SlideShare ist ein Scribd-Unternehmen logo

IndiMail - The Flexible Messaging Platform

Manvendra Bhangui
Manvendra Bhangui

IndiMail is a messaging platform utilizing the following packages qmail, serialmail, qmailanalog, dotforward, fastforward, mess822, daemontools, ucspi-tcp, Courier IMAP/POP3, Bogofilter - A Bayesian Spam Filter, Fetchmail, other useful utilities (pack, unpack, altermime, ripmime, flash). IndiMail provides Management of Virtual domains with large number of users. Some of the components like qmail have been significantly modified to provide a seamless user experience, manageability, superior performance and high scalability. IndiMail works on both 32 / 64 bit Unix platforms.

Technologie
1 von 41
Downloaden Sie, um offline zu lesen
IndiMail The Flexible Messaging Platform Manvendra Bhangui
IndiMail The Flexible Messaging Platform Strengths & Advantages Components Feature List Architecture Installation & Configuration Administration Maintenance Long-term Goals Support Hardware Requirements Questions
IndiMail The Flexible Messaging Platform Strengths & Advantages –All parameters customizable through environment variables (around 200 parameters). –Customizable globally, locally, dynamically or specifically for a user or group of users. –Mail can be intercepted before injection, after queuing or before final delivery –Single instance multiple queues. Concurrency customizable –Horizontally scalable architecture. –Crash proof –Faster than qmail, postfix (the only two noteworthy competitors) –Full featured (SMTP, POP3, IMAP, SPAM Filter, Virus Scanning, SSL, Domainkeys, DKIM, BATV, etc) –Highlysecure. Can protect vulnerable messaging servers like MS Exchange by acting as frontend SMTP, IMAP and POP3 servers. –Open Standards – Compliant with most of the messaging RFCs –Open Source – Source code available (GNU GPL V3). –accesslist– control email exchanges between senders & recipients. Control exchanges between internet and users. (unique to indimail & satisfies corporate requirements) –High speed virus/spam filtering by using inline scanning.
IndiMail The Flexible Messaging Platform Components  MTA -Based on qmail. Extensive changes to make it a modern MTA and achieve highest possible delivery speed.  IMAP/POP3 - Based on courier-imap. Changes made to support multiple open standards authentication modules (v4.10.x)  Virus Filter - clamAV with automatic signature updates using freshclam (v0.96.x)  SPAM Filter- Bogofilter – robinson fisher algorithm (v1.2.2)
IndiMail The Flexible Messaging Platform Feature List – Speed ● Probably the fastest MTA. Multi-queue architecture allows 1.5 millions+ deliveries on a intel commodity hardware – Setup ● automatic adaptation to your UNIX variant ● Linux, SunOS, Solaris, and more ● automatic per-host configuration - gnu autoconf ● High degree of automation of configuration through svctool ● RPM packages for multiple Linux Distros.
IndiMail The Flexible Messaging Platform Feature List (cont...) – Security ● clear separation between addresses, files, and programs ● minimization of setuid code (qmail-queue, qhspi, qscanq, systpass) ● minimization of root code (qmail-start, qmail-lspawn) ● five-way trust partitioning---security in depth ● optional logging of one-way hashes, entire contents, etc. (EXTRAQUEUE, mailarchive control file) ● virus scanning through qscanq, clamav. ● Extensible plugin feature for virus scanners ● Inbuilt virus scanner ● sender/recipient accesslist, hostaccess using tcprules
IndiMail The Flexible Messaging Platform Feature List (cont…) – Message construction ● RFC 822, RFC 1123 ● full support for address groups ● automatic conversion of old-style address lists to RFC 822 format ● sendmail hook for compatibility with current user agents ● header line length limited only by memory ● host masquerading (control/defaulthost) ● user masquerading ($MAILUSER, $MAILHOST) ● automatic Mail-Followup-To creation ($QMAILMFTFILE) ● ability to add signature/content to messages using altermime ● Abuse report format (ARF) generator using qarf
IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP ● RFC 2821, RFC 1123, RFC 1651, RFC 1652, RFC 1854, RFC 1870, RFC 1893 ● 8-bit clean ● 931/1413/ident/TAP callback ● relay control---stop unauthorized relaying by outsiders (control/rcpthosts) ● no interference between relay control and aliases ● automatic recognition of local IP addresses ● per-buffer timeouts ● hop counting * parallelism limit (tcpserver) ● per host limit (tcpserver - MAXPERIP)
IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP (cont…) ● refusal of connections from known abusers (tcpserver, badmailfrom, badmailpatterns, badhelo, blackholedsender, blackholedpatterns, badhost, badip) ● goodrcptto, goodrcptpatterns which override the above ● blackholercpt, blackholercptpatterns for blackholing mails to specific senders. ● Control files spamignore, blackholedsender, badmailfrom, relaymailfrom, badrcptto, chkrcptdomains, goodrcptto, blackholercpt, badip can be specified in plain text, cdb format as well as stored in MySQL tables. ● relaying and message rewriting for authorized clients ● authenticated SMTP PLAIN, LOGIN, CRAM-MD5, CRAM-SHA1, CRAM- RIPEMD, DIGEST-MD5 HMAC (RFC 1321, RFC 2104, RFC 2554, RFC 2617)
IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP (cont…) ● STARTLS extension, TLS ● Support for SMTPS ● POP/IMAP before SMTP ● ETRN (RFC 1985) ● ODMR (RFC 2645) ● RBL/ORBS support (rblsmtpd) ● DNSBL support using plugin ● SURBL (SURBL Blacklist) using surblfilter ● SPAM Control (Reject/Tag/Accept) using Bayesian techniques ● High Performance MS Virus Control via control file viruscheck and control file signatures ● Content Filtering and blocking of prohibited attachments via control file bodycheck
IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP (cont…) ● Ability to reject/bounce mails for unknown/inactive users (CHECKRECIPIENT) ● ability to have the RECIPIENT check for selective domains using control file chkrcptdomains ● Antispoofing mode (turned on by environment variable ANTISPOOFING) ● Masquerading ability. ● Multiline greetings via control file smtpgreeting ● Message Submission Agent – MSA (RFC 2476) ● Domain IP address pair access control via control file hostaccess ● Per User accesslist via control file accesslist ● SPF – Sender Permitted From
IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP (cont…) ● Per User control of environment variable by envrules (rules file set by environment variable FROMRULES) ● Greylisting[3] capability using qmail-greyd or greydaemon ● Bounce Address Tag Validation (BATV)[4] ● Notify recipient when message size exceeds databyte limits (by setting environment variable DATABYTES_NOTIFY) ● SMTP Plugins using external plugins in /var/indimail/plugins – Queue management ● instant handling of messages added to queue ● parallelism limit (control/concurrencyremote, control/concurrencylocal) ● split queue directory---no slowdown when queue gets big
IndiMail The Flexible Messaging Platform Feature List (cont…) – Queue Management (cont…) ● quadratic retry schedule---old messages tried less often ● independent message retry schedules ● automatic safe queueing---no loss of mail if system crashes ● automatic per-recipient checkpointing ● automatic queue cleanups (qmail-clean) ● queue viewing (qmail-qread) ● detailed delivery statistics (qmailanalog) ● Ability to hold local, remote or both deliveries (holdlocal, holdremote control file) ● Qmail Queue Extra Header – Ability to pass extra headers to local and remote deliveries via qmail-queue (Environment variable QQEH).
IndiMail The Flexible Messaging Platform Feature List (cont…) – Queue Management (cont…) ● Configurable number of queues and time slicing algorithm for load balancing via qmail-multi. A queue in indimail is configurable by three environment variables QUEUE_BASE, QUEUE_COUNT, and QUEUE_START. A queue in IndiMail is a collection of queues. Each queue in the collection can have one or more SMTP listener but a single or no delivery (qmail-send) process. It is possible to have the entire queue collection without a delivery process (e.g. SMTP on port 366 – ODMR). The QUEUE_COUNT can be defined based on how powerful your host is (IO bandwidth, etc). NOTE: This configurable number of queues is possibe with a single installation and does not require you to install multiple instances of qmail.
IndiMail The Flexible Messaging Platform Feature List (cont…) – Queue Management (cont…) ● External Virus scanning via QHPSI – Qmail High Performance Scanner Interface ● Ability to extend QHPSI interface through plugins. The keyword plugin:shared_lib defined in the environment variable QHPSI denotes 'shared_lib' to be loaded. ● Virus scanner qscanq. Ability to detect virus via a third party scanner defined by SCANCMD environment variable (clamscan, clamdscan, etc) ● Blocking of prohibited filename extensions via qscanq program ● Domainkeys (qmail-dk) RFC 4870 * DKIM[5] with ADSP/SSP (qmail- dkim) RFC 4871
IndiMail The Flexible Messaging Platform Feature List (cont…) – Queue Management (cont…) ● Set all header values listed in envheader control file as environment variables. ● Log all headers listed in control file logheaders to stderr. ● Remove all headers listed in control file removeheaders from email. ● Ability to do line processing instead of block processing. ● qmail-nullqueue – blackhole the mail silently. ● rule based mail archival using control file mailarchive (SOX, HIPAA compliance) ● Added additional recipients for a message using extraqueue or mailarchive control file. ● X-Originating-IP header to record the original IP from which the mail originates
IndiMail The Flexible Messaging Platform Feature List (cont…) – Bounces ● QSBMF bounce messages---both machine-readable and human-readable ● HCMSSC support---language-independent RFC 1893 error codes ● double bounces sent to postmaster ● Ability to discard double bounces ● Ability to preserve MIME format when bouncing. ● Control of bounce process via envrules (rules file controlled by environment ● variable BOUNCERULES or control files bounce.envrules) ● limit size of bounce using control file bouncemaxbytes ● Ability to process bounces using external bounce processor (environment variable BOUNCEPROCESSOR)
IndiMail The Flexible Messaging Platform Feature List (cont…) – Routing by domain ● any number of names for local host (control/locals) ● any number of virtual domains (control/virtualdomains) ● domain wildcards (control/virtualdomains) ● configurable percent hack support (control/percenthack) ● Clustered Domain. Same virtual domain can exist on multiple hosts, each having its own set of users. Provides Load Balancing and infinite scalability.
IndiMail The Flexible Messaging Platform Feature List (cont…) – Remote SMTP delivery ● RFC 2821, RFC 974, RFC 1123, RFC 1870 ● 8-bit clean ● automatic downed host backoffs ● Configurable tcp timeouts for downed host backoffs. ● automatic switchover to next best MX ● artificial routing---smarthost, localnet, mailertable (control/smtproutes) ● Support for jumbo ISP (control/smtproutes.cdb) ● per-buffer timeouts ● passive SMTP queue---perfect for SLIP/PPP (serialmail) ● AutoTURN support (serialmail) ● Spam control (SPAMFILTER environment variable)
IndiMail The Flexible Messaging Platform Feature List (cont…) – Remote SMTP delivery (cont…) ● Authenticated SMTP (userid/passwd in control/smtproutes) - PLAIN, LOGIN, CRAM-MD5, CRAM-SHA1, CRAM-RIPEMD, DIGEST-MD5 ● STARTTLS, TLS ● Static and Dynamic Routing. (SMTPROUTES environment variable) ● Environment variable control via envrules (rules file controlled by environment variable RCPTRULES) * QMAILREMOTE environment variable to run any executable/script instead of qmail-remote ● QMTP support, artificial routing using (control/qmtproutes) ● ONSUCCESS_REMOTE, ONFAILURE_REMOTE scripts run on successful or failed remote deliveries environment variables SMTPTEXT, SMTPCODE, ERRTEXT available for these scripts ● IP address binding on domain, sender address, recipient address and random selection from a pool of IP addresses
IndiMail The Flexible Messaging Platform Feature List (cont…) – Local delivery ● user-controlled address hierarchy : fred controls fred-anything ● mbox delivery ● reliable NFS delivery (maildir) ● user-controlled program delivery: procmail etc. (qmail-command) ● optional new-mail notification (qbiff) ● detailed Delivered-To Headers ● optional NRUDT return receipts (qreceipt) ● autoresponder RFC 3834 compliance (provide Auto-Submitted, In-Reply-To, References fields (RFC 3834)) ● conditional filtering (condredirect, bouncesaying, vfilter)
IndiMail The Flexible Messaging Platform Feature List (cont…) – Local delivery (cont…) ● Environment variable control via envrules (rules file controlled by environment variable RCPTRULES) ● Eliminate duplicate messages ● QMAILLOCAL environment variable to run any executable/script instead of qmail-local ● X-Forwarded-To, X-Forwarded-For headers – Other ● Unix Client Server Program Interface (UCSPI) through programs tcpserver and tcpclient ● Change concurrency of tcpserver without restart
