What is the smtp protocol used for? What is an SMTP server and why use it

Today we will tell you in detail about the most used Internet protocols - POP3, IMAP and SMTP. Each of these protocols has a specific purpose and functionality. Let's try to figure it out.

POP3 protocol and its ports

Post Office Protocol 3 (POP3) is standard protocol mail created for receiving emails from a remote server to an e-mail client.POP3 allows you to save an email message to your computer and even read it if you are offline. It is important to note that if you choose to use POP3 to connect to your mail account, emails that have already been downloaded to your computer will be deleted from the mail server. As an example, if you are using several computers to connect to one mail account, then POP3 may not be the best choice in this situation. On the other hand, since mail is stored locally, on the PC specific user, this allows you to optimize disk space on the mail server side.

By default, the POP3 protocol uses the following ports:

• Port 110 is the default POP3 port. It is not safe.
• Port 995 – This port should be used if you want to establish a secure connection.

IMAP protocol and ports

Internet Message Access Protocol (IMAP) is an email protocol designed for accessing mail from a local email client. IMAP and POP3 are the most popular protocols on the Internet used for receiving e-mail. Both of these protocols are supported by all modern mail clients (MUA - Mail User Agent) and WEB servers.

While POP3 allows mail access from only one application, IMAP allows access from multiple clients. For this reason, IMAP is most adaptable in cases where multiple users need access to the same email account.

By default, the IMAP protocol uses the following ports:

• Port 143– default port. Not safe.
• Port 993– port for secure connection.

SMTP protocol and its ports

Simple Mail Transfer Protocol (SMTP) is a standard protocol for sending mail messages via the Internet.

This protocol is described in RFC 821 and RFC 822, first published in August 1982. Within the scope of the RFC data, the address format must be in the format username@domainname. Mail delivery is similar to regular work postal service: for example, a letter to the address [email protected], will be interpreted as follows: ivan_ivanov is the address, and merionet.ru is the postal code. If the recipient's domain name is different from the sender's domain name, then the MSA (Mail Submission Agent) will send the letter through the Mail Transfer Agent (MTA). The main idea of ​​MTA is to redirect letters to another domain zone, similar to how traditional mail sends letters to another city or region. An MTA also receives mail from other MTAs.

The SMTP protocol uses the following ports.

SMTP (Simple Message Transfer Protocol), or literally translated as a simple message transfer protocol, was born in the UNIX environment and was intended exclusively for mail servers communicating with each other. In terms of the OSI model, SMTP resides at the application layer.

SMTP has now become the de facto standard. To a large extent, this popularity is due to the comparative ease of implementation and wide extensibility without compromising backward compatibility with existing versions postal systems. An important factor is also the wide availability of specifications and the absence of the need to pay funds for their use.

SMTP systems for Lately actively developed in the following directions:

extension of the server-server communication protocol (SMTP itself);

creation and improvement of the client-server communication protocol (POP3, IMAP4);

introduction and expansion of a new message format (MIME).

The initial version of the SMTP protocol supported a limited set of commands and services for receiving and sending messages. Recently, its extended version (Extended or ESMTP) has been developed, providing standard feature further expansion and support for functions such as delivery confirmation (Delivery Notification Request or DNR), negotiation of the maximum allowable size of messages transmitted between servers and forced initiation of the transfer of accumulated mail (dequeue). However, one of the weaknesses on this moment SMTP was and continues to be a lack of ability to authenticate incoming connections, encrypt dialogue and data flow between servers.

The lack of incoming connection authentication prevented the use of SMTP for client access. The classic SMTP email system requires file access client to his mailbox to receive and work with messages. To implement work in client-server mode, a post office service protocol (Post Office Protocol or POP) was created. The most successful version was POP3, widely used in modern SMTP systems. The most advanced implementations support authentication with username and password encryption and Secure Socket Layer (SSL) traffic encryption. However, when using the POP3 protocol, it is not possible to view the characteristics of a message without first downloading it to the client station. To solve the problem of viewing and manipulating properties mail message The IMAP4 protocol was developed directly on the server, as well as overcoming a number of other functional limitations; its support in most commercial systems is expected in the near future. It should be noted that both when using a classic client (mail command) and when using POP3 or IMAP4, sending messages prepared by the client requires an SMTP server. Figure 1.6 shows a diagram of a typical SMTP system using both the traditional UNIX file-based mailbox access method and access via the POP3 and IMAP4 protocols.

