Um servidor de e-mail distribuído, flexível, escalável e tolerante a intrusões
Resumo
O e-mail é uma ferramenta essencial na Internet. No entanto, a arquitetura dos sistemas de e-mail convencionais sofre de problemas que limitam sua escalabilidade e abrem a porta para diversos tipos de ameaças. Alternativas vêm sendo propostas para sanar as deficiências e prover maior escalabilidade e confiabilidade aos sistemas de e-mail. Este artigo apresenta uma arquitetura distribuída para servidores de e-mail, cobrindo aspectos de desempenho, escalabilidade, flexibilidade de configuração, tolerância a faltas e a intrusões. Para tal, diversas técnicas foram empregadas, como a estruturação do sistema em células autônomas, fragmentação e dispersão do armazenamento, processamento de mensagens baseado em eventos e filtragem por ganchos (hooks).
Referências
Behren, J., Czerwinski, S., Joseph, A., Brewer, E., and Kubiatowicz, J. (2000). Ninja-Mail: The design of a high-performance clustered, distributed e-mail system. In ICPP International Conference on Parallel Processing.
Christenson, N., Bosserman, T., and Beckemeyer, D. (1997). A highly scalable electronic mail service using open systems. In USENIX Symposium on Internet Technologies and Systems, pages 1-15.
Crocker, D. (1982). Standard for the format of ARPA Internet text messages. IETF RFC 822.
Fabre, J.-C., Deswarte, Y., and Randell, B. (1994). Designing secure and reliable applications using fragmentation-redundancy-scattering: An object-oriented approach. In European Dependable Computing Conference, pages 21-38. Springer-Verlag.
Fromberger, M. (2004). Bayesian classification of unsollicited e-mail. http://thayer.dartmouth.edu/sting/sw/bayes-spam.pdf.
Fulton, H. and Hurst, G. (2003). The Ruby Way. Sams.
Ghemawat, S., Gobioff, H., and Leung, S. (2003). The Google file system. In ACM Symposium on Operating Systems Principles, pages 29-43.
Google (2004). Google Mail. http://gmail.google.com.
Gribble, S., Welsh, M., von Behren, R., Brewer, E., Culler, D., Borisov, N., Czerwinski, S., Gummadi, R., Hill, J., Joseph, A., Katz, R., Mao, M., Ross, S., and Zhao, B. (2001). The Ninja architecture for robust internet-scale systems and services. Computer Networks, 35(4):473-497.
Hall, R. J. (1998). How to avoid unwanted email. Communications of the ACM, 41(3):88-95.
Harris, E. (2004). The next step in the spam control war: Greylisting. http://projects.puremagic.com/greylisting/whitepaper.html.
IDC (2003). Third annual email usage forecast and analysis, 2001-2005. IDC Report W25335.
IDC (2004). The true cost of spam and the value of antispam solutions. IDC Report.
Jung, J. and Sit, E. (2004). An Empirical Study of Spam Traffic and the Use of DNS Black Lists. In Internet Measurement Conference, Taormina, Italy.
Klensin, J. (2001). Simple Mail Transfer Protocol. IETF RFC 2821.
Kubiatowicz, J., Bindel, D., Chen, Y., Czerwinski, S., Eaton, P., Geels, D., Gummadi, R., Rhea, S., Weatherspoon, H., Weimer, W., Wells, C., and Zhao, B. (2000). OceanStore: An architecture for global-scale persistent storage. In Proceedings of the Ninth international Conference on Architectural Support for Programming Languages and Operating Systems.
Lindberg, G. (1999). Anti-spam recommendations for SMTP MTAs. IETF RFC 2505.
Pai, V. S., Druschel, P., and Zwaenepoel, W. (1999). Flash: An efficient and portable Web server. In Proceedings of the USENIX 1999 Annual Technical Conference.
Resnick, P. (2001). Internet message format. IETF RFC 2822.
Sahami, M., Dumais, S., Heckerman, D., and Horvitz, E. (1998). A bayesian approach to filtering junk e-mail. In Learning for Text Categorization: Papers from the 1998 Workshop, Madison, Wisconsin. AAAI Technical Report WS-98-05.
Saito, Y., Bershad, B., and Levy, H. (1999). Manageability, availability and performance in Porcupine: A highly scalable, cluster-based mail service. In Symposium on Operating Systems Principles.
