Mail Server

Introduction

This is the current layout of our department’s mail service. architecture (Source: NASA Document) Our project only focuses on the receiving process. We host a postfix server that communicates with the ldap server. For testing, we send mail directly to postfix , which listens on port 25; we also host a local mailpit service, which we redirect all postfix traffic to. The mimicked layout is as shown in the following graph. simplified_architecture

Settings

Postfix

Installation

  1. sudo apt install postfix

  2. sudo apt install postfix-ldap

  3. Configurations:

    • General Mail Configuration Type: Internet site

    • System mail name: csie.ntu.edu.tw

  4. Modify /etc/postfix/main.cf Remember to use sudo!

    • add local_recipient_maps =

    • change to relayhost = [127.0.0.1]:1025

    • add ldap:/etc/postfix/ldap-aliases.cf to virtual_alias_maps

    • add local_transport = smtp:[127.0.0.1]:1025

  5. Edit ldap-aliases.cf add

    server_host = <ip>:<port>
search_base = dc=csie,dc=ntu,dc=edu,dc=tw
version = 3

bind = yes
bind_dn = uid=mailtest,ou=people,dc=csie,dc=ntu,dc=edu,dc=tw
bind_pw = <redacted>

query_filter = (cn=%u)

special_result_attribute = uniqueMember

leaf_result_attribute = uid

result_format = %s@csie.ntu.edu.tw

    For ldaps, use

    server_host = ldaps://172.16.127.151:636
search_base = dc=csie,dc=ntu,dc=edu,dc=tw
version = 3

bind = yes
bind_dn = uid=mailtest,ou=people,dc=csie,dc=ntu,dc=edu,dc=tw
bind_pw = <redacted>

tls_ca_cert_file = /etc/postfix/mockldap_ca.crt
tls_require_cert = yes

query_filter = (cn=%u)

special_result_attribute = uniqueMember

leaf_result_attribute = uid

result_format = %s@csie.ntu.edu.tw

    and change ldap:/etc/postfix/ldap-aliases.cf to proxy:ldap:/etc/postfix/ldap-aliases.cf in main.cf.

  6. run sudo postfix reload

    needs to be run after every modification to postfix settings

Usage

  • Connect to port 25 to send mail.

    • Some scripts:

      need to install pwntools

      send.py:

      from pwn import *
r = remote("localhost", 25)
r.recvline()
sender = input("sender: ")
r.sendline(b"mail from: " + sender.encode())
r.recvline()
receiver = input("receiver: ")
r.sendline(b"rcpt to: " + receiver.encode())
r.recvline()
r.sendline(b"data")
r.recvline()
subject = input("subject: ")
r.sendline(b"Subject: " + subject.encode())
data = input("data: ")
r.sendline(data.encode())
r.sendline(b".")
r.close()

      test_alias.py:

      from pwn import *
r = remote("localhost", 25)
r.recvline()
r.sendline(b"mail from: alias_test@csie.ntu.edu.tw")
r.recvline()
receiver = input("receiver: ")
r.sendline(b"rcpt to: " + receiver.encode())
r.recvline()
r.sendline(b"data")
r.recvline()
r.sendline(b"Subject: Just a test")
r.sendline(b"The quick brown fox jumped over the lazy dog.")
r.sendline(b".")
r.close()

  • view mail queue: postqueue -p

  • delete from mail queue(in case of wrongly configured mail getting stuck): sudo postsuper -d <mail_id> or sudo postsuper -d all

Mailpit

Installation

sudo sh < <(curl -sL https://raw.githubusercontent.com/axllent/mailpit/develop/install.sh)

Run

mailpit

run with mailpit --webroot /mailpit/ & if use reverse proxy check localhost:8025 with browser for visuals