LinuxCBT.com

Syllabus

Focus: qMail Message Transfer Agent

Duration: 12-Hours

  • LinuxCBT qmail Edition - Module III

    • qmail - Installation
      • Identify current Mail Transfer Agent (MTA) environment on Red Hat Enterprise box
      • Discuss system initialization environment
      • Disable current MTA in applicable run-levels
      • Identify qmail pre-requisites
      • Setup qmail source-tree hierarchy for build process
      • Discuss qmail's modular, component architecture - relevant binaries
      • Navigate to a close qmail mirror
      • Download qmail components
      • Extract primary qmail packaged and dicuss contents
      • Patch original qmail sources
      • Install ucspi-tcp - INETD/XINETD substitute
      • Install dameontools - daemon management for qmail daemons
      • Create requisite users and groups
      • Compile and install qmail
      • Define default qmail environment
      • Explore and discuss the important qmail directories, symlinks and binaries
      • Illustrate internal qmail communications required for local and remote deliveries
      • Identify initial qmail startup process
      • Define genersal startup scripts for qmail
      • Define supervise scripts for qmail delivery
      • Define supervise scripts for qmail logging
      • Backup default local queue-injection process (Sendmail)
      • Create Sendmail symlink to qmail-compatible binary for local queue-injection
      • Start qmail & confirm processes and network bindings
    •  
    • qmail - Local Mail
      • Define required system aliases using qmail files
      • Configure qmail rules to permit local relaying
      • Identify default mbox mail storage format
      • Use MUA mutt to deliver mail via qmail
      • Examine delivery via qmail logs
      • Identify mbox destination
      • Discuss local queue-injection logic - qmail-inject/Sendmail
      • Explain permissions used by qmail when delivering local mail
      • Update local user's environment variables and confirm message delivery
      • Identify variables used for local queue-injection
      • Explore and discuss the mbox mail storage format
      • Update global environment configuration to reflect new mbox storage location
      • Examine running qmail statistics
      • Inject messages into the queue of a downed MTA
      • Examine results
      • Explore a message's path throught the local queue
      • Resume message delivery
    •  
    • qmail - Mail Storage Formats
      • Switch qmail global configuration from mbox to Maildir storage format
      • Use maildirmake to create Maildir-compliant directory structure for users
      • Explore standard Maildir directory tree
      • Restart qmail and attempt delivery to Maildir mailbox
      • Confirm deliver of message to Maildir recipient
      • Discuss Maildir file nomenclature
      • Update environment variables to reflect Maildir mail storage format
      • Explore headers of delivered messages and discuss key components
    •  
    • qmail - Aliases
      • Explain the benefits of aliases
      • Explore traditional Sendmail-style aliases in /etc/aliases
      • Compare and contrast Sendmail-style aliases to qmail-style (.qmail) aliases
      • Discuss key qmail alias user
      • Explore system-wide qmail aliases
      • Test delivery to system-wide qmail aliases
      • Define an abuse qmail-style alias and confirm delivery
      • Deine one-to-many qmail-style abuse alias and confirm delivery
      • Attempt delivery to non-existing local user or alias using Sendmail and confirm results
      • Define a catch-all system-wide alias to handle non-existing local users or accounts
      • Test catch-all system-wide alias by injecting messages bound to non-existing mailboxes
      • Discuss sub-addresses/address extensions using qmail aliases
      • Define sub-address for non-privileged user and confirm delivery using MUA mutt
      • Forward defined non-privileged sub-address to other local user and examine results
      • Redirect the abuse alias to a Mailbox-style repository for evidence-collection
      • Confirm appended alias-redirection of messages destined to catch-all accounts
    •  
    • qmail - Remote Mail
      • Identify key qmail daemons and binaries responsible for remote delivery
      • Explain remote delivery logic using DNS
      • Connect (SSH) to remote Linux system to be used for initial remote delivery & explore
      • Attempt remote delivery using qmail and FQDN of remote box and examine the qmail queue
      • Alter remote Postfix environment to find Maildir mailbox and confirm delivery using mutt
      • Update remote Postfix configuration to handle messages destined to second-level domain
      • Alter remote Postfix transport (smtproutes) file to disable static delivery
      • Confirm DNS second-level Mail Exchanger (MX) configuration for linuxcbt.internal domain
      • Attempt MX-based delivery and confirm delivery on remote host
      • Discuss employed qmail logic
      • Switch primary Mail Exchanger (MX) from Postfix box to qmail box - adjusting distances
