How Mail Server Works :-

 The sender uses a Mail User Agent (MUA) to compose an email. An MUA, often referred to
as a mail client, is a program that allows a user to compose, send and receive email.
 The mail is sent to a Mail Transfer Agent (MTA) which is responsible for sending the email
to the receipient’s MTA. An MTA transfers mail messages between computers via the SMTP
protocol. Postfix, Sendmail, Exim and Qmail are examples of an MTA.
 The recipient’s MTA receives the email and passes it on to a Mail Delivery Agent (MDA). An
MDA manages the user’s mailbox and handles mails for delivery to the MUA using either the
POP or IMAP protocol.
 POP (Post Office Protocol) -: Although most mail clients have an option to Leave a copy on
the server, POP is generally used to download all messages from the mailbox, store them
on the user’s PC as new messages and delete them from the server.
 IMAP (Internet Message Access Protocol) -: Allows users to view their mailboxes on the
server and to delete mail only when told to do so.
 The recipient uses an MUA to check and retrieve messages from the MDA.

Mbox and Maildir are two common mailbox format used in Unix:-
Mbox vs Maildir: Mail Storage Formats -:The Mbox Format -: This is the
traditional way of storing mail messages in the Unix world. In this format, a regular text file which
serves as the mail user’s mailbox file is created.
How Mbox works -:

Receiving and storing a mail -:

 Lock the mailbox.
 Append the header (usually “From [sender's email address] [date and time received]“) and the
mail into the mailbox file.
 Unlock the mailbox.

Retrieving a mail -:
 Lock the mailbox.
 Locate and read the mail.
 Update the mail status flag.
 Unlock the mailbox.

Deleting a mail -:
 Lock the mailbox.
 Move the contents of the mailbox, beginning from the position right after the mail to be deleted
until the end of the mailbox, into the position of the mail to be deleted.
 Reduce the size of the mailbox file by the size of the deleted mail.
 Unlock the mailbox.

Searching a mail -:
 Lock the mailbox.
 Search the mailbox.
 Unlock the mailbox.
Advantages -:
 Format is universally supported.
 Appending a new mail into the mailbox file is fast.
 Searching text inside a single mailbox file is fast.

Disadvantages -:
 Has file locking problems.
 Has problems when used with network file systems.
 Format is prone to corruption.
The Maildir Format -:
This is a new way of storing mail messages. In this format, a directory usually named Maildir is
created for each mail user. Under this directory are three more directories named new, cur and tmp
How Maildir works -:

Receiving and storing a mail -:

 Create a unique file in the tmp directory.
 Write the mail into the newly created file.
 Move the completely written mail into the new directory.

Retrieving a mail -:
 Locate and read the mail.
 Move the mail from new into the cur directory and append the mail status flag into the
filename.

Deleting a mail -:
 Delete the file containing the mail.

Searching a mail -:
 Search each and every mail file.

Advantages -:
 Locating, retrieving and deleting a specific mail is fast.
 Minimal to no file locking needed.
 Can be used on network file system.
 Immune to mailbox corruption (assuming the hardware will not fail).

Disadvantages -:
 Some filesystems may not efficiently handle a large number of small files.
  Searching text, which requires all mail files to be opened is slow.
Why Use a Linux Mail Server -:
 Supports POP3, IMAP and Web mail access. These are standard services that ideally should be
available in any mail system for flexible email access.
 Is extremely fast, reliable and scalable. Linux performs well and its uptime is very, very good.
 Does not require expensive hardware. Thanks to its fast and efficient services, expensive high
end hardware is not necessary.
 Is very secured. The Linux operating system is very difficult to exploit. The National Security
Agency even contributed to allow Linux to support even stronger levels of security.
 Has a powerful anti-spam filter. SpamAssassin uses a wide variety of local and network tests to
identify spam signatures.
 Has an effective and regularly updated anti-virus. The open source nature of Clam Antivirus
allows it to respond to new viruses even faster than commercial antivirus softwares.
 Has small to zero (as in free) software cost depending on your support needs. Depending on
your support needs, you have the option of using a community supported Linux or a company
supported one.
 Works with Microsoft Active Directory. You can integrate Microsoft Active Directory user
accounts and distribution list into your Linux mail server to simplify administration.
Mail Server Internet Deployment Checklist -:
Before deploying your new mail server on the internet, make sure you have checked the list below.
This will ensure that your mail server will have a good sending reputation (trusted) and will not be
ignored and treated as a spammer.

