Đang tải... (xem toàn văn)
Xây dựng hệ thống zimbra mail server trên centos 7........Research and building secure email system and evaluation of anti spam method ......Antispam Techniques....SpamAssassin Core This flexible and powerful set of Perl programs, SpamAssassin uses the combined score from multiple types of checks to detect spam.
MINISTRY OF EDUCATION AND TRAINING FPT UNIVERSITY Capstone Project Document Research and building secure email system and evaluation of anti-spam method Group Group Member Supervisor Nguyễn Hữu Tuấn SE03179 Nguyễn Công Trung SE03262 Lưu Thành Luân SE02850 Nguyễn Anh Tuấn SE03294 Trần Văn Đức SE03300 Mr Ngô Hải Anh Hanoi, 04/2017 THE CAPSTONE PROJECT TABLE OF CONTENTS ACKNOWLEDGMENT DEFINITION AND ACRONYMS Chapter 1: INTRODUCTION 1.1 Purpose 1.2 Project Information 1.3 Supervisor and Team Members 1.3.1 Supervisor 1.3.2 Team Members 1.4 Overview of Initial Idea 10 1.4.1 Introduction to Idea 10 1.4.2 Similar Solutions 10 1.4.3 Initial Idea 10 1.4.4 Main Function 10 1.4.5 Benefit from Project 11 Chapter 2: PROJECT MANAGEMENT PLAN 12 2.1 Problem Definition 12 2.1.1 Name of the Capstone Project 12 2.1.2 Problem Abstraction 12 2.1.3 Project Overview 12 2.1.3.1 The Current Situation 12 2.1.3.2 The Proposed Solution 12 2.2 Project Organization 13 2.2.1 Solution Process Model 13 2.2.2 Roles and Responsibilities 14 2.2.2.1 Team Organization Structure 14 2.2.2.2 Roles and Responsibilities 15 2.3 Project Management Plan 16 MAIL ZTEAM THE CAPSTONE PROJECT 2.3.1 Task 16 2.3.2 Meeting Minutes 17 2.3.3 Risks of Working in Group 18 Chapter 3: MAIL SERVER AND RISK ASSESSMENT 19 3.1 Mail Server 19 3.1.1 What is a Mail Server? 19 3.1.2 Protocols 20 3.2 Risk Identification 22 3.2.1 Threat Identification 22 3.2.2 Vulnerability Identification 23 Chapter 4: RISK MANAGEMENT PLAN 24 4.1 Objectives of Risk Management 24 4.1.1 Lists of Threats/Vulnerabilities 24 4.1.2 Costs Associated with Risks 24 4.1.3 Impact Assessment 25 4.1.4 Risk-level Matrix 26 4.1.5 Description of Risk Level 27 4.1.6 List of Recommendations to Reduce the Risks 27 4.2 Reporting Requirements 28 4.2.1 Present Recommendations 28 4.2.2 Document Response to Recommendations 28 Chapter 5: DEVELOPMENT AND IMPLEMENTATION 29 5.1 Reason to Choose Zimbra Mail Server 29 5.2 SpamAssassin 30 5.2.1 Spam and Ham 30 5.2.1.1 Definition of Spam Email and Ham Email 30 5.2.1.2 Anti-spam Techniques 30 5.2.1.3 Detecting Spam Techniques 31 MAIL ZTEAM THE CAPSTONE PROJECT 5.2.1.4 End-user Techniques 31 5.2.1.5 Techniques for Administrators 32 5.2.1.6 Techniques for Sender 33 5.2.2 What is SpamAssassin? 34 5.2.3 How Does SpamAssassin Work? 35 5.2.4 The Process of Scanning a Message 37 5.2.5 Structure of the Rules in SpamAssassin 38 5.2.6 Training SpamAssassin 40 5.2.7 The Process of Learning a Message 41 5.2.8 Training SpamAssassin in Zimbra: Zmtrainsa 42 5.2.9 Improve SpamAssassin Filter 43 5.2.9.1 Distributed Checksum Clearinghouse 43 5.2.9.2 Pyzor and Razor2 44 5.2.9.3 DCC Pyzor Razor2 SpamAssassin Performance 45 5.2.9.4 Spam Filter for Vietnamese 45 5.2.9.5 Test SpamAssassin with Spam Email 46 5.4 Anti-Virus 47 5.5 Prevent Sniffing Email 50 5.5.1 SSL Certificate (HTTPS) 50 5.5.2 OpenPGP 52 5.6 Social Engineering 54 5.7 Install Zimbra Server 55 5.8 Configure Server 64 5.8.1 Install Vietnamese for Zimbra Web Interface 64 5.8.2 Change Logo for Zimbra Web Interface 65 5.8.3 Configure Firewall 68 5.9 Backup and Restore with Zimbra Server 70 5.10: Conclusions 73 Chapter 6: USER MANUAL 74 MAIL ZTEAM THE CAPSTONE PROJECT 6.1 Admin Guidelines 74 6.1.1 Login Page for Admin 74 6.1.2 Services 76 6.1.3 Manage Accounts 77 6.1.4 Other Features 80 6.2 User Guidelines 82 6.2.1 User Login 82 6.2.2 User Setting Vietnamese Interface 86 6.2.3 User Send and Receive a First Email 87 6.2.4 User Logout 89 6.3 Zimbra Desktop 90 6.3.1 Download, Install and Configure Zimbra Desktop 90 References 95 MAIL ZTEAM THE CAPSTONE PROJECT ACKNOWLEDGMENT First, we would like to thank our supervisor Mr Ngo Hai Anh Besides your technology tips, you are also a great motivator for us not to give up and always want to achieve more for the project Second, we would like to thank all of our teachers at FPT University, who showed us great support during this semester when we were implementing our Capstone project Furthermore, we also want to express our gratitude to all of our friends, our families, who always help us in this difficult time Our project is