Network Services

Network Services
GregDeamons Profile Pic
GregDeamons,New Zealand,Professional
Published Date:03-08-2017
Your Website URL(Optional)
Comment
Chapter 3 CHAPTER 3 In this chapter: • Names and Addresses • The Host Table Network Services • DNS • Mail Services • File and Print Servers • Configuration Servers Some network servers provide essential computer-to-computer services. These differ from application services in that they are not directly accessed by end users. Instead, these services are used by networked computers to simplify the installation, configu- ration, and operation of the network. The functions performed by the servers covered in this chapter are varied: • Name service for converting IP addresses to hostnames • Configuration servers that simplify the installation of networked hosts by han- dling part or all of the TCP/IP configuration • Electronic mail services for moving mail through the network from the sender to the recipient • File servers that allow client computers to transparently share files • Print servers that allow printers to be centrally maintained and shared by all users Servers on a TCP/IP network should not be confused with traditional PC LAN serv- ers. Every Unix host on your network can be both a server and a client. The hosts on a TCP/IP network are “peers.” All systems are equal, and the network is not depen- dent on any one server. All of the services discussed in this chapter can be installed on one or several systems on your network. We begin with a discussion of name service. It is an essential service that you will certainly use on your network. Names and Addresses The Internet Protocol document defines names, addresses, and routes as follows: A name indicates what we seek. An address indicates where it is. A route indicates how to get there. RFC 791, Internet Protocol, Jon Postel, ISI, 1981, page 7. 51 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.Names, addresses, and routes all require the network administrator’s attention. Routes and addresses were covered in the previous chapter. This section discusses names and how they are disseminated throughout the network. Every network inter- face attached to a TCP/IP network is identified by a unique 32-bit IP address. A name (called a hostname) can be assigned to any device that has an IP address. Names are assigned to devices because, compared to numeric Internet addresses, names are easier to remember and type correctly. Names aren’t required by the net- work software, but they do make it easier for humans to use the network. In most cases, hostnames and numeric addresses can be used interchangeably. A user wishing to telnet to the workstation at IP address 172.16.12.2 can enter: % telnet 172.16.12.2 or use the hostname associated with that address and enter the equivalent command: % telnet rodent.wrotethebook.com Whether a command is entered with an address or a hostname, the network connec- tion always takes place based on the IP address. The system converts the hostname to an address before the network connection is made. The network administrator is responsible for assigning names and addresses and storing them in the database used for the conversion. Translating names into addresses isn’t simply a “local” issue. The command telnet rodent.wrotethebook.com is expected to work correctly on every host that’s con- nected to the network. If rodent.wrotethebook.com is connected to the Internet, hosts all over the world should be able to translate the name rodent.wrotethebook.com into the proper address. Therefore, some facility must exist for disseminating the host- name information to all hosts on the network. There are two common methods for translating names into addresses. The older method simply looks up the hostname in a table called the host table. The newer technique uses a distributed database system called the Domain Name System (DNS) to translate names to addresses. We’ll examine the host table first. The Host Table The host table is a simple text file that associates IP addresses with hostnames. On most Unix systems, the table is in the file /etc/hosts. Each table entry in /etc/hosts con- tains an IP address separated by whitespace from a list of hostnames associated with that address. Comments begin with . Sun’s Network Information Service (NIS) is an improved technique for accessing the host table. NIS is dis- cussed later in this chapter. 52 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.The host table on rodent might contain the following entries: Table of IP addresses and hostnames 172.16.12.2 rodent.wrotethebook.com rodent 127.0.0.1 localhost 172.16.12.1 crab.wrotethebook.com crab loghost 172.16.12.4 jerboas.wrotethebook.com jerboas 172.16.12.3 horseshoe.wrotethebook.com horseshoe 172.16.1.2 ora.wrotethebook.com ora 172.16.6.4 linuxuser.articles.wrotethebook.com linuxuser The first entry in the sample table is for rodent itself. The IP address 172.16.12.2 is associated with the hostname rodent.wrotethebook.com and the alternate hostname (or alias) rodent. The hostname and all of its aliases resolve to the same IP address, in this case 172.16.12.2. Aliases provide for name changes, alternate spellings, and shorter hostnames. They also allow for “generic hostnames.” Look at the entry for 172.16.12.1. One of the aliases associated with that address is loghost. loghost is a special hostname used by Solaris in the syslog.conf configuration file. Some systems preconfigure programs like syslogd to direct their output to the host that has a certain generic name. You can direct the output to any host you choose by assigning it the appropriate generic name as an alias. Other commonly used generic hostnames are lprhost, mailhost, and dumphost. The second entry in the sample file assigns the address 127.0.0.1 to the hostname localhost. As we have discussed, the network address 127.0.0.0/8 is reserved for the loopback network. The host