CT 320: Network and System Administration Fall 2014 * Dr. Indrajit Ray Department of Computer Science Colorado State University Fort Collins, CO 80528, USA * Thanks to Dr. James Walden, NKU and Russ Wakefield, CSU for contents of these slides

Topics Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall Anatomy of a Mail Message 2.Components of an System 3.SMTP 4.IMAP & POP 5. Addresses 6.Mail Policies

Internet System User Agents Mail Server sendmail, procmail etc. Mail Server User Agents Outlook, Eudora, Pine etc User Agents SMTP POP3 / SMTP IMAP / SMTP HTTP / SMTP Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Components of a Mail System Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 TA Sendmail TA Sendmail UA Eudora UA Outlook UA mutt DA mail.local Msg Store AA imapd UA mutt

Message Store Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Communication – Receives data from MDA (mail.local, procmail) – Provides data to MAA (IMAP, POP, NFS, web) Types of stores – Files (all messages for a user in one file) – Directories (directory per user) – Databases

Mail Access Agents Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Older systems directly accessed mail files. Modern systems use network – POP: Post Office Protocol Simple download protocol for offline reading. – IMAP: Internet Mail Access Protocol Online and offline modes of reading. Partial message fetch (headers, attachments, etc.) Message state stored on server, not client. Multiple mailbox and multiple client support.

IMAP Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 IMAP Servers – Cyrus – UW IMAP Features – Message store types – Authentication – Security (SSL)

Mail User Agents Text clients – mail – mutt – pine GUI clients – Eudora – Mozilla Thunderbird – MS Outlook Web clients – Run on remote web server. Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Mail Addressing Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Relative Addresses – mcvax!uunet!ucbvax!hao!boulder!air!evi Absolute Addresses – MX Records – Mail clients use MX records, not A records. – Lowest preference # = highest priority. – Permits failover if server down.

Aliases Allow mail to be rerouted. – Sysadmin: files (/etc/mail/aliases), local db, NIS, LDAP – Personal: ~/.forward Alias destinations – Local: address – Remote: – File: :include:pathname – Program: |pathname Required aliases – postmaster, abuse, root Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Header Header Format – Header-name: Header-data Common headers – From: – To:, CC:, Reply-To: – Date: – Message-ID: – Subject: Multiple headers – Received: for each mail server handling message. Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Body Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Separated from header by blank line. Contains 7-bit ASCII text by default. Any non-ASCII text must be encoded: – uuencode – MIME

Envelope Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Headers aren’t the full story – Recipient isn’t necessarily on To: or CC: – Sender isn’t necessarily given on From: header. Envelope specifies sender/receiver – Specified via SMTP commands. – Envelope recipient used for BCC: – Envelope recipient used by mail lists. – Envelope facilities used by spammers too.

MTAs Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Mail Transport Agents – Receive mail from MUAs. – Route mail across internet. MTA Protocol: SMTP MTA Examples – sendmail – postfix – qmail

Alice sends message to Bob Alice composes message Provides Bob’s address to her user-agent Alice’s mail server Bob’s mail server Alice’s user-agent uses SMTP client connection to push message to a SMTP server on Alice’s mail server Alice’s mail server queues up message for a suitable time to deliver Alice’s server creates a TCP based SMTP client connection to an SMTP server running on Bob’s mail server. Sends Alice’s to Bob’s mail server. Bob’s mail server queues up message to be picked up by Bob at a suitable time Bob uses his user-agent to retrieve message Bob’s user-agent uses a client POP3/IMAP/ HTTP connection to Bob’s mail server Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

header Every received message will have a header Header lines are added by entities ( tools, user-agents, servers) as they store and forward and messages The header lines are a series of text lines – Syntax Header-Name: Header-Value – If a line starts with a “tab” character or a “space” then that line is a continuation of previous header- value Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

