Difference between revisions of "OPS335 Lab 4"

From CDOT Wiki
Jump to: navigation, search
Line 157: Line 157:
 
Received-SPF: None (protection.outlook.com: msaul.org does not designate
 
Received-SPF: None (protection.outlook.com: msaul.org does not designate
 
  permitted sender hosts)
 
  permitted sender hosts)
 +
 
'Received: from vm2.localdomain (142.204.244.22) by
 
'Received: from vm2.localdomain (142.204.244.22) by
 
  BN1BFFO11FD041.mail.protection.outlook.com (10.58.144.104) with Microsoft
 
  BN1BFFO11FD041.mail.protection.outlook.com (10.58.144.104) with Microsoft
Line 164: Line 165:
 
'Received: by vm2.localdomain (Postfix, from userid 1000)
 
'Received: by vm2.localdomain (Postfix, from userid 1000)
 
     id 4EB6210866B2; Thu, 18 Feb 2016 05:08:44 -0500 (EST)'
 
     id 4EB6210866B2; Thu, 18 Feb 2016 05:08:44 -0500 (EST)'
 +
 
Date: Thu, 18 Feb 2016 05:08:44 -0500
 
Date: Thu, 18 Feb 2016 05:08:44 -0500
 
To: <murray.saul@senecacollege.ca>
 
To: <murray.saul@senecacollege.ca>
 
Subject: Lab4a - Header Message
 
Subject: Lab4a - Header Message
 +
 
'User-Agent: Heirloom mailx 12.5 7/5/10'
 
'User-Agent: Heirloom mailx 12.5 7/5/10'
 +
 
MIME-Version: 1.0
 
MIME-Version: 1.0
 
Content-Type: text/plain; charset="us-ascii"
 
Content-Type: text/plain; charset="us-ascii"
 
Content-Transfer-Encoding: 7bit
 
Content-Transfer-Encoding: 7bit
 
Message-ID: <20160218100844.4EB6210866B2@vm2.localdomain>
 
Message-ID: <20160218100844.4EB6210866B2@vm2.localdomain>
 +
 
'From: Murray Saul <msaul@msaul.org>'
 
'From: Murray Saul <msaul@msaul.org>'
 
'Return-Path: msaul@msaul.org'
 
'Return-Path: msaul@msaul.org'
 +
 
</source>
 
</source>
 
#Study the sections in <span style="color:red;font-weight:bold">"red"</span> to determine the following information of the e-mail source (i.e. "starting-point"):<ul><li>'''Full Name''' of sender</li><li>'''return e-mail address''' of sender</li><li>'''domain name''' where sender resides</li><li>'''UID''' of send's user account</li><li>'''name''' of MUA program</li><li>'''name''' of MTA program<li>'''domain name''' of MTA</li><li>'''IPADDR''' of MTA<br><br></li></ul>
 
#Study the sections in <span style="color:red;font-weight:bold">"red"</span> to determine the following information of the e-mail source (i.e. "starting-point"):<ul><li>'''Full Name''' of sender</li><li>'''return e-mail address''' of sender</li><li>'''domain name''' where sender resides</li><li>'''UID''' of send's user account</li><li>'''name''' of MUA program</li><li>'''name''' of MTA program<li>'''domain name''' of MTA</li><li>'''IPADDR''' of MTA<br><br></li></ul>

Revision as of 10:48, 18 February 2016


MAIL SERVER RESOURCES

Online References:


OVERVIEW & PREPARATION

This lab will show you how to set up a Mail User Agent (MUA), using the mailx package on your VM2 machine, to allow users of that VM to locally send and receive e-mails. You will also be able to send a text-based e-mail from your VM2 machine to your Seneca mail account (only to send to an external server, but not receive). You will also learn which Mail Transfer Agent (MTA) is allowing messages to be sent locally within your VM2 machine and also externally to your Seneca College mail account. In addition, you will learn where the message store (MS) is located that stores mail messages until they are viewed and either deleted or transferred to other folders.

In order to send e-mail messages between your different VMs, a more complex set-up is required, and will be addressed in the second part of lab4 (lab4b).