address 127.0.0.1 is a special address used to designate the loopback address of the local host—hence the hostname localhost. This special addressing convention allows the host to address itself the same way it addresses a remote host. The loopback address simplifies software by allowing common code to be used for communicating with local or remote processes. This addressing conven- tion also reduces network traffic because the localhost address is associated with a loopback device that loops data back to the host before it is written out to the net- work. Although the host table system has been superseded by DNS, it is still widely used for the following reasons: • Most systems have a small host table containing name and address information about the important hosts on the local network. This small table is used when DNSis not running, such as during the initial system startup. Even if you use DNS, you should create a small /etc/hosts file containing entries for your host, for localhost, and for the gateways and servers on your local net. The Host Table 53 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.• Sites that use NISuse the host table as input to the NIShost database. You can use NISin conjunction with DNS, but even when they are used together, most NISsites create host tables that have an entry for every host on the local net- work. Chapter 9 explains how to use NIS with DNS. • Very small sites that are not connected to the Internet sometimes use the host table. If there are few local hosts and the information about those hosts rarely changes, and there is also no need to communicate via TCP/IP with remote sites, then there is little advantage to using DNS. The old host table system is inadequate for the global Internet for two reasons: inability to scale and lack of an automated update process. Prior to the development of DNS, an organization called the Network Information Center (NIC) maintained a large table of Internet hosts called the NIC host table. Hosts included in the table were called registered hosts, and the NIC placed hostnames and addresses into this file for all sites on the Internet. Even when the host table was the primary means of translating hostnames to IP addresses, most sites registered only a limited number of key systems. But even with limited registration, the table grew so large that it became an inefficient way to con- vert hostnames to IP addresses. There is no way that a simple table could provide adequate service for the enormous number of hosts on today’s Internet. Another problem with the host table system is that it lacks a technique for automati- cally distributing information about newly registered hosts. Newly registered hosts can be referenced by name as soon as a site receives the new version of the host table. However, there is no way to guarantee that the host table is distributed to a site, and no way to know who had a current version of the table and who did not. This lack of guaranteed uniform distribution is a major weakness of the host table system. DNS DNS overcomes both major weaknesses of the host table: • DNSscales well. It doesn’t rely on a single large table; it is a distributed data- base system that doesn’t bog down as the database grows. DNScurrently pro- vides information on approximately 100,000,000 hosts, while fewer than 10,000 were listed in the host table. • DNSguaranteesthat new hostinformation willbedisseminatedtothe rest ofthe network as it is needed. Information is automatically disseminated, and only to those who are interested. Here’s how it works. If a DNSserver receives a request for information about a host for which it has no information, it passes on the request to an authoritative server. An authoritative server is any server responsible for maintaining accurate informa- tion about the domain being queried. When the authoritative server answers, the 54 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.local server saves, or caches, the answer for future use. The next time the local server receives a request for this information, it answers the request itself. The ability to control host information from an authoritative source and to automatically dissemi- nate accurate information makes DNSsuperior to the host table, even for networks not connected to the Internet. In addition to superseding the host table, DNSalso replaces an earlier form of name service. Unfortunately, both the old and new services were called name service. Both are listed in the /etc/services file. In that file, the old software is assigned UDP port 42 and is called nameserver or name; DNSname service is assigned port 53 and is called domain. Naturally, there is some confusion between the two name servers. There shouldn’t be—the old name service is outdated. This text discusses DNSonly; when we refer to “name service,” we always mean DNS. The Domain Hierarchy DNSis a distributed hierarchical system for resolving hostnames into IP addresses. Under DNS, there is no central database with all of the Internet host information. The information is distributed among thousands of name servers organized into a hierarchy similar to the hierarchy of the Unix filesystem. DNShas a root domain at the top of the domain hierarchy that is served by a group of name servers called the root servers. Just as directories in the Unix filesystem are found by following a path from the root directory through subordinate directories to the target directory, information about a domain is found by tracing pointers from the root domain through subordinate domains to the target domain. Directly under the root domain are the top-level domains. There are two basic types of top-level domains—geographic and organizational. Geographic domains have been set aside for each country in the world and are identified by a two-letter coun- try code. Thus, this type of domain is called a country code top-level domain (ccTLD). For example, the