IndiMail The Flexible Messaging Platform Feature List (cont…) – Other ● TLS/SSL Support in tcpserver ● STARTTLS extension in IMAP, STLS extension in POP3 ● Ability to restrict connection per IP (MAXPERIP) ● run shutdown script if present on svc –d ● ability to log svscan output using multilog ● nssd Name Service Switch which allows extending of the system passwd database to IndiMail's database. ● pam-multi - Generic PAM module allows any external programs to authenticate against IndiMails database. ● multiple checkpassword modules sys-checkpwd, ldap-checkpwd, pam-checkpwd, vchkpass, systpass ● Proxy for IMAP/POP3 Protocol
IndiMail The Flexible Messaging Platform Feature List (cont…) – Other ● inlookup – High Performance User Lookup Daemon. ● indisrvr – Indimail Administration Daemon. ● spawn-filter - Ability to add disclaimer, run multiple filters before local/remote delivery. ● Post Execution Handle - Allows functionality of indimail to be extended by writing simple scripts ● On the fly migration of users by defining MIGRATEUSER environment variable. ● ready to use QMQP service ● ability to distribute QMQP traffic across multiple servers ● sslerator - TLS/SSL protocol wrapper for non-tls aware applications
IndiMail The Flexible Messaging Platform Feature List (cont…) – Other ● svctool – Configuration tool for IndiMail. ● adminclient protocol – Interface for external programs to administer IndiMail ● mrtg graphs for detailed statistics ● ability to specify commands in control files
Internet IndiMail Architecture Internet mx.xxxx.com (25) imap.xxxx.com (110, 143) Load Balancer 1 mx.xxxx.com (25) SMTP imap.xxxx.com (110/143) Port 25 mail.xxxx.com (80) mail.xxxx.com (80) Incoming Incoming Incoming Webmail Webmail Webmail Proxy Proxy Proxy Relay Relay Relay imap/pop3 imap/pop3 imap/pop3 Inlookup Inlookup Inlookup inlookup inlookup inlookup Clamd Clamd Clamd bogofilter bogofilter bogofilter smtp.xxxx.com (25/587) MySQ SMTP Conn L ecti on (for authenticated My user Co SQ to submit their IMAP/POP3 nn L outgoing email) ec ti o n Online Replication MySQL MySQL SMTP Load Balancer 2 Host Control DB Host Control DB (Master) (Slave) MyS Outgoing Outgoing Con QL MySQL nec Connection Relay Relay tion Inlookup Inlookup clamd clamd SMTP Mailstore Mailstore Mailstore (delivery from imap/pop3/smtp imap/pop3/smtp imap/pop3/smtp mailstore) Inlookup Inlookup Inlookup vdelivermail vdelivermail vdelivermail Internet SMTP SMTP (for local qmail-remote domains) (external domain) MySQL MySQL MySQL
IndiMail The Flexible Messaging Platform
IndiMail The Flexible Messaging Platform
IndiMail The Flexible Messaging Platform
IndiMail The Flexible Messaging Platform
IndiMail The Flexible Messaging Platform
IndiMail The Flexible Messaging Platform
Installation IndiMail – The Flexible Messaging Platform RPM for both 32 / 64 Bit – rpm -ivh rpm_filename – openSUSE • openSUSE 11.3 • openSUSE 11.2 • openSUSE 11.1 • SUSE Linux Enterprise 11 SP1 • SUSE Linux Enterprise 11 • SUSE Linux Enterprise 10 • OpenSUSE Factory – Red Hat • Fedora14 • Fedora13 • Fedora12 • RHEL6 • RHEL5 • Centos 5 – Mandriva Linux • Mandriva 2010.1 • Mandriva 2010 – Yum Repository – http://download.opensuse.org/repositories/home:/indimail/ – Copy repo file to /etc/yum.repos.d for hands-free installation/upgrade ● % sudo yum install indimail.x86_64 ● % sudo yum install indimail.i386
IndiMail Configuration Flexible Messaging Platform The – svctool (service Tool) • SMTP, IMAP, POP3, ssl, fetchmail, certificates, verification of installation • Backups of data, configuration • Repair of Database, queue • Configuration for MySQL, Spamfilter, virus filter, qmail • Reports – GUI Iwebadmin, indium, shit, cindimai, osh • – Supervise for 100% uptime • Envdir • Logging
IndiMail The Flexible Messaging Platform ● Administration ● Web Administration – iwebadmin ● ncurses GUI – Secure Host Interface – Configurable menu & commands ● Indium – TCL/TK GUI – Powerful & provides in-depth administration ● Operator Shell – osh – Bash like shell with restricted access to commands – Access to commands based on user roles ● cindimail – Small shell providing access to all indimail commands with tool tips
IndiMail The Flexible Messaging Platform Maintenance – Backup of Configuration ● /var/indimail/control ● /var/indimail/etc ● /var/indimail/users ● /var/indimail/share – Mail Backup – Update of Clamav Software – Update of IndiMail (rpm, yum)
IndiMail The Flexible Messaging Platform Long Term Goals ● To provide a modern technologically superior technology and solutions specifically related to Messaging Protocols (SMTP, IMAP, POP3) ● Provide a highly scalable, bug free, MSP class mailing solution using the Bazaar Model under GNU GPL V3 ● Provide configuration for any property that can potentially affect the behaviour of messaging (Install the software once). ● FHS 2.3 compliance ● Build a community and get shipped with Linux distros by default
IndiMail The Flexible Messaging Platform Support ● indimail-support - You can subscribe for Support at ● https://lists.sourceforge.net/lists/listinfo/indimail-support. You can email indimail-support@lists.sourceforge.net for posting messages to this list. ● indimail-devel - You can subscribe at https://lists.sourceforge.net/lists/listinfo/indimail-devel ● indimail-announce - This is only meant for announcement of New Releases or patches. You can subscribe at http://groups.google.com/group/indimail. You can email indimail-devel@lists.sourceforge.net for posting messages to this list. ● Archive at Google - http://groups.google.com/group/indimail. This group acts as a remote archive. Any discussions posted here goes to indimail-support. ● There is also a Project Tracker for IndiMail (Bugs, Feature Requests, Patches, Support Requests) at http://sourceforge.net/tracker/?group_id=230686
IndiMail The Flexible Messaging Platform Documentation – INSTALL, INSTALL-RPM – IndiMail Documentation – indimail.pdf – WIKI - http://en.wikipedia.org/wiki/User:Mbhangui/IndiMail – Frequently Answered Questions – FAQ.pdf – Man Pages - /var/indimail/man – All docs in /var/indimail/docs
IndiMail The Flexible Messaging Platform Hardware Requirements (100,000 users) – Messaging Server • DL 360 (Relay Server) – 2 Nos • DL 380 (Message Store) – 1 Nos • Storage (MSA 1000/MSA 2000) - Groupware & Chat • DL380 (Egroupware & Jabber) – 1 Nos - Load Balancer – 1 Nos
IndiMail The Flexible Messaging Platform Timelines – Messaging Server – 1 day installation + 4 weeks training – Groupware & chat - 6 weeks installation & configuration + 2 weeks training