going to the final stage, looking back from the beginning, it has been a long process for each member and the whole group We started the project with only a little knowledge, some people have no, none of us ever did anything related to the previous Mail Server system Luckily, we were helped by many people, and we would like to let them know that we are verry grateful to them Again, we sincerely thank! Capstone project, Mail Zteam, IA0902 Hanoi, April 2016 MAIL ZTEAM THE CAPSTONE PROJECT DEFINITION AND ACRONYMS Acronym Definition AD Active Directory AUP Acceptable Use Policy COS Class of Service DCC Distributed Checksum Clearinghouse ELF Executable and Linkable Format FSG Greeting Card Factory GAL Global Address List GUI Graphical User Interface HAM Not-Spam, or Good Email HTML HyperText Markup Language IMAP Internet Mail Access Protocol LDAP Lightweight Directory Access Protocol MIME Multipurpose Internet Mail Extensions MTA Mail Transfer Agent MX Mail Exchange PDF Portable Document Format PGP Pretty Good Privacy PKI Public Key Infrastructure POP Post Office Protocol RFC Request for Comment RTF Rich Text Format SHA Secure Hash Algorithm SMTP Simple Mail Transfer Protocol SPAM Bad Email MAIL ZTEAM THE CAPSTONE PROJECT SPF Sender Proxy Framework SSL Secure Sockets Layer SUE System Enhancement Associates Data File TOS Terms of Service UPX Ultimate Packer for Executables wwpack32 Windows executable files compressor and protector ZCS Zimbra Collaboration Suite MAIL ZTEAM THE CAPSTONE PROJECT Chapter 1: INTRODUCTION 1.1 Purpose The purpose of this chapter is to introduce about our developing team, raise problem and initial idea of the Capstone Project In this chapter, we also present overviews, advantages and limitation of similar existing solution, benefits and risks of our system in the future It provides information about what we will do, why we chose it and what it can 1.2 Project Information Project name: Research and building secure email system and evaluation of anti-spam method Product type: Research, building, evaluation Timeline: From 3rd January 2017 to 28th April 2017 1.3 Supervisor and Team Members 1.3.1 Supervisor Full name Ngo Hai Anh Phone Email Title 0932193582 Anhnh2@fpt.edu.vn 1.3.2 Team Members Full name Student ID Phone Email Role Nguyen Huu Tuan SE03179 0972254070 tuannhse03179@fpt.edu.vn Leader Nguyen Cong Trung SE03262 0976849636 trungncse03262@fpt.edu.vn Member Nguyen Anh Tuan SE03294 01652194668 tuannase03294@fpt.edu.vn Member Luu Thanh Luan SE02850 01652515868 luanltse02850@fpt.edu.vn Member Tran Van Duc SE03300 0984094456 ductvse03300@fpt.edu.vn Member MAIL ZTEAM THE CAPSTONE PROJECT 1.4 Overview of Initial Idea 1.4.1 Introduction to Idea Nowadays, almost company use email for communication, marketing, promotion, mobility, filtering and follow-up with those customer, but some problem they face such cost too high, security unreliable, the system can’t anti-spam… We build a solution with low infrastructure costs may help companies save costs, anti-spam email, secure email by encryption 1.4.2 Similar Solutions Exchange Server is a server software developed by Microsoft that specializes in email solution and enterprise information exchange MDaemon Messaging Server is a Windows-based email and groupware server developed by Alt-N Technologies MDaemon Mail Server supports most mobile devices with access to calendar, email and contacts The advantages of MDaemon: Friendly interface to users Running on the Microsoft operating system that currently most of the computers in Vietnam were using Microsoft Having the ability to manage hundreds of domain names and thousands of users 1.4.3 Initial Idea Construct Mail Server response using an internal email in the company of the group Construct solutions for the anti-spam features spam filters and security steps in the authentication email, encrypt email 1.4.4 Main Function The system has some features below: Receiving and sending external email Mail Server will manage all your email accounts in internal systems Receiving email from the Mail Server of the sender and distribute email to the account in the system Mail Server that allows users can use webmail to receive email or use email client such as: Thunderbird, MS Outlook, Windows Live Mail… or both, depending on the Mail Server settings MAIL ZTEAM 10 THE CAPSTONE PROJECT Software Updates Admin can schedule updates to the server Figure 6.9: Updates Currently, at