===========================================================
                        LINUX NEWS
                http://www.Cramsession.com
               October 3, 2002 - Issue #101
===========================================================

-----------------
TABLE OF CONTENTS
-----------------

1) Sean's Notes

2) Linux News

	Red Hat 8.0 Released
	Red Hat 8.0 - SNAFU #1
	Behind the Name
	Mandrake Releases 9.0

3) Linux Resources

	Multiheaded X-Windows
	Where Do You Set Kernel Parameters?
	Solaris Security Primer
	How do Hashes Work?
	MD5SUM?

4) App o' the Week


~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Gain study time and enhance your learning! Hear hundreds of
certification exam questions on audio CD or cassette. Learn
while you commute to and from work, exercise or walk the dog.
Ideal for those times when you can't read. 90-day money back
guarantee if you are not happy.

http://ad.brainbuzz.com/?RC06&AIV75

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter
please contact mailto:adsales@CramSession.com or visit
http://cramsession.com/marketing/default.asp

===============================================================
1) Sean's Notes
===============================================================

As you've probably noticed, Red Hat 8.0 came out this week. I
was planning to give you my first impressions of it this week,
but busy mirrors, broken parts in my test environment, and
general craziness prevented that. But I've got a great series
lined up on one of the oldest applications of the Internet,
email, which will hopefully tide you over until I get my act
together.

Linux makes a great email server, whether you're just doing
personal email with your custom domain, or if you're hosting for
thousands of users. Email software in Linux scales beautifully,
you could handle a light volume on a Pentium-90, or move to a
large cluster of machines handling thousands of mailboxes, with
only a few changes in configuration.

This week, we'll look at the flow of email on the Internet. In
upcoming articles, I'll cover setting up the Postfix mail
transfer agent, and how to provide POP and IMAP access to the
mailboxes.

How email gets delivered is very elegant. The first part to look
at is the communication between Mail Transfer Agents (MTAs), who
are responsible for receiving and sending email. When you put an
SMTP server in your mail client (called a Mail User Agent (MUA)),
you're specifying the MTA that will forward your email toward
its destination. SMTP, the Simple Mail Transfer Protocol,
dictates how the MTAs will speak (and how you'll speak to the
MTA). RFC 821 lays out the protocol:

http://www.isi.edu/in-notes/rfc821.txt

A quick summary of the protocol:

Sending MTA contacts receiving MTA on port 25. Receiving MTA
answers with a banner identifying itself. Each response from the
receiver has a number at the beginning of each line, called the
status code. The MTAs aren't too concerned about anything other
than the status code, it's there for humans to read if something
goes wrong.

220 poochie ESMTP Sendmail 8.11.6/8.11.2; Tue, 1 Oct 2002 20:53:09 -0500

That's the banner from one of my mail servers. The sender then
identifies himself with HELO:

HELO me
250 poochie Hello, me, pleased to meet you

The sender's address is then entered:

MAIL FROM: swalberg@cramsession.com

and the response:

250 2.1.0 swalberg@cramsession.com... Sender ok

Then, the list of recipients (if there are multiple, it's one
per line, with the RCPT TO: command repeated)

RCPT TO: swalberg@cramsession.com
250 2.1.5 swalberg@cramsession.com... Recipient ok

Then, finally, the actual message itself:

DATA
354 Enter mail, end with "." on a line by itself
From: "Sean Walberg" <swalberg@cramsession.com>
To: "Sean Walberg" <swalberg@cramsession.com>
Subject: testing

Hi, Sean!
.

When I send the last line, the "." by itself, I get back:

250 2.0.0 g921vb929510 Message accepted for delivery

So, I finish the conversation:
QUIT
221 2.0.0 poochie closing connection


Why am I showing you the protocol itself? As an email
administrator, your best troubleshooting tool is to make
yourself look like another MTA and to telnet in and send a test
message. Only then can you see where the conversation is going.
Plus, by seeing how simple SMTP really is (as opposed to SNMP,
the Simple Network Management Protocol, which isn't simple at
all), I'm hoping it dispels some of the fears you might have
about understanding email.

