book is step-by step solutions of specific sendmail problems (a unix email server which i have never used.)----though it appears my webserver uses it. quote from book, warning me :"Most books are written as a unit and are intended to be read as a whole. One section transitions to another, one chapter transitions to the next, and a flow is developed to draw you through the book. A cookbook isn't like that. Each recipe is complete unto itself. You don't sit down and read a cookbook from cover to cover. If you did, you would find it repetitious and rather boring (unless you're very hungry!). " sendmail is constantly under attack by hackers website is sendmail.org to complile sendmail: # cd sendmail-8.12.9 # ./Build sample "recipe" : "Recipe 1.4 Adding the regex Map Type to sendmail" zzzzzzzzzzzzzz sendmail -bt -d0.1 - checks installed options you can test sendmail configs before implementing them there are different levels for logging sendmail actions...all configurable by the sysadmin cool sentence: "data that passes over the network is subject to corruption and spoofing" mailing lists are created in the alias file i have to pretend like these books are part of some nerd RPG fan fiction to make them interesting. solution: be stern = "If these tests show you the loop, tell the user exactly what is wrong and what needs to be fixed. If you cannot get the necessary information quickly from the remote system, tell the user that he probably has a loop in his .forward files, that he needs to fix it, and that his .forward file on your system will be ignored until he does." interesting : "Spammers love to find a system that they can relay through in order to hide the true source of the spam mail." ahhh paused for ten minutes on accident....maybe i have...no i don;t i have to say that this books makes everything else around me SUPER interesting. i.e. i just looked up everyone who sang "bridge over troubled water" relay hosts are used to route mail to other hosts. for example, when the internet was smaller, there were less mail servers, so networks would have their own relay servers to deliver mail. uucp - unix to unix copy promiscuous relay is the type of relay typically used by spammers to mask their addresses i imagine that relay hosts are also used for spying on low-level email users using a relay host sometimes requires 'masquerading' because when the mail is sent from the relay server, a new address is written example of the path of a 'masquerade': # sendmail -bt ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter
> /tryflags HS > /try local alana Trying header sender address alana for mailer local canonify input: alana Canonify2 input: alana Canonify2 returns: alana canonify returns: alana 1 input: alana 1 returns: alana HdrFromL input: alana AddDomain input: alana AddDomain returns: alana < @ *LOCAL* > MasqHdr input: alana < @ *LOCAL* > MasqHdr returns: alana < @ chef . wrotethebook . com . > HdrFromL returns: alana < @ chef . wrotethebook . com . > final input: alana < @ chef . wrotethebook . com . > final returns: alana @ chef . wrotethebook . com Rcode = 0, addr = alana@chef.wrotethebook.com 'masquerading' as the name suggests, is a form of marketing, to give them impression of a well organinzed mailserver, and thus, a well organized company. the code for most things in sendmail is only 5-6 lines long but the explanations last 3-4pages..... example boring paragraph: "Build a mailertable database that routes mail bound for specific remote systems through the appropriate special-purpose mailers. Do this by first creating a text file and then processing that file with the makemap script to create a hash type map. The key for these mailertable entries is a full or partial domain name that must match the hostname part of the recipient address on mail that needs to be handled by a special-purpose mailer. The return value is the internal name of the special-purpose mailer separated by a colon from the name of the remote system that will accept the mail." ughhhh..... mail can get caught in 'loops' where redirecting and masquerading can send a message into a never-ending vortex. mail protocol flaw: "Spammers abuse the services of other people's systems by using those systems as unauthorized relays." negative reinforcement :"The REJECT action sends a default error message. Use the ERROR keyword to reject a message with your own custom error message. For example: example.com ERROR:5.7.1:550 Relaying denied to spammers" boolean values for spam or not spam; FRIEND or HATER! external mail filtering programs - MILTER according to this book, its often a problem that users respond to spam email lightweight directory access protocol -LDAP dnsbl - dns blacklist actually spacm black lists are called blackhole lists cool awk format: ^([0-9]+<@(aol|msn)\.com|[0-9][^<]*<@juno\.com)\.?> information obtained by "auth" cannot be hidden by masquerading. sendmail has to be compiled with a MILTER or else you have to reinstall if you want to add one..... sendmail can be configured to authenticate its senders and recievers user passwords are stored in a file in plain text format! cool encrypted string: >>> AUTH DIGEST-MD5 = 334 bm9uY2U9ImdScXZhVjVxYkpVdjJvU3FGWnR2UXJtR2hFhtPW1kNS1zZXNz >>> dXNlcm5hbWU9ImNoZWYiLHJlYWxtPSJ3cm90ZXRoZWJvb2YWMwZDIxM2QyYmE2MTVmZjY5 334 cnNwYXV0aD0zNzg3ZGI3N2E0M2YyYzhhMDdkZGRiYjg5N2NjNDkxOQ== >>> 235 2.0.0 OK Authenticated secret message: encrypted encrption tls (transport layer security)is to ensure secure mail delivery best paragraph in the whole book: "TLS uses public key encryption, which is also called asymmetric encryption. It is asymmetric because it uses two different keys. A public key that is made available to the world and a private key that is kept secret. Anything encrypted with the public key can only be decrypted with the private key, and anything encrypted with the private key can only be decrypted with the public key. Four keys are needed to authenticate both the TLS client and the TLS server: the client's public and private keys and the server's public and private keys.[1]" the queue is where mail is stored if there is a delivery problem so many books are dedicated to "sercurity" creating a war between two sides, servers/sysadmins and attackers. spies, hackers, crackers, etc. programmer joke: 'confDONT_BLAME_SENDMAIL define accepts more than 40 arguments that relax sendmail's normally strict security.' network sercurity is about defense - no negative reinforcement a lot of books about programs refer to the behavior of the program. it seems possible to break into a sendmail system by disguising yourself as email