(envelope) header Date: Wed, 16 Jun :34: From: Marta Oliva To: Dr. Indrajit Ray Subject: Re: Registration to the 18th Annual IFIP WG 11.3 WC on Data and Application Security, 2004 Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

header (full) Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Received: from mailr3.udl.es (mailr3.udl.es [ ]) by chico.cs.colostate.edu ( /8.12.9) with ESMTP id i5GAYmvN for ; Wed, 16 Jun :34: (MDT) Received: from eps.udl.es (fermat.udl.net [ ]) by mailr3.udl.es (8.11.6/8.11.6) with ESMTP id i5GAYga31371 for ; Wed, 16 Jun :34: Received: from eps.udl.es by eps.udl.es (8.8.8+Sun/SMI-SVR4) id MAA22736; Wed, 16 Jun :34: (MET DST) Message-ID: Date: Wed, 16 Jun :34: From: Marta Oliva User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/ Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Dr. Indrajit Ray" Subject: Re: Registration to the 18th Annual IFIP WG 11.3 WC on Data and Application Security, 2004 References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit

Displaying headers You can instruct most programs to display the full header – In Netscape: Select: View->Headers->All – In Outlook: Select: View->Options – In Pine: Type H. (Requires the enable-full-header- cmd feature.) – In WebMail: Click the Options button, then select "Show message headers in body of message" and click OK. Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Generation of headers (1) salieri.cs.colostate.educhico.cs.colostate.edumailhost.isse.gmu.edupinky.isse.gmu.edu From: (Alice The Great) To: Date: Fri, 18 Jun :22: (MDT) X-Mailer: Pine v2.32 Subject: Conference call today? Header generated by Alice’s user agent and handed off to chico.cs.colostate.edu Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Generation of headers (2) salieri.cs.colostate.educhico.cs.colostate.edumailhost.isse.gmu.edupinky.isse.gmu.edu Received: from salieri.cs.colostate.edu (salieri.cs.colostate.edu [ ] by chico.cs.colostate.edu ( /8.12.9) id i5IGMtv From: (Alice The Great) To: Date: Fri, 18 Jun :22: (MDT) Message-ID: X-Mailer: Pine v2.32 Subject: Conference call today? Header fields added by chico.cs.colostate.edu as it transmits the message to mailhost.isse.gmu.edu Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Generation of headers (3) Received: from chico.cs.colostate.edu (chico.cs.colostate.edu [ ]) by mailhost.isse.gmu.edu (8.8.5/8.7.2) with ESMTP id LAA20869 for ; Fri, 18 Jun :24: (EDT) Received: from salieri.cs.colostate.edu (salieri.cs.colostate.edu [ ] by chico.cs.colostate.edu ( /8.12.9) id i5IGMtv From: (Alice The Great) To: Date: Fri, 18 Jun :22: (MDT) Message-ID: X-Mailer: Pine v2.32 Subject: Conference call today? salieri.cs.colostate.educhico.cs.colostate.edumailhost.isse.gmu.edupinky.isse.gmu.edu Added by mailhost.isse.gmu.edu after it has received and finished processing the for Bob to pickup Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining headers The most important header field for tracking purposes is the Received header line(s) Syntax – Received: from ? by ? via ? with ? id ? for ? ; date-time – where from, by, via, with, id, and for are token with values within a single header value – Not all tokens will have values all the times Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining ‘Received’ header Tip – Break a single Received line into multiple lines Received: from chico.cs.colostate.edu (chico.cs.colostate.edu [ ]) by mailhost.isse.gmu.edu (8.8.5/8.7.2) with ESMTP id LAA20869 for ; Fri, 18 Jun :24: (EDT) Received: from chico.cs.colostate.edu (chico.cs.colostate.edu [ ]) by mailhost.isse.gmu.edu (8.8.5/8.7.2) with ESMTP id LAA20869 for ; Fri, 18 Jun :24: (EDT) Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining ‘Received’ header (2) For tracking purposes, we are interested in the from and by tokens in the Received header field – from name (dns-name [ip-address]) Received: from chico.cs.colostate.edu (chico.cs.colostate.edu [ ]) This piece of mail was received from a machine calling itself (name) chico.cs.colostate.edu which is really named (dns-name) chico.cs.colostate.edu and has the IP address ([ip-address]) Single most important piece of information for tracing Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining ‘Received’ headers (3) by mailhost.isse.gmu.edu (8.8.5/8.7.2) by receiving-host-name (software version number) The machine that received the was (receiving-host-name) mailhost.isse.gmu.edu It’s running a software with version (software version number) 8.8.5/8.7.2 by default the software is sendmail Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining ‘Received’ headers (4) with ESMTP ID LAA20869 with (protocol) ID (server-assigned-id) The machine that received the mail was running (protocol) ESMTP The machine assigned the identifier number (server-assigned-id) LAA20869 The system administrator needs to have this ID number to look up the message in the machine’s log files – no other use for this ID number Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining ‘Received’ headers (5) for ; for ( ); The was addressed to ( ) Note – This header is not related to the address provided in the To: header line date-time Fri, 18 Jun :24: (EDT) This mail transfer (from chico.cs.colostate.edu to mailhost.isse.gmu.edu) occurred on Friday, 18 June, 2004 at 12:24:24 Eastern Daylight Time which is 4 hours behind Greenwich Mean Time Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining Received headers (6) Every time an moves through a new mail transfer agent (a mail server or a mail relay), a new Received header line is added to the beginning of the headers list – This means that as we read the Received headers in an message from top to bottom, we are gradually moving closer to the machine/person that sent the . Received: from chico.cs.colostate.edu (chico.cs.colostate.edu [ ]) by mailhost.isse.gmu.edu (8.8.5/8.7.2) with ESMTP id LAA20869 for ; Fri, 18 Jun :24: (EDT) Received: from salieri.cs.colostate.edu (salieri.cs.colostate.edu [ ] by chico.cs.colostate.edu ( /8.12.9) id i5IGMtv From: (Alice The Great) To: Date: Fri, 18 Jun :22: (MDT) Message-ID: X-Mailer: Loris v2.32 Subject: Conference call today? closest to Bob one hop away Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining other portions of header From: (Alice The Great) – This mail was sent by who gives her real name as Alice The Great To: – The mail was addressed to Date: Fri, 18 Jun :22: (MDT) – The was composed on Friday 18 June 2004 at 10:22:55 Mountain Daylight Time which is 6 hours behind GMT Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining other portions of header Message-ID: – The was provided with this number by chico.cs.colostate.edu to identify it. This ID is different from the ESMTP / SMTP ID numbers in the Received: headers It is attached to the message for life Sometimes this ID may provide valuable clue, most of the time it is un-intelligible – information about sender’s address – information about the machine on which the was composed – program used to compose Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Examining other portions of header X-Mailer: Pine v2.32 – The message was sent using a program called Pine, version 2.32 Subject: Conference Call Today? – Subject matter for the Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 There can be many other header fields in the header, like Bcc, Cc etc. For the most part these do not contribute for tracing purposes. For complete list of header fields please see RFC 2076