Why did you specify the to/from addresses both in the RCPT/MAIL
commands, and after DATA? Good question! Think of email like its
physical counterpart. You've got an envelope with a letter
inside. The envelope says who the message is to, and who it is
from. Likewise, the RCPT and MAIL commands form the envelope of
the message. Unless your MTA injects that information in the
email's headers, you'll never see it again. The message itself
(content) comes after the DATA keyword. Within that, we've got
the headers, and the text itself. Headers are for your MUA to
chew on, such as a more friendly version of the From and To
addresses, along with a subject and other fun. The first blank
line marks the end of the headers, and the beginning of the
text that the user reads.

Is this vulnerable to forgery? You bet. I could have entered
anything I wanted in the headers (or nothing at all), and the
only reliable way to trace would be to go to the MTA logs. But
SMTP dates back over 20 years, to a time where the Internet was
more friendly.

How does the sending MTA know where to find the receiving MTA?
Excellent question! SMTP doesn't cover this, so we make use of
the domain name system, DNS.

Recall that DNS is composed of various records, each specifying
information for a name within a zone. The A record for "www"
within the "cramsession.com" zone will tell me the IP address of
Cramsession's web servers. The MX record (Mail Exchange) tells
me where to deliver the mail. By stripping off everything before
the @ in the email address, your MTA knows the domain.

$ host -t mx cramsession.com
cramsession.com mail is handled by 10 mail.cramsession.com.

Using the host command, with the -t (type) mx option tells me
where to send the mail. The number before the name dictates a
priority (called the preference), with lower numbers winning.
The MTA's job is to pick the lowest one, and connect to it. If
there is a tie, pick one at random. If you can't connect, pick
the next highest MX. As we'll see later, a higher priority MX
will accept the email, but continue to try to deliver it to the
lower priority MX on its own. Nothing's set in stone about your
choice of priorities, but popular convention is to set your
preferred MX to 10, and to increase by 10 from there. If you
need, for some reason, to set up a higher priority MX somewhere,
you've got lots of room to play.

If there are no MX records, an A record will be tried. Since
your web site and mail server may not be on the same server,
it's good practice to have an MX record.

$ host cramsession.com
cramsession.com has address 63.146.189.41

Recapping, you send your message from your MUA (email client) to
your chosen MTA (email server) using the SMTP protocol, where it
is queued for delivery. The MTA then looks at the email address,
and figures out the domain name(s) of the recipient(s). MX
records are pulled for the domain(s), and the MTA contacts to
the remote MTA, speaks SMTP to deliver the message, where it is
queued again.

There are a few possible cases at the remote MTA. It could be
configured to statically send all email to another server, which
it will then do (think of the case of a mail gateway, or virus
scanner). The remote MTA might not be the lowest preference MTA
for the domain, in which case it will start trying to contact
the better MTA. Finally, the MTA could be the one responsible
for delivering the email to the destination.

This last step is fairly boring compared to what's happened so
far. When an MTA receives an email, it says "What do I do with
this?" After consulting various tables, or even DNS, it might
say "Hey, that's for one of my users!", in which case it dumps
it to a local database. This phase is called "local delivery".

Depending on your mail server, local delivery can take on
various forms. Traditional UNIX delivery agents dump the message
to /var/spool/mail/USERNAME (or sometimes /var/mail/USERNAME).
The format (called mbox format) is pretty simple, it's just the
messages smashed together with a brief header. Some mail servers
like Cyrus (or MS Exchange) store the message in a database for
faster access. Some, like qmail, store it in the user's home
directory. They're all good.

The last phase is for the recipient to get the email. This can
happen with POP, IMAP, read from the mbox directly, or
specialized applications. It's actually the easiest and least
complex part of the whole process.

Well, that's the flow of email, from sender to receiver. A
successful email administrator understands it completely, so
that any breaks in the chain can be found and fixed. In upcoming
articles, I'll cover setting up the MTA, and how to get your POP
and IMAP set up. If there is any demand, I'll walk through the
setup of a web-based mail reader too.