Initially, SMTP systems were designed to transmit information exclusively in text form and were not focused on transmitting characters from national alphabets, i.e. used a 7-bit character set. To solve the transmission problem binary files The UUENCODE standard was developed, which allows you to embed arbitrary data, previously converted from binary to text form, directly into the text of the message. However, comprehensive this approach it was difficult to name, because in the general case, the receiving party had no information about the nature of the attachment (the type of data being transferred and the application that generated it). As the Internet expands, the complexity of software and the active introduction of multimedia, there is a need to create a universal format for typing and representing binary data and text containing national characters. Multipurpose Internet Mail Extensions (MIME) became such a universal format. The MIME format turned out to be extremely successful, since it included the possibility of unlimited expansion of both supported data types and national encodings.

Diagram of a typical SMTP system with POP3 and IMAP4 support

An SMTP message, like an X.400 message, uses the concepts of an envelope and a content, which in turn has a header and a body. Functional purpose they are completely identical. The composition of the fields in the header is determined by the format of the message body (UUENCODE or MIME). No field is required, but fields typically include To:, From:, and Subject. If the MIME format is used, the header must contain the line "MIME-Version: 1.0". A complete list of possible fields in the SMTP message header is contained in RFC 2076.

A distinctive feature of SMTP systems is that, as a rule, they ensure that the transmission process is virtually independent of the content format. Only the client program (mail reader) should be responsible for interpreting the content. However, the cost of compatibility at the MTA level in in this case is the inefficiency of transmitting any non-text data or messages using characters of national alphabets due to the preliminary translation of information into a text representation. Depending on the conversion algorithm used, the size of the actual data transferred may increase by 30-100%.

An important problem when transmitting data via SMTP systems is ensuring confidentiality. Since messages are transmitted in text form, they can be easily intercepted and arbitrarily modified. To solve problems with information security, a standard was created for encrypting the message body, the so-called secure multifunctional mail extensions (Secure MIME or S/MIME). However, this protocol is not able to protect message headers from interception.

Simple Mail Transfer Protocol is independent of the transport medium and can be used to deliver mail over networks with protocols other than TCP/IP and X.25. This is achieved through the concept of IPCE (InterProcess Communication Environment). IPCE allows processes that support SMTP to communicate in an interactive mode rather than in a "STOP-GO" mode.

Protocol model. Interaction within SMTP is based on the principle of two-way communication, which is established between the sender and recipient of an email message. In this case, the sender initiates the connection and sends requests for service, and the recipient responds to these requests. In fact, the sender acts as a client, and the recipient acts as a server.

SMTP protocol interaction scheme

The communication channel is established directly between the sender and recipient of the message. With this interaction, mail reaches the subscriber within a few seconds after sending.

For several decades, Internet users have been using email to exchange messages and letters. Until the early 90s of the last century, electronic messages were used, as a rule, by employees of large organizations. With extensive computerization and distribution world wide web, emails have become a part of the lives of ordinary users.

The development of Internet technologies has led to the emergence of so-called mail protocols used for network correspondence. They make it possible to process large letters, providing users with all kinds of services.

It is not constrained by any specific data transmission subsystems. Its operation requires only a reliable channel for the flow of their transmission while maintaining order.

SMTP is used mainly for sending letters and user requests to the server, after which mail is sent to recipients. In order to receive letters, you need the mail client to work on IMAP protocol or POP3.

What is it used for?

This is the standard mail protocol today. All mail programs and servers use it.

Virtual website hosting for popular CMS:

The principle of operation of the protocol.

SMTP is a text protocol, its operating principle requires a connection through which the user sending the email communicates with its recipient using a specific command line. And data is received through the use of a reliable communication channel. Typically, this communication channel is a TCP connection.

A working protocol session consists of a number of commands sent by the SMTP mail client and the server's responses to them. During a work session, both the client and the server exchange the necessary parameters.

A protocol operation includes a combination consisting of the following sequences of commands and responses:

• MAIL FROM command - indicates the return email address;
• RCPT TO command - determines the recipient of a specific letter;
• DATA is the command responsible for sending the text of an email message. This is the body of the letter, which includes the header and body of the letter, separated by an empty line.

The initial SMTP client may well be the recipient's email client, or a mail transfer agent on the server.

