OPS535-online-L5
Overview
Postfix is a complete MTA (Mail Transport Agent) package which replaced Sendmail. Postfix uses several different programs to implement the MTA functionality. Postfix is considered to be more secure than Sendmail as it requires a separate user ID for running each module. Postfix uses plain text parameters and value names in its configuration files. The Postfix program plays a variety of roles:
- Listens to the network for incoming mail
- Transports mail messages to other machines
- Performs local mail delivery or hands local mail over to a local program for delivery
- Appends mail to files, Pipes mail through other programs
- Queues mail for later delivery
- Understands the aliasing of one recipient name to another
Understanding how Postfix handles the tasks listed above is essential in keeping the email service running properly for your users.
Pre-requisites
- Must complete assignment 1 on ops535 virtual lab and ensure that
- all your four VMs have network connectivity to each other via the ens224 network interfaces.
- your VMs have the proper FQDN which can be resolved by your authoritative DNS server(s).
- Install the nmap-ncat package on your host (optinally, install it on your other VMs as well).
- Install postfix it it is not already installed.
Investigation 1: SMTP
Perform the following steps on your VM2 (pri-dns)
- login to your VM2 as the student user.
- Find out the version of the postfix rpm installed on the system with one of the following commands and keep a record of it.
rpm -q postfix yum info postifx
- SMTP servers use one of the well-known ports, you can find out the port number used by the smtp protocol with the following command:
grep -w smtp /etc/services
- Make sure that the postfix.service is running on VM2, if not, start the postfix.service and confirm that it is running properly.
- Beside the systemctl command, there are two more places (or commands) you can use to confirm whether there is a SMTP server running on your system: the "ss -at" and "ps -ef" command:
- Run the following command pipe line and look for the SMTP port number under the "Local Address" column and record the line(s) for future reference. Note that if the Local Address shown is 127.0.0.1 only, your SMTP server will not be reachable by other machines.
ss -at | grep smtp ss -atn | grep [smtp port number]
- Run the following command pipe line and study the output carefully:
[instructor@pri-dns ~]$ ps -ef | grep -v grep | grep postfix root 122055 1 0 18:53 ? 00:00:00 /usr/libexec/postfix/master -w postfix 122057 122055 0 18:53 ? 00:00:00 qmgr -l -t unix -u postfix 122105 122055 0 18:54 ? 00:00:00 tlsmgr -l -t unix -u postfix 122216 122055 0 20:33 ? 00:00:00 pickup -l -t unix -u
- Look up the man page for "qmgr", "tlsmgr", and "pickup", and find out the responsibility of those processes.
Review the SMTP Protocol
----- Command ----- | --------------- Response --------------- |
---|---|
nc localhost 25 | 220 pri-dns.gbecker.ops ESMTP Postfix |
HELO seneca.ops | </ br> </ br> </ br> |
ELHO seneca.ops | </ br> </ br> |
NOOP |
- smtp commands/responses
- postfix main configuration file: /etc/postfix/main.cf
- start/stop postfix
- mailing list
- manual email delivery - smtp session
Investigation 2: mailing list (on postfix)
Investigation 3: mail queues (on postfix)
Completing the Lab
Review Questions
- 1. Why did you get “command not recognized” as the output for the EXPN command?
- 2. What does the VRFY command ask Postfix to do?
- 3. How do you add a mailing list called “helpdesk” on your Postfix VM so that all email send to the “helpdesk”mail list will be forwarded to user ldapuser1?
- 4. Would you be able to nc from your other virtual machines to the SMTP port on your VM3 and repeat the task in investigation 1 step (15)? If not, what would you need to change on your Postfix server to allow other machines to connect to the Postfix mail server?
- 5. Who is the owner of the file /tmp/ops535.mail?
- 6. Who has the read permission on the file /tmp/ops535.mail?
- 7. What is the "Return Path" indicated in the file /tmp/ps535.mail?
- 8. What command will perform the same function as "/usr/sbin/sendmail -bi" ?
- 9. What is the absolute path and access permission of the directory used by Postfix to store outgoing messages?
- 10.What command would you use to get a Mail Delivery Status Report?
- 11. What command will show you the queue ID of an outgoing email waiting for delivery in the mail queue?
- 12.How do you delete an outgoing message which is sitting in the queue directory?