# HG changeset patch # User meillo@marmaro.de # Date 1229433007 -3600 # Node ID ccf0de1ae33732cc28ca97b0f286628ca89bb0fc # Parent 5f7beb2142d618638d9305666f844b819f876bbf new content and rework diff -r 5f7beb2142d6 -r ccf0de1ae337 thesis/input/masqmail-arch.tex --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/thesis/input/masqmail-arch.tex Tue Dec 16 14:10:07 2008 +0100 @@ -0,0 +1,16 @@ +\begin{verbatim} + +-------------------------------------------------+ + | | + | | + | | + | | + | masqmail's architecture | + | | + | | + | | + | | + | | + | | + | | + +-------------------------------------------------+ +\end{verbatim} diff -r 5f7beb2142d6 -r ccf0de1ae337 thesis/tex/4-MasqmailsFuture.tex --- a/thesis/tex/4-MasqmailsFuture.tex Tue Dec 16 14:09:23 2008 +0100 +++ b/thesis/tex/4-MasqmailsFuture.tex Tue Dec 16 14:10:07 2008 +0100 @@ -44,33 +44,23 @@ \subsubsection*{Large message handling} -Trends in the market for electronic communication in general, wants consolidated communication, hence email will be used more and more to transfer voice and video messages, leading to large messages, putting load on \mta{}s. - - -\subsubsection*{Integrated communication} -Integration of asynchonous email with synchronous channels seems not be possible in an evolutionary way. As only a revolutionary change of the whole email concept could enable it, it is best to focus on it. A new designed technology will be supperior to a heavily patched and bent email technology. +Trends in the market for electronic communication go towards consolidated communication, hence email will be used more to transfer voice and video messages. This leads to larger messages. The store-and-forward transport of email is not good suited for large data. Thus new protocols, like \NAME{QMTP} (described in section \ref{}), may become popular. \subsubsection*{Ressource friendly software} -The merge of communication hardware and the move of email service from providers to homes, demands smaller and more resource-friendly \MTA{}s. The amount of mail will be lower, even if much more mail will be sent. More important will be the energy consumption and heat emission. These topics increased in relevance during the last years and they are expected to become more central. \masqmail\ is not a program to be used on large servers, but to be used on small devices. Thus focusing on energy and heat, not on performance, is the direction to go. +The merge of communication hardware and the move of email services from providers to homes, demands smaller and more resource-friendly software. The amount of mail will be lower, even if much more mail will be sent. More important will be the energy consumption and heat emission. These topics increased in relevance during the past years and they are expected to become more central. \masqmail\ is not a program to be used on large servers, but to be used on small devices. Thus focusing on energy and heat, not on performance, is the direction to go. \subsubsection*{New mail transfer protocols} -But large data transfers are something to cover. The store-and-forward transport of email is not good suited for large data. Thus new protocols, like \NAME{QMTP} (described in section \ref{}), may become popular. \masqmail\ should be able to operate on them as it becomes neccesary. +Large messages demand more efficient transport through the net. As well is a final solution needed to defeat the spam problem. New mail transport protocols may be the only good solutions for both problems. They also can improve reliability, authentication, and verification issues. \masqmail\ should be able to support new protocols as they appear and are used. -As spam is a problem and the need for a final solution grows, \masqmail\ should be ready to support new protocols when they appear. -protocols like \NAME{SMTP} and \NAME{UUCP}, between which mail is transferred. \sendmail's initial purpose was moving mail between \NAME{UUCP}, \NAME{SMTP}, and \name{Berknet}. - - -\subsubsection*{Spam and malicious content handling} -Spam handling is a major threat to handle. According to the \NAME{SWOT} analysis, the goal is to reduce it to a bearable amount. Spam is a field where the the good guys tend to lose. Putting too much effort in spam handling will result in few gain. Real success will only be possible with new---better---protocols, abandonning the weak legacy technologies. - -Hence \masqmail\ should be able to provide state-of-the-art spam and virus protection, but not more. This is commonly and best done using external, specialized programs that are invoked. +\subsubsection*{Spam handling} +Spam is a major threat. According to the \NAME{SWOT} analysis, the goal is to reduce it to a bearable level. Spam fighting is a war are where the good guys tend to lose. Putting too much effort there will result in few gain. Real success will only be possible with new---better---protocols and abandonning the weak legacy technologies. Hence \masqmail\ should be able to provide state-of-the-art spam protection, but not more. \subsubsection*{Easy configuration} -Having \mta{}s on many home servers and clients, requires easy and standardized configuration. The common situations sould be to set with a single action from the user. Complex configuration should be possible, but easiest should be the most common form of configuration; this will be one of several standard setups. +Having \mta{}s on many home servers and clients, requires easy and standardized configuration. The common setups should be configurable with single actions by the user. Complex configuration should be possible, but focused must be the most common form of configuration: choosing one of several standard setups. @@ -85,11 +75,55 @@ +\subsection{Access and Auth} + +easiest: restricting by static IP addresses (Access control via hosts.allow/hosts.deny) +if dynamic remote hosts need access: some auth is needed +- SASL +- POP/IMAP: pop-before-smtp, DRAC, WHOSON +- TLS (certificates) + +``None of these add-ons is an ideal solution. They require additional code compiled into your existing daemons that may then require special write accesss to system files. They also require additional work for busy system administrators. If you cannot use any of the nonauthenticating alternatives mentioned earlier, or your business requirements demand that all of thyour users' mail pass through your system no matter where they are on the Internet, SASL is probably the solution that offers the most reliable and scalable method to authenticate users.'' (Dent: Postfix, page 44, ch04) + + + +postfix: after-queue-content-filter (smtp communication) +exim: content-scan-feature +sendmail: milter (tcp or unix sockets) + +checks while smtp dialog (pre-queue): in MTA implemented (need to be fast) +checks when mail is accepted and queued: external (amavis, spamassassin) + +anti-virus: clamav + +AMaViS (amavisd-new): email filter framework to integrate spam and virus scanner +internet -->25 MTA -->10024 amavis -->10025 MTA --> reciptient + | | + +----------------------------+ +mail scanner: +incoming queue --> mail scanner --> outgoing queue + +mimedefang: uses milter interface with sendmail + \subsection{Architecture} -<< architecture diagram >> +The programs architecture is maybe the most influencing design decision with the greatest impact on the programs further capabilities. %fixme: search quote ... check if good + +\masqmail's current artitecture is monolitic like \sendmail's and \exim's. But more than the other two, is it one block of interweaved code. \sendmail\ provides, with its \name{milter} interface, standardized connection channels to external modules. \exim\ has a highly structured code with many internal interfaces, like the one for supported authentication ``modules''. \masqmail\ has none of them. + +Figure \ref{fig:masqmail-arch} is an attempt to depict \masqmail's internal structure. + +\begin{figure} + \begin{center} + \input{input/masqmail-arch.tex} + \end{center} + \caption{Internal architecture of \masqmail} + \label{fig:masqmail-arch} +\end{figure} + + (ssl) -> msg-in (local or remote protocol handlers) @@ -126,6 +160,15 @@ +\subsection{spam and malicious content} + +The same for malicious content (\name{malware}) like viruses, worms, trojan horses. They are related to spam, but affect the \MTA less, as they are in the mail body. + +message body <-> envelope, header + +where to filter what + +