The diagram below shows the layout of the what this lab should be able to accomplish:


Email-setup-simple.png



INVESTIGATION 1: INSTALL, SET-UP, AND USE THE MAIL USER AGENT (MUA)

We will be using a simple text-based Mail User Agent (MUA) called mailx in this lab to send and receive mail messages within your VM2 machine and to send mail messages to your Seneca e-mail account.

NOTE: Due to the simplicity of this mail server setup, and the setup of Seneca College's mail server, you cannot send Seneca e-mail messages to your VM2 machine.

Installing the Mail User Agent (MUA)

Perform the following Steps:

  1. Make certain you are in your vm2 machine.
  2. Issue the following command to install the mailx application (MUA):
    yum install mailx

NOTE: You can refer to the link below to acquaint yourself on how to send e-mail messages using mailx application:
Mail Send Command Examples

Sending a Mail Message from your VM2 Machine to your Seneca Email Account

We will now test to see if your MTA for your VM2 machine is correctly running by sending email messages from your VM2 machine to your Seneca e-mail account.

Perform the following steps:

  1. Make certain you are still in your vm2 machine.
  2. Test email from your machine by sending an email to your Seneca email account using the following command:
    mail -s "Lab4a - test1" <Your Seneca email address>

    NOTE: after you type in the body of the mail message, move to an empty line, type period "." and press the ENTER key to send the message.

  3. Check your Seneca email account to see if you got the email (note that it may take a few minutes to arrive, so you may also wish to try an alternate email account if you have one like gmail, etc). When you do receive that email, make a note of the return address.
  4. If you did not receive the mail, check the mail logs on your vm2 machine to determine any errors messages that would indicate a mail server setup problem.
  5. Test email from your Host Machine by sending an email to your Seneca account using the following command:
    mail -r "hacker.com (Canadian Revenue Agency)" -s "Lab4a - test2" <Your Seneca email address>
  6. Check your Seneca email to see if you got the email. If you did, make a note of the return address. How would you think that including the -r option could be used by penetration hackers to gain access to a computer system? What sort of steps do you think should be taken to help prevent this type of attack from happening?

Sending a Mail Message within your VM2 Machine (vm2)

We will now test both your MUA (mailx) and MTA (postfix) by sending and receiving e-mail messages on the local VM2 machine only.

Perform the following Steps:

  1. Send an email message locally (i.e. only within) your VM2 machine by issuing the command:
    mail -s "Lab4a - Local - Test1" <yourSenecaID>
  2. After you type in the body of the mail message, move to an empty line, type period "." and press the ENTER key to send the message.
  3. Issue the following command: cat /var/log/spool/mail/<yourSenecaID>
    What do you see? What does this show you in terms of where mail is stored on your e-mail server?
  4. Issue the following command to read the mail message you send to yourself:
    mail

    NOTE: You can refer to the link below to view a reference chart on how to read and delete received e-mail messages at the mail command prompt:
    Commands to View and Manage Received e-mail Mesages

  5. If you received an e-mail message, the message and subject line should appear as a listing in your mail command.
    If you did not receive a mail message, check your mail server settings, check to see if you mail server is running and also check /var/log/messages.
  6. Type the mail message number that is displayed in your e-mail message list in the prompt and press ENTER. You should be able to confirm the message body that you sent.
  7. Exit the mail program by typing the letter q and press ENTER.
  8. Re-issue the mail command. What happened?
  9. Exit the mail command.

Checking the Message Store (MS) of Received Mail Messages

We will now view the Message Store where messages are sent to be retrieved from the mail program.
We will also show you how to save mail messages into another message store file in another directory.

Perform the following Steps:

  1. Create a directory in your home directory called: mail.
  2. Re-issue the mail command, and enter the following command at the mail prompt: save   1   mail/msg1
    Use the cat command to check the contents of /var/spool/mail<yourSenecaID> and ~/mail/msg1. Exit the mail command.
  3. Try sending another e-mail from your VM2 account to yourself, but using your first name instead by issuing the following command:
    mail -s "Lab4a - Local - Test2" <yourFirstName>
  4. Issue the mailq command on your VM2 machine (you will need to be root) to view the mail queue. Why would this command be useful for an administrator?
  5. Now, issue the mail command to see if you received that e-mail message. Did it work? If so, why?
    Record your observations in your OPS335 lab logbook.