ccTLD for the United Kingdom is .uk, for Japan it is .jp, and for the United States it is .us. When .us is used as the top-level domain, the second-level domain is usually a state’s two-letter postal abbreviation (e.g., .wy.us for Wyoming). U.S. geographic domains are usually used by state governments and K-12 schools but are not widely used for other hosts. Within the United States, the most popular top-level domains are organizational— that is, membership in a domain is based on the type of organization (commercial, military, etc.) to which the system belongs. These domains are called generic top- level domains or general-purpose top-level domains (gTLDs). There is no relationship between the organizational and geographic domains in the U.S. Each system belongs to either an organizational domain or a geographic domain, not both. DNS 55 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.The official generic top-level domains are: com Commercial organizations edu Educational institutions gov Government agencies mil Military organizations net Network support organizations, such as network operation centers int International governmental or quasi-governmental organizations org Organizations that don’t fit into any of the above, such as nonprofit organiza- tions aero Organizations involved in the air-transport industry biz Businesses coop Cooperatives museum Museums pro Professionals, such as doctors and lawyers info Sites providing information name Individuals These are the fourteen current gTLDs. The first seven domains in the list (com, edu, gov, mil, net, int, and org) have been part of the domain system since the beginning. The last seven domains in the list (aero, biz, coop, museum, pro, info, and name) were added in 2000 to increase the number of top-level domains. One motivation for cre- ating the new gTLDs is the huge size of the .com domain. It is so large that it is diffi- cult to maintain an efficient .com database. Whether or not these new gTLDs will be effective in drawing registrations away from the .com domain remains to be seen. 56 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.Figure 3-1 illustrates the domain hierarchy using six of the original organizational top-level domains. At the top is the root. Directly below the root domain are the top- level domains. The root servers have complete information only about the top-level domains. No servers, not even the root servers, have complete information about all domains, but the root servers have pointers to the servers for the second-level domains. So while the root servers may not know the answer to a query, they know who to ask. Root . net gov mil org com edu nih wrotethebook dcrt niddk articles events Figure 3-1. Domain hierarchy Creating Domains and Subdomains Several domain name registrars have been authorized by the Internet Corporation for Assigned Names and Numbers (ICANN), a nonprofit organization that was formed to take over the responsibility for allocating domain names and IP addresses. (Previ- ously, the U.S. government oversaw this process.) ICANN has authorized these reg- istrars to allocate domains. To obtain a domain, you apply to a registrar for authority to create a domain under one of the top-level domains. (The details of applying for a domain name are covered in Chapter 4.) Once the authority to create a domain is granted, you can create additional domains, called subdomains, under your domain. Let’s look at how this works at our imaginary company. Our company is a commercial, profit-making (we hope) enterprise. It clearly falls into the com domain. We apply for authority to create a domain named wrotethebook within the com domain. The request for the new domain contains the hostnames and addresses of the servers that will provide name service for the new domain. When the registrar approves the request, it adds pointers in the com domain to the new Figure 3-1 shows two second-level domains: nih under gov and wrotethebook under com. DNS 57 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.domain’s name servers. Now when queries are received by the root servers for the wrotethebook.com domain, the queries are referred to the new name servers. The registrar’s approval grants us complete authority over our new domain. Any reg- istered domain has authority to divide its domain into subdomains. Our imaginary company can create separate domains for the division that handles special events (events.wrotethebook.com) and for the division that coordinates the preparation of magazine articles (articles.wrotethebook.com) without consulting the registrar or any other “higher authority.” The decision to add subdomains is completely up to the local domain administrator. The registrars delegate authority and distribute control over names to individual organizations. Once that authority has been delegated, the individual organization is responsible for managing the names it has been assigned. A new subdomain becomes accessible when pointers to the servers for the new domain are placed in the domain above it (see Figure 3-1). Remote servers cannot locate the wrotethebook.com domain until a pointer to its server is placed in the com domain. Likewise, the subdomains events and articles cannot be accessed until point- ers to them are placed in wrotethebook.com. The DNSdatabase record that points to the name servers for a domain is the NS(name server) record. This record contains the name of the domain and the name of the host that is a server for that domain. Chapter8 discusses the actual DNSdatabase. For now, let’s just think of these records as pointers. Figure3-2 illustrates how the NSrecords are used as pointers. A local server has a request to resolve linuxuser.articles.wrotethebook.com into an IP address. The server has no information on wrotethebook.com in its cache, so it queries a root server (a. root-servers.net in our example) for the address. The root server