安全なメール環境の構築

以下のテキストは、執筆時当時の情報を元に書いたものであり、 現在の情勢にそぐわないことを含む場合があるので注意されたい。 また、テキストは最終提出原稿で校正を経る前のものなので、実際にUNIXUSER 本誌に記載されたものとは異なる。誤字脱字等そのままである。

致命的な誤り以外は加筆修正等は行なわないので情報の鮮度に気をつけつつ 利用して欲しい。

目次

註1: 本記事は当初Part4として執筆したが前後の記事のバランスを 考えてPart3として掲載された。

註2: 記事では tcp wrappers を利用するように書いているが、 今となっては tcpserver(ucspi-tcp) の利用を断然お勧めする。


PartIV 



qmail



PartIIIJail
PartIIIjail
jail





	
	
	
	SMTP
	

	qmail
	SMTP "POP before
	SMTP" 

  qmail

	D. J. Bernstein qmail
	MTA sendmail 
	
	
	
	 sendmail.cf (CF) 
	

	qmailsendmail
	
	sendmailqmail
	sendmail
	()sendmail
	qmail

--- [] ---------------------------------------------------------------
  
--------------------------------------------------------------------------

	
	qmail
	
	
	
	MLML
	
	

  qmail

	

		1. DNS
		2. qmail
		3. 

	qmail2.
	
	qmail
	UBE(Unsolicited Bulk E-mail:
	SPAM)
	

  DNS

	
	DNS
	
	

	WWWDNS
	
	mail.hoge.co.jp 

	/--- 4 [hoge.zone] -------------------------------------------
	|$TTL	86400
	|@	IN	SOA	ns.hoge.co.jp. postmaster.hoge.co.jp. (
	|			2000101000	; Serial No
	|			10800		; Refresh = 3 hours
	|			3600		; Retry   = 1 hour
	|			3600000		; Expire  = 1000 hours
	|			86400		; Minimum = 1 day
	|			)
	|	IN	NS	ns.hoge.co.jp.
	|	IN	NS	ns2.hoge.co.jp.
	|	IN	MX	0  mail.hoge.co.jp.	;
	|	IN	MX	10 mail2.hoge.co.jp.	;
	|;
	|mail	IN	A	192.168.0.2
	|	IN	MX	0 mail.hoge.co.jp.  ;
	|	IN	MX	10 mail2.hoge.co.jp.;
	|mail2	IN	A	192.168.0.3
	|	IN	MX	0 mail2.hoge.co.jp. ;
	|	IN	MX	10 mail.hoge.co.jp. ;
	\-------------------------------------------------------------------

	4@hoge.co.jp 
	 mail.hoge.co.jp 
	 mail2.hoge.co.jp 
	MX
	mailMX
	CNAME()MTA
	()MX**A
	**  192.168.0.2 
	 mail.hoge.co.jp 
	 CNAME 
	5IP 
	www.hoge.co.jp. 
	CNAME

	/--- 5  --------------------
	| [hoge.zone ()] 
	|	:
	| mail		IN	A	192.168.0.2
	| venus		IN	A	192.168.0.2
	| www		IN	CNAME	venus
	|	:
	|
	| [192.160.0.rev ()] 
	|	:
	| 2		IN	PTR	www.hoge.co.jp.
	| 		;; www.hoge.co.jp. CNAME
	|	:
	\-------------------------------------------------------------------

	IP
	TCP Wrappers 
	
	

--- [] ---------------------------------------------------------------
  MTA
  qmail VirtualDomain 
  
--------------------------------------------------------------------------

  qmail-1.03

	DNS()qmail
	 qmail-1.03.tar.gz CDROM
	

--- [] ---------------------------------------------------------------
  DNS
--------------------------------------------------------------------------

	 INSTALL.* 
	

		1. qmailUID/GID
		2. qmail

	qmail
	qmail-1.03
	

	+-------------------------------------------------------------------
	| # tar vzxpf qmail-1.03.tar.gz
	| # cd qmail-1.03
	+-------------------------------------------------------------------

