DNS & mail 97/12/17

Agenda
DNS & mail n Internet mail basics
n DNS structure and management

InternetWeek ’98 Tutorial n Mail system design

1998/12/15 n SPAM countermeasures
Motonori Nakamura
motonori@[Link]
motonori@[Link]

E- mail System

n MUA (Mail User Agent)

n MTA (Mail Transfer Agent)
1. Internet Mail Basics n DNS (Domain Name System)

DNS
SMTP
MUA MTA MTA MUA
SMTP
POP/IMAP/...
MB mailbox 4

MUA (Mail User Agent) MTA (Mail Transfer Agent)

User application n Mail receipt

– reading mail n Determination of delivery point
– writing mail n Delivery of mail
– saving/searching mail – to remote, to local, to sender (error)
n UNIX
– ucbmail
ucbmail,, RMAIL, mush, MH (mh
(mh-- e), mew,....
l Store and Forward
n Windows – After receiving, attempt forwarding to next host
– OutLook
OutLook,, Netscape Mail, Eudora,....
5 6

InternetWeek'97 1
DNS & mail 97/12/17

Sending and Receiving Mail on the

MTA Programs
Internet
n sendmail [Link]
http:// [Link]//
n qmail [Link]
http:// [Link]// n SMTP - Simple Mail Transfer Protocol
n SMAIL (GNU) RFC821(S)
n MMDF (Multi
(Multi--channel Memo Distribution, CSNET) n TCP port number 25
n exim [Link]
http:// [Link]//
n VMail [Link]
http:// [Link]/vmail// n Most MTAs implement SMTP
n LSMTP [Link]
http:// [Link]/[Link] – has coordination function with DNS
n PP (X.400)

7 8

Method of Determining Mail

SMTP Action
220 [Link] SMTP Server ready (Message from server)
Destination on the Internet
HELO [Link] (Message to server)
250 [Link] Hello [Link] n Extracting host name from destination mail
MAIL FROM:<sender@[Link]> (sender (sender’’s address) address
250 sender ok
RCPT TO:<recipient@[Link]> (recipient
(recipient’’s address)
user@host
250 recipient ok
DATA
n Retrieval of IP address from host name
354 Enter mail, end with "." on a line by itself
e - mail data comes here host → [Link]
. (indicates end of data)
– /etc/hosts
250 Message accepted for delivery
QUIT – NIS (YP)
221 [Link] closing connection – DNS (Domain Name System)
9 10

DNS (Domain Name System) Terminology

n delivery
n Wide--area distributed directory service
Wide – local delivery → mailbox
– Distributed allocation – remote delivery → pass to another MTA
– Decentralized management
n transfer
– remote delivery
n Host name → IP address n acceptance (probably not a universal term)
n Mail address →
MXHost name → IP address – local delivery
n receive
– Sharing same domain space – delivered from remote
11 12

InternetWeek'97 2
DNS & mail 97/12/17

Mail Address %-Hack

n Used as sender information/receiver n RFC1123(S)

information
n User @ domain user % host @ relay
– motonori @ [Link] sender → relay → host
n Other formats çwhen relay is reached, rewritten as user @ host
– %- Hack
– Route Address user % host % relay2 @ relay1
– UUCP addressing sender → relay1 → relay2 → host
13 14

Route Address UUCP Addressing

n RFC822(S) n host ! user

n relay ! host ! user
@relay: user @ host
sender → relay → host n host ! user @ domain interpretation
çwhen relay is reached, rewritten as user @ host – “ host ! user”
user” @ domain (in terms of Internet)
» sender → domain → host

@relay1, @relay2: user @ host – host ! “ user @ domain”

domain ” (in terms of UUCP)
» sender → host → domain
sender → relay1 → relay2 → host
15 16