Your IP addresses are not blacklisted -: Even a newly setup mail server could already be
blacklisted. Some of the reasons are:
 For those using a dedicated server, the IP address given to you might have been used by a
spammer in the past.
 For those using a shared server, a fellow user might have sent a spam mail.
 For those using NAT to share internet connection, one of your users might have sent a spam
mail due to virus infection.
Your mail server has an MX record -: An MX record or Mail exchanger record is a type of record
in the Domain Name System (DNS) specifying how Internet e-mail should be routed using the Simple
Mail Transfer Protocol (SMTP). Contact your DNS provider to add an MX record for your new mail
server. To check if your mail server has an MX record, use http://www.dnscolos.com.
Your mail server greeting matches your hostname-: To test your mail server greeting, use
http://www.dnscolos.com. If your mail server has multiple IP addresses, see Postfix Multiple IP
Addresses Individual SMTP Greeting for a guide on how to fix this issue.
Your mail server is not open relay -:
An open relay mail server allows anyone to send mail outside your network. This means any Tom,
Dick and Harry can use your mail server to send spam.
Your mail server has a reverse DNS -: A reverse DNS returns the hostname given the IP address.
Most mail servers will check if you have a valid reverse DNS, otherwise your sending reputation will
be downgraded. Contact your internet service provider to add reverse DNS entries for your mail server
IP addresses.

Create a SPF DNS record if possible -: Sender Policy Framework (SPF) allows software to identify
messages that are or are not authorized to use the domain name based on information published in a
sender policy of the domain owner. Not all DNS provider supports SPF so choosing a DNS provider
that can do this is a plus.

Q. Can you explain /etc/passwd file format for Linux and UNIX operating systems?
A. /etc/passwd file stores essential information, which is required during login i.e. user account
information. /etc/passwd is a text file, that contains a list of the system’s accounts, giving for each
account some useful information like user ID, group ID, [...]

Q. Can you explain /etc/passwd file format for Linux and UNIX operating systems?

A. /etc/passwd file stores essential information, which is required during login i.e. user account
information. /etc/passwd is a text file, that contains a list of the system’s accounts, giving for each
account some useful information like user ID, group ID, home directory, shell, etc. It should have
general read permission as many utilities, like ls use it to map user IDs to user names, but write access
only for the superuser (root).

Understanding fields in /etc/passwd

The /etc/passwd contains one entry per line for each user (or user account) of the system. All fields are
separated by a colon (:) symbol. Total seven fields as follows.

Root: x: 0 : 0 : root: /root: /bin/bash

Quote:
Username: (Root) -:It is used when user logs in. It should be between 1 and 32 characters in length.
Password:(x) -: An x character indicates that encrypted password is stored in /etc/shadow file.
User ID (UID): (0) -: Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root
and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by
system for administrative and system accounts/groups.
Group ID (GID): (0) :- The primary group ID (stored in /etc/group file)
User ID Info: (root) -: The comment field. It allow you to add extra information about the users
such as user’s full name, phone number etc. This field use by finger command.
Home directory: (/root) -: The absolute path to the directory the user will be in when they log in. If
this directory does not exists then users directory becomes /
Command/shell: (/bin/bash) -: The absolute path of a command or shell (/bin/bash). Typically, this
is a shell. Please note that it does not have to be a shell.

The permission on the /etc/passwd file should be read only to users (-rw-r–r–) and the owner must be
root:
Q:- Can you explain /etc/shadow file used under Linux or UNIX?

A. /etc/shadow file stores actual password in encrypted format for user’s account with additional
properties related to user password i.e. it stores secure user account information. All fields are
separated by a colon symbol. It contains one entry per line for each user listed in /etc/passwd file.
For Example:-
root:$1$heLNU7cb$yLf9xPG/8o5LCmqpE.fVG0:14638:0:99999:7:::