	(1)UID/GID

	    INSTALL.ids 

	    +-------------------------------------------------------------
	    | # pw groupadd nofiles
	    | # pw useradd alias -g nofiles -d /var/qmail/alias -s /nonexistent
	    | # pw useradd qmaild -g nofiles -d /var/qmail -s /nonexistent
	    | # pw useradd qmaill -g nofiles -d /var/qmail -s /nonexistent
	    | # pw useradd qmailp -g nofiles -d /var/qmail -s /nonexistent
	    | # pw groupadd qmail
	    | # pw useradd qmailq -g qmail -d /var/qmail -s /nonexistent
	    | # pw useradd qmailr -g qmail -d /var/qmail -s /nonexistent
	    | # pw useradd qmails -g qmail -d /var/qmail -s /nonexistent
	    +-------------------------------------------------------------

	(2)qmail

	    qmail

	    +-------------------------------------------------------------
	    | # mkdir /var/qmail
	    +-------------------------------------------------------------

	    

	    +-------------------------------------------------------------
	    | # make setup check
	    +-------------------------------------------------------------

	    

	    +-------------------------------------------------------------
	    | # ./config
	    +-------------------------------------------------------------

	    DNSconfig
	    
	    
	    

	    

	    +-------------------------------------------------------------
	    | # (cd ~alias
	    | >  touch .qmail-postmaster .qmail-mailer-daemon .qmail-root
	    | >  chmod 644 ~alias/.qmail*
	    | >  )
	    +-------------------------------------------------------------

	     postmaster, MAILER-DAEMON, root 
	    

	    qmail
	    
	    
	    

	    +-------------------------------------------------------------
	    | # cp /var/qmail/boot/home /var/qmail/rc
	    +-------------------------------------------------------------

	    qmailqmail
	    sendmail
	     /etc/rc.conf sendmail

	    /--- [/etc/rc.conf ] -------------------------------------
	    | sendmail_enable="NO"
	    \---------------------------------------------------------------

	    sendmail sendmail
	    qmailwrapper

	    +-------------------------------------------------------------
	    | # killall sendmail
	    | # cd /usr/sbin
	    | # mv sendmail sendmail.bak
	    | # chmod 0 sendmail.bak
	    | # ln -s /var/qmail/bin/sendmmail sendmail
	    +-------------------------------------------------------------

	    /var/qmail/bin/sendmail 
	     sendmail 
	    GMT
	    (JST) /var/qmail/bin/sendmail 
	     /var/qmail/bin/datemail  /usr/sbin/sendmail 
	    

	    SMTP /etc/inetd.conf 
	    FreeBSD 4.1.1R  inetd.conf 
	    qmail
	    

	    /--- [/etc/inetd.conf ] ----------------------------------
	    | smtp   stream  tcp     nowait  qmaild  /var/qmail/bin/tcp-env  tcp-env /var/qmail/bin/qmail-smtpd 
	    \---------------------------------------------------------------

	    inetdHUP
	    

	    +-------------------------------------------------------------
	    | # killall -HUP inetd
	    +-------------------------------------------------------------

	    qmail

	    +-------------------------------------------------------------
	    | # csh -cf '/var/qmail/rc &'
	    +-------------------------------------------------------------

  qmail

	qmail
	config
	 defaultdomain, locals, me, plusdomain, rcpthosts 
	defaulthost 

	* me 

	  
	  defaultdomain, defaulthost, locals, plusdomain 
	  

	* locals  (qmail-send)

	  
	  (@
	  )locals
	  qmail-local qmail
	   qmail-send  HUP 
	  

		
	* rcpthosts  (qmail-smtpd)

	  
	  rcpthosts
	  
	  UBE Open Relay 
	  qmail-smtpd
	   RELAYCLIENT rcpthosts
	  
	   POP before SMTP 
	  

	  (.)
	  @hoge.co.jp  
	  @XXX.hoge.co.jp (XXX) 

		+--------------------------------------------------------
		| hoge.co.jp
		| .hoge.co.jp
		+--------------------------------------------------------

	  
	   locals  rcpthosts 
	  
	  virtualdomain 
	  

	* defaultdomain  (qmail-inject)

	  ()
	  (.)
	  defaultdomain  hoge.co.jp 
	   foo@venus  
	  foo@venus.hoge.co.jp 

	* defaulthost  (qmail-inject)

	  
	  
	  defaulthost  hoge.co.jp  foo 
	   foo@hoge.co.jp 
	   defaulthost 
	  

	* plusdomain  (qmail-inject)

	   + 
	  plusdomain  ac.jp foo@hoge+ 
	   foo@hoge.ac.jp 
	   plusdomain 

--- [] ---------------------------------------------------------------
  qmail-inject sendmail
  Mail
--------------------------------------------------------------------------

