summaryrefslogtreecommitdiff
path: root/doc/BLURB
diff options
context:
space:
mode:
authorJannis Hoffmann <jannis@fehcom.de>2024-07-03 15:48:04 +0200
committerJannis Hoffmann <jannis@fehcom.de>2024-07-03 15:48:04 +0200
commit89b7b67a13ebb7965cc7f13ad0595e2194a2d34c (patch)
tree25efd77a90ae87236e6730d8ea3846bbe0fd126f /doc/BLURB
add sqmail-4.2.29asqmail-4.2
Diffstat (limited to 'doc/BLURB')
-rw-r--r--doc/BLURB251
1 files changed, 251 insertions, 0 deletions
diff --git a/doc/BLURB b/doc/BLURB
new file mode 100644
index 0000000..ba7ad5a
--- /dev/null
+++ b/doc/BLURB
@@ -0,0 +1,251 @@
+s/qmail BLURB
+=============
+
+s/sqmail inherits all features of qmail, since it includes its
+concept and its code.
+
+Confidentially: s/qmail adds transmission confidentially by means
+of TLS encryption. TLS encryption is provdided by for all protocols
+except for QMTP while requiring UCSPI-SSL.
+
+Privacy: s/qmail does currently not provide email privacy.
+The persistance storage (Queue) is unencrypted and shared.
+This might be changed in forthcoming releases.
+
+Authentication: s/sqmail supports user authentication for sending
+and receiving mails by means of SMTP(S). QMTP and QMQP however, are
+solely host-to-host mail transfer protocols.
+
+Distribution: s/qmail uses the concept of distributed queues to be
+fed either by SMTP or QMTP/QMQP.
+
+Multi-domain capability: s/qmails allows to set up differently
+parametrized transport/distribution pathes based on the domains
+under control of the MTA. This concept is close to a multi-tenant
+behavior; regarding the domain, not the individual recipient/sender.
+
+
+Authenticated Email Senders
+===========================
+
+Within s/qmail both
+
+* qmail-smtpd for receiving emails and
+* qmail-remote for sending emails
+
+support authentication regarding the methods
+
+- PLAIN,
+- LOGIN, and
+- CRAM-MD5.
+
+Additionally,
+
+* qmail-smtpd accepts authentication based on
+
+- X.509 client certs.
+
+* qmail-popup together with
+* qmail-pop3d
+
+provide authentication by means of the methods
+
+- USER and
+- APOP.
+
+The authentication module
+
+* qmail-authuser
+
+replaces the old
+
+* checkpassword and perhaps
+* cmd5checkpw
+
+programs with much more flexibility.
+Given a LDAP infrastucture,
+
+* qmail-ldapam
+
+can be used to call the user data from here.
+
+
+Validation receiving Mails
+==========================
+
+Within s/sqmail
+
+* qmail-smtpd,
+* qmail-qmtpd, and
+* qmail-qmqpd
+
+are able to receive email from the Internet.
+
+While
+
+* qmail-qmtpd and
+* qmail-qmqpd
+
+use QMTP/QMQP transmitting emails and are currently
+only supported by Postfix, Qmail, and s/qmail in a
+dedicated environment,
+
+* qmail-smtpd
+
+supports both SMTP and ESMTP and is a potential
+target for spam, virii, and other unsolicited email.
+
+Thus
+
+* qmail-smtpd
+
+supports greylisting and provides filters for the
+
+- SMTP envelope information,
+- the email content (with different mechanisms) and in
+ particular to check/validate the existance of a potenial
+- email recipient.
+
+For this purpose, the modules
+
+* qmail-smtpam,
+* qmail-vmailuser,
+* ldapam, and
+* qmail-authuser together with
+* qmail-ldapam
+
+are available. The RECIPIENTS mechanism supports a
+domain dependent validation based on a PAM mechanism
+or perhaps a cdb.
+
+Domain based SPF lookups are provided for
+
+* qmail-smtpd.
+
+
+Anti-Spam Mechanisms
+====================
+
+* rblsmtpd (out of the package ucspi-tcp6)
+
+supports
+
+- Relay Black Lists (RBL) and
+- Greetdelay
+
+prior of receiving mail by
+
+* qmail-smtpd.
+
+In adddition,
+
+* qmail-smtpd
+
+provides by means of the
+
+- QMAILQUEUE hook
+
+an interface to SpamAssassin and other tools.
+A wrapper script is included.
+
+Further, the well known
+
+- postgrey
+
+server can be used by
+
+* qmail-postgrey
+
+as an add-on to be called by
+
+* qmail-smtpd.
+
+
+Anti-Virus Mechanism
+====================
+
+* qmail-smtpd
+
+uses
+
+- MIME and
+- LOADER type
+
+filters to allow an on-the-fly recognition of executable.
+
+Anti-Virus tools are supported either by
+
+- QHPSI or by the
+- QMAILQUEUE hook.
+
+A (combined) wrapper script for
+
+* qmail-queue
+
+is provided.
+
+
+Bounce Control
+==============
+
+Within s/qmail
+
+* qmail-send
+
+is responsible to generated bounces, ie. None Deliverable Reports (NDR).
+s/qmail uses qmail's concept to generate the NDRs in the QSMBF (qmail-send
+Message Bounce Format) unaltered (http://cr.yp.to/proto/qsbmf.txt).
+
+To control NDR, s/qmail provides two means:
+
+* qmail-send
+
+can be adviced -- while generating a NDR -- to limit it to N bytes.
+Effectively this means the orgininal message is truncated and not
+completely bounced.
+
+Upon transmitting bounce messages to third-party MTAs
+
+* qmail-remote
+
+can be set-up to use a particular
+
+- bounce queue (s/qmail instance)
+
+to take care of this delivery. Thus generic message transmission
+is decoupled from bounce processing and does not inflict with it.
+
+
+Logging, Monitoring, and Housekeeping
+=====================================
+
+s/qmail writes log information for
+
+- qmail-send (qmail-local & qmail-remote/qmail-smtpam) on FD 2
+- qmail-popup (authentication information only) on FD 5
+- qmail-smtpd (see 'LOGGING') on FD 2
+
+Either the log information is fed by means of 'splogger'
+into the Syslog, or treated by daemontool's 'multilog'
+which automatically does the housekeeping and provides
+a TAI64N timestamp for each line (event).
+
+Using 'multilog', the log information can be
+picked up by 'qmail-mrtg' and graphically
+displayed using 'MRTG' or 'RRDtool'.
+
+The log information can be analysed using
+the 'qmailanalog' facility and for convenience
+the program 'tai64nfrac' is included.
+
+The separate package 'newanalyse' provides
+an easy customizable umbrella script for analysis
+and long-haule housekeeping together with the
+capability to track each incoming and outgoing
+mail.
+
+
+E. Hoffmann -- 2021/01/01.
+
+
+