Simple Mail Transfer Protocol (RFC 2821) Principal application layer protocol for Internet electronic mail. Runs over TCP (port 25) It is used to “push” messages from one mail server to another or from an user agent to a mail server Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Application Layer Physical Layer Network Layer TCPUDP Application Layer TCPUDP Network Layer Physical Layer SMTP

Transcript of SMTP connection between Alice’s mail server and Bob’s Client SMTP running on sending mail server host, establishes TCP connection on port 25 to server SMTP running on receiving server host. – TCP guarantees error-free delivery of message ASCII texts prefaced with C:/S: are exactly the lines the client/server send Client issued 5 commands. Server replied to each command with each reply accompanied by a reply- code Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 S: 220 mailhost.isse.gmu.edu ESMTP Sendmail 8.8.5/1.4/8.7.2/1.13; Fri, 18 Jun :24: (EDT) C: HELO mailhost.isse.gmu.edu S: 250 Hello chico.cs.colostate.edu, pleased to meet you C: MAIL FROM: S: 250 … Sender ok C: RCPT TO: S: 250 … Recipient ok C: DATA S: 354 Enter mail, end with “.” on a line by itself C: Received: from salieri.cs.colostate.edu (salieri.cs.colostate.edu [ ] by ……. C: …… C: Subject: Conference Call Today? C: Are we having the conference call today? C:. S: 250 LAA20869 Message accepted for delivery C: QUIT S: 221 hamburger.edu closing connection

SMTP Commands Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 HELO hostname EHLO hostname MAIL FROM: addr RCPT TO: addr VRFY addr EXPN addr DATA QUIT RSET HELP

