General Mail System Terminology

An email server is composed of many interlocking componants that must work in perfect harmony. To speak intellegently about these componants we must use the same language. Therefore, the following is a review of Email componant terms:

• Mail Delivery Agent (MDA): Software that accepts incoming e-mail messages and distributes them to recipients' individual mailboxes (if the destination account is on the local machine), or forwards back to an SMTP server (if the destination is on a remote server). In many places also refered to as a 'Local Delivery Agent (LDA)'.
  • Examples:
    • Procmail
    • Maildrop (Courier)
    • Postdrop (Postfix)
• Mail Transfer Agent (MTA): Software that transfers electronic mail messages from one computer to another, typically by SMTP. Also called a mail transport agent, mail server, or a mail exchange server in the context of the Domain Name System.
  • Examples:
    • Postfix
    • Sendmail
    • Exim
    • QMail
• Mailbox Server (MBS): Software used to access mailboxes on a mailstore from an MUA.
  • Examples:
    • Courier IMAP (IMAP & POP3)
    • Dovecot (IMAP & POP3)
    • UW-IMAP (IMAP & POP2/POP3)
    • Cyrus IMAP (IMAP & POP3)
• Mail User Agent (MUA): Software used to read and send e-mail.
  • Examples:
    • Mail.app
    • Thunderbird
    • Outlook/Entourage
    • Mutt
• Mail Submission Agent (MSA): Software which receives electronic mail messages from a mail user agent (MUA) and contacts an mail transfer agent (MTA) for delivery of the mail. This is a method of seperating the submition componant from the MTA to combat spam. Refer to RFC 2476 for official details. Submission Agents use port 587.

• SMTP: Simple Mail Transfer Protocol, RFC 821 amended by RFC 1123
• ESMTP: Extended SMTP, RFC 1869 obseleted by RFC 2821
• SMTP Auth: SMTP extension to include an authentication step through which the client effectively logs in to the mail server during the process of sending mail.SMTP-AUTH is defined in RFC 2554. [http://en.wikipedia.org/wiki/SMTP-AUTH]
• SASL: Simple Authentication and Security Layer. A framework for authentication and data security in Internet protocols. It decouples authentication mechanisms from application protocols, in theory allowing any authentication mechanism supported by SASL to be used in any application protocol that uses SASL. RFC 4422. Commonly SASL (namely [http://cyrusimap.web.cmu.edu/downloads.html Cyrus SASL-Authd]) is use to provide TLS for SMTP Auth.
• SSL/TLS: Transport Layer Security RFC 4346 and its predecessor, Secure Sockets Layer
• LMTP: Local Mail Transfer Protocol. LMTP is designed as an alternative to normal SMTP for situations where the receiving side does not have a mail queue, such as a Mail Delivery Agent that understands SMTP conversations. RFC 2033.

• mbox: Traditional “all in one” appended mail file
• Maildir: New storage method broken into directories per mailbox with one message per file. Maildir is known to cause problems due to inode consumption and file creation/small file performance.

  [MUA]                            [MUA]    
   |                                ^
   V(MX)                            |        
 [MTA] -> [MDA] -> [Mail Store] -> [MBS]
  | ^
  V |
 [Filter]

In the above the following might be used:

• MUA Client: Thunderbird
• MTA: Postfix
• Filter: DSpam
• Mail Store: nfs:/home/USER/Maildir
• MDA: Maildrop
• MBS: Courier-IMAP

Authentication and Encryption are separated in mail systems. For instance, in the case of an MTA SASL (Secure Authentication and Security Layer) is used for SMTP authentication (SMTP AUTH) but TLS (the successor to SSL) is used for encryption based on PKI certificates. In the case of IMAP authentication is built in but TLS is still used encrypt the session.

Cyrus SASL is the most common SASL implementation and plugins into a number of backend authentication repositories such as LDAP, SQL, or even IMAP.

* 25/tcp: SMTP * 109/tcp: POP2 * 110/tcp: POP3 * 143/tcp: IMAPv4 * 465/tcp: SMTP-SSL * 587/tcp & 587/udp: Submission * 993/tcp: IMAP-SSL

In a clean configuration:

• A domain MX points to the mail server
• The name returned by the mail server ([http://cr.yp.to/smtp/greeting.html 220 greeting]) should match the MX
• The PTR to the IP of the MX should match the name returned by both MX lookup and the 220 greeting.
• etc..

• Installing basic mail ← LSD — might not linked to the correct page????
• DSpam
• Postfix: This entry includes information on Cyrus SASL
• Maildir
• Sender Policy Framework: DNS SPF TXT Records

• Joyent Connector
• [http://www.trustico.co.uk/ssltools/decode/certificate/decode_ssl_certificate.html SSL Cert Decoder]