LinuxCBT.com

Syllabus

Focus: Postfix Version 2x MTA

Duration: 16-Hours

  • LinuxCBT Postfix Edition - Module II

    • Postfix - Installation
      • Identify a geographically close Postfix mirror location
      • Discuss Postfix nomenclature
      • Download Postfix
      • Import PGP-compatible key to verify downloaded source archive
      • Verify Postfix source archive against imported signature
      • Extract Postfix source archive
      • Identify existing system MTA configuration
      • Explore Postfix source tree
      • Discuss pre-requisites
      • Identify Sendmail-compatible binaries to backup
      • Add required Postfix user and groups
      • Compile & install Postfix
      • Identify key directories and binaries
      • Alter key Postfix configuration files for basic operation
    •  
    • Postfix - Local Mail & Queueing
      • Define local domains in main configuration file
      • Define Fully Qualified Domain Name (FQDN) of Postfix Host
      • Confirm running Postfix TCP (super server) Manager
      • Explore current running directives with postconf
      • Alter configuration to enable local aliases
      • Use sendmail-compatible binary to inject messages into the local queue
      • Confirm delivery via default Syslog location
      • Identify default mbox-based mailstore
      • Use MUA mutt to verify delivery of local mail
      • Discuss & explore various Postfix queues
      • Explain how Postfix implements local injection
      • Explain how Postfix handles SMTP-based mail
    •  
    • Postfix - Aliases
      • Discuss concepts and applications for aliases
      • Identify required aliases
      • Describe Sendmail-compatible alias types
      • Define 1-to-1 aliases
      • Define list-based aliases
      • Test aliases delivery
      • Discuss per-user aliases (.forward) file
      • Define per-user .forward file with redirection to vacation program
      • Test delivery and auto-response
      • Discuss how mail is routed into the file system (maildrop) while Postfix is up/down
      • Identify binaries responsible for local mail injection (pickup/cleanup)
    •  
    • Postfix - Simple Mail Transfer Protocol (SMTP)
      • Confirm the existence of remote recipients
      • Inject mail for delivery to remote Linux Host
      • Review Postfix delivery report generated upon invocation of verbose mode
      • Confirm delivery of remote mail to remote Linux Host
      • Use MUA mutt to reveal and explore the headers of SMTP-based mail
      • Explore name resolution order file & discuss logic
      • Configure Postfix to receive mail to second-level domain plus FQDN
      • Simulate Postfix name resolution process at delivery-time
      • Expose current Mail Exchanger (MX) Host for the second-level domain
    •  
    • Postfix - Rewriting Features - Canonical Maps - BCC Maps
      • Discuss default configuration
      • Examine envelope headers
      • Configure Postfix to masquerade outbound messages
      • Test masqueraded envelope by generating new mail
      • Discuss canonical maps concepts & applications
      • Explain corresponding rewrite binaries
      • Define canonical maps in Ascii format
      • Use Postmap to generate DB-formatted canonical maps
      • Instruct main.cf to employ canonical maps database
      • Test address rewriting using canonical maps
      • Confirm message delivery via Syslog-generated logs
      • Examine the headers of delivered message altered using canonical maps & myorigin
      • Define & test sender canonical maps
      • Define & test recipient canonical maps
      • Configure Postfix to BCC all messages to specified recipients
      • Test messages between various users to ensure BCC functionality
      • Configure Postfix to BCC messages based on specific senders
      • Define Sender BCC maps using editor and Postmap to generate Hashed DB
    •  
    • Postfix - Relay Control
      • Explore & discuss default relay behavior
      • Identify key relay-related directives
      • Connect to remote Windows 2003 Host and attempt to relay
      • Confirm DNS resolution of Postfix relay host
      • Attempt relay to recipient on relay host & confirm path via logs
      • Attempt relay to recipient on foreign host & confirm delivery
      • Tighten default Postfix relay policy to restrict relaying to local subnet
      • Attempt local subnet and Internet-based relays & confirm results
      • Use SMTP commands to expose features supported by Postfix MTA
      • Discuss SMTP Auth pre-requisites
      • Recompile Postfix to support SMTP Auth
      • Configure Postfix with SMTP Auth to restrict relaying by users vs. IP or hostname
      • Confirm support of SMTP Auth using standard STMP commands
      • Configure Outlook Express client to support SMTP Auth
      • Attempt to relay based on SMTP Auth support
      • Permit relaying of non-local domains based on relay domains
      • Define additional second-level domain for relaying
      • Configure relaying of non-local domains using hashed Berkeley DB maps
      • Discuss Postfix transport maps concepts and applications
      • Define transport maps for domains to bypass DNS MX lookups
      • Update receiving Postfix host to support transport maps
      • Confirm delivery of messages to additional domains defined in transport maps
      • Configure Postfix as a Backup Mail Exchanger (MX) host and confirm delivery during failure
    •  
    • Postfix - Smart Host & Null Client configuration
      • Discuss Smart Host concepts and applications
      • Define the Postfix Smart Host
      • Define the Postfix Smart Host client
      • Test local delivery and confirm delivery
      • Test delivery of Internet-based message which requires Smart Host