Saito, Y., Hoffman, E., Bershad, B., Levy, H., Becker, D., and Folliot, B. (1998). The Porcupine scalable mail server. In 8th ACM SIGOPS European workshop on Support for Composing Distributed Applications, pages 48-52.
Zou, C. C., Gong, W., and Towsley, D. (2002). Code Red worm propagation modeling and analysis. In 9th ACM conference on Computer and Communications Security, pages 138-147.
Christenson, N., Bosserman, T., and Beckemeyer, D. (1997). A highly scalable electronic mail service using open systems. In USENIX Symposium on Internet Technologies and Systems, pages 1-15.
Crocker, D. (1982). Standard for the format of ARPA Internet text messages. IETF RFC 822.
Fabre, J.-C., Deswarte, Y., and Randell, B. (1994). Designing secure and reliable applications using fragmentation-redundancy-scattering: An object-oriented approach. In European Dependable Computing Conference, pages 21-38. Springer-Verlag.
Fromberger, M. (2004). Bayesian classification of unsollicited e-mail. http://thayer.dartmouth.edu/sting/sw/bayes-spam.pdf.
Fulton, H. and Hurst, G. (2003). The Ruby Way. Sams.
Ghemawat, S., Gobioff, H., and Leung, S. (2003). The Google file system. In ACM Symposium on Operating Systems Principles, pages 29-43.
Google (2004). Google Mail. http://gmail.google.com.
Gribble, S., Welsh, M., von Behren, R., Brewer, E., Culler, D., Borisov, N., Czerwinski, S., Gummadi, R., Hill, J., Joseph, A., Katz, R., Mao, M., Ross, S., and Zhao, B. (2001). The Ninja architecture for robust internet-scale systems and services. Computer Networks, 35(4):473-497.
Hall, R. J. (1998). How to avoid unwanted email. Communications of the ACM, 41(3):88-95.
Harris, E. (2004). The next step in the spam control war: Greylisting. http://projects.puremagic.com/greylisting/whitepaper.html.
IDC (2003). Third annual email usage forecast and analysis, 2001-2005. IDC Report W25335.
IDC (2004). The true cost of spam and the value of antispam solutions. IDC Report.
Jung, J. and Sit, E. (2004). An Empirical Study of Spam Traffic and the Use of DNS Black Lists. In Internet Measurement Conference, Taormina, Italy.
Klensin, J. (2001). Simple Mail Transfer Protocol. IETF RFC 2821.
Kubiatowicz, J., Bindel, D., Chen, Y., Czerwinski, S., Eaton, P., Geels, D., Gummadi, R., Rhea, S., Weatherspoon, H., Weimer, W., Wells, C., and Zhao, B. (2000). OceanStore: An architecture for global-scale persistent storage. In Proceedings of the Ninth international Conference on Architectural Support for Programming Languages and Operating Systems.
Lindberg, G. (1999). Anti-spam recommendations for SMTP MTAs. IETF RFC 2505.
Pai, V. S., Druschel, P., and Zwaenepoel, W. (1999). Flash: An efficient and portable Web server. In Proceedings of the USENIX 1999 Annual Technical Conference.
Resnick, P. (2001). Internet message format. IETF RFC 2822.
Sahami, M., Dumais, S., Heckerman, D., and Horvitz, E. (1998). A bayesian approach to filtering junk e-mail. In Learning for Text Categorization: Papers from the 1998 Workshop, Madison, Wisconsin. AAAI Technical Report WS-98-05.
Saito, Y., Bershad, B., and Levy, H. (1999). Manageability, availability and performance in Porcupine: A highly scalable, cluster-based mail service. In Symposium on Operating Systems Principles.
Saito, Y., Hoffman, E., Bershad, B., Levy, H., Becker, D., and Folliot, B. (1998). The Porcupine scalable mail server. In 8th ACM SIGOPS European workshop on Support for Composing Distributed Applications, pages 48-52.
Zou, C. C., Gong, W., and Towsley, D. (2002). Code Red worm propagation modeling and analysis. In 9th ACM conference on Computer and Communications Security, pages 138-147.
Publicado
26/09/2005
Como Citar
OLIVEIRA, Leonardo; ARNAUT, Davi; MAZIERO, Carlos.
Um servidor de e-mail distribuído, flexível, escalável e tolerante a intrusões. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 5. , 2005, Florianópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2005
.
p. 86-98.
DOI: https://doi.org/10.5753/sbseg.2005.21525.
