→Sending a Mail Message from your vm2 Machine to your Seneca Email Account
==OVERVIEW & PREPARATION==
You may not be aware of it as an user, but email is a very <u>complex</u> system to administer. In fact, the more modern e-mail systems (eg. web-based mail applications, etc) are more technically involved than the other archaic, hard-to-configure, and sometimes inter-operable mail systems.
We are going to spread the remaining email labs over a few weeks, so that by the end of this topic, you will have a sufficient understanding of what services are involved in sending, filtering, and reading email. You will also have the skills to configure a basic mail setup using the default services provided for your Centos7 Linux distribution.
Believe it or not, this is
considered to be a simple diagram of how you can send an email to someone else:
This lab will show you how to set up a Mail User Agent ('''MUA'''), using the '''mailx''' package on your '''vm2''' machine to send and receive e-mails on your local VM. In this case, the '''Postfix''' package which represents your '''MTA''' is most likely already installed and running on your local VM. In addition to sending and receiving emails on your Local VM, you will also be able to send a text-based e-mail from your '''vm2 machine''' to your '''Seneca mail account'''. You will also learn how to make multiple MTAs in the same network collaborate in sending emails. In addition, you will learn where the message store (MS) is located that stores mail messages until they are viewed and either deleted or transferred to other folders.
* [http://www.simplehelp.net/2008/12/01/how-to-send-email-from-the-linux-command-line/ Mail Send Command] (examples how to send e-mail using mail command)
* [http://www.johnkerl.org/doc/mail-how-to.html#prompt_commands View and Manage Received e-mail Mesages] (Common commands to view and manage received email messages)
* [https://support.google.com/mail/answer/29436?hl=en Reading Full Email Headers] (Explanation of message header information)
* [http://wiki.dovecot.org/MailServerOverview Here's an overview] (common mail server terms)
==INVESTIGATION 1: INSTALL, SET-UP, AND USE THE MAIL USER AGENT ('''MUA''')==
We will be using a simple text-based '''Mail User Agent (MUA)''' called '''mailx''' in this lab to '''both send and receive''' mail messages within your vm2 machine and to '''only send''' mail messages to your Seneca e-mail account.
Due to the simplicity of this mail server setup and the lack of other DNS servers pointing to your network , and the setup of Seneca College's mail server, you '''<u>cannot</u>''' send Seneca e-mail messages to your '''vm2''' machine.
=== Installing the Mail User Agent (MUA)===
#Make certain you are in your '''vm2''' machine.
Issue the following command to install the '''mailx''' application (MUA) :<br>'''yum install mailx'''<br><br>
:'''NOTE:''' You can refer to the link below to acquaint yourself on how to send e-mail messages using '''mailx''' application:<br> [http://www.simplehelp.net/2008/12/01/how-to-send-email-from-the-linux-command-line/ Mail Send Command Examples]
===Sending a Mail Message from your vm2 Machine to your Seneca Email Account===
We will now test to see if your MTA for your vm2 machine is correctly running by sending email messages from your vm2 machine to your Seneca e-mail account.
#Make certain you are still in your '''vm2''' machine.
#Test email from your machine by sending an email to your '''Seneca email account''' using the following command:<br>'''mail -s "Lab4a - test1" <Your Seneca email address>'''<br><br>'''NOTE:''' after you type in the body of the mail message, move to an empty line,
type period "." and press the ENTER key to send the message.<br><br>#Check your Seneca email account to see if you got the email (note that it may take a <u>few minutes to arrive</u>, so you may also wish to try an alternate email account if you have one like gmail, etc). When you do receive that email, make a note of the return address.
#If you did not receive the mail, check the mail logs on your vm2 machine to determine any errors messages that would indicate a mail server setup problem.
#Once you have succeeded in sending the first email, send a second email to the same destination using the following command:<br>'''mail -r "hacker.com (Canadian Revenue Agency)" -s "Lab4a - test2" <Your Seneca email address>
#Check your email to see if you got the email. If you did, make a note of the return address. How would you think that including the '''-r''' option could be used by penetration hackers to gain access to a computer system? What sort of steps do you think should be taken to help prevent this type of attack from happening?
'''Perform the following Steps:'''
#Send an email message locally (i.e. only within
) your vm2 machine by issuing the command:<br>'''mail -s "Lab4a - Local - Test1" <yourSenecaID>'''
#After you type in the body of the mail message, move to an empty line, type period "." and press the ENTER key to send the message.