Empfohlen

Linux Linux Traffic Control
Linux Linux Traffic ControlLinux Linux Traffic Control
Linux Linux Traffic Control
SUSE Labs Taipei
 
DataPower-MQ Integration Deep Dive
DataPower-MQ Integration Deep DiveDataPower-MQ Integration Deep Dive
DataPower-MQ Integration Deep Dive
Morag Hughson
 
WebSphere MQ tutorial
WebSphere MQ tutorialWebSphere MQ tutorial
WebSphere MQ tutorial
Joseph's WebSphere Library
 
RedHat - Centos Firewalld
RedHat - Centos FirewalldRedHat - Centos Firewalld
RedHat - Centos Firewalld
Manolis Kartsonakis
 
Real-Time Streaming Protocol -QOS
Real-Time Streaming Protocol -QOSReal-Time Streaming Protocol -QOS
Real-Time Streaming Protocol -QOS
Jayaprakash Nagaruru
 
Packet Framework - Cristian Dumitrescu
Packet Framework - Cristian DumitrescuPacket Framework - Cristian Dumitrescu
Packet Framework - Cristian Dumitrescu
harryvanhaaren
 
Tc basics
Tc basicsTc basics
Tc basics
jeromy fu
 
Lect9
Lect9Lect9
Lect9
Abdo sayed
 

Empfohlen

Linux Linux Traffic Control
Linux Linux Traffic ControlLinux Linux Traffic Control
Linux Linux Traffic Control
SUSE Labs Taipei
 
DataPower-MQ Integration Deep Dive
DataPower-MQ Integration Deep DiveDataPower-MQ Integration Deep Dive
DataPower-MQ Integration Deep Dive
Morag Hughson
 
WebSphere MQ tutorial
WebSphere MQ tutorialWebSphere MQ tutorial
WebSphere MQ tutorial
Joseph's WebSphere Library
 
RedHat - Centos Firewalld
RedHat - Centos FirewalldRedHat - Centos Firewalld
RedHat - Centos Firewalld
Manolis Kartsonakis
 
Real-Time Streaming Protocol -QOS
Real-Time Streaming Protocol -QOSReal-Time Streaming Protocol -QOS
Real-Time Streaming Protocol -QOS
Jayaprakash Nagaruru
 
Packet Framework - Cristian Dumitrescu
Packet Framework - Cristian DumitrescuPacket Framework - Cristian Dumitrescu
Packet Framework - Cristian Dumitrescu
harryvanhaaren
 
Tc basics
Tc basicsTc basics
Tc basics
jeromy fu
 
Lect9
Lect9Lect9
Lect9
Abdo sayed
 
Where is My Message?: Use MQ Tools to Work Out What Applications Have Done
Where is My Message?: Use MQ Tools to Work Out What Applications Have DoneWhere is My Message?: Use MQ Tools to Work Out What Applications Have Done
Where is My Message?: Use MQ Tools to Work Out What Applications Have Done
Morag Hughson
 
Tuning 17 march
Tuning 17 marchTuning 17 march
Tuning 17 march
Binan AL Halabi
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support
Hanoch Haim
 
Curl
CurlCurl
Curl
manasystest
 
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Netgate
 
MetaCloud Computing Environment
MetaCloud Computing EnvironmentMetaCloud Computing Environment
MetaCloud Computing Environment
ARCCN
 
Understanding DPDK algorithmics
Understanding DPDK algorithmicsUnderstanding DPDK algorithmics
Understanding DPDK algorithmics
Denys Haryachyy
 
Spy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platformSpy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platform
Redge Technologies
 
Ocgrr a new scheduling algorithm for differentiated services networks(synop...
Ocgrr a new scheduling algorithm for differentiated services networks(synop...Ocgrr a new scheduling algorithm for differentiated services networks(synop...
Ocgrr a new scheduling algorithm for differentiated services networks(synop...
Mumbai Academisc
 
Backup and Restore with pfSense 2.4 - pfSense Hangout August 2017
Backup and Restore with pfSense 2.4 - pfSense Hangout August 2017Backup and Restore with pfSense 2.4 - pfSense Hangout August 2017
Backup and Restore with pfSense 2.4 - pfSense Hangout August 2017
Netgate
 
Userspace Linux I/O
Userspace Linux I/O Userspace Linux I/O
Userspace Linux I/O
Garima Kapoor
 
He Pi Xii2003
He Pi Xii2003He Pi Xii2003
He Pi Xii2003
FNian
 
Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017
Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017
Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017
Netgate
 
Advanced OpenVPN Concepts on pfSense 2.4 & 2.3.3 - pfSense Hangout February 2017
Advanced OpenVPN Concepts on pfSense 2.4 & 2.3.3 - pfSense Hangout February 2017Advanced OpenVPN Concepts on pfSense 2.4 & 2.3.3 - pfSense Hangout February 2017
Advanced OpenVPN Concepts on pfSense 2.4 & 2.3.3 - pfSense Hangout February 2017
Netgate
 
12 ethernet-wifi
12 ethernet-wifi12 ethernet-wifi
12 ethernet-wifi
Olivier Bonaventure
 
patelchodu
patelchodupatelchodu
patelchodu
sammyy502
 
redGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solutionredGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solution
Redge Technologies
 
Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014
Netgate
 
Computer network (18)
Computer network (18)Computer network (18)
Computer network (18)
NYversity
 
100 M pps on PC.
100 M pps on PC.100 M pps on PC.
100 M pps on PC.
Redge Technologies
 
[@NaukriEngineering] Messaging Queues
[@NaukriEngineering] Messaging Queues[@NaukriEngineering] Messaging Queues
[@NaukriEngineering] Messaging Queues
Naukri.com
 
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOSBuilding a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Fernando Luiz Cola
 

Weitere ähnliche Inhalte

Was ist angesagt?