replies with an NS record that points to crab.wrotethebook.com as the source of information on wrote- thebook.com. The local server queries crab, which points it to linuxmag.articles. wrotethebook.com as the server for articles.wrotethebook.com. The local server then queries linuxmag.articles.wrotethebook.com and finally receives the desired IP address. The local server caches the A (address) record and each of the NSrecords. The next time it has a query for linuxuser.articles.wrotethebook.com, it will answer the query itself. And the next time the server has a query for other information in the wrotethebook.com domain, it will go directly to crab without involving a root server. Figure 3-2 provides examples of both recursive and nonrecursive searches. The remote servers are examples of nonrecursive servers. The remote servers tell the local server who to ask next. The local server must follow the pointers itself. The local server is an example of a recursive server. In a recursive search, the server follows the pointers and returns the final answer for the query. The root servers generally per- form only nonrecursive searches. Most other servers perform recursive searches. 58 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.linuxuser.articles.wrotethebook.com a.root-servers.net wrotethebook.com NS crab.wrotethebook.com linuxuser.articles.wrotethebook.com local server crab.wrotethebook.com articles.wrotethebook.com NS linuxmag.articles.wrotethebook.com linuxuser.articles.wrotethebook.com linuxmag.articles.wrotethebook.com linuxuser.articles.wrotethebook.com A 172.16.6.4 Figure 3-2. A DNS query Domain Names Domain names reflect the domain hierarchy. They are written from most specific (a hostname) to least specific (a top-level domain), with each part of the domain name separated by a dot. A fully qualified domain name (FQDN) starts with a specific host and ends with a top-level domain. rodent.wrotethebook.com is the FQDN of worksta- tion rodent, in the wrotethebook domain, of the com domain. Domain names are not always written as fully qualified domain names. They can be written relative to a default domain in the same way that Unix pathnames are written relative to the current (default) working directory. DNSadds the default domain to the user input when constructing the query for the name server. For example, if the default domain is wrotethebook.com, a user can omit the wrotethebook.com exten- sion for any hostnames in that domain. crab.wrotethebook.com could be addressed simply as crab; DNS adds the default domain wrotethebook.com. On most systems, the default domain name is added only if there is no dot in the requested hostname. For example, linuxuser.articles would not be extended and would therefore not be resolved by the name server because articles is not a valid top- level domain. But the hostname crab, which contains no dot, would be extended with wrotethebook.com, giving the valid domain name crab.wrotethebook.com. Like almost everything on a Unix system, this behavior is configurable, as you’ll see in Chapter 8. How the default domain is used and how queries are constructed vary depending on the software configuration. For this reason, you should exercise caution when embedding a hostname in a program. Only a fully qualified domain name or an IP address is immune from changes in the name server software. The root domain is identified by a single dot; i.e., the root name is a null name written simply as “.”. DNS 59 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.BIND, Resolvers, and named The implementation of DNSused on Unix systems is the Berkeley Internet Name Domain (BIND) software. Descriptions in this text are based on the BIND name server implementation. DNSsoftware is conceptually divided into two components—a resolver and a name server. The resolver is the software that forms the query; it asks the questions. The name server is the process that responds to the query; it answers the questions. The resolver does not exist as a distinct process running on the computer. Rather, the resolver is a library of software routines (called the resolver code) that is linked into any program that needs to look up addresses. This library knows how to ask the name server for host information. Under BIND, all computers use resolver code, but not all computers run the name server process. A computer that does not run a local name server process and relies on other systems for all name service answers is called a resolver-only system. Resolver-only configurations are common on single-user systems. Larger Unix sys- tems usually run a local name server process. The BIND name server runs as a distinct process called named (pronounced “name” “d”). Name servers are classified differently depending on how they are configured. The three main categories of name servers are: Master The master server (also called the primary server) is the server from which all data about a domain is derived. The master server loads the domain’s informa- tion directly from a disk file created by the domain administrator. Master serv- ers are authoritative, meaning they have complete information about their domain and their responses are always accurate. There should be only one mas- ter server for a domain. Slave Slave servers (also known as secondary servers) transfer the entire domain data- base from the master server. A particular domain’s database file is called a zone file; copying this file to a slave server is called a zone file transfer. A slave server assures that it has current information about a domain by periodically transfer- ring the domain’s zone file. Slave servers are also authoritative for their domain. Caching-only Caching-only servers get the answers to all name service queries from other name servers. Once a caching server has received an answer to a query, it caches the information and will use it in the future to answer queries itself. Most name serv- ers cache answers and use them in this way. What makes the caching-only server unique is that this is the only technique it uses to build its domain database. Caching servers are non-authoritative, meaning that their information is second- hand and incomplete, though usually accurate. 