Issue the following command to read the mail message you send to yourself:<br>'''mail'''<br><br>'''NOTE:''' You can refer to the link below to view a reference chart on how to read and delete received e-mail messages at the mail command prompt:<br>[http://www.johnkerl.org/doc/mail-how-to.html#prompt_commands Commands to View and Manage Received e-mail Mesages]<br><br>
#Issue the following command: '''cat /var/spool/mail/<yourSenecaID>'''<br>What do you see? What does this show you in terms of where mail is stored on your e-mail server?
#If you received an e-mail message, the message and subject line should appear as a listing in your mail command.<br>If you did not receive a mail message, check your mail server settings, check to see if
you mail server is running and also check '''/var/log/maillog''' and '''/var/log/messages'''.
#Once you have received the message, type the mail message number that is displayed in your e-mail message list in the prompt and press ENTER. You should be able to confirm the message body that you sent.
#Exit the mail program by typing the letter '''q''' and press ENTER.
#Re-issue the '''mail''' command. What happened?
#Exit the mail command.
We will be using the '''Postfix''' application as the '''MTA''', and we will be setting it up on your '''vm2''' and '''vm3''' machines. They will act as the "sending" email servers for your internal network. You will be able to send email out of your network, and receive email from within your network, but you will '''<u>not</u>''' receive email from outside of your network due to the following reasons:
* Individuals outside of your domain will never find the MX records because there are no
'''.org''' servers pointing to your DNS server (i.e. you haven't paid for it).
* Even if the individuals could read your MX records, your local network is using IP addresses on a '''private subnet''', which is not routeable on the Internet, so it cannot be reached from outside of your system.
#The '''postfix''' application should be installed by default. If it isn't, install it.
#Postfix is capable of sending email with the default configuration, so start and enable this service, and verify that the postfix service is running.
#Look for the running postfix service in the list of listening ports by issuing the following command:<br><source
#Which service is postfix running? Locate the port used by SMTP, and look for connections with the state LISTEN (i.e. currently listening).
#Write your observations in your lab logbook.
=== Testing the connection to the Postfix Service ===
We will be demonstrating the use of the nc application to test that the postfix service is running and listening.
'''Perform the following steps:'''
# Connect from your '''vm2''' to itself using nc by issuing the following command:<br><source
lang="bash">nc localhost 25</source># You should see a response: <br><source lang="bash">220 vm2.yourdomain. org ESMTP Postfix</source>
# You could theoretically use SMTP commands to send an email here, but this would be a very unusual use of your mail server. You have an '''MUA''' for a reason.
#Enter the command '''QUIT''' to close the connection to the server, then '''<ctrl>-c''' to terminate the nc command.
::'''NOTE:''' If it worked, this indicates that the postfix service is running, listening, and responding to connections.
<ol><li value="4">Let's see if it works from other machines. Use nc to connect to vm2 from vm3 and see if it works. If your firewall is set up properly, the nc command should not permit a connection.</li><li>Create an iptables rule to allow incoming connections to your SMTP server.</li><li>Once you open the port in the firewall, retry the '''nc''' command. You should get a different error this time. This time the problem is that your service isn't listening on the outside interface, it's currently configured to listen only on the loopback (lo) interface.</li><li>
Add the iptables rule to your saved script so that it will be loaded automatically from now on.</li>
=== Listening on all interfaces ===
'''Perform the following steps:'''
Launch in editing session for the postfix configuration file called: '''/etc/postfix/main.cf'''# Change the value of the following parameter to what is displayed below: inet_interfaces = all
==INVESTIGATION 3: SENDING EMAIL BETWEEN MTAs (NO ENCRYPTION)==
Once that is complete, send an email from root on vm2 to root on vm3, and then reply from vm3 to vm2.
COMPLETING THE LAB== Upon completion of this lab you should have postfix mail servers running on two machines, and starting automatically when they do. These servers must have sent email both ways between each other (from vm2 to vm3, and from vm3 to vm2), and to your seneca email (or other external mail server).
::<span style="color:green;font-size:1.5em;">✓</span>Arrange proof that you can send e-mail from your '''vm2''' machine to your '''Seneca College e-mail account''', and than you can '''send and receive e-mail messages between on your vm2 and vm3 machines'''.
the labcheck4a.bash checking bash shell script by issuing the command:<br><br>''' wget http:// matrix. senecac.on.ca/~ peter. callaghan/files/ OPS335/labcheck4a.bash''' <br><br>set execute permission and run the shell script on your ''' c7host''' machine . ::*For '''Peter's classes''', follow his Online Submission instructions in Moodle. ::*For '''Murray's classes''', run command (piping to the '''more''' command) and show output to instructor.
::<span style="color:green;font-size:1.5em;">✓</span>Completed Lab4a log-book notes.