Long live the Penguin,

Sean
mailto:swalberg@cramsession.com


===============================================================
2) Linux News
===============================================================

---------------------
Red Hat 8.0 Released
---------------------

It's that time again. Red Hat has a new point-oh release ready
for purchase or download. Big features this time around are the
"Bluecurve" theme, which makes GNOME and KDE look similar out of
the box, and the inclusion of Open Office.

http://redhat.com/about/presscenter/2002/press_eightoh.html


-----------------------
Red Hat 8.0 - SNAFU #1
-----------------------

Over concerns about patents and royalties, XMMS in Red Hat 8 was
stripped of MP3 capabilities. When you tried to play an MP3, you
should have received a popup saying this, and where you could
get an RPM to fix it. Guess who forgot to include that? Here's a
link to the MP3 decoder.

http://soraas.student.nlh.no/~havardk/xmms/xmms-1.2.7-rh8-rpm/


----------------
Behind the Name
----------------

I've noticed some relationships between various names that Red
Hat has used for distributions, such as Valhalla->Limbo->Null,
and the choice of painters for a few releases. Someone has come
up with all the names ever used, and put together some plausible
(and not-so-plausible) linkages. Fun reading!

http://www.smoogespace.com/documents/behind_the_names.html


----------------------
Mandrake Releases 9.0
----------------------

The more desktop oriented distribution, Mandrake, has also
reached a major milestone with the release of Mandrake Linux 9.0.
The ProSuite edition is Linux Standards Base certified, which I
call a sign of a good trend.

http://www.mandrakesoft.com/company/press/pr?n=/pr/products/2393


===============================================================
3) Linux Resources
===============================================================

----------------------
Multiheaded X-Windows
----------------------

"Multiheaded" is a term applied to a machine with more than one
monitor. Most often, the monitors are bonded together so that
you have one virtual desktop that spans both (or more than two).
Here's an article on how to do it... I've been wanting to for
some time, but one limitation is that both displays must be at
the same colour depth.

http://www.linuxgazette.com/issue82/ward.html


------------------------------------
Where Do You Set Kernel Parameters?
------------------------------------

It used to be that setting kernel parameters like ip_forward (for
firewalls and routers) was done within /etc/sysconfig/network on
Red Hat systems. It's still just as easy, but more comprehensive.
Check this link out for how you go about setting just about any
kernel parameter you need. This'll also work on any distribution,
and it goes for any kernel parameter.

http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/ref-guide/s
1-proc-sysctl.html


------------------------
Solaris Security Primer
------------------------

Here's a good primer on securing Solaris. Some examples include
the equivalent Linux command or file, where appropriate. Good
techniques and ideas here...

http://www.sunperf.com/Security.html


--------------------
How do Hashes Work?
--------------------

Maybe it's some of my computer science courses making a
comeback, but I found this article on Perl hashes quite
interesting. It explains how hashes are represented in Perl,
and how to make your use of them more efficient.

http://www.perl.com/pub/a/2002/10/01/hashes.html


--------
MD5SUM?
--------

When you download files from an FTP site, often a file called
MD5SUM is there. This file contains the MD5 hashes of the files
in the directory. By comparing their hashes to the ones you
downloaded, you can ensure the download was successful.

http://boards.cramsession.com/boards/vbm.asp?md4554


===============================================================
4) App o' the Week
===============================================================

Got a bunch of MP3s that you want to put on a CD, but they're
all at different volume levels? You want to normalize it, with
the aptly named "normalize" tool.

http://www.cs.columbia.edu/~cvaill/normalize/


===============================================================
(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.
===============================================================
_______________________________________________________

          This message is from CramSession

You are currently subscribed to the following list
   Hottest Linux News and Resources
   as: sean@ertw.com

To un-subscribe from this newsletter by e-mail,
   send a blank email message to:
   mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit
our site at:
http://newsletters.cramsession.com/signup/default.asp

-------------------------------------------------------