	 ./config 
	

	6
	

	/--- 6 /var/qmail/control/*  -------------------
	| [me]
	|    mail.hoge.co.jp
	| [locals]
	|    localhost
	|    localhost.hoge.co.jp
	|    hoge.co.jp
	|    .hoge.co.jp
	| [rcpthosts]
	|    prison.hoge.co.jp
	|    hoge.co.jp
	|    .hoge.co.jp
	| [defaulthost]
	|    hoge.co.jp
	| [defaultdomain]
	|    hoge.co.jp
	| [plusdomain]
	|    co.jp
	\-------------------------------------------------------------------


  qmail

	FreeBSDqmail
	/var/log/maillog 
	

	+-------------------------------------------------------------------
	| # tail -f /var/log/maillog
	+-------------------------------------------------------------------

	/var/qmail/rc qmail
	

		qmail: status: local 0/10 remote 0/20

	"cannot start" 
	
	

	+-------------------------------------------------------------------
	| prison# echo to: root@hoge.co.jp | /var/qmail/bin/qmail-inject
	|         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	+-------------------------------------------------------------------

	maillog
	
	
	+-------------------------------------------------------------------
	| starting delivery 1: msg 88607 to local root@hoge.co.jp
	+-------------------------------------------------------------------

	 ~alias (/var/qmail/alias) 
	 Mailbox mbox
	


  

	 rcpthosts 
	
	LANPCSMTP
	LAN
	qmail
	qmail-smtpd qmail-smtpd
	inetdtcpserver()
	 TCP Wrappers 
	 qmail-smtpd 
	 FreeBSD 3.2Rinetd
	 TCP Wrappers 
	

--- [] ---------------------------------------------------------------
  http://cr.yp.to/ucspi-tcp.html
--------------------------------------------------------------------------

	TCP Wrappers /etc/hosts.allow 
	IP()
	

	* hoge.co.jp SMTP
	   

	* SMTP
	   rcpthosts 

	/etc/hosts.allow 
	

	/---[ /etc/hosts.allow  ] ------------------------------------
	| tcp-env : localhost 192.168.0. .hoge.co.jp : setenv = RELAYCLIENT
	| tcp-env : ALL : ALLOW
	\-------------------------------------------------------------------

	hosts.allow 

	     :  :  [ : ... ]

	 tcp-env 
	

		localhost  192.168.0.  .hoge.co.jp

	

		setenv = RELAYCLIENT

	"192.168.0."  hoge.co.jp 
	LAN".hoge.co.jp"
	

	IP
	
	
	IP 
	IP
	
	192.168.0.0/255.255.255.0  netmask 
	DNS
	

	hosts.allow  "DENY" 
	
	ALLOW()
	 "setenv" 
	

	  localhost, 192.168.0.*, *.hoge.co.jp 
	   RELAYCLIENT 
	   tcp-env 

	
	LANSMTP
	LAN
	
	

	hosts.allow 
	hosts_access(5),
	hosts_options(5) 199912
	


  qmail()

	qmailxxx@hoge.co.jp 
	 xxx 
	qmail
	  alias 
	.qmail-xxx 
	(foo)foo@hoge.co.jp 
	 ~alias/.qmail-foo 
	

	qmail
	 "someone" "someone-" 
	
	someone-yyy@hoge.co.jp 
	 .qmail-yyy 
	

	.qmail-default  
	someone-zzz@hoge.co.jp  zzz 
	

  dot-qmail

	 .qmail- 
	 dot-qmail dot-qmail 
	3

	1. 

	   
	   sendmail
	    mbox ()  Maildir 
	    dot-qmail 

		./Mbox

	    Mbox 
	   
	   dot-qmail 

	        ./Maildir/

	   () / 
	    ~/Maildir/ 
	   MaildirMaildir
	   
	   
	    mbox 
	    Maildir 
	   POP
	    Maildir 
	    Maildir 
	   

	   Maildir maildirmake 
	   

	   +-------------------------------------------------------------------
	   | % /var/qmail/bin/maildirmake ~/maildir-admin
	   +-------------------------------------------------------------------

