Linux Network Administratoramp;#039;s Guide (3rd Edition) [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Linux Network Administratoramp;#039;s Guide (3rd Edition) [Electronic resources] - نسخه متنی

Tony Bautts, Terry Dawson, Gregor N. Purdy

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Section 9.5. More About Network Address Translation

Chapter 10. Important Network Features

Section 10.1. The inetd Super Server

Section 10.2. The tcpd Access Control Facility

Section 10.3. The xinetd Alternative

Section 10.4. The Services and Protocols Files

Section 10.5. Remote Procedure Call

Section 10.6. Configuring Remote Login and Execution

Chapter 11. Administration Issues with Electronic Mail

Section 11.1. What Is a Mail Message?

Section 11.2. How Is Mail Delivered?

Section 11.3. Email Addresses

Section 11.4. How Does Mail Routing Work?

Section 11.5. Mail Routing on the Internet

Chapter 12. sendmail

Section 12.1. Installing the sendmail Distribution

Section 12.2. sendmail Configuration Files

Section 12.3. sendmail.cf Configuration Language

Section 12.4. Creating a sendmail Configuration

Section 12.5. sendmail Databases

Section 12.6. Testing Your Configuration

Section 12.7. Running sendmail

Section 12.8. Tips and Tricks

Section 12.9. More Information

Chapter 13. Configuring IPv6 Networks

Section 13.1. The IPv4 Problem and Patchwork Solutions

Section 13.2. IPv6 as a Solution

Chapter 14. Configuring the Apache Web Server

Section 14.1. Apache HTTPD ServerAn Introduction

Section 14.2. Configuring and Building Apache

Section 14.3. Configuration File Options

Section 14.4. VirtualHost Configuration Options

Section 14.5. Apache and OpenSSL

Section 14.6. Troubleshooting

Chapter 15. IMAP

Section 15.1. IMAPAn Introduction

Section 15.2. Cyrus IMAP

Chapter 16. Samba

Section 16.1. SambaAn Introduction

Chapter 17. OpenLDAP

Section 17.1. Understanding LDAP

Section 17.2. Obtaining OpenLDAP

Chapter 18. Wireless Networking

Section 18.1. History

Section 18.2. The Standards

Section 18.3. 802.11b Security Concerns

Appendix A. Example Network: The Virtual Brewery

Section A.1. Connecting the Virtual Subsidiary Network

Colophon

Index

SYMBOL

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z
توضیحات
افزودن یادداشت جدید







12.6. Testing Your Configuration


Email is an
essential service. It is also a service that can be exploited by
intruders when it is misconfigured. It is very important that you
thoroughly test your configuration. Fortunately, sendmail provides a
relatively easy way of doing this.

sendmail supports an "address test"
mode that allows a full range of tests. In the following examples we
specify a destination mail address and a test to apply to that
address. sendmail then processes that destination address displaying
the output of each ruleset as it proceeds. To place sendmail into
address test mode, invoke it with the -bt
argument.

The default configuration file used for the address test mode is the
/etc/mail/sendmail.cf file. To specify an
alternate configuration file, use the -C argument.
This is important because you will test a new configuration before
moving it to /etc/mail/sendmail.cf. To test the
sample Linux sendmail configuration created earlier in this chapter,
use the following sendmail command:

# /usr/sbin/sendmail -bt -Cvstout.cf
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
>

The > prompt shown above indicates that
sendmail is ready to accept a test mode command. While in address
test mode, sendmail accepts a variety of commands that examine the
configuration, check settings, and observe how email addresses are
process by sendmail. Table 12-4 lists the commands
that are available in test mode.

Table 12-4. Sendmail test mode commands

Command


Usage


ruleset [,ruleset . . . ]
address


Process the address through the comma-separated list of rulesets.


=Sruleset


Display the contents of the ruleset.


=M


Display all of the mailer definitions.


$v


Display the value of macro v.


$=c


Display the values in class c.


.Dvvalue


Set the macro v to
value.


.Ccvalue


Add value to class
c.


-dvalue


Set the debug level to value.


/tryflags flags


Set the flags used for address processing by /TRy.


/try
mailer address


Process the address for the mailer.


/parse
address


Return the mailer/host/user delivery triple for the address.


/canon
hostname


Canonify hostname.


/mx
hostname


Lookup the MX
records for hostname.


/map
mapname key


Look up key in the database identified by
mapname.


/quit


Exit address test mode.

Several commands (=S, =M,
$v, and
$=c) display current
sendmail configuration values defined in the
sendmail.cf file, and the
/map command displays values set in the sendmail
database files. The -d command can be used to
change the amount of information displayed. A great many debug levels
can be set by -d, but only a few are useful to the
sendmail administrator. See a detailed sendmail reference for valid
debug values.

Two commands, .D and .C, are
used to set macro and class values in real time. Use these commands
to try alternate configuration settings before rebuilding the entire
configuration.