60 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.The relationship between the different types of servers is an advantage that DNShas over the host table for most networks, even very small networks. Under DNS, there should be only one primary name server for each domain. DNSdata is entered into the primary server’s database by the domain administrator. Therefore, the adminis- trator has central control of the hostname information. An automatically distrib- uted, centrally controlled database is an advantage for a network of any size. When you add a new system to the network, you don’t need to modify the /etc/hosts files on every node in the network; you modify only the DNSdatabase on the primary server. The information is automatically disseminated to the other servers by full zone trans- fers or by caching single answers. Network Information Service The Network Information Service (NIS) is an administrative database system devel- oped by Sun Microsystems. It provides central control and automatic dissemination of important administrative files. NIScan be used in conjunction with DNSor as an alternative to it. NISand DNShave similarities and differences. Like DNS, the Network Information Service overcomes the problem of accurately distributing the host table, but unlike DNS, it provides service only for local area networks. NIS is not intended as a ser- vice for the Internet as a whole. Another difference is that NISprovides access to a wider range of information than DNS—much more than name-to-address conver- sions. It converts several standard Unix files into databases that can be queried over the network. These databases are called NIS maps. NISconverts files such as /etc/hosts and /etc/networks into maps. The maps can be stored on a central server where they can be centrally maintained while still being fully accessible to the NISclients. Because the maps can be both centrally main- tained and automatically disseminated to users, NISovercomes a major weakness of the host table. But NISis not an alternative to DNSfor Internet hosts because the host table, and therefore NIS, contains only a fraction of the information available to DNS. For this reason DNS and NIS are usually used together. This chapter has introduced the concept of hostnames and provided an overview of the various techniques used to translate hostnames into IP addresses. This is by no means the complete story. Assigning hostnames and managing name service are important tasks for the network administrator. These topics are revisited several times in this book and discussed in extensive detail in Chapter 8. Name service is not the only service that you will install on your network. Another service that you are sure to use is electronic mail. NISwas formerly called the “Yellow Pages,” or yp. Although the name has changed, the abbreviation yp is still used. DNS 61 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.Mail Services Users consider electronic mail the most important network service because they use it for interpersonal communications. Some applications are newer and fancier; oth- ers consume more network bandwidth; and others are more important for the con- tinued operation of the network. But email is the application people use to communicate with each other. It isn’t very fancy, but it is vital. TCP/IP provides a reliable, flexible email system built on a few basic protocols. These protocols are Simple Mail Transfer Protocol (SMTP), Post Office Protocol (POP), Internet Message Access Protocol (IMAP), and Multipurpose Internet Mail Extensions (MIME). There are other TCP/IP mail protocols that have some interest- ing features, but they are not yet widely implemented. Our coverage concentrates on the four protocols you are most likely to use building your network: SMTP, POP, IMAP, and MIME. We start with SMTP, the foundation of all TCP/IP email systems. Simple Mail Transfer Protocol SMTP is the TCP/IP mail delivery protocol. It moves mail across the Internet and across your local network. SMTP is defined in RFC 821, A Simple Mail Transfer Pro- tocol. It runs over the reliable, connection-oriented service provided by Transmission Control Protocol (TCP), and it uses well-known port number 25. Table 3-1 lists some of the simple, human-readable commands used by SMTP. Table 3-1. SMTP commands Command Syntax Function Hello HELO sending-host Identify sending SMTP EHLO sending-host From MAIL FROM:from-address Sender address Recipient RCPT TO:to-address Recipient address Data DATA Begin a message Reset RSET Abort a message Verify VRFY string Verify a username Expand EXPN string Expand a mailing list Help HELP string Request online help Quit QUIT End the SMTP session Most standard TCP/IP applications are assigned a well-known port so that remote systems know how to connect the service. 62 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.SMTP is such a simple protocol you can literally do it yourself. telnet to port 25 on a remote host and type mail in from the command line using the SMTP commands. This technique is sometimes used to test a remote system’s SMTP server, but we use it here to illustrate how mail is delivered between systems. The example below shows mail that Daniel on rodent.wrotethebook.com manually input and sent to Tyler on crab.wrotethebook.com. telnet crab 25 Trying 172.16.12.1... Connected to crab.wrotethebook.com. Escape character is ''. 220 crab.wrotethebook.com ESMTP Sendmail 8.9.3+Sun/8.9.3; Thu, 19 Apr 2001 16:28:01- 0400 (EDT) HELO rodent.wrotethebook.com 250 crab.wrotethebook.com Hello rodent 172.16.12.2, pleased to meet you MAIL FROM:danielrodent.wrotethebook.com 250 danielrodent.wrotethebook.com... Sender ok RCPT TO:tylercrab.wrotethebook.com 250 tylercrab.wrotethebook.com... Recipient ok DATA 354 Enter mail, end with "." on a line by itself Hi Tyler . 