	    Maildir  ~/maildir-admin 
	    someone-admin 
	    .qmail-admin 
	
	   /---[ ~/.qmail-admin ] ---------------------------------------------
	   | ./maildir-admin/
	   \-------------------------------------------------------------------

	   maildir-admin  .qmail-admin  -admin 
	   

	   +-------------------------------------------------------------------
	   | # echo to: someone-admin@hoge.co.jp | /var/qmail/bin/qmail-inject
	   +-------------------------------------------------------------------

	   ~someone/maildir-admin/new/ 
	   

	   +-------------------------------------------------------------------
	   | # ls -lF ~someone/maildir-admin/new
	   | total 3
	   | drwx------ 2 someone 512 Oct 14 13:19 ./
	   | drwx------ 5 someone 512 Dec  6  1999 ../
	   | -rw------- 1 someone 327 Oct 14 13:19 971497455.268.prison.hoge.co.jp
	   +-------------------------------------------------------------------

--- [] ---------------------------------------------------------------
  
--------------------------------------------------------------------------

	2. 

	   dot-qmail 
	    |() 

		| /somewhere/somecommand

	    
	   somecommand someone-bsdml 
	    ~/Mail/bsdml 
	    .qmail-bsdml 

	   /---[ ~/.qmail-bsdml ] ---------------------------------------------
	   | | /usr/local/bin/imstore -d +bsdml
	   \-------------------------------------------------------------------

	   ()| 
	   
	   
	   
	    qmail-command(8) 

--- [] ---------------------------------------------------------------
  imstore  IM 
  http://www.mew.org/
--------------------------------------------------------------------------

	3. 
	
	    & 
	   someone-job  someone@shigotoba.co.jp 
	    ~/.qmail-job 

	   /---[ ~/.qmail-job ] -----------------------------------------------
	   | &someone@shigotoba.co.jp
	   \-------------------------------------------------------------------

	   
	   

	dot-qmail 3
	dot-qmail
	dot-qmail(5) 

  Virtualdomain

	qmail( ~alias 
	) virtualdomain 
	
	yamada.hoge.co.jp 
	@yamada.hoge.co.jp 
	 yamada 
	/var/qmail/control/virtualdomains 
	

	/---[ /var/qmail/control/virtualdomains ]---------------------------
	| yamada.hoge.co.jp:yamada
	\-------------------------------------------------------------------

	virtualdomains  qmail-send  HUP 

	+-------------------------------------------------------------------
	| # killall -HUP qmail-send
	+-------------------------------------------------------------------

	SMTP @yamada.hoge.co.jp 
	 /var/qmail/control/rcpthosts  yamada.hoge.co.jp
	 .hoge.co.jp 
	rcpthosts  yamada.hoge.co.jp 
	

	qmailyamada.hoge.co.jp 
	DNSDNS

	/---- [hoge.zone] --------------------------------------------------
	| yamada	IN	MX	0 mail1.hoge.co.jp.
	|		IN	MX	10 mail2.hoge.co.jp.
	\-------------------------------------------------------------------

	 ndc reload 

	 virtualdomains  qmail 

		xxx@yamada.hoge.co.jp    yamada-xxx@yamada.hoge.co.jp

	 yamada-xxx 
	
	
	virtualdomainML
	
	ML

	virtualdomains 
	 qmail-send(8)

 +---[]--------------------------------------------------------------
  = qmail  procmail =

  procmail
  
  sendmailqmailqmail
  procmail?YESqmail
  FAQ

  procmail? 
  sendmail
  qmail
  postfix
  
  
  100%

   procmail procmail
  
  
  
 +-------------------------------------------------------------------------


  

	
	
	
	SMTP
	
	
	

	
	
	

	* qmail
	* /var/qmail/control/rcpthosts  rcpthosts
	  
	* DNS

	4DNS hoge.co.jp 
	 mail2.hoge.co.jp 
	/var/qmail/control/rcpthosts 

		hoge.co.jp
		.hoge.co.jp

	mail2 
	locals  hoge.co.jp, .hoge.co.jp 
	()
	 rcpthosts 
	(50)morercpthosts 
	morercpthosts 
	 qmail-smtpd(8), qmail-newmrh(8) 

  

	 qmail-qread 
	

	+-------------------------------------------------------------------
	| # /var/qmail/bin/qmail-qread | grep -v done
	+-------------------------------------------------------------------

	
	 qmail-send  ALRM 
	

	+-------------------------------------------------------------------
	| # killall -ALRM qmail-send
	+-------------------------------------------------------------------

