Difference between revisions of "CNM Mail Server"
(Created page with "Mail for CNM Cloud. Further development of CNM Mail Server to make sure that all CNM apps can send and, when applicable, receive emails through it. Category:C...") |
|||
(18 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
− | + | [[CNM Mail Server]] (hereinafter, the ''Soft'') is the server that makes sure that all [[CNM app]]s can send and, when applicable, receive emails through it. | |
+ | Development of the ''Soft'' occurs under the [[Mail for CNM Cloud]] project. | ||
+ | ==Architecture== | ||
+ | ===Postfix + Dovecot=== | ||
+ | : It deploys the most popular combination of Postfix and Dovecot for mail setup. | ||
+ | :'''Postfix''' is the Mail Transfer Agent. Postfix is free software, featuring a clever modular architecture that allows you to create a reliable and fast mail system. | ||
+ | :'''Dovecot''' is a free IMAP and POP3 server that offers security, configuration flexibility, and performance. Dovecot features are: | ||
+ | #High-performance | ||
+ | #A large number of supported mechanisms for storing authentication information (including LDAP) and authentication itself (SSL is supported). | ||
+ | #Extensibility via plugins. | ||
+ | #Strict adherence to standards. Dovecot is one of the few servers to pass all IMAP standards tests. | ||
+ | : We use the combination because Postfix just concerns itself with sending off client emails and temporarily storing incoming emails without sorting them according to recipient email address. And Dovecote's principal task is sorting the emails received by the mail transfer agent (MTA), e.g. Postfix, and delivering them on demand by each recipient. It separates the mass of emails arriving at Postfix's single mailbox into individual mailboxes for each recipient address and simultaneously listens for requests for a new email from recipients' email client packages. | ||
+ | [[File:Post.png|right]] | ||
+ | : The ''architecture of the mail server'' looks like this: | ||
+ | : The input is the MTA mail server which works on the SMTP protocol. The MTA is on the Internet and it gets and sends the mail. We have some sort of mail base and we also have a mail delivery agent called MDA which delivers mail to the user. This is a POP3 or IMAP protocol. The MDA takes from the email base and gives it to the client. In between is the LDA, which takes mail from the MDA via LMTP (Local Mail Transfer Protocol) and puts it in the database. | ||
+ | : Usually, you don't put extra software as an LDA. Today, both Postfix and Dovecot can act as an LDA. But Postfix does it in a very primitive way. If you use Dovecot, however, it is possible to connect Sieve (a scripting language for mail filtering) and much more. | ||
− | [[Category:CNM | + | ===Database system=== |
+ | |||
+ | ===Software instances=== | ||
+ | : Software instances that power (1) core, (2) hands-on training, and (3) experiential systems and applications. | ||
+ | # mail.opplet.net (core) opplet-test | ||
+ | # mail.cnmcyber.com (experiential systems and applications) employ | ||
+ | |||
+ | ===Security=== | ||
+ | : For security, we use Fail2ban because it operates by monitoring log files (e.g. /var/log/auth.log, /var/log/apache/access.log, etc.) for selected entries and running scripts based on them. Most commonly this is used to block selected IP addresses that may belong to hosts that are trying to breach the system's security. It can ban any host IP address that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator. Includes support for both IPv4 and IPv6. | ||
+ | |||
+ | ====Malware protection==== | ||
+ | : Previously, [[Opplet]] developers struggled with the viruses, so an effective anti-virus strategy must be found -- what was the solution? | ||
+ | |||
+ | ==Standing operating procedures== | ||
+ | [[Standing operating procedure]] | ||
+ | * [https://repo.employableu.com/root/course-illustrations/-/wikis/home Нow to install Postfix and Dovecot:] | ||
+ | * [https://repo.employableu.com/root/course-illustrations/-/wikis/%D0%90%D0%BD%D1%82%D0%B8%D1%81%D0%BF%D0%B0%D0%BC-Spam-Assassin How to install Spam Assassin:] | ||
+ | * [https://repo.employableu.com/root/course-illustrations/-/wikis/%D0%9E%D1%81%D0%BD%D0%BE%D0%B2%D0%BD%D1%8B%D0%B5-%D0%BD%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8-DNS How to configure DNS:] | ||
+ | * [https://repo.employableu.com/root/course-illustrations/-/wikis/%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BF%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%BC%D0%B8-%D1%81%D0%BE%D0%BE%D0%B1%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%D0%BC%D0%B8-%D0%B2-Dovecot.-Sieve How to set up Email message management in Dovecot:] | ||
+ | * [https://repo.employableu.com/root/course-illustrations/-/wikis/%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5-%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%D0%B0-%D0%B2-Postfix How to encrypt traffic in Postfix:] | ||
+ | |||
+ | ==Hands-on assignments== | ||
+ | : Hands-on assignments that CNM learners can use to get accustomed to the software while using its hands-on training systems and applications. | ||
+ | |||
+ | ==Presentations== | ||
+ | : Presentations that present the software to its new users in multimedia, video, just audio, and/or just graphic formats. | ||
+ | |||
+ | ==User group== | ||
+ | : CNM Social user group has not yet been created; the group may organize software-related events and produce newsletters. | ||
+ | |||
+ | ==Related lectios== | ||
+ | : Lectios that provide CNM learners with knowledge about the deployed software. | ||
+ | |||
+ | [[Category:CNM Cloud products]] |
Latest revision as of 00:09, 15 November 2023
CNM Mail Server (hereinafter, the Soft) is the server that makes sure that all CNM apps can send and, when applicable, receive emails through it.