Quote:
1. User name : (root) -: It is your login name
2. Password: ( $1$heLNU7cb$yLf9xPG/8o5LCmqpE.fVG0) -: It your encrypted password. The
password should be minimum 6-8 characters long including special characters/digits
3. Last password change (lastchanged): (14638 ) -: Days since Jan 1, 1970 that password was last
changed
4. Minimum: (0) -: The minimum number of days required between password changes i.e. the
number of days left before the user is allowed to change his/her password
5. Maximum: (99999) -: The maximum number of days the password is valid (after that user is
forced to change his/her password)
6. Warn : (7) :- The number of days before password is to expire that user is warned that his/her
password must be changed
Note -------- In above example in only 6 field in show. Two next field in describe 7 & 8 option.
7. Inactive : The number of days after password expires that account is disabled
8. Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the
login may no longer be used
The last 6 fields provides password aging and account lockout features (you need to use chage
command to setup password aging). According to man page of shadow – the password field must be
filled. The encrypted password consists of 13 to 24 characters from the 64 character alphabet a through
z, A through Z, 0 through 9, \. and /. Optionally it can start with a “$” character. This means the
encrypted password was generated using another (not DES) algorithm. For example if it starts with
“$1$” it means the MD5-based algorithm was used.
/etc/group -:
/etc/group is a file that defines the groups to which users belong. In Linux multiple users can be
categorized into groups. Linux file system permissions are organized into three classes, user, group,
and others. The use of groups allows additional abilities to be delegated in an organized fashion, such
as access to disks, printers, and other peripherals.
It stores group information or defines the user groups i.e. it defines the groups to which users belong.
There is one entry per line, and each line has the format (all fields are separated by a colon (:)
ccache:x:497:
group_name: (ccache ) -: It is the name of group. If you run ls -l command, you will see this name
printed in the group field.
Password: (x) -: Generally password is not used, hence it is empty/blank. It can store encrypted
password. This is useful to implement privileged groups.
Group ID (GID): (497) -: Each user must be assigned a group ID. You can see this number in your
/etc/passwd file.
Group List: It is a list of user names of users who are members of the group. The user names, must be
separated by commas.
Q-: What is umask and how is it determined on a Linux system?
A-: The user file-creation mode mask (umask) is use to determine the file permission for newly created
files. It can be used to control the default file permission for new files. It is a four-digit octal number .
Procedure to setup default umask:-
You can setup umask in /etc/bashrc or /etc/profile file for all users. By default most Linux distro set it
to 0022 (022) or 0002 (002).
vi /etc/profile or vi ~/.bashrc
Append/modify following line to setup a new umask:
umask 022
Save and close the file. Changes will take effect after next login.

Q-: But what is 0022 and 0002?

A-: The default umask 0002 used for normal user. With this mask default directory permissions are 775
and default file permissions are 664.
The default umask for the root user is 0022 result into default directory permissions are 755 and default
file permissions are 644.
For directories, the base permissions are (rwxrwxrwx) 0777 and for files they are 0666 (rw-rw-rw).
To calculate file permission for 022 (root user):
Default Permissions: 777
Subtract umask value: 022 (-)
Allowed Permissions: 755
To calculate directory permission for 022 umaks (root user):
Default Permissions: 666
Subtract umask value: 022 (-)
Allowed Permissions: 644
Meaning in chmod command in linux :-
chmod 400 file To protect a file against accidental overwriting.
chmod 500 directory To protect yourself from accidentally removing, renaming or moving files
from this directory.
chmod 600 file A private file only changeable by the user who entered this command.
chmod 644 file A publicly readable file that can only be changed by the issuing user.
chmod 660 file Users belonging to your group can change this file, others don't have any access to it at
all.
chmod 700 file Protects a file against any access from other users, while the issuing user still has full
access.
chmod 755 directory For files that should be readable and executable by others, but only changeable
by the issuing user.
chmod 775 file Standard file sharing mode for a group.
chmod 777 file Everybody can do everything to this file.
Q. PC boot & Linux Booting Sequence process in LINUX?
 BIOS: The Basic Input/Output System is the lowest level interface between the computer and
peripherals.
 The BIOS performs integrity checks on memory and seeks instructions on the Master Boor
Record (MBR) on the floppy drive or hard drive.
 The MBR points to the boot loader (GRUB or LILO: Linux boot loader).
 Boot loader (GRUB or LILO) will then ask for the OS label which will identify which kernel to
run and where it is located (hard drive and partition specified). The installation process requires
to creation/identification of partitions and where to install the OS. GRUB/LILO are also
configured during this process. The boot loader then loads the Linux operating system.
 See the YoLinux tutorial on creating a boot disk for more information on GRUB and LILO
and also to learn how to put the MBR and boot loader on a floppy for system recovery.
 The first thing the kernel does is to execute init program. Init is the root/parent of all
processes executing on Linux.
 The first processes that init starts is a script /etc/rc.d/rc.sysinit.
 Based on the appropriate run-level, scripts are executed to
start various processes to run the system and make it
functional.
The Linux Init Processes:
 Run /sbin/initlog
 Run devfs to generate/manage system devices
 Run network scripts: /etc/sysconfig/network
 Start graphical boot (If so configured): rhgb
 Start console terminals, load keymap, system fonts and print console greeting: mingetty,
setsysfonts. The various virtual console sessions can be viewed with the key-stroke: ctrl-alt-F1
through F6. F7 is reserved for the GUI screen invoked in run level 5.
 Mount /proc and start device controllers.
 Done with boot configuration for root drive. (initrd) Unmount root drive.
 Re-mount root file system as read/write
 Direct kernel to load kernel parameters and modules: sysctl, depmod, modprobe
 Set up clock: /etc/sysconfig/clock
 Perform disk operations based on fsck configuration
 Check/mount/check/enable quotas non-root file systems: fsck, mount, quotacheck, quotaon
 Initialize logical volume management: vgscan, /etc/lvmtab
  Activate syslog, write to log files: dmesg
 Configure sound: sndconfig
 Activate PAM
 Activate swapping: swapon
 Local system boot processes can be placed in file: /etc/rc.d/rc.local
 The system will then boot to the runlevel set by the directive initdefault.
Define IDE Drive & Serial ATA Drive
IDE Drives :- To save costs, many small business systems will probably use IDE disks, but
they do have some limitations.
 The total length of an IDE cable can be only a few feet long, which generally limits IDE drives
to small home systems.
 IDE drives do not hot swap. You cannot replace them while your system is running.
 Only two devices can be attached per controller.
 The performance of the IDE bus can be degraded by the presence of a second device on the
cable.
 The failure of one drive on an IDE bus often causes the malfunctioning of the second device.
This can be fatal if you have two IDE drives of the same RAID set attached to the same cable.
Serial ATA Drives:- Serial ATA type drives are rapidly replacing IDE, or Ultra ATA,
drives as the preferred entry level disk storage option because of a number of advantages:
 The drive data cable can be as long as 1 meter in length versus IDE's 18 inches.
 Serial ATA has better error checking than IDE.
 There is only one drive per cable which makes hot swapping, or the capability to replace
components while the system is still running, possible without the fear of affecting other
devices on the data cable.
 There are no jumpers to set on Serial ATA drives to make it a master or slave which makes
them simpler to configure.
 IDE drives have a 133Mbytes/s data rate whereas the Serial ATA specification starts at 150
Mbytes/sec with a goal of reaching 600 Mbytes/s over the expected ten year life of the
specification.