How other mail protocols work.

SMTP is just a protocol for delivering correspondence on the network. He cannot, on command, take an email message from a remote server or somehow manage an email box.

There are other protocols for this, such as IMAP and POP. Their use is preferable when connecting to a network temporarily or when the PC is turned on periodically.

POP.

Post Office Protocol is a simple network protocol that includes three flavors: POP, POP2 and POP3. They are designed to deliver correspondence to the user from a central mail server, to delete mail from the server, and to identify the user. A combination of login and password is used for identification. It is worth noting that all three protocols are not interchangeable.

The protocol includes SMTP, which is used to transmit outgoing mail.

In accordance with POP3, letters arriving at a specific e-mail are stored on the server until they are downloaded to the PC during the next session. Once the download has occurred, it becomes possible to read the messages while disconnecting from the network. POP3 is considered to be the fastest mail protocol.

IMAP.

Using the Internet Message Access Protocol, it becomes possible to store messages in file directories on the server and search for any message strings directly there.

This protocol is suitable for those users whose computers use a continuous connection to the Internet. It differs from POP in that when new messages are scanned, only their headers are downloaded.

SMTP protocol

O In this chapter:

O Basic commands protocol

O Relay servers

O Direct shipment

In most cases, the SMTP protocol is used to deliver mail ( Simple Mail Transfer Protocol).

When creating the SMTP protocol, the developers allowed blunder, which spoiled a lot of blood for both system administrators and ordinary users. Its essence lies in the fact that the SMTP protocol does not require user authentication before sending a message, and this allows you to use other people's servers for mass mailing.

Modern SMTP servers use various security mechanisms that prevent the sending of correspondence unknown users. This is discussed in detail in the chapter “Mail Server from the Inside”.

In the terminology of the SMTP protocol there are no such concepts as “client” and “server”. Instead they talk about the sender ( sender) and recipient ( receiver). What most people call an "SMTP server" is both the sender and the recipient. When a client establishes a connection with it to send a letter, the server acts as a recipient, and when it delivers a message to a subscriber, it becomes a sender.

Each mailbox is an SMTP recipient, by contacting it directly, you can transfer the message without intermediaries. However, this method has not gained much popularity. Communication with distant nodes can be slow and unreliable, so it is convenient to delegate the mission of message delivery to a special server, often called an outgoing mail server. If communication with the outgoing mail server is fast and reliable, then this approach is completely justified. On the contrary, sending letters through distant, slow and unstable servers makes no sense. In this case, it is better to put the message directly in the recipient's inbox. However, few email clients support this possibility.

The example below demonstrates how to send a message to a subscriber using the SMTP protocol. The first step is to launch the telnet client and, having established a connection with the selected SMTP server (for example, mail.aport.ru) on the twenty-fifth port, wait for the invitation to be issued.

Figure 009 Connecting to the mail.aport.ru server

The first three characters of the string returned by the server represent the completion code of the operation. A complete list of all possible error codes is contained in RFC-821 and is not given here.

To transfer correspondence, a TCP connection alone is not enough, and it is necessary to establish another, so-called SMTP connection. This is achieved by returning a hello response to the server indicating the client's hostname (if it has a name) or IP address (if the client does not have a name).

It is not always necessary to indicate your accurate address. Often it is enough to enter an arbitrary text string, for example “ABDCEF”

· HELO ppp-15.krintel.ru

The return greeting is carried out with the command “HELO

" The server, having established an SMTP connection, returns a success code (250) and in most cases determines the client's IP address or domain name.

The next step is to specify the sender of the message. To do this, you need to use the “MAIL FROM” command indicating your own postal address optionally enclosed in angle brackets.

For example:

· HELO ppp-15.krintel.ru

· 250 camel.mail.ru Hello ppp-15.krintel.ru

MAIL FROM:" [email protected]»

The recipient of the message is then specified using the “RCPT TO” command, an example of which is shown below:

· HELO ppp-15.krintel.ru

· 250 camel.mail.ru Hello ppp-15.krintel.ru

MAIL FROM:" [email protected]»

· 250 " [email protected]"is syntactically correct

RCPT TO:" [email protected]»

If there is a need to send the same message to several respondents, just call “RCPT TO” one (or more) times ( maximum amount recipients are usually not limited). If the server does not undertake to deliver a message to one of them, it will return an error, but it will not affect the other recipients.

