1 files changed, 251 insertions, 0 deletions

diff --git a/doc/BLURB b/doc/BLURB
new file mode 100644
index 0000000..ba7ad5a
--- /dev/null
+++ b/doc/BLURB
@@ -0,0 +1,251 @@
+s/qmail BLURB
+=============
+
+s/sqmail inherits all features of qmail, since it includes its
+concept and its code. 
+
+Confidentially: s/qmail adds transmission confidentially by means
+of TLS encryption. TLS encryption is provdided by for all protocols
+except for QMTP while requiring UCSPI-SSL. 
+
+Privacy: s/qmail does currently not provide email privacy. 
+The persistance storage (Queue) is unencrypted and shared. 
+This might be changed in forthcoming releases.
+
+Authentication: s/sqmail supports user authentication for sending
+and receiving mails by means of SMTP(S). QMTP and QMQP however, are
+solely host-to-host mail transfer protocols. 
+
+Distribution: s/qmail uses the concept of distributed queues to be
+fed either by SMTP or QMTP/QMQP. 
+
+Multi-domain capability: s/qmails allows to set up differently
+parametrized transport/distribution pathes based on the domains
+under control of the MTA. This concept is close to a multi-tenant
+behavior; regarding the domain, not the individual recipient/sender.
+
+
+Authenticated Email Senders
+===========================
+
+Within s/qmail both 
+
+* qmail-smtpd for receiving emails and
+* qmail-remote for sending emails 
+
+support authentication regarding the methods
+
+- PLAIN,
+- LOGIN, and
+- CRAM-MD5.
+
+Additionally, 
+
+* qmail-smtpd accepts authentication based on
+
+- X.509 client certs.
+
+* qmail-popup together with
+* qmail-pop3d 
+
+provide authentication by means of the methods
+
+- USER and
+- APOP.
+
+The authentication module
+
+* qmail-authuser
+
+replaces the old 
+
+* checkpassword and perhaps
+* cmd5checkpw 
+
+programs with much more flexibility. 
+Given a LDAP infrastucture, 
+
+* qmail-ldapam 
+
+can be used to call the user data from here.
+
+
+Validation receiving Mails
+==========================
+
+Within s/sqmail 
+
+* qmail-smtpd,
+* qmail-qmtpd, and
+* qmail-qmqpd
+
+are able to receive email from the Internet. 
+
+While 
+
+* qmail-qmtpd and
+* qmail-qmqpd
+
+use QMTP/QMQP transmitting emails and are currently
+only supported by Postfix, Qmail, and s/qmail in a 
+dedicated environment,
+
+* qmail-smtpd
+
+supports both SMTP and ESMTP and is a potential 
+target for spam, virii, and other unsolicited email.
+
+Thus 
+
+* qmail-smtpd
+
+supports greylisting and provides filters for the 
+
+- SMTP envelope information, 
+- the email content (with different mechanisms) and in 
+  particular to check/validate the existance of a potenial 
+- email recipient.
+
+For this purpose, the modules
+
+* qmail-smtpam, 
+* qmail-vmailuser,
+* ldapam, and
+* qmail-authuser together with
+* qmail-ldapam
+
+are available. The RECIPIENTS mechanism supports a 
+domain dependent validation based on a PAM mechanism
+or perhaps a cdb. 
+
+Domain based SPF lookups are provided for
+
+* qmail-smtpd.
+
+
+Anti-Spam Mechanisms
+====================
+
+* rblsmtpd (out of the package ucspi-tcp6)
+
+supports 
+
+- Relay Black Lists (RBL) and
+- Greetdelay
+
+prior of receiving mail by
+
+* qmail-smtpd.
+
+In adddition,
+
+* qmail-smtpd
+
+provides by means of the 
+
+- QMAILQUEUE hook
+
+an interface to SpamAssassin and other tools.
+A wrapper script is included.
+
+Further, the well known
+
+- postgrey
+
+server can be used by
+
+* qmail-postgrey
+
+as an add-on to be called by 
+
+* qmail-smtpd.
+
+
+Anti-Virus Mechanism
+====================
+
+* qmail-smtpd
+
+uses 
+
+- MIME and
+- LOADER type
+
+filters to allow an on-the-fly recognition of executable.
+
+Anti-Virus tools are supported either by
+
+- QHPSI or by the
+- QMAILQUEUE hook.
+
+A (combined) wrapper script for 
+
+* qmail-queue 
+
+is provided. 
+
+
+Bounce Control
+==============
+
+Within s/qmail
+
+* qmail-send 
+
+is responsible to generated bounces, ie. None Deliverable Reports (NDR). 
+s/qmail uses qmail's concept to generate the NDRs in the QSMBF (qmail-send
+Message Bounce Format) unaltered (http://cr.yp.to/proto/qsbmf.txt). 
+
+To control NDR, s/qmail provides two means:
+
+* qmail-send 
+
+can be adviced -- while generating a NDR -- to limit it to N bytes. 
+Effectively this means the orgininal message is truncated and not 
+completely bounced.
+
+Upon transmitting bounce messages to third-party MTAs
+
+* qmail-remote 
+
+can be set-up to use a particular
+
+- bounce queue (s/qmail instance) 
+
+to take care of this delivery. Thus generic message transmission
+is decoupled from bounce processing and does not inflict with it.
+
+
+Logging, Monitoring, and Housekeeping
+=====================================
+
+s/qmail writes log information for 
+
+- qmail-send (qmail-local & qmail-remote/qmail-smtpam) on FD 2
+- qmail-popup (authentication information only) on FD 5
+- qmail-smtpd (see 'LOGGING') on FD 2
+
+Either the log information is fed by means of 'splogger' 
+into the Syslog, or treated by daemontool's 'multilog' 
+which automatically does the housekeeping and provides
+a TAI64N timestamp for each line (event). 
+
+Using 'multilog', the log information can be
+picked up by 'qmail-mrtg' and graphically
+displayed using 'MRTG' or 'RRDtool'.
+
+The log information can be analysed using
+the 'qmailanalog' facility and for convenience
+the program 'tai64nfrac' is included.
+
+The separate package 'newanalyse' provides
+an easy customizable umbrella script for analysis 
+and long-haule housekeeping together with the 
+capability to track each incoming and outgoing 
+mail.
+
+
+E. Hoffmann -- 2021/01/01.
+
+
+