 SCSI Drives:- SCSI hard disks have a number of features that make them more attractive
for RAID use than either IDE or Serial ATA drives.
 SCSI controllers are more tolerant of disk failures. The failure of a single drive is less likely to
disrupt the remaining drives on the bus.
 SCSI cables can be up to 25 meters long, making them suitable for data center applications.
 Much more than two devices may be connected to a SCSI cable bus. It can accommodate 7
(single-ended SCSI) or 15 (all other SCSI types) devices.
 Some models of SCSI devices support "hot swapping" which allows you to replace them while
 the system is running.
 SCSI currently supports data rates of up to 640 Mbytes/s making them highly desirable for
installations where rapid data access is imperative.

What is RAID?
 RAID is a method in which information is spread across several disks, using techniques such as
disk striping (RAID Level 0) and disk mirroring (RAID level 1) to achieve redundancy, lower
latency and/or higher bandwidth for reading and/or writing to disks, and maximize
recoverability from hard-disk crashes.

Who Should Use RAID?

 Those of you who need to keep large quantities of data on hand (such as an average
administrator) would benefit by using RAID technology. Primary reasons to use RAID include:
 enhanced speed
 increased storage capacity
 greater efficiency in recovering from a disk failure

RAID: Hardware vs. Software

Hardware RAID
 The hardware-based system manages the RAID subsystem independently from the host and
presents to the host only a single disk per RAID array.
 An example of a hardware RAID device would be one that connects to a SCSI controller and
presents the RAID arrays as a single SCSI drive. An external RAID system moves all RAID
handling "intelligence" into a controller located in the external disk subsystem. The whole
subsystem is connected to the host via a normal SCSI controller and appears to the host as a
single disk.
 RAID controllers also come in the form of cards that act like a SCSI controller to the operating
system, but handle all of the actual drive communications themselves. In these cases, you plug
the drives into the RAID controller just like you would a SCSI controller, but then you add
them to the RAID controller's configuration, and the operating system never knows the
difference.

Software RAID:-
 Software RAID implements the various RAID levels in the kernel disk (block device) code. It
also offers the cheapest possible solution: Expensive disk controller cards or hot-swap chassis
[1] are not required, and software RAID works with cheaper IDE disks as well as SCSI disks.
With today's fast CPUs, software RAID performance can excel against hardware RAID.
 The MD driver in the Linux kernel is an example of a RAID solution that is completely
hardware independent. The performance of a software-based array is dependent on the server
CPU performance and load.