The “DATA” command, called without arguments, causes the server to wait for the text of the letter to be received.

· 354 Enter message, ending with "." on a line by itself

The input completion sequence is an ordinary dot, “bordered” on both sides by line breaks. If such a sequence occurs in the message text, the generation of the letter will be completed immediately. Mail clients usually recognize this situation and resort to recoding, but when working with a telnet client, this concern falls on the user.

An example of using the “DATA” command is given below:

· HELO ppp-15.krintel.ru

· 250 camel.mail.ru Hello ppp-15.krintel.ru

MAIL FROM:" [email protected]»

· 250 " [email protected]"is syntactically correct

RCPT TO:" [email protected]»

· 250 " [email protected]» verified

· Hello, Sailor!

· 250 OK id=12ZDEd-000Eks-00

The “QUIT” command ends the session and closes the connection.

· 221 camel.mail.ru closing connection

Contents of the received message (mechanism for receiving messages on local computer user is discussed in the chapters “POP Protocol” and “IMAP4 Protocol”) may look, for example, as follows:

From [email protected] Sun Mar 26 17:38:03 2000

· Received: from ppp-15.krintel.ru ()

· by camel.mail.ru with smtp (Exim 3.02 #107)

· id 12ZDEd-000Eks-00

· Message-Id: " [email protected]»

From: [email protected]

Hello Sailor!

Below we will show how attackers find and use other people's outgoing mail servers. One way to find public SMTP servers is to analyze the headers of incoming correspondence. Among the nodes that left their addresses in the “Received” field, sometimes there are servers that do not require user authentication to send letters.

For example, below is the header of an email the author of this book pulled from his own mailbox:

From [email protected] Wed Mar 22 16:57:03 2000

Received: from gate.chiti.uch.net()

· by msk2.mail.ru with esmtp (Exim 3.02 #116)

· id 12Xld1-0008jx-00

Received: from 13.chiti.uch.net()

· by gate.chiti.uch.net(8.8.8/8.8.8) with SMTP id PAA29678

· From: "irt" « [email protected] »

Analysis of the header allows us to establish that the letter was sent from the address 13.chiti.uch.net through the outgoing mail server gate.chiti.uch.net. If you try to establish a connection with it, the result may look like this:

To check whether a message can be forwarded, you need to send an invitation to the server, and then identify the sender and recipient of the letter. For example, it might look like this:

· HELO kpnc.krintel.ru

· 250 gate.chiti.uch.net Hello kpnc.krintel.ru, pleased to meet you

MAIL FROM:" [email protected]»

· 250 " [email protected]"...Sender ok

RCPT TO:" [email protected]»

· 250 " [email protected]"… Recipient ok

The successful completion code of the operation (250) and the “Recipient ok” period indicate that the server agreed to the transfer. All you have to do is enter the text of the message and you can send the letter. After some time (usually no more than one minute), the message should arrive at its destination. And its title might look, for example, like this:

From [email protected] Sun Mar 26 17:28:33 2000

Received: from gate.chiti.uch.net()

· by camel.mail.ru with esmtp (Exim 3.02 #107)

· id 12ZD5a-000Dhm-00

· Received: from kpnc.krintel.ru (kpnc.krintel.ru)

· by gate.chiti.uch.net (8.8.8/8.8.8) with SMTP id QAA02468

· (envelope-from [email protected])

From: [email protected]

· Message-Id: " [email protected]»

The sender's address is in bold, indicating that the sender was unable to remain anonymous. If this turns out to be unacceptable, among the incoming letters of your mailbox you can try to find those whose headers do not contain any information about the sender, except for the information that he wished to provide himself.

One of anonymous servers located (or rather, was once located at the time of writing this chapter) at dore.on.ru. However, its use by unauthorized persons is prohibited, as the following experiment demonstrates:

· HELO kpnc.krintel.ru

MAIL FROM:" [email protected]»

· 250 " [email protected]» Sender OK

RCPT TO:" [email protected]»

· 550 Relaying denied for « [email protected]»

The server, indeed, does not make any visible attempts to determine the client’s address, but at the same time, it flatly refuses to forward his correspondence outside the server. Moreover, it is reliably known that the owners of this server use it to send messages to non-local addresses. This implies the existence of a mechanism that allows us to distinguish “us” from “strangers.” The rights of “outsiders” are limited to delivering letters to local addresses, while “outsiders” are allowed to send messages outside the server. Due to the lack of user authentication tools in the SMTP protocol, the client’s IP address helps to distinguish one from another. Local users located on the same subnet as the server are considered “friends”, and vice versa.

