tren Message Rower va bam Enable WorldClient Server Create PDF files without this message by purchasing novaPDF printer htip:/Awww.novapdf.com... clare ladddecr hy | Mo senen ie ML san
Trang 2
A Khái niệm quản trị hệ thông thư điện tử
1 Mục đích của việc quản trị hệ thông thư điện tử
2 Các công việc cân thiêt đề quản trị hệ thông thư điện tử
B Một số tính năng cơ bản đề quản trị và thiết lập hệ thông thư điện tử
Mô hình hoạt động của hệ thông thư điện tử
Giới thiệu về thủ tục LDAP
Các giải pháp an toàn cho hệ thông thư điện tử Quản trị máy chủ thư điện tử từ xa
Khái niệm về mailing list
Trang 4
1 Mô hình hoạt động của hệ thống thư
điện tử: K: incoming Email `
Hình 3.1 Mô hinh hoạt động của hệ
thông thư điện tử
Create PDF files without this message by purchasing novaPDF printer (http:/www.novapdf.com)
Trang 5
Quan ly tir xa bang Webadmin va
Mdconfig: Remote Configuration E x;
Tw Menu setup/chon Remote configuration Remote configuration engines
ae, J¥ Enable MDConfig remote configuration engine
LB JV Enable WebAdmin remote configuration engine
J¥ Stop WebAdmin when MDaemon stops
MDConfig security issues [logon/password values do not apply to Web&dmin) Administrator [Administrator Supervisor [Supervisor
MDConfig backup directory
= JC:\MDaemon\B ackup
Hinh:4.51 Thi ết lâ pc 4 u hình từ xa Before updating, MDaemon will backup its existing configuration files
and place them in this directory
Trang 6L4 onfig - MDacmon Remxe eT eT
Ine tree et ve: DRip le rire eb
3 DomenPOPrevd: 0 +
Fd MuBPOP rovd: 0 Set ANTE 04 25085 ocket corrector cael
H/AIMAPestmel [X #I-IÚ£) Rib/ II:+ag: Í ae mm pahem, SOK WD ny AAO aneerabe CN ¥ +4 5,7 U AECERNSUE
om St 2002-0604 2300 55 LI5FT anrixr3tr
E183 Quewod mal Sa 2))2(804 220452 +(JL, ts#ntniitat2f> tt
Lý} flende gueus $3 2112 (604 3201:E2 PASS mr
(8 Locel queue’ Ct 702.0604 23045 + «achini:tztap athotiaol
(5) Gad quewe 0 Set 2002-0504 2204.4 +OK E31! byes Ged LAN quever 0 $4 202-0604 25.00 GET= Cullee!
i) RO quene 0 S4 214:04 1304 54 Tiamssrrifrnplele<[`1MDeernrrWpp\MDEFDN/KN,
= : Set 2002-0606 220054 Ll
El BR Saven _ || $z202(801120151 Dk ye
SMTP savelft| sive || C5 2902.05.04 2204 54 Coerngtarensron choral
+) fila IMAP sevatl|: da || Set 2092-0504 2204.55 Warsơn VD eertor PR v6.7.0
(Ẩn LI4P server are || Set Tưng nu Upines 013, TN sa wh
b ee Cor R604 22005 — La#tzurre:ZulSNTPseszerr St (May 2002220412:
MUBPOP inact Se 22-0500 2500: Last cucoceul MM apni: U
.InaoNe €z 2114504 12015 Last MDCONAG conmloact 0
WereLberk active sla at : | nụ
Hình:4.52 MDConfiguration chạy gia lap
như Mdaemon Server
Create PDF files without this message by purchasing novaPDF printer (http:/www.novapdf.com)
Trang 7MU eeron Most Intornston
ps Hon! mane or [> adchese Joxanet com ~
Trang 8+» WorldClient là hạt nhân của Mdaemon Server
Create PDF files without this message by purchasing novaPDF printer (http:/www.novapdf.com)
Trang 9Ba cach Start/Stop WorldClient Server:
| Trong Message Router 0 phia ben trat co phan server cO WorldChient bam
ya0 do va bam chudt phar chon Zoggle Active Inactive
2 Chon FilesEnable WorldClient server tren Message Router
Chon Setp-oWorldClient Relay Far tren Message Rower va bam Enable WorldClient Server
Create PDF files without this message by purchasing novaPDF printer (htip:/Awww.novapdf.com)
Trang 10WorldClient properties
WorldClient is running under IIS Run WorldClient server using this TCP port [ 3000 Sessions not composing 4 message expire after [20 inactive minutes Sessions composing a message expire after [ 120 inactive minutes I¥ Cache HTML templates to increase web server performance
IV Use cookies to remember logon name, theme, and other properties [ Respond to read confirmation requests
I¥ Require IP persistence throughout WorldClient session Bind WorldClient's web server to these IPs only Separate multiple values with commas Leave blank to bind to MDaemon's IP list
Restart WorldClient (required when port or IIS value changes] |
Hinh ° 4 5 4 [ ox | Cancel | Apply |
Create PDF files without this message by purchasing novaPDF printer (htip:/Awww.novapdf.com)
Trang 11Oe Note: LOsemon requires Wirdows NT 2000
Mdaemon
Noi dé g6 cau lénh [Dicsctn cecsaaad clatboak
diéu khién LDAP [hp 230m
muôn sửa chữa câu
l|Z Tuacø lzicixei ca: [` Eorigishứœt lá cúœø¿£fc
^ fe Debug packet hardi-a [ Access conrol ist procestr9
T Cosrection manageners [ Seats: log erie sant