Understanding SMTP commands HELO – Identifies the sending machine – The sender can lie Nothing, in principle, prevents chico.cs.colostate.edu from saying “HELO abc.freebie.com” Receiver can find out the sending machine’s real identity, using reverse DNS lookup, for example – Most modern servers do this Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Understanding SMTP commands MAIL FROM – Initiates processing – Address need not be the same as the sender’s own address – Turns into the from address in the Received header RCPT TO – Dual of MAIL FROM – Specifies the intended recipient (the one to which the will be delivered regardless of whatever is specified in the To: line in the message) – One mail can be sent to multiple recipients by including multiple RCPT TO command – Turns into the for address in the Received header Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Understanding SMTP commands DATA – Starts the actual mail entry. Everything following it is considered the message – No restrictions on its form – Lines at the beginning of the message that start with a single word followed by a colon is considered part of message header – Line consisting only of a period terminates the message QUIT – Terminates the SMTP connection Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

POP3 / IMAP / HTTP Protocols Used by reader programs to “pull” stored messages from the mail server to the recipient’s machine. – For the most part do not add anything extra to the header – May format the header Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Effect of firewalls on headers Introduces one extra “hop” in the 's passage. – Firewall acts as just one more machine that forwards – Adds Received: line for each extra hop Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 salieri.cs.colostate.edu chico.cs.colostate.edumailhost.isse.gmu.edu pinky.isse.gmu.edu firewall.cs.colostate.edufirewall.isse.gmu.edu

Effect of firewall on headers Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Received: from firewall.isse.gmu.edu (firewall.isse.gmu.edu [ ]) by mailhost.isse.gmu.edu (8.8.5/8.7.2) with ESMTP id LAA20869 for ; Fri, 18 Jun :24: (EDT) Received: from firewall.cs.colostate.edu (firewall.cs.colostate.edu [ ]) by firewall.isse.gmu.edu (8.8.3/8.7.1) with ESMTP id LAA20869 for ; Fri, 18 Jun :23: (EDT) Received: from chico.cs.colostate.edu (chico.cs.colostate.edu [ ]) by firewall.cs.colostate.edu ( /8.12.9) with ESMTP id i5IGMtv for ; Fri, 18 Jun :23: (MDT) Received: from salieri.cs.colostate.edu (salieri.cs.colostate.edu [ ] by chico.cs.colostate.edu ( /8.12.9) id i5IGMtv From: (Alice The Great) To: Date: Fri, 18 Jun :22: (MDT) Message-ID: X-Mailer: Pine v2.32 Subject: Conference call today?

Effect of firewall on headers Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Received: from firewall.openuniversity.edu (firewall.openuniversity.edu [ ]) by mailhost.openuniversity.edu (8.8.5/8.7.2) with ESMTP id LAA20987 for ; Fri, 18 Jun :26: (EDT) Received: from mailfilter.newsadhost.com (mailfilter.newsadhost.com [ ]) by firewall.openuniversity.edu (8.8.5/8.7.2) with ESMTP id LAA20869 for ; Fri, 18 Jun :24: (MDT) Received: from mail.newsadhost.com (mail.newsadhost.com [ ]) by mailfilter.newsadhost.com (8.8.3/8.7.1) with ESMTP id i5IGMtv for ; Fri, 18 Jun :23: (MDT) Received: from mailfilter.newsadhost.com (mailfilter.newsadhost.com [ ]) by mail.newsadhost.com ( /8.12.9) with ESMTP id i5IGMtv for ; Fri, 18 Jun :23: (MDT) Received: from (mail eak.fdj.bestadonline.com [ ] by mailfilter.newsadhost.com ( /8.12.9) with ESMTP id i5IGMtv From: Anonymous Spammer (Alice The Great) To: Date: Fri, 18 Jun :22: (MDT) Message-ID: X-Mailer: Pine v2.32 Subject: Want to make a lot of money?