Ocgrr a new scheduling algorithm for differentiated services networks(synop...
Ocgrr a new scheduling algorithm for differentiated services networks(synop...Ocgrr a new scheduling algorithm for differentiated services networks(synop...
Ocgrr a new scheduling algorithm for differentiated services networks(synop...
Mumbai Academisc
 
Computer network (18)
Computer network (18)Computer network (18)
Computer network (18)
NYversity
 

Was ist angesagt? (20)

Where is My Message?: Use MQ Tools to Work Out What Applications Have Done
Where is My Message?: Use MQ Tools to Work Out What Applications Have DoneWhere is My Message?: Use MQ Tools to Work Out What Applications Have Done
Where is My Message?: Use MQ Tools to Work Out What Applications Have Done
 
Tuning 17 march
Tuning 17 marchTuning 17 march
Tuning 17 march
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support
 
Curl
CurlCurl
Curl
 
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
 
MetaCloud Computing Environment
MetaCloud Computing EnvironmentMetaCloud Computing Environment
MetaCloud Computing Environment
 
Understanding DPDK algorithmics
Understanding DPDK algorithmicsUnderstanding DPDK algorithmics
Understanding DPDK algorithmics
 
Spy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platformSpy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platform
 
Ocgrr a new scheduling algorithm for differentiated services networks(synop...
Ocgrr a new scheduling algorithm for differentiated services networks(synop...Ocgrr a new scheduling algorithm for differentiated services networks(synop...
Ocgrr a new scheduling algorithm for differentiated services networks(synop...
 
Backup and Restore with pfSense 2.4 - pfSense Hangout August 2017
Backup and Restore with pfSense 2.4 - pfSense Hangout August 2017Backup and Restore with pfSense 2.4 - pfSense Hangout August 2017
Backup and Restore with pfSense 2.4 - pfSense Hangout August 2017
 
Userspace Linux I/O
Userspace Linux I/O Userspace Linux I/O
Userspace Linux I/O
 
He Pi Xii2003
He Pi Xii2003He Pi Xii2003
He Pi Xii2003
 
Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017
Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017
Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017
 
Advanced OpenVPN Concepts on pfSense 2.4 & 2.3.3 - pfSense Hangout February 2017
Advanced OpenVPN Concepts on pfSense 2.4 & 2.3.3 - pfSense Hangout February 2017Advanced OpenVPN Concepts on pfSense 2.4 & 2.3.3 - pfSense Hangout February 2017
Advanced OpenVPN Concepts on pfSense 2.4 & 2.3.3 - pfSense Hangout February 2017
 
12 ethernet-wifi
12 ethernet-wifi12 ethernet-wifi
12 ethernet-wifi
 
patelchodu
patelchodupatelchodu
patelchodu
 
redGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solutionredGuardian DP100 large scale DDoS mitigation solution
redGuardian DP100 large scale DDoS mitigation solution
 
Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014Intro to Packet Analysis - pfSense Hangout May 2014
Intro to Packet Analysis - pfSense Hangout May 2014
 
Computer network (18)
Computer network (18)Computer network (18)
Computer network (18)
 
100 M pps on PC.
100 M pps on PC.100 M pps on PC.
100 M pps on PC.
 

Ähnlich wie IndiMail - The Flexible Messaging Platform

Building a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOSBuilding a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Fernando Luiz Cola
 
Fighting Spam With A Perimeter Mail System 20071108 Sasag
Fighting Spam With A Perimeter Mail System 20071108 SasagFighting Spam With A Perimeter Mail System 20071108 Sasag
Fighting Spam With A Perimeter Mail System 20071108 Sasag
garrett honeycutt
 
Slash n: Technical Session 2 - Messaging as a Platform - Shashwat Agarwal, V...
Slash n: Technical Session 2 - Messaging as a Platform - Shashwat Agarwal, V...Slash n: Technical Session 2 - Messaging as a Platform - Shashwat Agarwal, V...
Slash n: Technical Session 2 - Messaging as a Platform - Shashwat Agarwal, V...
slashn
 
17.) layer 3 (advanced tcp ip routing)
17.) layer 3 (advanced tcp ip routing)17.) layer 3 (advanced tcp ip routing)
17.) layer 3 (advanced tcp ip routing)
Jeff Green
 
SJTU Summary report
SJTU Summary reportSJTU Summary report
SJTU Summary report
Yves Chan
 

Ähnlich wie IndiMail - The Flexible Messaging Platform (20)

[@NaukriEngineering] Messaging Queues
[@NaukriEngineering] Messaging Queues[@NaukriEngineering] Messaging Queues
[@NaukriEngineering] Messaging Queues
 
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOSBuilding a QT based solution on a i.MX7 processor running Linux and FreeRTOS
Building a QT based solution on a i.MX7 processor running Linux and FreeRTOS
 
Ice
IceIce
Ice
 
Fighting Spam With A Perimeter Mail System 20071108 Sasag
Fighting Spam With A Perimeter Mail System 20071108 SasagFighting Spam With A Perimeter Mail System 20071108 Sasag
Fighting Spam With A Perimeter Mail System 20071108 Sasag
 
Slash n: Technical Session 2 - Messaging as a Platform - Shashwat Agarwal, V...
Slash n: Technical Session 2 - Messaging as a Platform - Shashwat Agarwal, V...Slash n: Technical Session 2 - Messaging as a Platform - Shashwat Agarwal, V...
Slash n: Technical Session 2 - Messaging as a Platform - Shashwat Agarwal, V...
 
Ejabberd Session
Ejabberd SessionEjabberd Session
Ejabberd Session
 
17.) layer 3 (advanced tcp ip routing)
17.) layer 3 (advanced tcp ip routing)17.) layer 3 (advanced tcp ip routing)
17.) layer 3 (advanced tcp ip routing)
 
IBM Spectrum Scale Networking Flow
IBM Spectrum Scale Networking FlowIBM Spectrum Scale Networking Flow
IBM Spectrum Scale Networking Flow
 
SJTU Summary report
SJTU Summary reportSJTU Summary report
SJTU Summary report
 
GrayLog for Java developers FOSDEM 2018
GrayLog for Java developers FOSDEM 2018GrayLog for Java developers FOSDEM 2018
GrayLog for Java developers FOSDEM 2018
 
IBM Spectrum Scale Network Flows
IBM Spectrum Scale Network FlowsIBM Spectrum Scale Network Flows
IBM Spectrum Scale Network Flows
 
Firewalld : A New Interface to Your Netfilter Stack
Firewalld : A New Interface to Your Netfilter StackFirewalld : A New Interface to Your Netfilter Stack
Firewalld : A New Interface to Your Netfilter Stack
 
MSMQ - Microsoft Message Queueing
MSMQ - Microsoft Message QueueingMSMQ - Microsoft Message Queueing
MSMQ - Microsoft Message Queueing
 
Lec21 22
Lec21 22Lec21 22
Lec21 22
 
Paper on RDMA enabled Cluster FileSystem at Intel Developer Forum
Paper on RDMA enabled Cluster FileSystem at Intel Developer ForumPaper on RDMA enabled Cluster FileSystem at Intel Developer Forum
Paper on RDMA enabled Cluster FileSystem at Intel Developer Forum
 
Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMP
 
Postfix
PostfixPostfix
Postfix
 
Enduro/X Middleware
Enduro/X MiddlewareEnduro/X Middleware
Enduro/X Middleware
 
Protocol Buffers
Protocol BuffersProtocol Buffers
Protocol Buffers
 
Multi-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation StrategiesMulti-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation Strategies
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

IndiMail - The Flexible Messaging Platform

  • 1. IndiMail The Flexible Messaging Platform Manvendra Bhangui
  • 2. IndiMail The Flexible Messaging Platform Strengths & Advantages Components Feature List Architecture Installation & Configuration Administration Maintenance Long-term Goals Support Hardware Requirements Questions
  • 3. IndiMail The Flexible Messaging Platform Strengths & Advantages –All parameters customizable through environment variables (around 200 parameters). –Customizable globally, locally, dynamically or specifically for a user or group of users. –Mail can be intercepted before injection, after queuing or before final delivery –Single instance multiple queues. Concurrency customizable –Horizontally scalable architecture. –Crash proof –Faster than qmail, postfix (the only two noteworthy competitors) –Full featured (SMTP, POP3, IMAP, SPAM Filter, Virus Scanning, SSL, Domainkeys, DKIM, BATV, etc) –Highlysecure. Can protect vulnerable messaging servers like MS Exchange by acting as frontend SMTP, IMAP and POP3 servers. –Open Standards – Compliant with most of the messaging RFCs –Open Source – Source code available (GNU GPL V3). –accesslist– control email exchanges between senders & recipients. Control exchanges between internet and users. (unique to indimail & satisfies corporate requirements) –High speed virus/spam filtering by using inline scanning.
  • 4. IndiMail The Flexible Messaging Platform Components  MTA -Based on qmail. Extensive changes to make it a modern MTA and achieve highest possible delivery speed.  IMAP/POP3 - Based on courier-imap. Changes made to support multiple open standards authentication modules (v4.10.x)  Virus Filter - clamAV with automatic signature updates using freshclam (v0.96.x)  SPAM Filter- Bogofilter – robinson fisher algorithm (v1.2.2)
  • 5. IndiMail The Flexible Messaging Platform Feature List – Speed ● Probably the fastest MTA. Multi-queue architecture allows 1.5 millions+ deliveries on a intel commodity hardware – Setup ● automatic adaptation to your UNIX variant ● Linux, SunOS, Solaris, and more ● automatic per-host configuration - gnu autoconf ● High degree of automation of configuration through svctool ● RPM packages for multiple Linux Distros.
  • 6. IndiMail The Flexible Messaging Platform Feature List (cont...) – Security ● clear separation between addresses, files, and programs ● minimization of setuid code (qmail-queue, qhspi, qscanq, systpass) ● minimization of root code (qmail-start, qmail-lspawn) ● five-way trust partitioning---security in depth ● optional logging of one-way hashes, entire contents, etc. (EXTRAQUEUE, mailarchive control file) ● virus scanning through qscanq, clamav. ● Extensible plugin feature for virus scanners ● Inbuilt virus scanner ● sender/recipient accesslist, hostaccess using tcprules
  • 7. IndiMail The Flexible Messaging Platform Feature List (cont…) – Message construction ● RFC 822, RFC 1123 ● full support for address groups ● automatic conversion of old-style address lists to RFC 822 format ● sendmail hook for compatibility with current user agents ● header line length limited only by memory ● host masquerading (control/defaulthost) ● user masquerading ($MAILUSER, $MAILHOST) ● automatic Mail-Followup-To creation ($QMAILMFTFILE) ● ability to add signature/content to messages using altermime ● Abuse report format (ARF) generator using qarf
  • 8. IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP ● RFC 2821, RFC 1123, RFC 1651, RFC 1652, RFC 1854, RFC 1870, RFC 1893 ● 8-bit clean ● 931/1413/ident/TAP callback ● relay control---stop unauthorized relaying by outsiders (control/rcpthosts) ● no interference between relay control and aliases ● automatic recognition of local IP addresses ● per-buffer timeouts ● hop counting * parallelism limit (tcpserver) ● per host limit (tcpserver - MAXPERIP)
  • 9. IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP (cont…) ● refusal of connections from known abusers (tcpserver, badmailfrom, badmailpatterns, badhelo, blackholedsender, blackholedpatterns, badhost, badip) ● goodrcptto, goodrcptpatterns which override the above ● blackholercpt, blackholercptpatterns for blackholing mails to specific senders. ● Control files spamignore, blackholedsender, badmailfrom, relaymailfrom, badrcptto, chkrcptdomains, goodrcptto, blackholercpt, badip can be specified in plain text, cdb format as well as stored in MySQL tables. ● relaying and message rewriting for authorized clients ● authenticated SMTP PLAIN, LOGIN, CRAM-MD5, CRAM-SHA1, CRAM- RIPEMD, DIGEST-MD5 HMAC (RFC 1321, RFC 2104, RFC 2554, RFC 2617)
  • 10. IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP (cont…) ● STARTLS extension, TLS ● Support for SMTPS ● POP/IMAP before SMTP ● ETRN (RFC 1985) ● ODMR (RFC 2645) ● RBL/ORBS support (rblsmtpd) ● DNSBL support using plugin ● SURBL (SURBL Blacklist) using surblfilter ● SPAM Control (Reject/Tag/Accept) using Bayesian techniques ● High Performance MS Virus Control via control file viruscheck and control file signatures ● Content Filtering and blocking of prohibited attachments via control file bodycheck
  • 11. IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP (cont…) ● Ability to reject/bounce mails for unknown/inactive users (CHECKRECIPIENT) ● ability to have the RECIPIENT check for selective domains using control file chkrcptdomains ● Antispoofing mode (turned on by environment variable ANTISPOOFING) ● Masquerading ability. ● Multiline greetings via control file smtpgreeting ● Message Submission Agent – MSA (RFC 2476) ● Domain IP address pair access control via control file hostaccess ● Per User accesslist via control file accesslist ● SPF – Sender Permitted From
  • 12. IndiMail The Flexible Messaging Platform Feature List (cont…) – SMTP (cont…) ● Per User control of environment variable by envrules (rules file set by environment variable FROMRULES) ● Greylisting[3] capability using qmail-greyd or greydaemon ● Bounce Address Tag Validation (BATV)[4] ● Notify recipient when message size exceeds databyte limits (by setting environment variable DATABYTES_NOTIFY) ● SMTP Plugins using external plugins in /var/indimail/plugins – Queue management ● instant handling of messages added to queue ● parallelism limit (control/concurrencyremote, control/concurrencylocal) ● split queue directory---no slowdown when queue gets big