250 QAA00316 Message accepted for delivery QUIT 221 crab.wrotethebook.com closing connection Connection closed by foreign host. The user input is shown in bold type. All of the other lines are output from the sys- tem. This example shows how simple it is. A TCP connection is opened. The send- ing system identifies itself. The From address and the To address are provided. The message transmission begins with the DATA command and ends with a line that contains only a period (.). The session terminates with a QUIT command. Very sim- ple, and very few commands are used. There are other commands (SEND, SOML, SAML, and TURN) defined in RFC 821 that are optional and not widely implemented. Even some of the commands that are implemented are not commonly used. The commands HELP, VRFY, and EXPN are designed more for interactive use than for the normal machine-to-machine interac- tion used by SMTP. The following excerpt from a SMTP session shows how these odd commands work. HELP 214-This is Sendmail version 8.9.3+Sun 214-Topics: 214- HELO EHLO MAIL RCPT DATA 214- RSET NOOP QUIT HELP VRFY 214- EXPN VERB ETRN DSN 214-For more info use "HELP topic". 214-For local information contact postmaster at this site. 214 End of HELP info Mail Services 63 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.HELP RSET 214-RSET 214- Resets the system. 214 End of HELP info VRFY jane 250 janebrazil.wrotethebook.com VRFY mac 250 Kathy McCafferty mac EXPN admin 250-sarahorseshoe.wrotethebook.com 250 David Craig david 250-tylerwrotethebook.com The HELP command prints out a summary of the commands implemented on the system. The HELP RSET command specifically requests information about the RSET command. Frankly, this help system isn’t very helpful The VRFY and EXPN commands are more useful but are often disabled for security reasons because they provide user account information that might be exploited by network intruders. The EXPN admin command asks for a listing of the email addresses in the mailing list admin, and that is what the system provides. The VRFY command asks for information about an individual instead of a mailing list. In the case of the VRFY mac command, mac is a local user account, and the user’s account information is returned. In the case of VRFY jane, jane is an alias in the /etc/aliases file. The value returned is the email address for jane found in that file. The three commands in this example are interesting but rarely used. SMTP depends on the other commands to get the real work done. SMTP provides direct end-to-end mail delivery. Other mail systems, like UUCP and X.400, use store and forward protocols that move mail toward its destination one hop at a time, storing the complete message at each hop and then forwarding it on to the next system. The message proceeds in this manner until final delivery is made. Figure 3-3 illustrates both store-and-forward and direct-delivery mail systems. The UUCP address clearly shows the path that the mail takes to its destination, while the SMTP mail address implies direct delivery. Direct delivery allows SMTP to deliver mail without relying on intermediate hosts. If the delivery fails, the local system knows it right away. It can inform the user that sent the mail or queue the mail for later delivery without reliance on remote systems. The disadvantage of direct delivery is that it requires both systems to be fully capa- ble of handling mail. Some systems cannot handle mail, particularly small systems such as PCs or mobile systems such as laptops. These systems are usually shut down at the end of the day and are frequently offline. Mail directed from a remote host fails with a “cannot connect” error when the local system is turned off or is offline. To handle these cases, features in the DNSsystem are used to route the message to a The address doesn’t have anything to do with whether a system is store and forward or direct delivery. It just happens that UUCP provides an address that helps to illustrate this point. 64 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.UUCP: Store and forward delivery local bronson lion cashew mailer bronsonlioncashewkristen local user kristen SMTP: End-to-end delivery local clock.wrotethebook.com mailer kristenclock.wrotethebook.com local user kristen Figure 3-3. Mail delivery systems mail server in lieu of direct delivery. The mail is then moved from the server to the client system when the client is back online. One of the protocols TCP/IP networks use for this task is POP. Post Office Protocol There are two versions of Post Office Protocol: POP2 and POP3. POP2, defined in RFC 937, uses port 109, and POP3, defined in RFC 1725, uses port 110. These are incompatible protocols that use different commands, although they perform the same basic functions. The POP protocols verify the user’s login name and password and move the user’s mail from the server to the user’s local mail reader. POP2 is rarely used anymore, so this section focuses on POP3. A sample POP3 session clearly illustrates how a POP protocol works. POP3 is a sim- ple request/response protocol, and just as with SMTP, you can type POP3 com- mands directly into its well-known port (110) and observe their effect. Here’s an example with the user input shown in bold type: % telnet crab 110 Trying 172.16.12.1 ... Connected to crab.wrotethebook.com. Escape character is ''. +OK crab POP3 Server Process 3.3(1) at Mon 16-Apr-2001 4:48PM-EDT USER hunt +OK User name (hunt) ok. Password, please. PASS Watts?Watt? +OK 3 messages in folder NEWMAIL (V3.3 Rev B04) STAT Mail Services 65 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.