Simple Mail Transfer Protocol (SMTP)

From Computing and Software Wiki

(Difference between revisions)
Jump to: navigation, search
Line 65: Line 65:
* [[Anti-spam Systems and Techniques]]
* [[Anti-spam Systems and Techniques]]
-
* [[SSH Tunneling]]
 
* [[Insider_Threats]]
* [[Insider_Threats]]
* [[Information_security_awareness]]
* [[Information_security_awareness]]

Revision as of 20:57, 10 April 2009

SMTP is straight forward, simple, efficient protocol to transfer mail between machines, It was first defined in RFC 821. SMTP has two rules regarding the hosts,a sender acts as client it establish a TCP connection with the receiver , which act like a server. SMTP uses a readable simple text-based ASCII text in which one or more recipients of mail are defined.

Contents

SMTP Model

SMTP Required reliable ordered data stream channel to transfer mail uses the following model of communications:

  • Mail request start with a command.
  • The SMTP sender establish a two way transmission channel to connect with the receiver.
  • The receiver can be intermediate or final destination for the mail.
  • The receiver then send back a reply as a response to the commands.
  • The response can be an Okay response if the receiver can accept the mail.
  • The sender responds by sending a RCPT command to identify the mail recipient.
  • The receiver may rejects the recipients, but cannot reject the whole transaction.
  • The sender terminate the connection, after sending one or more emails.

This model is used to send email messages over the internet from one machine to another, the message then can be retrieved from the local client with an email agent using POP protocol, configure both protocols required to have the complete picture. Negotiation between Sender and receiver may occur over the several recipients, if the receiver is successfully processed and accepted SMTP will send email data, the receiver send an Okay reply when data received.[1]

Components of an electronic email system



Time Stamps and Message ID

mail report including SMTP Diagnostic code

When email is received by your computer, SMTP added time to the mail header this feature also include store tracking data of all hosts that relayed the message. Usually SMTP Message Transfer Agent is used to show the time stamp at the start of message, as well as the sender and each time that an item relayed this time stamp shows the ID for the host send the message, the ID that received the message, and the time that the message was received [2], the important of this information become from the fact that most of the time stamp and host identity enhance the chance for the receiver to distinguish between email sent from a trusted destination or crackers, also it provide an important information if a problem in mail delivery happened.[2] Time stamps not always a reliable information source as computer clocks are sometimes inaccurately set , or the information sequence is not make since, adding the time stamp is optional by the recipient user agent.

Mail Error

SMTP concentrate on how underlying email delivery system transfer mail messages between hosts, but does not give much details about how mail is stored or accepted, if error occur ( for example unidentified email address) this error reported to FROM filed to the sender. the receiver must report every error by sending error message to the sender.


==Mail Bouncing

It is not always true that every email will be delivered to its destination , this happened if the sender provide incorrect recipient ID, in this case the email send back to originator with a message indicate the reason of why the mail not delivered , the returned email called Bounced email.[2],


Security

Many critical security issues related to emails and emails agents, one of the most used agents is Sendmail, it is complicated and big program that have many functions including mail translation and mail alias names. Send mail mainly use SMTP which run NVT telnet , as known telnet has so many security issues by using open text format to send data, NVT telnet use port 25 , if any body try to break into a computer this is a great security hole to do so, other limitation on original SMTP is it has no way to authenticate senders. some easy solutions are used by using more secure and efficient mail agents written with some kind of mail encryption and spam filter, or even have an assistant virus scanner to scan emails before can be open.[2,3] call back verification also can be used as validate email address this mostly used as ant spam measure, other solution as modify SMTP intensively not practical as so many installation is depends on how SMTP Already build.


SMTP Commands Example

Every SMTP transmission consist of a sequence of commands and responses between the server and the client, these commands format is easy to understand because each command appears on a separate line. Here is some of commands and their meanings.

SMTP Commands Example
HELO      :  Identify the sender
MAIL FORM : Start mail transaction and identify mail originator
RCOT TO   : Identify an individual recipient 
DATA      : Sender is ready to transmit a series of line of text
VERFY     : Ask for name identification from the receiver
TURN      : Ask partiner to switch roles and become a sender
SOML      : Send email if receiver is logged in, deliver direct to the terminal


See Also

References

  • [1] - RFC 821 Simple Mail Transfer Protocol, Jonathan B. Postel
  • [2] - SMTP protocol overview
  • [3] TCP/IP architecture , protocols, and implementation with IPv6 and IP security. second edition, McGraw-Hill , Dr. Sidnie Feit. 1996.



External Links

--Shahroma 20:51, 2 April 2009 (EDT) Mohammad Shahrouri

Personal tools