1,234
edits
Changes
→INVESTIGATION 1: INSTALL THUNDERBIRD (MUA) and SETUP A REFERENCE CLIENT
[[Category:OPS335]][[Category:OPS335 Labs]] = Email Servers =OVERVIEW=={{Admon/important|Warning|Your lab 4a must be complete before you can start this lab.}} In Lab 4a, you configured and ran the '''Postfix''' application for our MTA (a.k.a. SMTP server) on your '''vm2''' and '''vm3''' machines.
[[Image:Email-servers.png]]
You will begin by modifying the existing '''Postfix''' ('''MTA''') servers to make mail they send come from your domain (instead of each machine). Then you will add a record to your DNS server to allow mail to be sent to the domain itself, instead of the individual machines. Next, you will add a Local Delivery Agent ('''LDA''') to your '''vm3''' by installing '''dovecot-lda''', configure it, and test it to make sure that is is working correctly. Finally, you will set up an '''IMAP''' server called '''Dovecot''' on your '''vm3''' machine, so you can read your email from an MUA such as ''Thunderbird'' or a ''Webmail'' application. You will set up a webmail application called '''Roundcube''' in a later lab). === Learning About the Services Involved in an Email Delivery === In reality, the terms '''MTA''', '''MDA''', '''MUA''', '''LDA''' can actually be considered misleading since some of those services can be combined together to form a single entity (application), while other applications may operate as separate entities. There may be overlap, so if you don't find those acronyms helpful, don't worry too much about them. On the other hand, when referred to in diagrams, they can help to visualize those processes when trying to understand how an e-mail system works. [http://wiki.dovecot.org/MailServerOverview Here is an overview] of those terms (from the Dovecot wiki). It is worth viewing this link. In the diagram displayed above, the elements include: * '''User Account'''. The individual who wants to send or receive mail messages.* '''MUA''' (email client). This is the application that the individual uses to send or receive mail messages. It can be a '''native application''' or a '''web application'''. You will learn how to setup and use both types of these applications throughout the remainder of this course.* Two '''MTA''' servers. These are the servers responsible for getting your emails to the <u>destination</u> server.** They are similar to routers (which route packets) but work on the <u>application</u> layer rather than the <u>network</u> layer.** In our example, there are only two MTAs - but there can be several.** You connect to your MTA over a <u>secure</u> connection, so your emails can't be read by the operators of the network you're connected to.** The mail message then travels the rest of the way to the destination MTA <u>unencrypted</u>, so anyone with access to the routers in-between can read all your emails. That is why many organizations will refuse to send you confidential information over email.* '''LDA/MDA''' Server. This server will receive the email from the MTA, and will store it on disk in some format. '''MailDir''' and '''MBOX''' are the most popular mailbox formats.* '''IMAP/POP3''' server(s). When sending an email, you send it to the destination using your MTA, but you also want to save it in your '''"Sent"''' folder for yourself. This is accomplished by a separate connection to either your '''IMAP''' or '''POP3''' server.** Thus, a situation can occur that although you sent your email successfully, it may never make it to your "Sent" folder - the <u>second</u> connection to your IMAP server is quite unrelated to the first connection to the '''SMTP''' server.* '''DNS''' Server. A DNS server is also involved - it is needed to retrieve the address of the email server responsible for email for a particular domain. This is done with '''MX''' records. ===Online References=== * [Categoryhttps:OPS335//help.ubuntu.com/community/Dovecot Dovecot Community Documentation]* [http://wiki.dovecot.org/LDA Dovecot-lda]* [[Categoryhttp:OPS335 Labs]//wiki.dovecot.org/LDA/Postfix Configuring dovecot-lda with postfix] == INVESTIGATION 1: INSTALL THUNDERBIRD (MUA) and SETUP A REFERENCE CLIENT== Unlike the '''mailx''' (MUA) application you installed and used in Lab 4a, this lab will be using the '''Thunderbird''' (MUA) application instead which is a graphical application that uses a '''centralized Message Store''' (MS) to retrieve and read mail messages. Although we will be eventually setting up the Thunderbird application to perform all the mail operations discussed above, you need to learn to '''"walk before you can run"'''. Eventually, you are going to set up all those mail services, but to begin with, you will set up an email client to connect to an already working server which is the '''Seneca email server'''. Once we learn how to do this for our Seneca email account, then we can use it for our mail servers for our VM2 and VM3. '''Perform the following steps:''' #Switch to your '''host''' machine, and install the '''Thunderbird''' email application.#When you first launch the Thunderbird application, a configuration dialog should appear as shown in the diagram below:
{| class="wikitable" border="1" style= Services involved in "margin-left:40px;"! Setting !! '''Incoming: IMAP''' !! '''Outgoing: SMTP'''|-| '''Username'''|| yoursenecauserid@myseneca.ca || yoursenecauserid@myseneca.ca|-| '''servername''' || outlook.office365.com || outlook.office365.com|-| '''port''' || 993 || 587|-| '''security''' || SSL/TLS || STARTTLS|-| '''References''' | colspan="2" | [1] [https://employees.senecacollege.ca/spaces/77/it-services/wiki/view/2394/other-email delivery ===-clients ITS - Configuring other Email Clients]|}
{{Admon/important |Unencrypted Options|Notice that there are <u>unencrypted</u> options available to connect to your SMTP/IMAP servers but those are rarely used these days - the potential for abuse is too great. On a free wifi network, the operator would be able to not only read your email, but also obtain your password without any password/encryption cracking tools. In our diagram we havefact, even on a private wired network, it is not uncommon for an employer to use a packet sniffer utility to monitor all the traffic going over their network (Packet Sniffing applications were actually found to be legally acceptable practice if used by the management of organizations)}}<br><ol><li value="3">After you create your '''Thunderbird''' account, you should be able to read your existing email and send new email within the Thunderbird application.</li><li>Take time to view your ''Account Settings'' and ''Preferences'' to get a feel for what settings exist. For example:<ul><li>How often will Thunderbird check for new messages?</li><li>Will the messages you write be in HTML or plain text?</li><li>How do you change your SMTP server settings? Why are they in a different section?</li></ul></li><li>The main objective of this section was to learn how to setup your Thunderbird application to read your Seneca email, so in the next section you can use the exact type of setup for your own email server.</li></ol>
== Reference client setup INVESTIGATION 2: SETUP A CENTRALIZED MESSAGE STORE ==
<ol><li value= MTA for sending (no encryption) ="5">Add an '''MX''' record to the forward lookup zone on '''host''' so that all incoming mail addressed to the domain is sent to your vm3.</li><li>Restart the service and use the '''dig''' command to confirm that it works.</li><li>Send an email from your '''vm2''' to '''root@yourdomain.ops'''</li><li>Confirm that it arrives on your '''vm3''' machine</li></ol>
# Move to your vm2 machine.# Direct your '''vm2''' MTA to relay mail through vm3, by making the following editing change for the '''/etc/postfix/main.cf''' file:<br><source lang>relayhost ="bash"vm3.<yourdomain>netstat -atnp.ops</source># Restart the '''postfix''' service.# Next, you must instruct your '''vm3''' machine to allow your vm2 machine to pass email through it by making the following editing change to the '''/etc/postfix/main.cf''' file:<br><source>mynetworks = 192.168.X.0/24</source>NOTE: Substitute in your '''own network''' for X<br><br># Restart the '''postfix''' service.
== Testing = Install and Configure the connection to Postfix Local Delivery Agent (LDA/MDA) ===
::NOTE: Do <u>'''not'''</u> replace any variables, those are set automatically by Postfix when it runs the LDA. If this worked you are interested in learning more about the Dovecot application, you can read about dovecot- that means lda [http://wiki.dovecot.org/LDA/Postfix here] and [http://wiki.dovecot.org/LDA here].<br><ol><li value="4">Finally, edit the '''/etc/dovecot/conf.d/10-mail.conf''' file and indicate where you want your mail delivered by including the following line:<source>mail_location = maildir:~/Maildir</source></li><li>Restart your postfix service is running and listening and responding to connections. Let's see if it works from </li><li>While the emails are still stored only on VM3, they will now be easier for other machines/services to access. Telnet </li><li>Due to vm2 from permissions on the host (connect to directories where mail will now be stored, root will no longer receive mail. Check the SMTP port) and see if it works. If your firewall is set up properly - it shouldn't, you'll need to allow incomming connections logs for an indication as to TCP port 25why.</li></ol>
== Listen on all interfaces INVESTIGATION 3: USING THUNDERBIRD (MUA) FOR VM2 and VM3 MACHINES ==
First, we will set up the IMAP server so we can read email. The configuration file is '''/etc/postfix/maincurrent way we have configured our mail server on our VM3 machine should allow all the email for anyaccount@yoursenecaid.cfops should be delivered to our ''' Edit it and change '''inet_interfacesvm3''' machine. We will set up Dovecot with IMAP to get easy access to '''all'''that email.