Two commands display the interaction between sendmail and DNS.
/canon displays the canonical name returned by DNS
for a given hostname. /mx shows the list of mail
exchangers returned by DNS for a given host.

Most of the remaining commands process an email address through
sendmail's rewrite rules. /parse
displays the processing of a delivery address and shows which mailer
is used to deliver mail sent to the address. /TRy
displays the processing of addresses for a specific mailer. (The
/tryflags command specifies whether the sender or
the recipient address should be processed by the
/try command.) Use the ruleset
address command to display the processing of an address
through any arbitrary list of rulesets that you wish to test.

First we'll test that sendmail is able to deliver
mail to local users on the system. In these tests we expect all
addresses to be rewritten to the local mailer on
this machine:

# /usr/sbin/sendmail -bt -Cvstout.cf
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> /parse issac
Cracked address = $g
Parsing envelope recipient address
canonify           input: issac
Canonify2          input: issac
Canonify2        returns: issac
canonify         returns: issac
parse              input: issac
Parse0             input: issac
Parse0           returns: issac
ParseLocal         input: issac
ParseLocal       returns: issac
Parse1             input: issac
Parse1           returns: $# local $: issac
parse            returns: $# local $: issac
2                  input: issac
2                returns: issac
EnvToL             input: issac
EnvToL           returns: issac
final              input: issac
final            returns: issac
mailer local, user issac

This output shows us how sendmail processes mail addressed to
isaac on this system. Each line shows us what
information has been supplied to a ruleset or the result obtained
from processing by a ruleset. We told sendmail that we wished to
parse the address for delivery. The last line shows us that the
system does indeed direct mail to isaac to the
local mailer.

Next we'll test mail
addressed to our SMTP address:
isaac@vstout.vbrew.com. We should be able to
produce the same end result as our last example:

> /parse isaac@vstout.vbrew.com
Cracked address = $g
Parsing envelope recipient address
canonify           input: isaac @ vstout . vbrew . com
Canonify2          input: isaac < @ vstout . vbrew . com >
Canonify2        returns: isaac < @ vstout . vbrew . com . >
canonify         returns: isaac < @ vstout . vbrew . com . >
parse              input: isaac < @ vstout . vbrew . com . >
Parse0             input: isaac < @ vstout . vbrew . com . >
Parse0           returns: isaac < @ vstout . vbrew . com . >
ParseLocal         input: isaac < @ vstout . vbrew . com . >
ParseLocal       returns: isaac < @ vstout . vbrew . com . >
Parse1             input: isaac < @ vstout . vbrew . com . >
Parse1           returns: $# local $: isaac
parse            returns: $# local $: isaac
2                  input: isaac
2                returns: isaac
EnvToL             input: isaac
EnvToL           returns: isaac
final              input: isaac
final            returns: isaac
mailer local, user isaac

Next we will test that mail addressed to other hosts in the
vbrew.com domain is delivered directly to that
host using SMTP mail:

> /parse issac@vale.vbrew.com
Cracked address = $g
Parsing envelope recipient address
canonify           input: issac @ vale . vbrew . com
Canonify2          input: issac < @ vale . vbrew . com >
Canonify2        returns: issac < @ vale . vbrew . com . >
canonify         returns: issac < @ vale . vbrew . com . >
parse              input: issac < @ vale . vbrew . com . >
Parse0             input: issac < @ vale . vbrew . com . >
Parse0           returns: issac < @ vale . vbrew . com . >
ParseLocal         input: issac < @ vale . vbrew . com . >
ParseLocal       returns: issac < @ vale . vbrew . com . >
Parse1             input: issac < @ vale . vbrew . com . >
MailerToTriple     input: < > issac < @ vale . vbrew . com . >
MailerToTriple   returns: issac < @ vale . vbrew . com . >
Parse1           returns: $# esmtp $@ vale . vbrew . com . $: issac < @ vale . vbrew . com . >
parse            returns: $# esmtp $@ vale . vbrew . com . $: issac < @ vale . vbrew . com . >
2                  input: issac < @ vale . vbrew . com . >
2                returns: issac < @ vale . vbrew . com . >
EnvToSMTP          input: issac < @ vale . vbrew . com . >
PseudoToReal       input: issac < @ vale . vbrew . com . >
PseudoToReal     returns: issac < @ vale . vbrew . com . >
MasqSMTP           input: issac < @ vale . vbrew . com . >
MasqSMTP         returns: issac < @ vale . vbrew . com . >
EnvToSMTP        returns: issac < @ vale . vbrew . com . >
final              input: issac < @ vale . vbrew . com . >
final            returns: issac @ vale . vbrew . com
mailer esmtp, host vale.vbrew.com., user issac@vale.vbrew.com

We
can see that this test has directed the message to the default SMTP
mailer (esmtp) to be sent to the host
vale.vbrew.com and the user
issac on that host.