      • Confirm delivery via logs and remote SSH session
      • Discuss Null client concepts and applications
      • Internet -> DMZ -> Corporate Backbone Mail Repository
      • Disable local mail delivery on Postfix host
      • Configure Postfix to function as a null client
      • Test results of null client delivery
    •  
    • Postfix - Virtual Domains
      • Discuss default domains handled by Postfix
      • Attempt IP-address based delivery
      • Explore the mydestination parameter
      • Alter BIND configuration to route messages for basic virtual domain
      • Configure Postfix to map individual users to domains
      • Define individual virtual domains hash
      • Define virtual domains user hash
      • Generate hashed virtual domains and virtual user databases
      • Confirm routing of messages to appropriate users
      • Define catchall addresses for non-matching users and/or aliases
      • Use Postmap to query virtual users and determine delivery path
    •  
    • Postfix - Mailbox Formats
      • Explore default mbox configuration location and permissions
      • Describe mbox format
      • Explore environment configuration variables related to mail delivery
      • Test delivery of mbox-bound messages using mutt & Postfix
      • Discuss Maildir message storage format
      • Configure Postfix to deliver messages using Maildir message format
      • Examine Postfix-created Maildir structure after mail delivery
      • Alter shell environment to support Maildir format with desired MUA
    •  
    • Postfix - Network-based Mail Retrieval
      • Discuss Courier IMAP framework
      • Identify and install pre-requisites
      • Download, compile, and install Courier Authentication Library Daemon
      • Identify Courier Authentication key directories, binaries and configuration file
      • Download and install Courier IMAP Daemon
      • Explore Courier IMAP binary directory tree
      • Discuss Courier framework
      • Configure Courier for POP3 mail retrieval
      • Confirm retrieval using Windows 2003 - Outlook Express client
      • Identify POP3 Secure configuration files
      • Generate self-signed certificate for use with POP3 Secure communications
      • Confirm retrieval of messages using Outlook Expres and POP3 Secure
      • Establish run-level symbolic links for POP3 & POP3S services
      • Configure Courier for IMAP mail retrieval
      • Confirm retrieval using Windows 2003 - Outlook Express client
      • Generate self-signed certificate for use with IMAP Secure communications
      • Establish run-level symbolic links for IMAP & IMAPS services
    •  
    • Postfix - Web-based Mail Retrieval
      • Discuss Web-based SquirrelMail pre-requisites
      • Enable Apache web server
      • Download and Install SquirrelMail into web-accessible location
      • Secure data and attachments directories
      • Configure SquirrelMail for initial use with Courier IMAP
      • Address PHP session-related issues
      • Explore SquirrelMail from the browser as various Linux users
      • Confirm deliver using multiple clients - (mutt/Outlook Express/SquirrelMail/Local Injection)
    •  
    • Postfix - Malware Framework
      • Dowload MailScanner
      • Download Clam Anti-Virus (ClamAV)
      • Download SpamAssAssin
      • Download, compile & install zlib
      • Clam Anti-Virus (ClamAV) Implementation
        • Create required user and group
        • Compile & install ClamAV
        • Identify key ClamAV binaries
        • Update ClamAV configuration files for basic operation
        • Update ClamAV definitions
        • Configure system Crontab to update virus definitions every hour
        • Confirm scheduled virus definition updates 24 hours later
      •  
      • SpamAssAssin Implementation
        • Illustrate message flow from remote SMTP system through our Malware Framework
        • Download SpamAssAssin from Apache Foundation
        • Extract & discuss SpamAssAssin source tree
        • Compile and install Perl-based SpamAssAssin
      •  
      • MailScanner Implementation
        • Download, compile and install the current MailScanner malware engine
        • Explore MailScanner source and binary trees
        • Explore MailScanner.conf configuration file - discuss important directives
        • Update MailScanner to support Postfix MTA
        • Configure Postfix MTA to route inbound messages into temporary queue for processing
        • Invoke MailScanner malware engine and confirm
        • Debug incidentals related to invalid configuration directives and missing components
        • Malware Framework - MUA -> MTA -> MailScanner -> ClamAV -> SpamAassAssin -> MTA -> Maildir/Mailbox
        • Send sample malware through the malware framework & confirm detection
        • Send sample spam through the malware framework & confirm detection
        • Configure MailScanner to affix outbound Corporate Signatures - Legalise - to all messages based trusted configuration
      •  
    •  
    • Postfix - Log Analysis
      • Download AWStats log analysis application
      • Configure AWStats to function in current Apache Web Server environment
      • Discuss AWStats features and applications
      • Configure AWStats to process Postfix MTA Logs
      • Explore AWStats' web-based interface
    •  
    • Postfix - Transport Layer Security (TLS)
      • Discuss benefits
      • Obtain latest sources
      • Configure TLS support
      • Confirm secure message delivery
      • Evaluate results
    •  
    • Postfix - SMTP AUTH - Dovecot
      • Discuss benefits
      • Configure SMTP Auth & TLSsupport
      • Authenticate client requests
      • Confirm secure message delivery
      • Evaluate results
    •  

LinuxCBT Postfix Edition

  •  
DEMO