|
As you can see from the following scheme, OpenPEC represents the central kernel of the system and it communicates with all the other modules:
- the Mail Transfer Agent (MTA), which is in charge of routing and dispatching emails,
- the Antivirus module,
- the LDAP server (which holds the mirror of the owners index),
- the database (RDBMS) which holds accounts,
- the LMTP server, used for delivery messages to the users mailboxes,
- the HSM device (Hardware Security Module) used to sign the messages,
- the storage (file system) to store mailboxes and system logs
- the POP-IMAP server which grants the users access to their mailboxes,
- the provisioning module (for create/modify accounts) which can be called over SOAP interface,
- the webmail, to browse emails over WWW using the most common browsers
|
|
For every message incoming to the MTA addressed to certified domains, it verifies if that is a regular email message or a PEC message. Regular email messages are handled back without any modification to the MTA, while for PEC messages:
- If it's an outgoing message, it incapsulates it into a waybill, it digitally signs it using HSM module and it handles it back to the MTA, which routes it to the recipient;
- If it is and incoming message, it checks the correctness of the signature (using HSM module) and the message effectiveness (it should come from a certified domain), it delivers the message to the destination mailbox through LMTP protcol and, once delivered, it creates the acknoledgement of receipt that the MTA will send back to sender of the original message. If the message is not valid, it generates an anomaly of transport message and forwards it to the user mailbox.
|