Our final test checks the genericstable we
created for the vstout.cf configuration. We
check the mapping of the username alana for all
three people in the vbrew.com domain that have
this username. The following test shows how the
genericstable maps each variation of this name:

# sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> /tryflags HS
> /try esmtp alana@vpils.vbrew.com
Trying header sender address alana@vpils.vbrew.com for mailer esmtp
canonify           input: alana @ vpils . vbrew . com
Canonify2          input: alana < @ vpils . vbrew . com >
Canonify2        returns: alana < @ vpils . vbrew . com . >
canonify         returns: alana < @ vpils . vbrew . com . >
1                  input: alana < @ vpils . vbrew . com . >
1                returns: alana < @ vpils . vbrew . com . >
HdrFromSMTP        input: alana < @ vpils . vbrew . com . >
PseudoToReal       input: alana < @ vpils . vbrew . com . >
PseudoToReal     returns: alana < @ vpils . vbrew . com . >
MasqSMTP           input: alana < @ vpils . vbrew . com . >
MasqSMTP         returns: alana < @ vpils . vbrew . com . >
MasqHdr            input: alana < @ vpils . vbrew . com . >
canonify           input: alana . darling @ vbrew . com
Canonify2          input: alana . darling < @ vbrew . com >
Canonify2        returns: alana . darling < @ vbrew . com . >
canonify         returns: alana . darling < @ vbrew . com . >
MasqHdr          returns: alana . darling < @ vbrew . com . >
HdrFromSMTP      returns: alana . darling < @ vbrew . com . >
final              input: alana . darling < @ vbrew . com . >
final            returns: alana . darling @ vbrew . com
Rcode = 0, addr = alana.darling@vbrew.com
> /try esmtp alana@vale.vbrew.com
Trying header sender address alana@vale.vbrew.com for mailer esmtp
canonify           input: alana @ vale . vbrew . com
Canonify2          input: alana < @ vale . vbrew . com >
Canonify2        returns: alana < @ vale . vbrew . com . >
canonify         returns: alana < @ vale . vbrew . com . >
1                  input: alana < @ vale . vbrew . com . >
1                returns: alana < @ vale . vbrew . com . >
HdrFromSMTP        input: alana < @ vale . vbrew . com . >
PseudoToReal       input: alana < @ vale . vbrew . com . >
PseudoToReal     returns: alana < @ vale . vbrew . com . >
MasqSMTP           input: alana < @ vale . vbrew . com . >
MasqSMTP         returns: alana < @ vale . vbrew . com . >
MasqHdr            input: alana < @ vale . vbrew . com . >
canonify           input: alana . henson @ vbrew . com
Canonify2          input: alana . henson < @ vbrew . com >
Canonify2        returns: alana . henson < @ vbrew . com . >
canonify         returns: alana . henson < @ vbrew . com . >
MasqHdr          returns: alana . henson < @ vbrew . com . >
HdrFromSMTP      returns: alana . henson < @ vbrew . com . >
final              input: alana . henson < @ vbrew . com . >
final            returns: alana . henson @ vbrew . com
Rcode = 0, addr = alana.henson@vbrew.com
> /try esmtp alana@foobar.vbrew.com
Trying header sender address alana@foobar.vbrew.com for mailer esmtp
canonify           input: alana @ foobar . vbrew . com
Canonify2          input: alana < @ foobar . vbrew . com >
Canonify2        returns: alana < @ foobar . vbrew . com . >
canonify         returns: alana < @ foobar . vbrew . com . >
1                  input: alana < @ foobar . vbrew . com . >
1                returns: alana < @ foobar . vbrew . com . >
HdrFromSMTP        input: alana < @ foobar . vbrew . com . >
PseudoToReal       input: alana < @ foobar . vbrew . com . >
PseudoToReal     returns: alana < @ foobar . vbrew . com . >
MasqSMTP           input: alana < @ foobar . vbrew . com . >
MasqSMTP         returns: alana < @ foobar . vbrew . com . >
MasqHdr            input: alana < @ foobar . vbrew . com . >
canonify           input: alana . smiley @ vbrew . com
Canonify2          input: alana . smiley < @ vbrew . com >
Canonify2        returns: alana . smiley < @ vbrew . com . >
canonify         returns: alana . smiley < @ vbrew . com . >
MasqHdr          returns: alana . smiley < @ vbrew . com . >
HdrFromSMTP      returns: alana . smiley < @ vbrew . com . >
final              input: alana . smiley < @ vbrew . com . >
final            returns: alana . smiley @ vbrew . com
Rcode = 0, addr = alana.smiley@vbrew.com
> /quit

This test uses the
/tryflags command that allows us to specify
whether we want to process the header sender address
(HS), the header recipient address
(hr), the envelope sender address
(ES), or the envelope recipient address
(ER). In this case, we want to see how the header
sender address is rewritten. The /TRy command
allows us to specify which mailer the address should be rewritten for
and the address to be rewritten.

This test was also successful. The genericstable
tests work for Alana Darling, Alana Henson, and Alana
Smiley.


/ 121