But if the server is not equipped with the function of determining the IP addresses of clients, it has no choice but to use the information provided by the sender himself, taking his word for it. Therefore, it is possible to report false data and impersonate a local user who has the right to send messages to any address.

The client indicates his address twice: when greeting the server, with the “HELO” command he reports his domain, and in the “MAIL FROM” field he enters his own return address. Some servers check one of these values, and some check both at the same time.

In the experiment below, the sender reports not his own domain, but the domain of the server owner, and uses one of the addresses as the return address local users server (to find out, you need to receive at least one letter from this server, or try to find out the names of registered users by brute force):

· 220 WITHELD FTGate server ready -Fox Mulder

· HELO dore.on.ru

· MAIL FROM:" [email protected]»

RCPT TO:" [email protected]»

· 250 Recipient Ok

As a result of such forgery, the server was misled and agreed to deliver the letter. Obviously, the true sender of the message cannot be determined by the header, since it contains only the information that the sender wished to leave independently.

It’s impossible to think of a better method for mass mailing, but this technique is not suitable for regular correspondence. After all, the answer to the letter will be returned to the address [email protected]! This can be avoided by adding a “Reply-To” field to the header, containing the sender’s true address (the one he wanted to leave himself). It might look like this, for example:

· 220 WITHELD FTGate server ready -Fox Mulder

· HELO dore.on.ru

MAIL FROM:" [email protected]»

· 250 " [email protected]» Sender OK

RCPT TO:" [email protected]»

· 250 Recipient Ok

· 354 Start mail input; end with "CRLF". "CRLF"

· Reply-To:" [email protected]»

· 250 Ok Message queued

· 221 dore.on.ru Service closing transmission channel

The header of such a letter should look something like this:

Received: from relay1.aha.ru(verified)

· by aha.ru (CommuniGate Pro SMTP 3.1b2)

· Received: from warlock.miem.edu.ru (miem-as.ins.ru)

· by relay1.aha.ru(8.9.3/8.9.3/aha-r/0.04B) with ESMTP id UAA07173

· Received: from dore.miem.edu.ru (rtuis.miem.edu.ru)

· by warlock.miem.edu.ru (8.9.3/8.9.3) with ESMTP id UAA00637

Received: from fox by dore.on.ru(FTGate 2, 1, 2, 1);

· Message-ID: “000301bec6ff$c87f5220$16fe7dc1@fox”

From: " [email protected]»

To: " [email protected]»

Subject: TEST

· Reply-To:" [email protected]»

When you try to reply to the sender, the recipient's email client will extract the contents of the “Reply-To” field and send the letter to the address specified in it. This is exactly what spammers use to achieve complete anonymity on the one hand, and the ability to receive answers from interested parties, on the other.

If you look closely at the header of the letter, you can find several lines “Received” in it. They were left by transit servers, otherwise called Relays (from English relay).

Any email client can send a letter directly. However, to do this you will have to manually specify the recipient's address in the outgoing mail server settings.

For example, to send a letter to [email protected] using “OutLock Express” you will have to go to “ Accounts"("Tools" menu), select "Properties" and go to the "Servers" tab, setting the "computerra.ru" server for outgoing mail.

Obviously this is too tedious and impractical. Until the software learns to perform this operation automatically, users will be forced to use previous methods.

The operation of a typical small corporate outgoing mail server looks something like this: having received a letter at its disposal, it immediately establishes a connection with the recipient's mailbox and sends the message. At the same time, he faces the same difficulties as an ordinary client. Therefore, message relaying is widely used. If for some reason a letter cannot be transmitted directly, it is transmitted to a relay.

A relay is exactly the same SMTP server as all the others discussed in this chapter. Depending on the server settings, the email forwarding route may vary. One message can be sent directly, while another can take a long time to “spin” on Relays. Trust is great, but only when it does not concern security issues. Who would risk trusting repeaters of unknown origin? Moreover, the further route of the letter is determined by each of the transit servers independently, and there is no guarantee that an attacker will not get into this chain.