Record steps, commands, and your observations in INVESTIGATION 1 in your OPS335 lab log-book


INVESTIGATION 2: IDENTIFYING A DEFAULT MAIL TRANSFER AGENT (MTA)

Obviously the Mail Transfer Agent must be running in order to send e-mail messages locally or to external mail server (like myseneca.ca). In this section, we will determine information relating to Seneca College's MTA when email messages are sent via your VM2 machine.

Email Headers

Normally, email headers are seldom seen with our e-mail applications such as MS Outlook (webmail) or Thunderbird. There are way in order to view detailed header information for each email we send that provides information how the email message was sent, including the name of the program that is running as the Mail Transfer Agent and its IPADDR. Although these email headers may look complicated, they can trace the steps of sending the e-mail messages among the MTAs to gain a better understanding of the email transmission process.


Perform the following Steps:

If your MS outlook web application looks like above, then your MS Outlook application is using the lite version, and you would have to switch versions (see below for procedure).
If your MS outlook web application looks like above, then your MS Outlook application is using the standard version, so you can skip the procedure to switch versions.
  1. Make certain you are in your vm2 machine.
  2. Send another email message from your VM2 machine to your Seneca email account using the command:
    mail -s "Lab4a - Header Message" <Your Seneca email address>

    NOTE: after you type in the body of the mail message, move to an empty line, type period "." and press the ENTER key to send the message.

  3. View your e-mail message in your Seneca email account.


Switching Viewing Modes in MS Outlook Web Application:

How to switch to standard version: click to un-check the lite version option and save option setting.
If you are using web-mail to read your Seneca e-mail message, then your Mail User Agent is probably using the MS Outlook Web mail application. In order to view mail header information in your MS Outlook web application, you need to be in a particular "viewing-mode".
This program can run in standard version or lite version. If your MS Outlook web application is using the "lite version", then it should look similar to the left-most of the two side-by-side diagrams displayed above, and you should follow the procedure below to switch to the "standard version". If your MS Outlook web application appears like the right-most side-by-side diagrams above, then your program is using the "standard version", which mean that you can skip the following procedure to switch versions.
Procedure to Change from Lite-mode to Regular mode:
  1. Click options located at the top-right corner of the MS Outlook web application window (to the left of the Sign Out)
  2. Click Outlook Version on the left-side of the Options window.
  3. Click to de-select the Use the light version (i.e. no check mark)
  4. Click the Save button near the top of the Options window to save your settings.
  5. Sign-out of your MS Outlook Session, and login again.

    NOTE: If your MS Outlook application does not change versions, then close all of your web-browsers, and then log into your Seneca email account.

Viewing Seneca Mail Message Headers

Right-click on the mail message that you recently sent with subject line "Lab4a - Header Message" and, select View Message Details. NOTE: If no mail message headers appear, try the previous step again until you see mail message header information.
Use these header details to analyse information regarding the MTAs use to transfer the mail message from your VM2 machine to your Seneca mail account.

Now that you are using the standard version of MS Outlook, we will now analyse the mail message header in your Seneca e-mail account that was sent from your VM2 machine to obtain information regarding Seneca's Mail Transfer Agent (MTA).


Perform the following steps:

  1. Right-click on the mail message that you recently sent with subject line "Lab4a - Header Message".
  2. Within the context menu, select View Message Details.

    NOTE: If no mail message headers appear, try the previous step again until you see mail message header information.