tab Account Migration and Client Upload have no information display Above, there are basic information for Administrator can manage Zimbra Server MAIL ZTEAM 81 THE CAPSTONE PROJECT 6.2 User Guidelines 6.2.1 User Login After admin gave account user login at website: https://trangan.info If the site appears as below, then click on Advanced Figure 6.10: SSL MAIL ZTEAM 82 THE CAPSTONE PROJECT Next click on Add Exception Figure 6.11: add Exception MAIL ZTEAM 83 THE CAPSTONE PROJECT Final click Confirm Security Exception Figure 6.12: Confirm The reason why we that because the first time you visit a site, it requires SSL authentication, which the browser has never seen before This is a step that will help us ensure that the parties are authenticated MAIL ZTEAM 84 THE CAPSTONE PROJECT After that the site login appear Using username and password that the admin has given (We may change the password) Figure 6.13: Login MAIL ZTEAM 85 THE CAPSTONE PROJECT 6.2.2 User Setting Vietnamese Interface After login, we should change language become Vietnamese To it, we choose tab Preferences Language Vietnamese and Time Zone become GMT +6 then click button Save Figure 6.14: Preferences MAIL ZTEAM 86 THE CAPSTONE PROJECT 6.2.3 User Send and Receive a First Email To create an email, we click “Thông điệp mới” insert address email, write and send Figure 6.15: Send mail MAIL ZTEAM 87 THE CAPSTONE PROJECT Have new email Figure 6.16: Inbox MAIL ZTEAM 88 THE CAPSTONE PROJECT 6.2.4 User Logout User wants to Logout click button Option “Đăng xuất” Figure 6.17: Logout MAIL ZTEAM 89 THE CAPSTONE PROJECT 6.3 Zimbra Desktop 6.3.1 Download, Install and Configure Zimbra Desktop Access the address: https://www.zimbra.com/downloads/zimbra-desktop/ and download the version that matches the OS version Figure 6.18: Zimbra Desktop MAIL ZTEAM 90 THE CAPSTONE PROJECT After download and setup, we have Zimbra Desktop Figure 6.19: Confirm Zimbra Desktop MAIL ZTEAM 91 THE CAPSTONE PROJECT Then we add Zimbra account, click button Add New Account Account Type chose Zimbra and fill in the appropriate information in the textbox Figure 6.20: Confirm Setting Zimbra Desktop MAIL ZTEAM 92 THE CAPSTONE PROJECT Note: Address Server: 103.220.68.9 using SLL Security then click Validate and Save after we Launch Desktop Figure 6.21: Succeed MAIL ZTEAM 93 THE CAPSTONE PROJECT We have GUI of Zimbra Desktop… Figure 6.22: Zimbra Desktop Note: - It does not support Vietnamese so the user must use English - User does not need to worry about security issues on Zimbra Desktop because it runs on SSL protocol so it is very safe MAIL ZTEAM 94 THE CAPSTONE PROJECT References [1] James F Kurose, Keith W Ross (2012) Computer Networking: A Top-Down Approach 6th Edition Pearson ©2012, pp 121-130 [2] Gary Stoneburner, Alice Y Goguen and Alexis Feringa (July 2002) NIST Special Publication 800-30, Risk Management Guide for Information Technology Systems [3] World Wide Web SpamAssassin apache Available at: http://spamassassin.apache.org/.[accessed 2017, March, 04] [4] Faisal N Jawdat, How To Train SpamAssassin Available at:http://faisal.com/docs/salearn.html [accessed 2017, March, 03] [5] World Wide Web DCC server Available at: https://www.dcc-servers.net/ [accessed 2017, March, 04] [6] Frank Tobin, Pyzor’s documentation Release 1.0, pp 23-24 Available at: https://media.readthedocs.org/pdf/pyzor/latest/pyzor.pdf [accessed 2017, March, 05] [7] Phil Zimmermann, "Why I Wrote PGP" Part of the Original 1991 PGP User's Guide (updated in 1999), pp Available at:https://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html [accessed 2017, March, 05] [8] World Wide Web Available at: https://www.gnupg.org/.[accessed 2017, March, 22] [9] World Wide Web Available at: http://lightcyber.com/8-tips-to-prevent-social-engineering-attacks/.[accessed 2017, April, 10] MAIL ZTEAM 95 ... Capstone Project Research and building secure email system and evaluation of anti- spam method 2.1.2 Problem Abstraction Today, almost all organizations and individuals use email as a form of mailing... template: Meeting/Project Name Name Capstone Project: Research and building secure email system and evaluation of anti- spam method Date of meeting: 4days/week Time (Type): 3hours/day Meeting... ZTEAM 29 THE CAPSTONE PROJECT 5.2 SpamAssassin 5.2.1 Spam and Ham 5.2.1.1 Definition of Spam Email and Ham Email Spam is defined as: “the use of electronic messaging systems to send unsolicited bulk