ya T Logs 10 pschels [` Camrwawcalem wih shes! beckend
T Search the olocesera [ Ernie oaena debsoona
ghi log file va tim 101 Iiznrrsrl Lrce |
| Ex “ricap vs 1001 of hips yf dao) 27.00 bee”
| Bâm vào đây nêu
Trang 12Note LOG lurchavally ude Windows SS ques! Jo gosetet
Sioie accoun! dala manLDAP accessable twalPRD rerio orb)
FY Use LDAP zerver br eddeez book and renols vatficston
This option beegs an LDAP server up to date wath address nication
Dién DN dé gan quyén
Dién base entry sé
dung userlist.dat hoặc
[lharl clare [databece)
tac, seá4†( Tas‡naigk2, cai Š
heer! clare ladddecr hy |
Mo senen ie ML sano: Cotect xX
Bese erty ON berate wenticetionl
[curPornale Addo £v0Ii0^3)0( ot Tact fitter ces
Xác định object clas điều
khiến dữ liệu cla LDAP
thông tin của
account vào đữ liệu
LDAP
VÀNG
Xác định obJect
class điều khiến dữ
liệu của LDAP
Create PDF files without this message by purchasing novaPDF printer (http:/www.novapdf.com)
Hinh:4.56 LDAP options
Trang 13
Cúc giải pháp an toàn của MailServer:
© „* ¢ Antivirus Settings
Content Filter Spam Blocker SSL& Certificates
IP Screening:
Host Screening
IP Shielding
SMTP Authentication POP Before SMTP Site Usage Policy
Relay Settings
Trusted Hosts Reverse Lookup
Trang 14
Spam Blocker : đễ ngăn chặn hầu hết các thư spam gửi đến Mail Server của bạn
Nó sử dụng co' sé dir liéu blacklist cia hai t6 chive ORDB va MAPS RBL host
Ban tham khao cac théng tin vé ORDB va MAPS RBL tai hai web site sau:
http:// www.ordb.org http:// www.mail-abuse.com/rbl
Create PDF files without this message by purchasing novaPDF printer (htip:/Awww.novapdf.com)
Trang 15Kich hoat Spam
Spam Blocker Engine | Spam Blocker Hosts Spam Blocker Caching
am Blocker engine I¥ Enable Spam Blocker engine
i ¢ Click here and MDaemon will query MAPS /RBL/ORDB type hosts to detect blacklisted sites
Cho ban tin tr blacklist
qua, nhung gan co
trong “receive” cua thu Check only this many 'Received' headers [0 = all] | 0
° > Skip this many of the oldest 'Received' headers (0 = none] | 1
khi gửi qua SMTP [— Check 'eceived' headers within PP collected messages
Check only this many 'Received' headers (0 = all] 0
Cho phép account mới được | thumuc Inbox/Spam
Skip this many of the oldest 'Received' headers (0 = none]
IV Skip 'Received' headers within messages from exempted [” Add blacklisted sites to the IP Screen (under ‘All IPS") [ Authenticated sessions are exempt from Spam Blocker loo J¥ Always exempt Trusted IPs from Spam Blocker look
Cho phép cac dia chi
trong Trust host cua ban Relay Setting
Click here to configure IP and email addresses that are exempt
from Spam Blocker lookups Exceptions|
Trang 16
spam Blocker Hosts: Spam Blocker E |x|
Spam Blocker Engine Spam Blocker Hosts | Spam Blocker Caching |
Spam Blocker hosts The spam blocking engine works by querying each host below and seeing if the IP address of an incoming SMTP connection has been blacklisted for propogating spam For complete details on how this works check out http: 4/wwwwordb.org or http://www mail-abuse.org
be tracked into the log and reported during the SMTP session
Trang 17See http: //www.mail-abuse.org for details on the implications of caching
cached entry
[~ Automatically cached entries use default time to live also
Currently cached entries
203.190.100.100 for [15] more minutes
203.191.100.100 for [15] more minutes
Trang 18
Spam Filter:
-?| x|
White List (auto) | © White List (to) | ‘White List (from) | Black List
Spam Filtering | Heuristics | Bayesian | Reporting | Exclusion List
If the Spam Filter determines that a message is spam then
C bounce the message back to sender ( just delete the message completely
o : flag the message but let it continue down the delivery path:
I¥ Don't filter messages sent from local sources I¥ Don't filter messages from trusted or authenticated sources
[— Automatically filter spam messages into user's IMAP spam folder
A white list match subtracts this many points from the spam score | 100.0
Trang 19Currently suppressed addresses —————_ New suppression entry
Ef" All Domains
= TH vn
“ES spammer@muaha.com.yn Email address
BY hoaco.com ị Œ muaxuan@hoaco.com ae ok u22ZZf1s of the form “@domain.com or *@???.com
company mail
v Remove | Add
Options
elect the domain this new suppressed address will apply to
[_ Refuse to accept mail during SMTP session
| >| J Inform sender when their mail is rejected
Trang 20(* This remote IP can connect
Default For Undefined IPs