  • 13. IndiMail The Flexible Messaging Platform Feature List (cont…) – Queue Management (cont…) ● quadratic retry schedule---old messages tried less often ● independent message retry schedules ● automatic safe queueing---no loss of mail if system crashes ● automatic per-recipient checkpointing ● automatic queue cleanups (qmail-clean) ● queue viewing (qmail-qread) ● detailed delivery statistics (qmailanalog) ● Ability to hold local, remote or both deliveries (holdlocal, holdremote control file) ● Qmail Queue Extra Header – Ability to pass extra headers to local and remote deliveries via qmail-queue (Environment variable QQEH).
  • 14. IndiMail The Flexible Messaging Platform Feature List (cont…) – Queue Management (cont…) ● Configurable number of queues and time slicing algorithm for load balancing via qmail-multi. A queue in indimail is configurable by three environment variables QUEUE_BASE, QUEUE_COUNT, and QUEUE_START. A queue in IndiMail is a collection of queues. Each queue in the collection can have one or more SMTP listener but a single or no delivery (qmail-send) process. It is possible to have the entire queue collection without a delivery process (e.g. SMTP on port 366 – ODMR). The QUEUE_COUNT can be defined based on how powerful your host is (IO bandwidth, etc). NOTE: This configurable number of queues is possibe with a single installation and does not require you to install multiple instances of qmail.
  • 15. IndiMail The Flexible Messaging Platform Feature List (cont…) – Queue Management (cont…) ● External Virus scanning via QHPSI – Qmail High Performance Scanner Interface ● Ability to extend QHPSI interface through plugins. The keyword plugin:shared_lib defined in the environment variable QHPSI denotes 'shared_lib' to be loaded. ● Virus scanner qscanq. Ability to detect virus via a third party scanner defined by SCANCMD environment variable (clamscan, clamdscan, etc) ● Blocking of prohibited filename extensions via qscanq program ● Domainkeys (qmail-dk) RFC 4870 * DKIM[5] with ADSP/SSP (qmail- dkim) RFC 4871
  • 16. IndiMail The Flexible Messaging Platform Feature List (cont…) – Queue Management (cont…) ● Set all header values listed in envheader control file as environment variables. ● Log all headers listed in control file logheaders to stderr. ● Remove all headers listed in control file removeheaders from email. ● Ability to do line processing instead of block processing. ● qmail-nullqueue – blackhole the mail silently. ● rule based mail archival using control file mailarchive (SOX, HIPAA compliance) ● Added additional recipients for a message using extraqueue or mailarchive control file. ● X-Originating-IP header to record the original IP from which the mail originates
  • 17. IndiMail The Flexible Messaging Platform Feature List (cont…) – Bounces ● QSBMF bounce messages---both machine-readable and human-readable ● HCMSSC support---language-independent RFC 1893 error codes ● double bounces sent to postmaster ● Ability to discard double bounces ● Ability to preserve MIME format when bouncing. ● Control of bounce process via envrules (rules file controlled by environment ● variable BOUNCERULES or control files bounce.envrules) ● limit size of bounce using control file bouncemaxbytes ● Ability to process bounces using external bounce processor (environment variable BOUNCEPROCESSOR)
  • 18. IndiMail The Flexible Messaging Platform Feature List (cont…) – Routing by domain ● any number of names for local host (control/locals) ● any number of virtual domains (control/virtualdomains) ● domain wildcards (control/virtualdomains) ● configurable percent hack support (control/percenthack) ● Clustered Domain. Same virtual domain can exist on multiple hosts, each having its own set of users. Provides Load Balancing and infinite scalability.
  • 19. IndiMail The Flexible Messaging Platform Feature List (cont…) – Remote SMTP delivery ● RFC 2821, RFC 974, RFC 1123, RFC 1870 ● 8-bit clean ● automatic downed host backoffs ● Configurable tcp timeouts for downed host backoffs. ● automatic switchover to next best MX ● artificial routing---smarthost, localnet, mailertable (control/smtproutes) ● Support for jumbo ISP (control/smtproutes.cdb) ● per-buffer timeouts ● passive SMTP queue---perfect for SLIP/PPP (serialmail) ● AutoTURN support (serialmail) ● Spam control (SPAMFILTER environment variable)
  • 20. IndiMail The Flexible Messaging Platform Feature List (cont…) – Remote SMTP delivery (cont…) ● Authenticated SMTP (userid/passwd in control/smtproutes) - PLAIN, LOGIN, CRAM-MD5, CRAM-SHA1, CRAM-RIPEMD, DIGEST-MD5 ● STARTTLS, TLS ● Static and Dynamic Routing. (SMTPROUTES environment variable) ● Environment variable control via envrules (rules file controlled by environment variable RCPTRULES) * QMAILREMOTE environment variable to run any executable/script instead of qmail-remote ● QMTP support, artificial routing using (control/qmtproutes) ● ONSUCCESS_REMOTE, ONFAILURE_REMOTE scripts run on successful or failed remote deliveries environment variables SMTPTEXT, SMTPCODE, ERRTEXT available for these scripts ● IP address binding on domain, sender address, recipient address and random selection from a pool of IP addresses
  • 21. IndiMail The Flexible Messaging Platform Feature List (cont…) – Local delivery ● user-controlled address hierarchy : fred controls fred-anything ● mbox delivery ● reliable NFS delivery (maildir) ● user-controlled program delivery: procmail etc. (qmail-command) ● optional new-mail notification (qbiff) ● detailed Delivered-To Headers ● optional NRUDT return receipts (qreceipt) ● autoresponder RFC 3834 compliance (provide Auto-Submitted, In-Reply-To, References fields (RFC 3834)) ● conditional filtering (condredirect, bouncesaying, vfilter)
  • 22. IndiMail The Flexible Messaging Platform Feature List (cont…) – Local delivery (cont…) ● Environment variable control via envrules (rules file controlled by environment variable RCPTRULES) ● Eliminate duplicate messages ● QMAILLOCAL environment variable to run any executable/script instead of qmail-local ● X-Forwarded-To, X-Forwarded-For headers – Other ● Unix Client Server Program Interface (UCSPI) through programs tcpserver and tcpclient ● Change concurrency of tcpserver without restart
