Simple Mail Transfer Protocol (SMTP)
From Computing and Software Wiki
Line 1: | Line 1: | ||
- | SMTP is straight forward, simple, efficient protocol to transfer mail between machines, It was first defined in RFC 821. SMTP has two rules regarding the hosts,a sender acts as client it establish a TCP connection with the receiver , which act like a server. SMTP uses a readable simple text-based ASCII text in which one or more recipients of mail are defined. | + | SMTP is straight forward, simple, efficient protocol to transfer mail between machines, It was first defined in RFC 821. SMTP has two rules regarding the hosts,a sender acts as client it establish a TCP connection with the receiver , which act like a server. SMTP uses a readable simple text-based ASCII text in which one or more recipients of mail are defined.<sup>[3]</sup> |
==SMTP Model== | ==SMTP Model== | ||
Line 14: | Line 14: | ||
* The sender terminate the connection, after sending one or more emails. | * The sender terminate the connection, after sending one or more emails. | ||
- | This model is used to send email messages over the internet from one machine to another, the message then can be retrieved from the local client with an email agent using POP protocol, configure both protocols required to have the complete picture. Negotiation between Sender and receiver may occur over the several recipients, if the receiver is successfully processed and accepted SMTP will send email data, the receiver send an Okay reply when data received.[1] | + | This model is used to send email messages over the internet from one machine to another, the message then can be retrieved from the local client with an email agent using POP protocol, configure both protocols required to have the complete picture. Negotiation between Sender and receiver may occur over the several recipients, if the receiver is successfully processed and accepted SMTP will send email data, the receiver send an Okay reply when data received.<sup>[1]</sup> |
[[Image:Component of email system.jpg|left|500px|thumb|Components of an electronic email system]] | [[Image:Component of email system.jpg|left|500px|thumb|Components of an electronic email system]] | ||
Line 29: | Line 29: | ||
| | | | ||
|} | |} | ||
- | When email is received by your computer, SMTP added time to the mail header this feature also include store tracking data of all hosts that relayed the message. Usually SMTP Message Transfer Agent is used to show the time stamp at the start of message, as well as the sender and each time that an item relayed this time stamp shows the ID for the host send the message, the ID that received the message, and the time that the message was received [2], the important of this information become from the fact that most of the time stamp and host identity enhance the chance for the receiver to distinguish between email sent from a trusted destination or crackers, also it provide an important information if a problem in mail delivery happened.[2] | + | When email is received by your computer, SMTP added time to the mail header this feature also include store tracking data of all hosts that relayed the message. Usually SMTP Message Transfer Agent is used to show the time stamp at the start of message, as well as the sender and each time that an item relayed this time stamp shows the ID for the host send the message, the ID that received the message, and the time that the message was received [2], the important of this information become from the fact that most of the time stamp and host identity enhance the chance for the receiver to distinguish between email sent from a trusted destination or crackers, also it provide an important information if a problem in mail delivery happened.<sup>[2]</sup> |
Time stamps not always a reliable information source as computer clocks are sometimes inaccurately set , or the information sequence is not make since, adding the time stamp is optional by the recipient user agent. | Time stamps not always a reliable information source as computer clocks are sometimes inaccurately set , or the information sequence is not make since, adding the time stamp is optional by the recipient user agent. | ||
Line 37: | Line 37: | ||
<br clear=all/> | <br clear=all/> | ||
- | ==Mail Bouncing == | + | ===Mail Bouncing=== |
- | It is not always true that every email will be delivered to its destination , this happened if the sender provide incorrect recipient ID, in this case the email send back to originator with a message indicate the reason of why the mail not delivered , the returned email called Bounced email.[2] | + | It is not always true that every email will be delivered to its destination , this happened if the sender provide incorrect recipient ID, in this case the email send back to originator with a message indicate the reason of why the mail not delivered , the returned email called Bounced email.<sup>[2]</sup> |
<br clear=all/> | <br clear=all/> | ||
==Security== | ==Security== | ||
- | Many critical security issues related to emails and emails agents, one of the most used agents is Sendmail, it is complicated and big program that have many functions including mail translation and mail alias names. Send mail mainly use SMTP which run NVT telnet , as known telnet has so many security issues by using open text format to send data, NVT telnet use port 25 , if any body try to break into a computer this is a great security hole to do so, other limitation on original SMTP is it has no way to authenticate senders. some easy solutions are used by using more secure and efficient mail agents written with some kind of mail encryption and spam filter, or even have an assistant virus scanner to scan emails before can be open.[2,3] | + | Many critical security issues related to emails and emails agents, one of the most used agents is Sendmail, it is complicated and big program that have many functions including mail translation and mail alias names. Send mail mainly use SMTP which run NVT telnet , as known telnet has so many security issues by using open text format to send data, NVT telnet use port 25 , if any body try to break into a computer this is a great security hole to do so, other limitation on original SMTP is it has no way to authenticate senders. some easy solutions are used by using more secure and efficient mail agents written with some kind of mail encryption and spam filter, or even have an assistant virus scanner to scan emails before can be open.<sup>[2,3]</sup> |
call back verification also can be used as validate email address this mostly used as ant spam measure, other solution as modify SMTP intensively not practical as so many installation is depends on how SMTP Already build. | call back verification also can be used as validate email address this mostly used as ant spam measure, other solution as modify SMTP intensively not practical as so many installation is depends on how SMTP Already build. | ||
==SMTP Commands Example== | ==SMTP Commands Example== | ||
- | Every SMTP transmission consist of a sequence of commands and responses between the server and the client, these commands format is easy to understand because each command appears on a separate line. Here is some of commands and their meanings. | + | Every SMTP transmission consist of a sequence of commands and responses between the server and the client, these commands format is easy to understand because each command appears on a separate line. Here is some of commands and their meanings. <sup>[3]</sup> |
SMTP Commands Example | SMTP Commands Example |
Revision as of 21:03, 10 April 2009
SMTP is straight forward, simple, efficient protocol to transfer mail between machines, It was first defined in RFC 821. SMTP has two rules regarding the hosts,a sender acts as client it establish a TCP connection with the receiver , which act like a server. SMTP uses a readable simple text-based ASCII text in which one or more recipients of mail are defined.[3]
Contents |
SMTP Model
SMTP Required reliable ordered data stream channel to transfer mail uses the following model of communications:
- Mail request start with a command.