Comment Format Domain Part

n Fully Qualified Domain Name
n Full Name <user@domain>
– A complete host/domain name in the Internet domain
format
n user@domain (Full Name) n Fully Qualified Mail Address
– user@[Link]
n user(User Name)@domain(Company Name) – means it ’ s not user@mailhost
– The ( ) comment may be inserted anywhere n Not Qualified Mail Address
– user
n Generic Address
17 18
– user@[Link]

InternetWeek'97 3
DNS & mail 97/12/17

Message Format Sender and Recipient

n Header and body
RFC822(S): Standard for the format of arpa n Sender
internet text messages – one person
n The first blank line is the divider – the senders in the header may be plural
» representing the senders
From: announce@[Link]
To: motonori@[Link]
n Recipient
Subject: InternetWeek ’98
← blank line (no space either) – one or more persons
InternetWeek ’ 98 announcement
19 20

Header and Envelope (cont.) Header and Envelope (cont ’d)

n Looks like an envelope
n Envelope n header
– Sender/destination – person who wrote body/person intended for
– Sender/destination as indicated on front – sender/recipient of enclosed text
» person who actually does procedure – generally cannot be rewritten
– Rewritten upon delivery n header and envelope sender/recipient
n RFC821(S): Simple Mail Transfer Protocol – may be the same
– Envelope is specified with command » to individuals
n UUCP – may be different
– Envelope is specified in rmail command line » mailing lists etc.
21 22

When the Envelope is Created Address Used for Reply

n Extracted from the header n Delivery error notice reply (automatic)

– The sending MUA does it – Sender of envelope
– The MTA which processes it first does it – “ Errors
Errors--To:
To:”” header
» For systems that don’
don’ t have the envelope concept
（do these still exist?）
exist?）
n The envelope is rewritten during the
n Response to content (person intervention)
delivery process
– Sender in header
– transfer
» From:, Reply-
Reply-To:
– mailing list
» (To:, Cc:)
23 24

InternetWeek'97 4
DNS & mail 97/12/17

From the Mailbox to MUA The 3 Points of Mail Delivery

1) Receipt (delivery from remote)
n Local mailbox – Sent from remote mail server
– UNIX etc.
2) Acceptance (delivery to local)
n POP
3) Sending/Forwarding (delivery to remote)
n IMAP – Sent to recipient’
recipient ’ s mail server

DNS DNS

MTA MTA
receive Send/transfer

accept MB
25 26
Range of configuration

DNS Records referred to for Mail

1) Settings for Mail Receipt
Delivery
How to convey destination to sender n A (Address) RR (Resource Record)
n Internet – IP address extracted from host name
– Direct delivery by SMTP n MX (Mail eXchanger
eXchanger)) RR
→ Define delivery destination to DNS – Destination host name extracted from mail
n Bucket relay system address
– UUCP etc. (From JUNET era) n CNAME (Canonical NAME) RR
→ Configure delivery destination in (all) hosts – Alternative host name extracted
along path
– Usage of mailconf
27 28
» [Link] creation tool

Confirm A with nslookup (1) Hosts with Multiple IP addresses

[Link] IN A [Link]
% nslookup [Link]
[Link].. IN A [Link]
Server: localhost n If delivery to the first address doesn’
doesn ’t work,
Address: [Link] it tries all addresses one by one
(implementation dependent)
n With the DNS round-
round -robin function, the
Name: [Link]
address obtained through search is different
Address: [Link] each time
– Load sharing
29
– Even it only tries first address, it may work 30
eventually after several time trial(?)

InternetWeek'97 5
DNS & mail 97/12/17

Confirm A with nslookup (2) Generic Mail Address

% nslookup jp
[Link] n No host name part
Server: localhost – Not dependent on host reorganization
Address: [Link] n Uses MX (Mail eXchanger
eXchanger)) RR
n Mail to user@[Link]

Name: [Link]
[Link].. is sent to specified host
– Look up MX, and with obtained host name
Addresses: [Link], [Link], around the right, look up A and obtain IP
[Link], [Link] address

31 32

Confirm MX with nslookup Preparing for Failures (for MX)