But the SMTP protocol allows the sender to independently set the message forwarding route. The “RCPT TO” command parameter can contain not only the recipient’s address, but also the relay path!

Its format is as follows:

· RCPT TO: "@s1,@s2,@s3,@sn:name@host"

where s1,s2,s3,sn are the names (or IP addresses) of intermediate tails, and name@host recipient's mailbox. First of all, the message is transmitted to node s1 - the leftmost server in the chain. He modifies the parameter of the RCPT TO command, “biting” the name of his node from it:

· RCPT TO: "@s2,@s3,@sn:name@host"

Then, the next recipient's address, s2, is retrieved. If server s1 does not undertake delivery of correspondence to server s2, the letter is returned back to the sender with an error message. Otherwise, the process is repeated until the message is in the recipient's inbox.

The disadvantage of this scheme is that some SMTP servers may use their own relays to forward to the next tail. Thus, it is guaranteed that the letter, upon successful delivery, will be visited by all specified nodes in the order listed. But direct transfer between adjacent tails in the chain is not always performed.

Therefore, the task of selecting transit servers becomes more complicated. Each of them must not only be protected from outside intrusions, but also must definitely not use the services of third-party repeaters.

Unfortunately, most email clients, when checking that the recipient's address is entered correctly, consider this operation to be syntactically incorrect and refuse to send the letter. You have to launch telnet once again and transfer the message manually.

You can find out which commands are supported by a specific SMTP server using “HELP”, and learn more about the purpose of each of them using “HELP command”.

For detailed information about SMTP protocol commands, you can refer to RFC-788, RFC-821, RFC-822, RFC-1341, RFC-1342, RFC-1426, RFC-1521, RFC-1806, RFC-1830, RFC-2045 , RFC-2046, RFC-2047, RFC-2048, RFC-2049, RFC-2076.

From the book Technique network attacks by Kaspersky Chris

SMTP Protocol O In this chapter: O Basic protocol commands O Relay servers O Direct forwarding O Automation mailing list and spamO Anonymous mailing For mail delivery in most cases, the SMTP (Simple Mail Transfer Protocol) protocol is used.

author Raymond Eric Stephen

5.3.1. Case Study: SMTP, Simple Mail Transfer Protocol In Example 5.7. illustrates the SMTP (Simple Mail Transfer Protocol) transaction, which is described in the RFC 2821 specification. in this example lines starting with C: are sent by postal transport

From the book The Art of Programming for Unix author Raymond Eric Stephen

5.3.1. Case Study: SMTP, Simple Mail Transfer Protocol In Example 5.7. illustrates the SMTP (Simple Mail Transfer Protocol) transaction, which is described in the RFC 2821 specification. In this example, lines starting with C: are sent by mail transport

From the book TCP/IP Architecture, Protocols, Implementation (including IP version 6 and IP Security) by Faith Sydney M

5.24 ARP Before a datagram is transmitted from one system on a local network to another, it is surrounded by a header and a trailing portion of the frame. The frame is delivered to network adapter, whose physical address matches the physical destination address from

From the book Programming in Ruby [Language ideology, theory and practice of application] by Fulton Hal

8.9 RIP The most widely used IGP protocol is RIP, which is derived from the Xerox Network System (XNS) routing protocol. The popularity of RIP is based on its simplicity and accessibility. RIP was originally implemented in the TCP/IP operating system

From the book Network Linux tools by Smith Roderick W.

8.17 BGP The Border Gateway Protocol (BGP) is widely used on the Internet. The current version of the protocol is BGP-4. On the modern Internet, there are many providers connected to each other in the manner of an interconnection network. When moving towards a point

From the author's book

14.6 FTP C protocol FTP protocol The following concepts are related:? Commands and their parameters sent over the control connection? Numeric codes returned in response to the command? Format of transferred data Below is a set of FTP commands. They are transmitted by manager

From the author's book

15.17 NFS Protocol The latest implementation of NFS is version 3, although implementations of version 2 continue to be successfully used. The NFS server program is number 100003 and, by convention, NFS seizes the port upon initialization

From the author's book

16.9 SMTP Commands The script in section 16.6.1 contained the most commonly used SMTP commands. Full set SMTP commands are presented in Table 16.1.Table 16.1 SMTP Commands Command Description HELO Identifies the sender to the recipient. MAIL FROM Start of a mail transaction and indicate