  • 23. IndiMail The Flexible Messaging Platform Feature List (cont…) – Other ● TLS/SSL Support in tcpserver ● STARTTLS extension in IMAP, STLS extension in POP3 ● Ability to restrict connection per IP (MAXPERIP) ● run shutdown script if present on svc –d ● ability to log svscan output using multilog ● nssd Name Service Switch which allows extending of the system passwd database to IndiMail's database. ● pam-multi - Generic PAM module allows any external programs to authenticate against IndiMails database. ● multiple checkpassword modules sys-checkpwd, ldap-checkpwd, pam-checkpwd, vchkpass, systpass ● Proxy for IMAP/POP3 Protocol
  • 24. IndiMail The Flexible Messaging Platform Feature List (cont…) – Other ● inlookup – High Performance User Lookup Daemon. ● indisrvr – Indimail Administration Daemon. ● spawn-filter - Ability to add disclaimer, run multiple filters before local/remote delivery. ● Post Execution Handle - Allows functionality of indimail to be extended by writing simple scripts ● On the fly migration of users by defining MIGRATEUSER environment variable. ● ready to use QMQP service ● ability to distribute QMQP traffic across multiple servers ● sslerator - TLS/SSL protocol wrapper for non-tls aware applications
  • 25. IndiMail The Flexible Messaging Platform Feature List (cont…) – Other ● svctool – Configuration tool for IndiMail. ● adminclient protocol – Interface for external programs to administer IndiMail ● mrtg graphs for detailed statistics ● ability to specify commands in control files
  • 26. Internet IndiMail Architecture Internet mx.xxxx.com (25) imap.xxxx.com (110, 143) Load Balancer 1 mx.xxxx.com (25) SMTP imap.xxxx.com (110/143) Port 25 mail.xxxx.com (80) mail.xxxx.com (80) Incoming Incoming Incoming Webmail Webmail Webmail Proxy Proxy Proxy Relay Relay Relay imap/pop3 imap/pop3 imap/pop3 Inlookup Inlookup Inlookup inlookup inlookup inlookup Clamd Clamd Clamd bogofilter bogofilter bogofilter smtp.xxxx.com (25/587) MySQ SMTP Conn L ecti on (for authenticated My user Co SQ to submit their IMAP/POP3 nn L outgoing email) ec ti o n Online Replication MySQL MySQL SMTP Load Balancer 2 Host Control DB Host Control DB (Master) (Slave) MyS Outgoing Outgoing Con QL MySQL nec Connection Relay Relay tion Inlookup Inlookup clamd clamd SMTP Mailstore Mailstore Mailstore (delivery from imap/pop3/smtp imap/pop3/smtp imap/pop3/smtp mailstore) Inlookup Inlookup Inlookup vdelivermail vdelivermail vdelivermail Internet SMTP SMTP (for local qmail-remote domains) (external domain) MySQL MySQL MySQL
  • 33. Installation IndiMail – The Flexible Messaging Platform RPM for both 32 / 64 Bit – rpm -ivh rpm_filename – openSUSE • openSUSE 11.3 • openSUSE 11.2 • openSUSE 11.1 • SUSE Linux Enterprise 11 SP1 • SUSE Linux Enterprise 11 • SUSE Linux Enterprise 10 • OpenSUSE Factory – Red Hat • Fedora14 • Fedora13 • Fedora12 • RHEL6 • RHEL5 • Centos 5 – Mandriva Linux • Mandriva 2010.1 • Mandriva 2010 – Yum Repository – http://download.opensuse.org/repositories/home:/indimail/ – Copy repo file to /etc/yum.repos.d for hands-free installation/upgrade ● % sudo yum install indimail.x86_64 ● % sudo yum install indimail.i386
  • 34. IndiMail Configuration Flexible Messaging Platform The – svctool (service Tool) • SMTP, IMAP, POP3, ssl, fetchmail, certificates, verification of installation • Backups of data, configuration • Repair of Database, queue • Configuration for MySQL, Spamfilter, virus filter, qmail • Reports – GUI Iwebadmin, indium, shit, cindimai, osh • – Supervise for 100% uptime • Envdir • Logging
  • 35. IndiMail The Flexible Messaging Platform ● Administration ● Web Administration – iwebadmin ● ncurses GUI – Secure Host Interface – Configurable menu & commands ● Indium – TCL/TK GUI – Powerful & provides in-depth administration ● Operator Shell – osh – Bash like shell with restricted access to commands – Access to commands based on user roles ● cindimail – Small shell providing access to all indimail commands with tool tips
  • 36. IndiMail The Flexible Messaging Platform Maintenance – Backup of Configuration ● /var/indimail/control ● /var/indimail/etc ● /var/indimail/users ● /var/indimail/share – Mail Backup – Update of Clamav Software – Update of IndiMail (rpm, yum)
  • 37. IndiMail The Flexible Messaging Platform Long Term Goals ● To provide a modern technologically superior technology and solutions specifically related to Messaging Protocols (SMTP, IMAP, POP3) ● Provide a highly scalable, bug free, MSP class mailing solution using the Bazaar Model under GNU GPL V3 ● Provide configuration for any property that can potentially affect the behaviour of messaging (Install the software once). ● FHS 2.3 compliance ● Build a community and get shipped with Linux distros by default
  • 38. IndiMail The Flexible Messaging Platform Support ● indimail-support - You can subscribe for Support at ● https://lists.sourceforge.net/lists/listinfo/indimail-support. You can email indimail-support@lists.sourceforge.net for posting messages to this list. ● indimail-devel - You can subscribe at https://lists.sourceforge.net/lists/listinfo/indimail-devel ● indimail-announce - This is only meant for announcement of New Releases or patches. You can subscribe at http://groups.google.com/group/indimail. You can email indimail-devel@lists.sourceforge.net for posting messages to this list. ● Archive at Google - http://groups.google.com/group/indimail. This group acts as a remote archive. Any discussions posted here goes to indimail-support. ● There is also a Project Tracker for IndiMail (Bugs, Feature Requests, Patches, Support Requests) at http://sourceforge.net/tracker/?group_id=230686
  • 39. IndiMail The Flexible Messaging Platform Documentation – INSTALL, INSTALL-RPM – IndiMail Documentation – indimail.pdf – WIKI - http://en.wikipedia.org/wiki/User:Mbhangui/IndiMail – Frequently Answered Questions – FAQ.pdf – Man Pages - /var/indimail/man – All docs in /var/indimail/docs
  • 40. IndiMail The Flexible Messaging Platform Hardware Requirements (100,000 users) – Messaging Server • DL 360 (Relay Server) – 2 Nos • DL 380 (Message Store) – 1 Nos • Storage (MSA 1000/MSA 2000) - Groupware & Chat • DL380 (Egroupware & Jabber) – 1 Nos - Load Balancer – 1 Nos
  • 41. IndiMail The Flexible Messaging Platform Timelines – Messaging Server – 1 day installation + 4 weeks training – Groupware & chat - 6 weeks installation & configuration + 2 weeks training