© Undefined IPs can connect to this local IP
€ Undefined IPs can not connect to this local IP
IP Screening works by comparing the IP of the incoming connection to the IPs specified in this dialog If a match is
Trang 21Select the IP that this new screen will belong to
8 192,168,200.10,Allow Wildcards of the form * altr.com or altn.*.com are
Default For Undefined Hosts
(* Undefined hosts can connect to thi
203.192.100.100 *|
EF 203.192.100.100 Remote host | Add |
gia 200,100,100, 102,Prevenl This remote host can not connect Remove |
reening works by comparing the value passed in an incoming SMTP session's EHLO or HELO parameter with
Trang 22Currently defined domain/IP pairs
|” Messages to valid local users are exempt from domain/IP matching
IP Shield honors aliases qtsc.com.vn, 203.100.100.100 qtsc.com.vn, 203.162.100.101 quangtrungsoft.com vn, 203.162.100.102
H | 8 h " 4 64 Wildcards like *.altn.com and 192.168.0.* ok
When a message claims to be from one of these domains [ie MAIL FROM:
mailbox@domain.com] then the IP address delivering the message must be equal to the corresponding value specified here
Create PDF files without this message by purchasing novaPDF printer (htip:/Awww.novapdf.com)
Trang 23
JV Authenticated users are exempt from the POP Before SMTP requirement Select this switch and MDaemon will exempt authenticated sessions from any POP Before SMTP restrictions
[— Authentication is always required when mail is from local accounts When this option is enabled any message claiming to come from a local account will need to authenticate before being recognized
MAIL FROM ‘Postmaster’ requires an authenticated session Spammers and hackers know that the ‘Postmaster’ account exists ‘You can use this switch to prevent them from exploiting this fact
[ Authentication credentials must match those of the email sender This switch requires the sender of the email to use only his/her own authentication credentials
Global AUTH password
In some cases it is useful to provide a global password for authentication
Trang 24IV Local sender must have accessed mailbox within last 5 minutes
Click here to force local users to check mail with POP, IMAP, or WorldClient before MDaemon will accept a message from them
JV Messages collected via ATRN are exempt from this requirement
¥ ‘Messages sent to local recipients are exempt from this requirement
JV Messages sent from trusted IPs are exempt from this requirement
Hinh:4.66 ayes Ja
Create PDF files without this message by purchasing novaPDF printer (htip:/Awww.novapdf.com)
Trang 25
Site Policy: ea E 3| xi
IP Shielding | SMTP Authentication | POP Before SMTP Site Policy
Cửa sé hién thi Text file policy.dat Site policy
việc SMTP E File POLICY.DAT phai 6 dang
ASCII khong chwa hon 512 ký tự mot dong va dung lwong lon nhat là
5000 bytes
Please limit your policy to 15 lines of 75 characters each RFC 2821 says blank
Trang 26‘This server does not relay mail for foreign domains:
With this switch enabled MDaemon will not accept a message for delivery unless it is either FROM or TO a known user
Từ chối nhận những bức
thư gửi đến cho domain mà
nó quán lý nhưng địa chỉ
người dùng không tôn tại
Khi thư gửi từ một Mda
domain sẽ được kiêm tra trong
cơ sở đữ liệu về account và nó
phải tôn tại.Nêu không Mda sẽ
[” Mail can always be relayed through domain gateways
Create PDF files without this message by purchasing novaPDF printer (http:/www.novapdf.com)
phép trung chuyén qua
Trang 27
lop112.com.¥n quangtrung.com.¥n
Trang 28These switches allow MDaemon to track into the log files the result of a reverse lookup on the incoming host's IP or identification
Refuse to accept mail if a lookup returns ‘domain not found!
J¥ send 501 error code (normally sends 451 error [” and then shut down the socket connectio
Create PDF files without this message by purchasing novaPDF printer (htip:/Awww.novapdf.com)
Trang 29If 4 message is FROM a local domain and TO a non-local domain then the headers of the outgoing message are scanned for the text specified
here and that text is replaced with something new This is useful when you want to convert each occurance of a local domain name within the
headers with 4 real domain name
Existing header text |
ew header text | Add
IV Translate headers in forwarded messages
JV Translate headers in gateway messages forwarded to host or IP
Currently defined header translations