      • Confirm MX distances using Domain Information Groper (dig)
      • Attempt delivery to second-level domain from the qmail box & confirm delivery
      • Explore qmail log files for message-delivery information
      • Debug qmail-smtpd delivery issues and adjust to ensure delivery
      • Discuss a Backup MX configuration for a given domain
      • Update DNS configuration to reflect the ideal MX distances
      • Confirm DNS configuration from a tertiary Linux server
      • Purposely fail the primary Postfix server for the linuxcbt.external domain
      • Configure qmail to be a Backup MX server for a business partner's domain
      • Attempt delivery to the linuxcbt.external domain from the tertiary Linux server
      • Examine queued messages for the linuxcbt.external backup domain on the qmail box
      • Re-enable the primary domain's Postfix box
      • Flush the qmail queue and examine delivery to the primary MX host
    •  
    • qmail - Relay Control
      • Discuss Smart Host applications
      • Explore pre-Smart Host SMTP delivery of messages to Internet-based host
      • Configure qmail to use a remote Postfix SMTP Smart Host system
      • Disable Smart Host configuration
      • Discuss qmail's default relay policy
      • Identify key qmail configuration files related to relaying
      • Attempt to relay from a remote Windows 2003 Host through the open qmail MTA
      • Confirm delivery of message via qmail in open-relay mode to local and remote recipients
      • Secure open relay and confirm inability to relay messages to untrusted domains
      • Configure selective relaying based on individual host and subnet
      • Discuss the benefits of SMTP Auth
      • Explain qmail's SMTP Auth implementation
      • Identify SMTP Auth pre-requisites
      • Download, compile and install CheckPassword authentication application
      • Debug compilation-related errors
      • Download SMTP Auth patch
      • Patch qmail sources and recompile to produce modified qmail-smtpd binary
      • Install new qmail-smtpd binary and prepare run scripts for usage
      • Attempt to relay with tightened relay permissions and confirm failure
      • Confirm SMTP Auth from Windows 2003 Host using Outlook Express
      • Relay outbound messages using SMTP Auth from Outlook Express client
    •  
    • qmail - Network-based Mail Retrieval
      • Discuss Mail retrieval authentication framework using Courier
      • Identify pre-requisites
      • Download, compile and install Courier Authentication Daemon
      • Identify Courier Authentication key directories, binaries and configuration file
      • Download and install Courier IMAP Daemon
      • Explore Courier IMAP binary directory tree
      • Discuss Courier framework
      • Configure Courier for POP3 mail retrieval
      • Confirm retrieval using Windows 2003 - Outlook Express client
      • Identify POP3 Secure configuration files
      • Generate self-signed certificate for use with POP3 Secure communications
      • Confirm retrieval of messages using Outlook Expres and POP3 Secure
      • Establish run-level symbolic links for POP3 & POP3S services
      • Configure Courier for IMAP mail retrieval
      • Confirm retrieval using Windows 2003 - Outlook Express client
      • Generate self-signed certificate for use with IMAP Secure communications
      • Establish run-level symbolic links for IMAP & IMAPS services
    •  
    • qmail - Web-based Mail Retrieval
      • Discuss Web-based SquirrelMail pre-requisites
      • Enable Apache web server
      • Download and Install SquirrelMail into web-accessible location
      • Secure data and attachments directories
      • Configure SquirrelMail for initial use with Courier IMAP
      • Address PHP session-related issues
      • Explore SquirrelMail from the browser as various Linux users
      • Confirm deliver using multiple clients - (mutt/Outlook Express/SquirrelMail/Local Injection)
    •  
    • qmail - Virtual Domains
      • Discuss qmail virtual domains support via system-wide aliases
      • Configure basic/global virtual domains using .qmail files
      • Confirm delivery to users @ virtual domains
      • Configure individual virtual domains
      • Confirm delivery to individuals @ virtual domains
      • Ensure non-global delivery to virtual domains
      • Define non-privileged user-managed virtual domains
      • Confirm deliver to user-managed virtual domains
    •  
    • qmail - Malware Framework - OpenProtect, Bad Senders, TLS
      • Discus the OpenProtect Malware Framework
      • Identify pre-requisites
      • Download OpenProtect
      • Install Open Protect
      • Explore OpenProtect Configuration (MailScanner/ClamAV/SpamAssAssin)
      • Configure outbound signatures
      • Configure qmail to reject users based header information
      • Confirm rejection from Windows 2003 Host - Outlook Express
      • Discuss Transport Layer Security framework and requirements
      • Implement Transport Layer Security (TLS)
      • Configure Outlook Express client to use TLS & test outbound relaying
    •  

LinuxCBT qmail Edition

  •  
DEMO