docs/diploma: thesis/tex/4-MasqmailsFuture.tex comparison

comparison thesis/tex/4-MasqmailsFuture.tex @ 161:18b7b517e2dd

wrote about discussion on architecture

author	meillo@marmaro.de
date	Wed, 17 Dec 2008 18:48:17 +0100
parents	0b17f6e5edae
children	5681a18270b5

comparison

equal deleted inserted replaced

-:d8ad54f11e88
+:18b7b517e2dd
 \subsubsection*{Spam handling}
 Spam is a major threat. According to the \NAME{SWOT} analysis, the goal is to reduce it to a bearable level. Spam fighting is a war are where the good guys tend to lose. Putting too much effort there will result in few gain. Real success will only be possible with new---better---protocols and abandonning the weak legacy technologies. Hence \masqmail\ should be able to provide state-of-the-art spam protection, but not more.
+\subsubsection*{Security}
+\MTA{}s are critical points for computer security, as they are accessable from external networks. They must be secured with high effort. Properties like high priviledge level, work load influenced from extern, work on unsafe data, and demand for reliability, increase the security needed. Unsecure and unreliable \mta{}s are of no value. \masqmail\ needs to b e secure enough for its target field of operation.
 \subsubsection*{Easy configuration}
 Having \mta{}s on many home servers and clients, requires easy and standardized configuration. The common setups should be configurable with single actions by the user. Complex configuration should be possible, but focused must be the most common form of configuration: choosing one of several standard setups.
+\section{Discussion on architecture}
-\section{Directions to go}
+A program's architecture is maybe the most influencing design decision, and has the greatest impact on the program's future capabilities. %fixme: search quote ... check if good
-This section discusses about what shapes \masqmail\ could have---which directions the development could go to.
+\masqmail's current artitecture is monolitic like \sendmail's and \exim's. But more than the other two, is it one block of interweaved code. \sendmail\ provides now, with its \name{milter} interface, standardized connection channels to external modules. \exim\ has a highly structured code with many internal interfaces, like the one for supported authentication ``modules''. \masqmail\ has none of them; it is what \sendmail\ was in the beginning: a single large block.
-\subsection{Access and Auth}
-easiest: restricting by static IP addresses (Access control via hosts.allow/hosts.deny)
-if dynamic remote hosts need access: some auth is needed
-- SASL
-- POP/IMAP: pop-before-smtp, DRAC, WHOSON
-- TLS (certificates)
-``None of these add-ons is an ideal solution. They require additional code compiled into your existing daemons that may then require special write accesss to system files. They also require additional work for busy system administrators. If you cannot use any of the nonauthenticating alternatives mentioned earlier, or your business requirements demand that all of thyour users' mail pass through your system no matter where they are on the Internet, SASL is probably the solution that offers the most reliable and scalable method to authenticate users.'' (Dent: Postfix, page 44, ch04)
-postfix: after-queue-content-filter (smtp communication)
-exim: content-scan-feature
-sendmail: milter (tcp or unix sockets)
-checks while smtp dialog (pre-queue): in MTA implemented (need to be fast)
-checks when mail is accepted and queued: external (amavis, spamassassin)
-anti-virus: clamav
-AMaViS (amavisd-new): email filter framework to integrate spam and virus scanner
-internet -->25 MTA -->10024 amavis -->10025 MTA --> reciptient
-|                            |
-+----------------------------+
-mail scanner:
-incoming queue --> mail scanner --> outgoing queue
-mimedefang: uses milter interface with sendmail
-\subsection{Architecture}
-The programs architecture is maybe the most influencing design decision with the greatest impact on the programs further capabilities. %fixme: search quote ... check if good
-\masqmail's current artitecture is monolitic like \sendmail's and \exim's. But more than the other two, is it one block of interweaved code. \sendmail\ provides, with its \name{milter} interface, standardized connection channels to external modules. \exim\ has a highly structured code with many internal interfaces, like the one for supported authentication ``modules''. \masqmail\ has none of them.
 Figure \ref{fig:masqmail-arch} is an attempt to depict \masqmail's internal structure.
 \begin{figure}
 	\begin{center}
 	\end{center}
 	\caption{Internal architecture of \masqmail}
 	\label{fig:masqmail-arch}
 \end{figure}
+\sendmail\ improved its old architecture, for example by adding the milter interface. \exim\ was designed and is carefully maintained with a modular-like code structure in mind. \qmail\ started from scratch with a security-first approach, \postfix\ improved on it, and \name{sendmail X}/\name{MeTA1} tries to adopt the best of \qmail\ and \postfix, to completely replace the old \sendmail\ architecture. \person{Hafiz} \cite{hafiz05}. describes this evolution of \mta\ architecture very well.
+Every one of the popular \MTA{}s is more modular, or became more modular, than \masqmail. The logical step is to rewrite \masqmail\ using a modern, modular architecture to get a modern \MTA\ satisfying nowadays needs. But how is the effort of this complete rewrite compared to what is gained afterwards?
+A secure architecture is of need.
 (ssl)
 -> msg-in (local or remote protocol handlers)
 -> spam-filter (and more)
 << what would be needed (effort) >>
 << would one create it at all? >>
 << should it be done? >>
 http://fanf.livejournal.com/50917.html %how not to design an mta - the sendmail command
 http://fanf.livejournal.com/51349.html %how not to design an mta - partitioning for security
 http://fanf.livejournal.com/61132.html %how not to design an mta - local delivery
 http://fanf.livejournal.com/64941.html %how not to design an mta - spool file format
+\subsection{Access and Auth}
+easiest: restricting by static IP addresses (Access control via hosts.allow/hosts.deny)
+if dynamic remote hosts need access: some auth is needed
+- SASL
+- POP/IMAP: pop-before-smtp, DRAC, WHOSON
+- TLS (certificates)
+``None of these add-ons is an ideal solution. They require additional code compiled into your existing daemons that may then require special write accesss to system files. They also require additional work for busy system administrators. If you cannot use any of the nonauthenticating alternatives mentioned earlier, or your business requirements demand that all of thyour users' mail pass through your system no matter where they are on the Internet, SASL is probably the solution that offers the most reliable and scalable method to authenticate users.'' (Dent: Postfix, page 44, ch04)
+postfix: after-queue-content-filter (smtp communication)
+exim: content-scan-feature
+sendmail: milter (tcp or unix sockets)
+checks while smtp dialog (pre-queue): in MTA implemented (need to be fast)
+checks when mail is accepted and queued: external (amavis, spamassassin)
+anti-virus: clamav
+AMaViS (amavisd-new): email filter framework to integrate spam and virus scanner
+internet -->25 MTA -->10024 amavis -->10025 MTA --> reciptient
+|                            |
++----------------------------+
+mail scanner:
+incoming queue --> mail scanner --> outgoing queue
+mimedefang: uses milter interface with sendmail
 \subsection{spam and malicious content}
 The same for malicious content (\name{malware}) like viruses, worms, trojan horses. They are related to spam, but affect the \MTA less, as they are in the mail body.
+\section{Directions to go}
+This section discusses about what shapes \masqmail\ could have---which directions the development could go to.
 \subsubsection*{\masqmail\ in five years}

Mercurial > docs > diploma

comparison thesis/tex/4-MasqmailsFuture.tex @ 161:18b7b517e2dd