  3. To make the header information easier to read, highlite the text, copy and paste into a text editor (like gedit).

  4. Below is an example of header information that was sent by user msaul within their domain name msaul.org:

Received: from SN1PR07MB2288.namprd07.prod.outlook.com (10.164.47.158) by
 DM3PR07MB2284.namprd07.prod.outlook.com (10.164.33.158) with Microsoft SMTP
 Server (TLS) id 15.1.409.15 via Mailbox Transport; Thu, 18 Feb 2016 15:08:51
 +0000
Received: from BLUPR07CA088.namprd07.prod.outlook.com (10.160.24.43) by
 SN1PR07MB2288.namprd07.prod.outlook.com (10.164.47.158) with Microsoft SMTP
 Server (TLS) id 15.1.409.15; Thu, 18 Feb 2016 15:08:49 +0000
Received: from BN1BFFO11FD041.protection.gbl (2a01:111:f400:7c10::1:173) by
 BLUPR07CA088.outlook.office365.com (2a01:111:e400:8ae::43) with Microsoft
 SMTP Server (TLS) id 15.1.409.15 via Frontend Transport; Thu, 18 Feb 2016
 15:08:49 +0000
Authentication-Results: spf=none (sender IP is 142.204.244.22)
 smtp.mailfrom=msaul.org; senecacollege.ca; dkim=none (message not signed)
 header.d=none;senecacollege.ca; dmarc=none action=none header.from=msaul.org;
Received-SPF: None (protection.outlook.com: msaul.org does not designate
 permitted sender hosts)

'Received: from vm2.localdomain (142.204.244.22) by
 BN1BFFO11FD041.mail.protection.outlook.com (10.58.144.104) with Microsoft
 SMTP Server id 15.1.415.6 via Frontend Transport; Thu, 18 Feb 2016 15:08:49
 +0000'

'Received: by vm2.localdomain (Postfix, from userid 1000)
    id 4EB6210866B2; Thu, 18 Feb 2016 05:08:44 -0500 (EST)'

Date: Thu, 18 Feb 2016 05:08:44 -0500
To: <murray.saul@senecacollege.ca>
Subject: Lab4a - Header Message

'User-Agent: Heirloom mailx 12.5 7/5/10'

MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <20160218100844.4EB6210866B2@vm2.localdomain>

'From: Murray Saul <msaul@msaul.org>'
'Return-Path: msaul@msaul.org'
  1. Study the sections in "red" to determine the following information of the e-mail source (i.e. "starting-point"):
    • Full Name of sender
    • return e-mail address of sender
    • domain name where sender resides
    • UID of send's user account
    • name of MUA program
    • name of MTA program
    • domain name of MTA
    • IPADDR of MTA

  2. Using your e-mail header detail, determine the same information for the MTA on the receiving end of the MTA for Seneca E-mail.
  3. How many different MTAs where used in this process? Can you guess why so many transfers? Record your observations in your lab logbook.
  4. Use either the nslookup, host, or dig utilities to query those servers (type MX resource records) to see if you can obtain additional information regarding those mail servers.


Resetting MS Outlook Web Application to Lite Version (If Required)

If your MS Outline web application was previously using the lite version, and you wish to revert to this original setting, perform the following steps:

  1. Click the settings icon (looks like a gear located left to the help (?) icon.
  2. Click the General categories under the options on the left-side of the options menu.
  3. Click Light Version, and in the details area to the right, make certain that the Use the light version of Outlook on the web is selected (i.e. check mark appears), and click on Save at the top.
  4. Sign-out of your MS Outlook Session, and login again.

    NOTE: If your MS Outlook application does not change versions, then close all of your web-browsers, and then log into your Seneca email account.


Record steps, commands, and your observations in INVESTIGATION 2 in your OPS335 lab log-book


COMPLETING THE LAB

Arrange proof that you can send e-mail from your VM2 machine to your Seneca College e-mail account, and than you can send and receive e-mail messages locally on your VM2 machine only. Also show your logbook notes regarding MTA information from your sent email header on your Seneca College mail account.


EXPLORATION QUESTIONS

  1. Briefly list the students to install the MUA on your server for text-based messaging.
  2. Briefly list the steps to trouble-shoot your server if you could not send e-mail messages from your VM2 machine to an external e-mail server.
  3. Write the command to send an e-mail message from your VM2 to your Seneca College e-mail account.
  4. What are the commands to issue in the mail prompt to:
    • Read the first e-mail message displayed
    • Save the 4th e-mail message to the file pathname: ~/maildir/3.msg.txt
    • Delete the 3rd e-mail message displayed
    • Exit the mail command prompt and return to the shell

  5. What were the results of sending emails locally on your VM2 machine? Show log segments to verify your answers.
  6. List the steps to show your email header to trace the transmission between Mail Transfer Agents among different mail servers.