+OK 3 459 RETR 1 +OK 146 octets ...The full text of message 1... DELE 1 +OK message 1 deleted RETR 2 +OK 155 octets ...The full text of message 2... DELE 2 +OK message 2 deleted RETR 3 +OK 158 octets ...The full text of message 3... DELE 3 +OK message 3 deleted QUIT +OK POP3 crab Server exiting (0 NEWMAIL messages left) Connection closed by foreign host. The USER command provides the username, and the PASS command provides the password for the account of the mailbox that is being retrieved. (This is the same username and password the user would use to log into the mail server.) In response to the STAT command, the server sends a count of the number of messages in the mailbox and the total number of bytes contained in those messages. In the example, there are three messages that contain a total of 459 bytes. RETR 1 retrieves the full text of the first message. DELE 1 deletes that message from the server. Each message is retrieved and deleted in turn. The client ends the session with the QUIT command. Simple Table 3-2 lists the full set of POP3 commands. Table 3-2. POP3 commands Command Function USER username The user’s account name PASS password The user’s password STAT Display the number of unread messages/bytes RETR n Retrieve message numbern DELE n Delete message number n LAST Display the number of the last message accessed LIST n Display the size of message n or of all messages RSET Undelete all messages; reset message number to 1 TOP n l Print the headers and l lines of message n NOOP Do nothing QUIT End the POP3 session The retrieve (RETR) and delete (DELE) commands use message numbers that allow messages to be processed in any order. Additionally, there is no direct link between 66 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.retrieving a message and deleting it. It is possible to delete a message that has never been read or to retain a message even after it has been read. However, POP clients do not normally take advantage of these possibilities. On an average POP server, the entire contents of the mailbox are moved to the client and either deleted from the server or retained as if never read. Deletion of individual messages on the client is not reflected on the server because all of the messages are treated as a single unit that is either deleted or retained after the initial transfer of data to the client. Email clients that want to remotely maintain a mailbox on the server are more likely to use IMAP. Internet Message Access Protocol Internet Message Access Protocol (IMAP) is an alternative to POP. It provides the same basic service as POP and adds features to support mailbox synchronization, which is the ability to read individual mail messages on a client or directly on the server while keeping the mailboxes on both systems completely up to date. IMAP provides the ability to manipulate individual messages on the client or the server and to have those changes reflected in the mailboxes of both systems. IMAP uses TCP for reliable, sequenced data delivery. The IMAP port is TCP port 143. Like the POP protocol, IMAP is also a request/response protocol with a small set of commands. The IMAP command set is somewhat more complex than the one used by POP because IMAP does more, yet there are still fewer than 25 IMAP com- mands. Table 3-3 lists the basic set of IMAP commands as defined in RFC 2060, Internet Message Access Protocol - Version 4rev1. Table 3-3. IMAP4 commands Command Function CAPABILITY List the features supported by the server NOOP Literally “No Operation” LOGOUT Close the connection AUTHENTICATE Request an alternate authentication method LOGIN Provide the username and password for plain-text authentication SELECT Open a mailbox EXAMINE Open a mailbox as read-only CREATE Create a new mailbox DELETE Remove a mailbox RENAME Change the name of a mailbox SUBSCRIBE Add a mailbox to the list of active mailboxes The /etc/services file lists two different ports for IMAP: 143 and 220. Port 220 is used by IMAP 3. IMAP 4 uses port number 143, which is the same port used by IMAP 2 Mail Services 67 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.Table 3-3. IMAP4 commands (continued) Command Function UNSUBSCRIBE Delete a mailbox name from the list of active mailboxes LIST Display the requested mailbox names from the set of all mailbox names LSUB Display the requested mailbox names from the set of active mailboxes STATUS Request the status of a mailbox APPEND Add a message to the end of the specified mailbox CHECK Force a checkpoint of the current mailbox CLOSE Close the mailbox and remove all messages marked for deletion EXPUNGE Remove from the current mailbox all messages marked for deletion SEARCH Display all messages in the mailbox that match the specified search criterion FETCH Retrieve a message from the mailbox STORE Modify a message in the mailbox COPY Copy the specified messages to the end of the specified mailbox UID Locate a message based on the message’s unique identifier This command set clearly illustrates the “mailbox” orientation of IMAP. The proto- col is designed to remotely maintain mailboxes that are stored on the server. The protocol commands show that. Despite the increased complexity of the protocol, it is still possible to run a simple test of your IMAP server using telnet and a small num- ber of the IMAP commands. telnet localhost 143 Trying 127.0.0.1... Connected to rodent.wrotethebook.com. Escape character is ''. OK rodent.wrotethebook.com IMAP4rev1 v12.252 server ready a0001 LOGIN craig Wats?Watt? a0001 OK LOGIN completed a0002 SELECT inbox 3 EXISTS 0 RECENT OK UIDVALIDITY 965125671 UID validity status OK UIDNEXT 5 Predicted next UID FLAGS (\Answered \Flagged \Deleted \Draft \Seen) OK PERMANENTFLAGS (\ \Answered \Flagged \Deleted \Draft \Seen) Permanent flags OK UNSEEN 1 first unseen message in /var/spool/mail/craig a0002 OK READ-WRITE SELECT completed a0003 FETCH 1 BODYTEXT 1 FETCH (BODYTEXT 1440 ... an e-mail message that is 1440 bytes long ... 