /etc/
/etc/svc.conf
svc.conf » MX_SENDMAIL=yes (CF)
» (Actually Wildcard MX strategy only)
n Others → Address supplement
– ServiceSwitchFile option (sendmail.cf
(sendmail.cf))
– Default: /etc/service.switch
hosts dns files nis 43 44

Delivery Based on Set Rules Confirmation for Delivery

n Write set rules in sendmail.cf n Is the address interpreted correctly?

– mailconf – sendmail - bv or sendmail - bt /parse
– CF n Is MX able to search normally?
» STATIC_ROUTE_FILE – use sendmail - bt for /mx
/mx command
n Is it able to actually send?
– sendmail - v

45 46

Summary of Delivery Settings

n Host should be able to refer to DNS

– resolv.conf
– Service Switch file

n Consider destination according to mail

address
– Refer to DNS (MX) and deliver as is
» which name server should be looked at (more later)
– Destination is statically set 47

InternetWeek'97 8