From the author's book

16.12.2 Enhanced SMTP Conversation The example below demonstrates how the Enhanced Mail Transfer Agent creates a transaction to send a MIME message in 8-bit format:? The recipient announces its improved capabilities, including 8BITMIME.? The MAIL FROM command has

Programs that implement SMTP server on Linux sendmail. The currently most popular mail server, sendmail, is often included with Linux systems. This package provides extensive functionality and many programs by default assume that it is installed in

From the author's book

From the author's book

Special Features of the SMTP Server The following sections describe various characteristics mail server, which are specified when setting it up. In order not to describe these characteristics for each server, let's consider them

(SMTP) is a standard for e-mail. Originally documented in RFC 821 (1982), last time was updated in 2008 with expanded additions of SMTP according to RFC 5321 (a widely used protocol today).

Although mail servers and other mail agents use SMTP to send and receive e-mail correspondence, user-class software, as a rule, uses SMTP ports only to send data to the server for relaying. Client applications typically use either IMAP or POP3 to receive messages. These protocols are the most convenient and in demand for these purposes: they have advanced functionality and a wide range of capabilities.

Characteristics

SMTP communication between mail servers uses TCP port 25. Mail clients often send outgoing messages to the mail server on port 587. Although outdated mail providers it is still allowed to use the non-standard port 465 for this purpose.

SMTP connections protected by TLS, known as SMTPS, can be made using STARTTLS technology.

Proprietary and email systems use their own non-standard protocols to access mailboxes on their email servers - all companies use SMTP server ports when sending or receiving email occurs outside of their own systems.

SMTP destination

Almost everything on the Internet is made possible by protocols—special network software rules that allow a computer to communicate with all networks so users can shop, read the news, and send email. Protocols are vital to day-to-day networking—they are built into networking software and used by default.

The SMTP Port Protocol provides a set of codes that facilitate the exchange of email messages between servers ( network computer, which processes incoming and outgoing email). This is a kind of shorthand that allows the server to break down the different parts of the message into categories that another server can understand. When a user sends a message, it turns into lines of text separated by code words (or numbers) that define the purpose of each section.

Technical terminology

SMTP is a TCP/IP protocol used for working with e-mail. However, since it is limited to the ability to send messages to a queue on the receiving end, it is typically used with either POP3 or IMAP, which allows data to be stored on a server and downloaded when necessary. In other words, they usually use an application that selects SMTP for sending e-mail and POP3 or IMAP for receiving correspondence. On Unix based systems, sendmail is the most widely used SMTP server for email. The commercial Sendmail package includes a POP3 server. Microsoft Exchange includes an SMTP server and can also be configured to support POP3.

SMTP is typically used to operate over Internet port 25. An alternative to SMTP that is widely used in Europe is X.400. Many mail servers now support Extended Simple Mail Transfer Protocol (ESMTP), which allows you to transfer multimedia files in the form of email.

Story

In the 1960s, various forms of electronic messaging were used. Users communicated using systems built for specific mainframe computers. Because everything more computers became interconnected, there was a need to develop standards that would allow users different systems send email to each other. SMTP evolved from these standards developed in the 1970s.

Further implementations include the FTP Mail Protocol, starting in 1973. Development work continued into the 1970s until ARPANET became modern Internet in 1980. Then Jon Postel proposed a protocol for transferring mail data.

SMTP began to be widely used in the early 1980s. At that time, this protocol was a Unix add-on for the Unix Copy Program mail program. SMTP is better generally works when the sending and receiving machines are connected to the Network, use a storage and sending mechanism, and are examples of push technology.

Mail processing model

E-mail is sent by an email client (Mail User Agent, MUA) to a mail server (Mail Submission Agent, MSA) using SMTP on TCP port 587. Most mailbox providers still allow sending to traditional port 25. MSA delivers mail to your mail agent (mail transfer agent, MTA). Often these agents are instances of generic software activated with various parameters on one computer. Local processing can either be done on a single machine or shared across multiple machines. Mail agent processes on the same machine can exchange files, but if processing is running on multiple machines, they pass messages among themselves using an SMTP port, where each machine is configured to use the next machine as the smart host.