% nslookup - q=q=mx
mx [Link]
[Link].. n Mail receipt back-
back-up
Server: localhost [Link] preference=
preference=10
10,, mx
mx=[Link]
=[Link]
Address: [Link] preference=50
preference= 50,, mx
mx=[Link]
=[Link]
[Link] preference = 10, mail exchanger = n Smaller the number, Higher the priority
[Link] (cost value)
: (additional information)
– Until the sender succeeds in sending,
[Link] internet address = [Link] higher cost attempts are gradually made
n Please note: for destination when MX can’ can’t be
n Mail2 transfers to mail1 upon its recovery
found, it follows A, and if both are found, MX has
priority. – Be aware of mail saving period for mail2
– Therefore it’
it’ s possible for mail to go to another host mail2
using MX setting. 33 34
sender mail1

Lower MX Conditions
Load Sharing
(Conditions to avoid mail loop)
[Link] preference=10, mx
mx=[Link].
=[Link].
n Awareness of own name on right of MX RR Preference=10, mx
mx=[Link].
=[Link].
– Prevent connection to oneself
» confirm with $=w at sendmail -bt
» automatic registration of interface address names n When cost is the same, sender chooses
» qmail is confirmed by IP address destination randomly
n Connection is not made to IP address of oneself
n In the end, sent to one mailbox
n RR costs higher than the MX RR preference – recipient needs some settings
» static delivery definition, etc.
for oneself are thrown out
– Prevent ping-
ping- pong between Lower MX
35 36

InternetWeek'97 6
DNS & mail 97/12/17

Configuration of Accepting
2) Acceptance of Mail
Address
n Recognize that received mail is to oneself n Sendmail (CF)
– local delivery (acceptance) – set as ACCEPT_ADDRS
– not “ received = to oneself”
oneself” n qmail
– set as /var/qmail/control/locals
/var/qmail/control/locals
n If decided that it’
it ’s not to oneself
– search transfer destination

37 38

Summary of Receive Mail

3) Mail Delivery Settings
Settings
n Convey destination to sender Variations of delivery methods
– Define MX record
n Delivery by reference to DNS MX RR
n Recognize that received mail is to oneself – Prepare MTA to refer to MX
– Delivery to local (acceptance) n Delivery based on host name only
n Delivery based on set rules
Separate configurations are necessary – Consider need of referring to DNS

39 40

Basic Configuration for Referring

/etc/
etc/[Link]
[Link]
to DNS
n /etc/
etc/[Link]
[Link] n Designation of name server
nameserver [Link] (interpreted as localhost - [Link])
nameserver [Link]
n service switch file nameserver [Link]
– up to 3 (MAXNS in resolv.h
resolv.h))
» time out is same regardless of how many (75s)
domain [Link]
search [Link] [Link] [Link]
– Used for address supplement
41 42

InternetWeek'97 7
DNS & mail 97/12/17

Service Switch file When referring to DNS MX

n Solaris n MTA referring to MX

– /etc/
/etc/[Link]
[Link] – [Link]
» hosts: files dns » link to libresolv.a
n DEC – [Link] for reference to MX
– /etc/
/etc/[Link]
[Link] » MX_SENDMAIL=yes (CF)
» (Actually Wildcard MX strategy only)
n Others → Address supplement
– ServiceSwitchFile option ([Link]
([Link]))
– Default: /etc/[Link]
hosts dns files nis 43 44

Delivery Based on Set Rules Confirmation for Delivery

n Write set rules in [Link] n Is the address interpreted correctly?

– mailconf – sendmail - bv or sendmail - bt /parse
– CF n Is MX able to search normally?
» STATIC_ROUTE_FILE – use sendmail - bt for /mx
/mx command
n Is it able to actually send?
– sendmail - v

45 46

Summary of Delivery Settings

n Host should be able to refer to DNS

– [Link]
– Service Switch file

n Consider destination according to mail

address
– Refer to DNS (MX) and deliver as is
» which name server should be looked at (more later)
– Destination is statically set 47

InternetWeek'97 8