Development of the Soft occurs under the Mail for CNM Cloud project.
Contents
Architecture
Postfix + Dovecot
- It deploys the most popular combination of Postfix and Dovecot for mail setup.
- Postfix is the Mail Transfer Agent. Postfix is free software, featuring a clever modular architecture that allows you to create a reliable and fast mail system.
- Dovecot is a free IMAP and POP3 server that offers security, configuration flexibility, and performance. Dovecot features are:
- High-performance
- A large number of supported mechanisms for storing authentication information (including LDAP) and authentication itself (SSL is supported).
- Extensibility via plugins.
- Strict adherence to standards. Dovecot is one of the few servers to pass all IMAP standards tests.
- We use the combination because Postfix just concerns itself with sending off client emails and temporarily storing incoming emails without sorting them according to recipient email address. And Dovecote's principal task is sorting the emails received by the mail transfer agent (MTA), e.g. Postfix, and delivering them on demand by each recipient. It separates the mass of emails arriving at Postfix's single mailbox into individual mailboxes for each recipient address and simultaneously listens for requests for a new email from recipients' email client packages.
- The architecture of the mail server looks like this:
- The input is the MTA mail server which works on the SMTP protocol. The MTA is on the Internet and it gets and sends the mail. We have some sort of mail base and we also have a mail delivery agent called MDA which delivers mail to the user. This is a POP3 or IMAP protocol. The MDA takes from the email base and gives it to the client. In between is the LDA, which takes mail from the MDA via LMTP (Local Mail Transfer Protocol) and puts it in the database.
- Usually, you don't put extra software as an LDA. Today, both Postfix and Dovecot can act as an LDA. But Postfix does it in a very primitive way. If you use Dovecot, however, it is possible to connect Sieve (a scripting language for mail filtering) and much more.
Database system
Software instances
- Software instances that power (1) core, (2) hands-on training, and (3) experiential systems and applications.
- mail.opplet.net (core) opplet-test
- mail.cnmcyber.com (experiential systems and applications) employ
Security
- For security, we use Fail2ban because it operates by monitoring log files (e.g. /var/log/auth.log, /var/log/apache/access.log, etc.) for selected entries and running scripts based on them. Most commonly this is used to block selected IP addresses that may belong to hosts that are trying to breach the system's security. It can ban any host IP address that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator. Includes support for both IPv4 and IPv6.
Malware protection
- Previously, Opplet developers struggled with the viruses, so an effective anti-virus strategy must be found -- what was the solution?
Standing operating procedures
- Нow to install Postfix and Dovecot:
- How to install Spam Assassin:
- How to configure DNS:
- How to set up Email message management in Dovecot:
- How to encrypt traffic in Postfix:
Hands-on assignments
- Hands-on assignments that CNM learners can use to get accustomed to the software while using its hands-on training systems and applications.
Presentations
- Presentations that present the software to its new users in multimedia, video, just audio, and/or just graphic formats.
User group
- CNM Social user group has not yet been created; the group may organize software-related events and produce newsletters.
Related lectios
- Lectios that provide CNM learners with knowledge about the deployed software.