== Setup = Connecting to IMAP Servers Using Thunderbird ===
[[Image:ops335-email-step1.png|600px]]
<ol><li value="3">Try to connect to your IMAP server with Thunderbird wonby clicking on your ''t let 'Inbox'''.</li><li>If nothing happens, then check the Thunderbird Activity Manager for any errors. If the connection is successful, you should see the '''Trash''' box <u>appear</u> below Inbox.</li><li>Use the Thunderbird application to send an email to your myseneca address. If you proceed with 've done everything right, it will send the message successfully</li><li>Verify that your message has been sent. Check your myseneca email and look at '''/var/log/maillog''' on vm2 (your email server).</li></ol> === Sending a Mail Message from VM2 (Using Thunderbird)=== '''Perform the following steps:''' #Use the "Done" button because '''ss''' and '''nc''' commands (like you did in lab 4a) to confirm your service is listening on the correct ports/interfaces. You will fail probably have to connect open the appropriate firewall port on '''vm3''' to allow incoming '''SMTP''' connections.<br><br>'''Note:''' You should be able to send email to any regular user <u>on</u> '''vm3''' using the email address '''yourusername@yoursenecaid.ops''' using the Thunderbird application on your host machine (which is configured to IMAPuse the account on your vm2).<br><br> <ol><li value="2">Create a new account on your '''vm3''' machine using only your <u>first</u> name. We will use this account as a one-time "test" if the mail message has been received on your VM3 machine (from your VM2 machine). Use <br><br>'''Note:''' It is <u>'''important'''</u> that you '''<u>don't</u>''' create this same account name on your vm2 machine, since you want to easily identify the difference between the sending and receiving SMTP servers.<br /><br /></li></ol> <ol><li value="Advanced config3" button >Use the new account in Thunderbird to send an email to '''firstname@yoursenecaid.ops''' and then check the contents of '''/home/firstname/Maildir/new/''' on your '''vm3''' machine. There should be a file there with the contents of your email.</li><li>If there is no file, then check the log file '''/var/log/maillog''' to see what went wrong.</li><li>If you can see a file in the '''/home/firstname/Maildir/new/''' directory, then review the procedures on how you got the email server working (since you have performed many steps and set up many services).</li><li>Refer to bypass the diagram at the top of this lab. Which services have you currently set up? Record your findings in your lab Logbook.</li></ol> {{Admon/important |Encountering error messages when sending email|If you cannot properly receive sent e-mail messages, check the '''/var/log/syslog''' file for errors.<br><br> If you locate an error message in that checkfile such as: '''Fatal: Error reading configuration: Invalid settings...''', then add the following <u>parameter</u> in '''/etc/dovecot/dovecot.conf''':<br />'''postmaster_address <nowiki>=</nowiki> DOMAIN''' (where DOMAIN is actually <u>your</u> domain).<br /><br />After you have saved those changes, then '''restart''' your dovecot service. This problem can also be resolved by properly setting the hostname of your machine to include the domain.}}
= Completing ==Online Submission===Follow the Lab instructions for lab 4b on blackboard.<!--===Andrew's sections===
You'''Arrange evidence (command output) for each ll get the same grade regardless of these items on how you choose to submit your screen, then ask your instructor to review them and sign off on the lab's completion:'''work.
::<span style="color:green;font-size:1.5em;">✓</span>Status and configuration of your Postfix service on vm2.
::<span style="color:green;font-size:1.5em;">✓</span>Your Thunderbird configuration.
::<span style="color:green;font-size:1.5em;">✓</span>The email you sent to your myseneca account.
::<span style="color:green;font-size:1.5em;">✓</span>Download and run '''wget https://ict.senecacollege.ca/~andrew.smith/ops335/labcheck4b.bash''' on your '''c7host''' machine.
::<span style="color:green;font-size:1.5em;">✓</span>Completed Lab4b log-book notes.
-->
==EXPLORATION QUESTIONS==
# What is the purpose of the Thunderbird application?
# List the steps to configure your DNS to allow your Thunderbird application to connect to your mail server.
# What is the purpose of the '''Dovecot''' package?
# What is the purpose of the '''mydestination''' parameter contained in the '''/etc/postfix/main.cf''' file?
# Why are '''IMAP''' and '''POP''' email servers placed on separate machines (vms)?
# What is the purpose of the '''mail_location''' parameter contained in the '''/etc/dovecot/conf.d/10-mail.conf''' file?
# Why is root not able to receive mail with the changed mail location? What could you change to allow mail to be sent to root again?