- The SMTP sender establish a two way transmission channel to connect with the receiver.
- The receiver can be intermediate or final destination for the mail.
- The receiver then send back a reply as a response to the commands.
- The response can be an Okay response if the receiver can accept the mail.
- The sender responds by sending a RCPT command to identify the mail recipient.
- The receiver may rejects the recipients, but cannot reject the whole transaction.
- The sender terminate the connection, after sending one or more emails.
This model is used to send email messages over the internet from one machine to another, the message then can be retrieved from the local client with an email agent using POP protocol, configure both protocols required to have the complete picture. Negotiation between Sender and receiver may occur over the several recipients, if the receiver is successfully processed and accepted SMTP will send email data, the receiver send an Okay reply when data received.[1]
Time Stamps and Message ID
When email is received by your computer, SMTP added time to the mail header this feature also include store tracking data of all hosts that relayed the message. Usually SMTP Message Transfer Agent is used to show the time stamp at the start of message, as well as the sender and each time that an item relayed this time stamp shows the ID for the host send the message, the ID that received the message, and the time that the message was received [2], the important of this information become from the fact that most of the time stamp and host identity enhance the chance for the receiver to distinguish between email sent from a trusted destination or crackers, also it provide an important information if a problem in mail delivery happened.[2] Time stamps not always a reliable information source as computer clocks are sometimes inaccurately set , or the information sequence is not make since, adding the time stamp is optional by the recipient user agent.
Mail Error
SMTP concentrate on how underlying email delivery system transfer mail messages between hosts, but does not give much details about how mail is stored or accepted, if error occur ( for example unidentified email address) this error reported to FROM filed to the sender. the receiver must report every error by sending error message to the sender.
Mail Bouncing
It is not always true that every email will be delivered to its destination , this happened if the sender provide incorrect recipient ID, in this case the email send back to originator with a message indicate the reason of why the mail not delivered , the returned email called Bounced email.[2]
Security
Many critical security issues related to emails and emails agents, one of the most used agents is Sendmail, it is complicated and big program that have many functions including mail translation and mail alias names. Send mail mainly use SMTP which run NVT telnet , as known telnet has so many security issues by using open text format to send data, NVT telnet use port 25 , if any body try to break into a computer this is a great security hole to do so, other limitation on original SMTP is it has no way to authenticate senders. some easy solutions are used by using more secure and efficient mail agents written with some kind of mail encryption and spam filter, or even have an assistant virus scanner to scan emails before can be open.[2,3] call back verification also can be used as validate email address this mostly used as ant spam measure, other solution as modify SMTP intensively not practical as so many installation is depends on how SMTP Already build.
SMTP Commands Example
Every SMTP transmission consist of a sequence of commands and responses between the server and the client, these commands format is easy to understand because each command appears on a separate line. Here is some of commands and their meanings. [3]
SMTP Commands Example
HELO : Identify the sender MAIL FORM : Start mail transaction and identify mail originator RCOT TO : Identify an individual recipient DATA : Sender is ready to transmit a series of line of text VERFY : Ask for name identification from the receiver TURN : Ask partiner to switch roles and become a sender SOML : Send email if receiver is logged in, deliver direct to the terminal
See Also
References
- [3] TCP/IP architecture , protocols, and implementation with IPv6 and IP security. second edition, McGraw-Hill , Dr. Sidnie Feit. 1996.
External Links
- SMTP in Wikipedia
- Extended SMTP Wikipedia
- SMTP Commands - SMTP complete command list
- Mail Transfer Agents.
- SMTP Proxy
- Anti spam SMTP proxy
--Shahroma 20:51, 2 April 2009 (EDT) Mohammad Shahrouri