  

	
	
	
	
	
	

    /var/qmail/control/badmailfrom

	
	
	 badmailfrom 
	rcpthosts
	qmail-smtpd(8)

    qmail-1.03 mfcheck 

	CDROM qmail-1.03-mfcheck.3.patch SMTP
	(FROM)
	DNS
	
	
	qmail
	

	+-------------------------------------------------------------------
	| # patch < qmail-1.03-mfcheck.3.patch
	| # make
	+-------------------------------------------------------------------

	 qmail-smtpd  /var/qmail/bin 
	FROM
	/var/qmail/control/mfcheck  "1" 

	+-------------------------------------------------------------------
	| # echo 1 > /var/qmail/control/mfcheck
	+-------------------------------------------------------------------

    

	Open Relay RBL
	qmail
	 http://www.qmail.org/ 
	
	


POP/IMAP

	
	POP3
	PC

	POP3 
	
	POP3

	* POP3UNIX
	* POP3UNIX
	  
	* WindowsPOP3biff
	  
	  

	POP3 
	qmail
	MTA

	

	* POP3UNIX
          
	* POP3LAN
          
	* APOP(
          )

	POP
	POP3POP3
	POP3 Challenge & Response MD5
	APOP

  WU IMAP 4.7c2 + 

	CDROM imap-4.7c2qmav-20001016.tar.gz WU-IMAPD 
	 4.7c2 ()
	

	1. Maildir 
	2. ~/.qmail-* 
	3. virtualdomainn 
	4. POP before SMTP 

--- [] ---------------------------------------------------------------
  242000
  
  POP
  
  
   http://www.gentei.org/~yuuji/software/imapext/ 
--------------------------------------------------------------------------

	
	
	
	POPAPOP
	APOP
	
	
	
	()
	
	()
	
	()
	

  POP/IMAP (WU IMAPD)

	WU IMAPD POP

	1. pop3/imap 
	2. inetd.conf 
	3. hosts.allow  POP before SMTP 

	POP/IMAP1, 2
	3

    ipop3d/imapd 

	WU IMAPD  POP3IMAP ipop3d,
	imapd  ipop3d  imapd 
	

	imap-4.7c2qmav-20001016.tar.gz README
	Makefile
	OSmake
	FreeBSD  bsf make

	+-------------------------------------------------------------------
	| # tar zxpf imap-4.7c2qmav-20001016.tar.gz
	| # cd imap-4.7c2qmailapopbeforesmtpvd
	| # less README*
	| # less Makefile
	| # make bsf
	+-------------------------------------------------------------------

	 ipopd/ipop3d  imapd/imapd 
	 /usr/local/etc 
	

	+-------------------------------------------------------------------
	| # install -cs ipopd/ipop3d /usr/local/etc
	| # install -cs imapd/imapd /usr/local/etc
	+-------------------------------------------------------------------

	
	()

--- [] ---------------------------------------------------------------
  
  
  
--------------------------------------------------------------------------

	

	+-------------------------------------------------------------------
	| # cd APOPtools
	| # install -c -m 700 deapop /usr/local/sbin
	| # install -c -m 755 apoppasswd /usr/local/bin
	| # install -c -m 700 pop3-age /usr/local/etc
	| # ln -s pop3-age /usr/local/etc/pop3-update
	| # ln -s pop3-age /usr/local/etc/pop3-record
	+-------------------------------------------------------------------

	
	README.qmapop make

    inetd.conf 

	/etc/inetd.conf 
	

	/--- [/etc/inetd.conf ] ------------------------------
	| pop3	stream	tcp  nowait root  /usr/local/etc/ipop3d  ipop3d
	| imap	stream	tcp  nowait root  /usr/local/etc/imapd   imapd
	\---------------------------------------------------------------

	root killall -1 inetd inetd  inetd.conf
	
	

	+-------------------------------------------------------------------
	| venus% telnet prison pop3
	| Trying 192.168.0.2...
	| Connected to prison.hoge.co.jp.
	| Escape character is '^]'.
	| +OK POP3 v7.64 server ready <418.39e7db88@prison.hoge.co.jp>
	+-------------------------------------------------------------------