Protocol Overview

SMTP is a connection-oriented text protocol in which the sender of mail communicates with the mail recipient by issuing command lines and providing the necessary data through a reliable, orderly data flow channel. An SMTP session consists of commands issued by the SMTP client (initiating agent, sender, or transmitter) and corresponding responses from the SMTP server (listening agent or recipient). A session may include zero or more SMTP transactions, which consist of three command/response sequences:

In addition to the intermediate response for DATA, the response from each server can be either positive or negative (code 2xx). Negative responses can be permanent (codes 5xx) or temporary (codes 4xx). A rejection is a permanent failure and the client must send a rejection message to the server where it received it. A fall is a positive response followed by a rejection of the message.

Mail SMTP ports and their meaning

SMTP is a delivery protocol only. At normal use The mail is sent to the target mail server, such as the SMTP server of the mail port. Data is routed based on the destination server rather than the individual users it is addressed to. Other protocols (POP or IMAP) are specifically designed for use by individual users who receive messages and manage mailboxes. SMTP, POP, and IMAP are not acceptable protocols for relaying mail over computers with intermittent connections. They are designed to operate after final delivery, when information is critical to proper operation mail relay has been deleted.

Starting an empty message queue

Remote Message Queue Starting is an SMTP feature that allows a remote host to start mail processing on the server so that it can receive messages intended for it by sending the TURN command. However, this feature posed a potential data security risk and was extended in RFC 1985 by the ETRN command, which operates more securely using an authentication method based on Domain Name System information.

International email address

Users whose script is not Latin, or who use diacritics not in the set ASCII characters, experienced difficulties with the requirement for an email address in the Latin alphabet (mail.ru SMTP port). RFC 6531 was created to address this issue by providing internationalization capabilities for SMTP, an extension to SMTPUTF8, and support for multi-byte and non-ASCII characters in email addresses. Examples: diacritics and other language symbols (Greek and Chinese). Also relevant for Yandex SMTP port.

Current support for this document is limited at this time, but there is great interest in widespread adoption of RFC 6531 and related RFCs in countries such as China that have a large user base where Latin (ASCII) is a foreign script.

Outgoing mail from SMTP server

The email client must know the IP address of its original SMTP server. This must be specified as part of its configuration (usually the DNS name). This server will provide outgoing messages on behalf of the user.

Restrictions on access to the outgoing mail server

Server administrators need to impose certain controls on those clients who can use the server. This helps combat abuse and spam. Similar solutions were widely used:

Previously, many systems imposed restrictions on the use of client location, allowing only use by clients whose IP address was one of the server administrators. Use from any other client IP address is prohibited.

Modern SMTP servers usually offer alternative system, requiring clients to authenticate with credentials before allowing access.

SMTP - what port is used?

Communication between mail servers usually always uses the default value TCP port 25 assigned for SMTP. However, email clients usually use specific smtp ssl ports instead. Most Internet service providers now block all outgoing port traffic from their customers as an anti-spam measure. For the same reason, businesses typically configure their firewall to allow outgoing ports from designated mail servers.

SMTP transport example

A typical example of sending a message via SMTP to two mailboxes (alice and theboss) located in the same mail domain(example.com or localhost.com), is reproduced in the next exchange session. After the message sender (SMTP client) establishes a reliable communication channel to the message receiver (SMTP server), a session is opened with a server typically containing its fully qualified domain name (FQDN), in this case smtp, example, or com. The client initiates its dialog box by responding with a HELO command identifying itself in the command parameter with its full domain name(or an address literal if not available).

Additional extensions

Clients learn which options the server supports by using the EHLO greeting instead of the original HELO. Clients only fall back to HELO if the server does not support SMTP extensions.

Modern clients can use keyword ESMTP extension SSRE for server request for maximum size message that will be received. Old clients and servers may attempt to transmit oversized messages that will be rejected after use network resources, including connection time to network links.

Anti-spam methods and email authentication

The original design of SMTP had no way to identify senders or check whether servers were allowed to send on their behalf. As a result, email spoofing is possible, which is commonly used in email spam and phishing.

Special proposals are being made to change SMTPs or replace them completely. One example of this is Internet Mail 2000, but neither it nor any other achieved much success before the network effect of classic SMTP's huge installed base. Instead, mail servers now use a range of methods, including DomainKeys, DomainKeys Identified Mail, Policy Framework and DMARC, DNSBLs and greylisting to reject or quarantine suspicious emails.