relays SMTP allows messages to be relayed to other SMTP servers towards a destination – Historically this was the way SMTP was meant to be – Currently, only unethical spammers use SMTP relaying to conceal the source of their messages This way spammers hope to deflect complaints to the (innocent) relay site rather than the spammers’ own ISP Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

relays Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Received: from unwilling.intermediary.com (unwilling.intermediary.com [ ]) by mailhost.isse.gmu.edu (8.8.5/8.7.2) ID 004B32 for ; Fri, 18 Jun :39: (EDT) Received: from galangal.org ([ ]) by unwilling.intermediary.com (8.6.5/8.5.8) with SMTP ID LAA12741; Fri, 18 Jun :36: (EDT) From: Anonymous Spammer To: (recipient list suppressed) Message-Id: X-Mailer: Massive Annoyance Subject: WANT TO MAKE ALOT OF MONEY??? Message originated at galangal.org, was passed from there to unwilling.intermediary.com and from there to mailhost.isse.gmu.edu

How did that happen? (Most likely scenario) galangal.org simply connected to the port 25 at unwilling.intermediary.com Told unwilling.intermediary.com to send message to – RCPT TO: unwilling.intermediary.com handed off the to mailhost.isse.gmu.edu in the usual manner – One thing to note is that Message-ID: line was filled in not by the sending machine but by the relayer: Message-Id: » One way to confirm relayed mail Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Example of suspicious header HELO galangal.org 250 mailhost.isse.gmu.edu Hello turmeric.com [ ], pleased to meet you MAIL FROM: 250 Sender ok RCPT TO: 250 Recipient OK DATA 354 Enter mail, end with "." on a line by itself From: To: (your address suppressed for stealth mailing and annoyance). 250 OAA08757 Message accepted for delivery From Received: from galangal.org ([ ]) by mailhost.isse.gmu.edu (8.8.5) for... From: To: (your address suppressed for stealth mailing and annoyance) By reverse DNS lookup on IP address Mail server may not always provide dns-name Can rely on this IP address Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Things to be aware of Do not take any domain (host) name or user name or address in the header at their face values. – They can be easily forged by compromising the sending SMTP server Pay attention to the trail of ip-addresses in the from tokens – These are directly gathered by the receivers from IP packets The topmost IP address in the header is the IP address of the computer that last forwarded the . Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Things to be aware of False header information – Spammers may try to introduce fake Received: header lines in the message Introduced as part of data – Follow the trail through the Received: header fields and use common sense False IP Address – The IP address may have been that of an naïve relay not the actual sender Dynamic IP address – Sender’s machine may not have a fixed IP address – However mail server used by sender almost invariably has one – Solicit the help of the ISP who can trace back the sender from DHCP logs Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Mailing List Aliases – mylist: :include:/etc/mail/include/mylist – owner-mylist: mylist-request – mylist-request: me – owner-owner: postmaster Purpose – owner: Messages appear to be from owner. Receives bounces, list management mail. – request: Indirection ensures owner’s real address doesn’t appear on Return-Path. – owner-owner: Receives errors from messages destined for owner-* aliases. Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014

Mailing List Software Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Automate list management. – interface. – Web interface. Packages – Mailman – Majordomo – Listserv List Archiving – Mailman – MHonArc

Mail Policies Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall Privacy Policy 2.Namespaces 3.Reliability 4.Scaling 5.Security

Privacy Policy Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Personal Use Policy – Personal v. commercial use. – When may employee be read? By whom Under what circumstances – Automatic monitoring Retention Policy – Legal requirements.

Namespaces Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Avoid first.last format addresses. – There will be duplicates: John.Smith. – Use middle initials? – Append numbers? Create unique organization-wide namespace. – Use directory to lookup addresses.

Reliability Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Customers expect same reliability as power. – Failures generate many support calls. Reliability measures – Redundant servers. – Backup MX hosts. – RAID arrays. – Multiple NICs, power supplies, processors, etc.

Scalability Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Types of scability – To address growth in avg messages/day. – To address spikes in mail traffic. Number of messages grows – faster than linearly with number of users. – with time, even if user base is constant. – due to spam too. Size of messages grows – due to technology: more + larger attachments.

Security Dr. Indrajit Ray, Computer Science Department CT 320 – Network and Systems Administration, Fall 2014 Mail server as a target – Complexity of mail leads to vulnerabilities. – Mail is an asset attackers want to take. as a conduit – Brings viruses and trojans into organization. – Leaks confidential information outward. – ex (2005): Apple sues bloggers over releasing data about upcoming products. relaying Intercepting