	+OK FreeBSD
	 /etc/hosts.allow 
	(ipop3d)
	 hosts.allow 

    hosts.allow 

	 WU IMAPD +  POP
	POP3APOP
	POP3ipop3d
	INTRANET LANPOP3
	ipop3d hosts.allow 
	

	/--- [/etc/hosts.allow ] ------------------------------
	| ipop3d : 127.0.0.1 192.168.0. : setenv INTRANET
	| ipop3d : ALL : ALLOW
	\---------------------------------------------------------------

	POP3 POP3 
	

	+-------------------------------------------------------------------
	| venus% telnet prison.hoge.co.jp pop3
	|        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| Trying 192.168.0.2...
	| Connected to prison.hoge.co.jp.
	| Escape character is '^]'.
	| +OK POP3 v7.64 server ready <420.cd20db08@prison.hoge.co.jp>
	| user someone
	| ~~~~~~~~~~~~
	| +OK User name accepted, password please
	| quit
	| ~~~~
	| +OK Sayonara
	| Connection closed by foreign host.
	|
	| % telnet prison.hoge.co.jp pop3
	|               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| Trying 192.168.0.2...
	| Connected to prison.hoge.co.jp.
	| Escape character is '^]'.
	| +OK POP3 v7.64 server ready <519.385adb88@prison.hoge.co.jp>
	| user someone
	| ~~~~~~~~~~~~
	| -ERR Sorry, we don't allow POP3 from your network.  Use APOP instead.
	| quit
	| ~~~~
	| +OK Sayonara
	+-------------------------------------------------------------------

	
	hosts.allow 

		ALL : ALL : ALLOW

	 ipop3d 
	ipop3d ALL
	

    POP

	 Maildir 
	 maildirmake  
	Maildir  ~/.qmail  Maildir 
	
	

	

	* Maildir  Maildir 
	* 

	

	+-------------------------------------------------------------------
	| % /var/qmail/bin/maildirmake ~/maildir
	|   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| % echo ./maildir/ > .qmail
	|   ~~~~~~~~~~~~~~~~~~~~~~~~
	| % /usr/local/bin/apoppasswd
	|   ~~~~~~~~~~~~~~~~~~~~~~~~~
	| Enter APOP Password: ()
	| Again APOP Password: ()
	+-------------------------------------------------------------------

	
	
	 .qmail 
	

	 
	+-------------------------------------------------------------------
	| rootsh
	| # for u in user1 user2 user3 user4 ; do
	|   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| ? echo '/var/qmail/bin/maildirmake ~/maildir
	|   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| ? echo ./maildir/ > ~/.qmail
	|   ~~~~~~~~~~~~~~~~~~~~~~~~~~
	| ? jot -r -c 8 a z | rs -g 0 8 > ~/.apop
	|   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| ? chmod 600 ~/.apop
	|   ~~~~~~~~~~~~~~~~~
	| ? ' | su $u
	|   ~~~~~~~~~
	| ? done
	|   ~~~~
	| rootcsh
	| prison# foreach u (user1 user2 user3 user4)
	|         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| foreach? echo '/var/qmail/bin/maildirmake ~/maildir \
	|          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| foreach? echo ./maildir/ > ~/.qmail \
	|          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| foreach? jot -r -c 8 a z | rs -g 0 8 > ~/.apop \
	|          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	| foreach? chmod 600 ~/.apop \
	|          ~~~~~~~~~~~~~~~~~~~
	| foreach? ' | su $u
	|          ~~~~~~~~~
	| foreach? end
	|          ~~~
	+-------------------------------------------------------------------

	 Maildir
	 /etc/skel 

	+-------------------------------------------------------------------
	| # /var/qmail/bin/maildirmake /etc/skel/maildir
	| # echo ./maildir/ > /etc/skel/maildir/.qmail
	+-------------------------------------------------------------------

	

	+-------------------------------------------------------------------
	| # pw useradd NewUserName -m
	+-------------------------------------------------------------------

	 Maildir 
	

    POP

	
	POP3LAN
	POP3UNIX
	APOP
	APOP
	

     virtualdomain POP

	~/.qmail-xxx  Maildir 
	APOP
	 ~/.qmail-xxx Maildir

	+-------------------------------------------------------------------
	| % /usr/local/bin/apoppasswd -e xxx
	+-------------------------------------------------------------------

	 someone-xxx@hoge.co.jp 
	APOPvirtualdomain 
	APOP
	 README.qmapop 
	

  POP before SMTP 

	+--- !!  !! --------------------------------------------------
	| POP before SMTP (hosts.allow)
	| 
	| 
	| hosts.allow 
	| 
	+-----------------------------------------------------------------

