Email: Difference between revisions

← Older edit

Email (view source)

Revision as of 17:57, 7 April 2022

806 bytes added , 7 April 2022

→‎Logging

Anonymous user

imported>Sjwhitak

Revision as of 21:16, 28 March 2022 (view source) imported>Sjwhitak (Missed word) ← Older edit		Latest revision as of 17:57, 7 April 2022 (view source) imported>Sjwhitak (→‎Logging)
(4 intermediate revisions by the same user not shown)
This is honestly an academic exercise because almost everyone uses Google's IMAP servers or other big ones, and anyone who doesn't are probably spammers. So, you have to try really, really hard and put a lot of settings up to not act like a spammer. A spammer can do these exact same things, too, which means you'll need to try really hard to gain reputation and manually remove yourself from blacklists until you've put in so much effort that people have to assume you <em>aren't</em> a spammer. <em>Then</em>, if you get compromised and a spammer gains access to your mail server, you have to go through all of this all over again! == Own server == Name: <code>example.com</code>, Value: <code>v=spf1 ip4:141.219.188.20 -all</code> Name: <code>default._domainkey.example.com</code>, Value: <code>v=DKIM1; h=sha256; k=rsa; p=<your generated public key></code> ** Name: <code>_dmarc.~~horatio~~example.uscom</code>, Value: <code>v=DMARC1;p=quarantine;</code> These DNS records are required to prevent spammers from spoofing your email. It's quite simple to spoof your email, simply set the "From" header to whatever you want, and so you could just use <code>From: steven@example.com</code> to a bunch of people. The <code>spf1</code> DNS record says that if an email sent outside of the IP <code>141.219.188.20</code>, then they'll assume someone else was trying to spoof your email. With no <code>spf1</code> record, there's no way to know if this email is spoofed or not, so your domain will not be trustworthy. If someone actually <em>does</em> try to use your email, it'll be quarantined following your <code>DMARC1</code> value. Finally, if someone spoofs your IP somehow, they will also require your private key to compare with your <code>DKIM1</code> public key shown in the third <code>TXT</code> record. Finally, you'll need to set your <code>rDNS</code> record on your server yourself. I don't know how to do this on a server you own, but if you're using a VPS, you set this rDNS value on your server, not the domain. <code>rDNS</code> is a lookup parameter so someone requesting your IP (<code>dig -x 141.219.188.20</code>), it'll respond with the mail server domain name. For postfix, you need to run these commands in your shell: {{RootCmd\|postfix stop}} {{RootCmd\|postconf maillog_file==/var/log/postfix.log}} {{RootCmd\|postfix start}} === ~~Spam~~Ports ===▼ The IMAP server (dovecot) uses port <code>143</code> for <code>STARTTLS</code>. The IMAP server (dovecot) uses port <code>993</code> for <code>SSL/TLS</code>. ▲=== Spam === This configuration uses "Normal password" for the authentication method since Dovecot uses PAM as the login. The SMTP server (postfix) uses port <code>587</code> for <code>STARTTLS</code>. The SMTP server (postfix) uses port <code>465</code> for <code>SSL/TLS</code>. I was only able to get <code>SSL/TLS</code> working for the IMAP server. The SMTP server needed to use <code>STARTTLS</code>. == Spam == Spam is a big issue with email and it's "fixed" by blocking literally everything (Google's policy) if the IP isn't positively trustworthy. If it's slightly trustworthy, the email is simply sent directly to spam rather than being completely blocked.