1 FETCH (FLAGS (\Seen)) a0003 OK FETCH completed a0004 STORE 1 +FLAGS \DELETED 1 FETCH (FLAGS (\Seen \Deleted)) a0004 OK STORE completed a0005 CLOSE 68 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.a0005 OK CLOSE completed a0006 LOGOUT BYE rodent.wrotethebook.com IMAP4rev1 server terminating connection a0006 OK LOGOUT completed Connection closed by foreign host. The first three lines and the last line come from telnet; all other messages come from IMAP. The first IMAP command entered by the user is LOGIN, which provides the username and password from /etc/passwd used to authenticate this user. Notice that the command is preceded by the string A0001. This is a tag, which is a unique identi- fier generated by the client for each command. Every command must start with a tag. When you manually type in commands for a test, you are the source of the tags. IMAP is a mailbox-oriented protocol. The SELECT command selects the mailbox that will be used. In the example, the user selects a mailbox named “inbox”. The IMAP server displays the status of the mailbox, which contains three messages. Asso- ciated with each message are a number of flags. The flags are used to manage the messages in the mailbox by marking them as Seen, Unseen, Deleted, and so on. The FETCH command downloads a message from the mailbox. In the example, the user downloads the text of the message, which is what you normally see when read- ing a message. It is possible, however, to download only the headers or flags. After the message is downloaded, the user deletes it. This is done by writing the Deleted flag with the STORE command. The DELETE command is not used to delete messages; it deletes entire mailboxes. Individual messages are marked for dele- tion by setting the Delete flag. Messages with the Delete flag set are not deleted until either the EXPUNGE command is issued or the mailbox is explicitly closed with the CLOSE command, as is done in the example. The session is then terminated with the LOGOUT command. Clearly, the IMAP protocol is more complex than POP; it is just about at the limits of what can reasonably be typed in manually. Of course, you don’t really enter these commands manually. The desktop system and the server exchange them automati- cally. They are shown here only to give you a sense of the IMAP protocol. About the only IMAP test you would ever do manually is to test if imapd is up and running. To do that, you don’t even need to log in; if the server answers the telnet, you know it is up and running. All you then need to do is send the LOGOUT command to grace- fully close the connection. Multipurpose Internet Mail Extensions The last email protocol on our quick tour is Multipurpose Internet Mail Extensions (MIME). As its name implies, MIME is an extension of the existing TCP/IP mail MIME is also an integral part of the Web and HTTP. Mail Services 69 This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.system, not a replacement for it. MIME is more concerned with what the mail sys- tem delivers than with the mechanics of delivery. It doesn’t attempt to replace SMTP or TCP; it extends the definition of what constitutes “mail.” The structure of the mail message carried by SMTP is defined in RFC 822, Standard for the Format of ARPA Internet Text Messages. RFC 822 defines a set of mail head- ers that are so widely accepted they are used by many mail systems that do not use SMTP. This is a great benefit to email because it provides a common ground for mail translation and delivery through gateways to different mail networks. MIME extends RFC 822 into two areas not covered by the original RFC: • Support for various data types. The mail system defined by RFC 821 and RFC 822 transfers only 7-bit ASCII data. This is suitable for carrying text data com- posed of U.S. ASCII characters, but it does not support several languages that have richer character sets, nor does it support binary data transfer. • Support for complex message bodies. RFC 822 doesn’t provide a detailed descrip- tion of the body of an electronic message. It concentrates on the mail headers. MIME addresses these two weaknesses by defining encoding techniques for carrying various forms of data and by defining a structure for the message body that allows multiple objects to be carried in a single message. RFC 1521, Multipurpose Internet Mail Extensions Part One: Format of Internet Message Bodies, defines two headers that give structure to the mail message body and allow it to carry various forms of data. These are the Content-Type header and the Content-Transfer-Encoding header. As the name implies, the Content-Type header defines the type of data being carried in the message. The header has a Subtype field that refines the definition. Many sub- types have been defined since the original RFC was released. A current list of MIME types can be obtained from the Internet. The original RFC defines seven initial con- tent types and a few subtypes: text Text data. RFC 1521 defines text subtypes plain and richtext. More than 30 sub- types have since been added, including enriched, xml and html. application Binary data. The primary subtype defined in RFC 1521 is octet-stream, which indicates the data is a stream of 8-bit binary bytes. One other subtype, Post- Script, is defined in the standard. Since then more than 200 subtypes have been defined. They specify binary data formatted for a particular application. For example, msword is an application subtype. image Still graphic images. Two subtypes are defined in RFC 1521: jpeg and gif. More than 20 additional subtypes have since been added, including widely used image data standards such as tiff, cgm, and g3fax. Go to ftp://ftp.isi.edu/in-notes/iana/assignments/media-types to retrieve the file media-types. 70 Chapter 3: Network Services This is the Title of the Book, eMatter Edition Copyright © 2010 O’Reilly & Associates, Inc. All rights reserved.

Advise: Why You Wasting Money in Costly SEO Tools, Use World's Best Free SEO Tool Ubersuggest.