    POP before SMTP 

	qmailSMTP
	LAN
	
	
	SMTP POP
	
	SMTP
	 POP before SMTP 

    POP before SMTP

	POP before SMTPPOP
	SMTP
	qmail  hosts.allow 
	ipop3d APOP
	/usr/local/etc/pop3-record 
	 POP before SMTP 
	

	1. ipop3d 
	2. ipop3dAPOP pop3-record 
	3. pop3-record ()
	   hosts.allow 
	4.  hosts.allow 

	 hosts.allow 
	
	 APOPtools 
	 /etc/hosts.allow.src  
	/etc/hosts.allow 
	

	 hosts.allow  hosts.allow.src 

	+-------------------------------------------------------------------
	| # cp /etc/hosts.allow /etc/hosts.allow.src
	+-------------------------------------------------------------------

	 hosts.allow.src 
	 hosts.allow  /usr/local/etc/pop3-update
	

	 ipop3d 
	hosts.allow.src  ipop3d 
	

	/--- [/etc/hosts.allow.src ] ---------------------------
	|ipop3d: 127.0.0.1 192.168.0. : setenv INTRANET : setenv RELAYCLIENT %h
	|ipop3d: ALL : setenv RELAYCLIENT %h
	\---------------------------------------------------------------

	 hosts.allow 

	+-------------------------------------------------------------------
	| # /usr/local/etc/pop3-update
	+-------------------------------------------------------------------

	APOP /usr/local/etc/pop3-record 
	/etc/hosts.allow SMTP
	

	
	/etc/crontab  pop3-age 

	/--- [/etc/crontab ] ---------------------------------
	| */10	*	*	*	*   root /usr/local/etc/pop3-age
	\---------------------------------------------------------------

	10 pop3-age  pop3-* 
	
	POP
	
	

    

	APOPPOP
	 /etc/hosts.allow 
	10
	


OpenSSHSMTP/POP

	APOPSMTP/POP
	APOP
	
	 Port Forwarding 
	

  UNIX Port Forwarding

	UNIX1024
	8025
	(mail.hoge.co.jp)SMTP
	8110POP

	+-------------------------------------------------------------------
	| % ssh -L 8025:localhost:25 -L 8110:localhost:25 mail.hoge.co.jp
	+-------------------------------------------------------------------

  Windows Port Forwarding

	WindowsSSH TeraTermPRO+TTSSH() 
	Windows
	Windows
	PC25SMTP110
	POP

	TTSSHSSH [Setup]  [SSH
	Forwarding] [Add]
	

		Forward local port 	[25]
		to remote machine 	[mail.hoge.co.jp]
		port			[25]

	[OK][Add]

		Forward local port 	[110]
		to remote machine 	[mail.hoge.co.jp]
		port			[110]

	SSH
	[Setup]  [Save setup]
	

	TTSSH
	SMTPPOP localhost 
	
	

--- [] ---------------------------------------------------------------
  http://www.vector.co.jp/authors/VA002416/
  http://www.zip.com.au/~roca/ttssh.html
--------------------------------------------------------------------------


 +---[]--------------------------------------------------------------
  = OpenSSH  =

  FreeBSD 4.1.1R  OpenSSH 
  
  ssh-1.2.27  sshd  OpenSSH 
  
  FreeBSD 4.1.1R  sshd 
  /etc/ssh/sshd_config 
  

  * Protocol
    SSHv1,
   SSHv2 SSHv1
   "Protocol 1" 

  * PermitRootLogin
    root no

  * X11Forwarding
    X11yesOpenSSH 2.1/2.2
    no

  * CheckMail
     /var/mail/USER 
    FreeBSD yesMTAqmail
     no 

  OpenSSH  ssh-agent  ssh-askpass 
  GUIssh-askpass
  Ports
  ports
  /usr/ports/security/openssh-askpass make install 
  http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ 
  
 +-------------------------------------------------------------------------



	POP
	
	POPAPOP+Maildir
	

	
	
	
	


yuuji@gentei.org
Fingerprint16 = FF F9 FF CC E0 FE 5C F7 19 97 28 24 EC 5D 39 BA
HIROSE Yuuji - ASTROLOGY / BIKE / EPO / GUEST BOOK / YaTeX [Tweet]