Simple Mail Transfer Protocol (SMTP) Team: Zealous Team: Zealous Presented By: Vishal Parikh (003749955) Vishal Parikh (003749955) Ribhu Pathria(004698318)
Post on 15-Jan-2016
214 Views
Preview:
Transcript
Simple Mail Transfer Protocol Simple Mail Transfer Protocol (SMTP)(SMTP)
Team: ZealousTeam: Zealous
Presented By:Presented By: Vishal Parikh (003749955)Vishal Parikh (003749955) Ribhu Pathria(004698318)Ribhu Pathria(004698318) Deval Dudhia(004692975)Deval Dudhia(004692975) Vaibhav Patel(004413124)Vaibhav Patel(004413124) Jainip Desai (004677635) Jainip Desai (004677635)
AgendaAgenda
IntroductionIntroduction Format of E-mailFormat of E-mail Basic SMTP architectureBasic SMTP architecture SMTP Communication modelSMTP Communication model Commands of SMTPCommands of SMTP Session Establishment and TerminationSession Establishment and Termination SMTP mail transaction processSMTP mail transaction process Security BasicsSecurity Basics PGP-SMIME-PEMPGP-SMIME-PEM Server AuthenticationServer Authentication Advantages Advantages LimitationsLimitations Special FeaturesSpecial Features ConclusionConclusion ReferencesReferences
IntroductionIntroduction
SMTP stands for Simple Mail Transfer Protocol.SMTP stands for Simple Mail Transfer Protocol.
MTP preceded SMTP. The Commands of MTP are based MTP preceded SMTP. The Commands of MTP are based directly on those of FTP.directly on those of FTP.
What is the need of SMTP ????What is the need of SMTP ???? Came into existence in 1981 (RFC 780)Came into existence in 1981 (RFC 780)
SMTP is simpler than MTP it replaced.SMTP is simpler than MTP it replaced.
When an e-mail is sent from the sender to receiver, in most When an e-mail is sent from the sender to receiver, in most cases this involves, the sender machine sends the email to cases this involves, the sender machine sends the email to local SMTP sever, which in then sends mail to recipients local SMTP sever, which in then sends mail to recipients local SMTP sever, and finally to recipients local machine.local SMTP sever, and finally to recipients local machine.
How messages are sent to SMTP How messages are sent to SMTP server?server?
E-mail communication using RelayingE-mail communication using Relaying Used during initial days of SMTP.Used during initial days of SMTP. SMTP routing information is included along with E-SMTP routing information is included along with E-
mail address.mail address. Problem with this method.Problem with this method.
Using DNSUsing DNS This method is used at present.This method is used at present. The senders SMTP server makes the use of DNS to The senders SMTP server makes the use of DNS to
find MX record of the domain to which the E-mail is to find MX record of the domain to which the E-mail is to be sent.be sent.
Format of an e-mailFormat of an e-mail
Mail is a Text File.Mail is a Text File.
Envelope: It contains with sender address, receiver address and Envelope: It contains with sender address, receiver address and
other information.other information.
Message: It contains Mail Header and Mail Body.Message: It contains Mail Header and Mail Body.
Mail Header: It defines the sender, the receiver, the subject of Mail Header: It defines the sender, the receiver, the subject of the the
message and other informationmessage and other information
Mail Body: It contains the actual information in the messageMail Body: It contains the actual information in the message
Why to use an envelope if sender and recipient’s email address isWhy to use an envelope if sender and recipient’s email address isalready contained in the headers of the message itself?already contained in the headers of the message itself?
Basic SMTP ArchitectureBasic SMTP Architecture
SMTP clients and servers have two SMTP clients and servers have two mainmain
components:components:
User Agents (UA):User Agents (UA): It prepares a message and It prepares a message and
encloses in an envelope.encloses in an envelope.
Mail Transfer Agents (MTA):Mail Transfer Agents (MTA): It transfers the mail across It transfers the mail across
the internet.the internet.
SMTP Communication ModelSMTP Communication Model
Commands of SMTPCommands of SMTP
HELO HELO : : Request to initiate SMTP sessionRequest to initiate SMTP session
MAIL FROM : Sender’s E-Mail addressMAIL FROM : Sender’s E-Mail address
RCPT TO : Receiver’s E-Mail addressRCPT TO : Receiver’s E-Mail address
DATA : Body of messageDATA : Body of message
QUIT : Terminates SMTP connectionQUIT : Terminates SMTP connection
RSET : Aborts mail transactionRSET : Aborts mail transaction
VRFY : Asks receiver to verify the validity of the mailboxVRFY : Asks receiver to verify the validity of the mailbox
EXPN : Asks receiver to identify mailing listEXPN : Asks receiver to identify mailing list
HELP : Causes receiver to send help informationHELP : Causes receiver to send help information
NOOP : Forces server to verify the communication with SMTP NOOP : Forces server to verify the communication with SMTP
receiverreceiver
Session Establishment and Session Establishment and TerminationTermination
SMTP Mail Transaction ProcessSMTP Mail Transaction Process
1. 1. Transaction Initiation and Sender IdentificationTransaction Initiation and Sender IdentificationS: HELO sjsu.eduR: 250 Hello sjsu.eduS: MAIL FROM:<cooldd10@yahoo.com>R: 250 Ok
2. Recipient Identification2. Recipient Identification S: RCPT TO:<jainip_1983@gmail.com>R: 250 Ok
3. Mail Transfer3. Mail Transfer S: DATAR: 354 End data with <CR><LF>.<CR><LF>S: <The message data>S:.R: 250 Ok, message accepted for delivery: queued as 12345S: QUITR: 221 Bye
Status CodesStatus Codes
The Server responds with a three digit code that may be followed by The Server responds with a three digit code that may be followed by
the text info.the text info. 2XX – The SMTP server has accepted the command and has completed 2XX – The SMTP server has accepted the command and has completed
the request.the request.
3XX - Command is accepted and more information follows.3XX - Command is accepted and more information follows.
4XX - Try again later as there was a temporary failure with the 4XX - Try again later as there was a temporary failure with the command or the server.command or the server.
5XX – The requested operation will never be completed due to 5XX – The requested operation will never be completed due to permanent error.permanent error.
Security BasicsSecurity Basics
SECURITY
AUTHENTICATION CONFIDENTIALITY INTEGRITY
1. Public Key2. Digital Signature
3.Certificate
1. Encryption2. Symmetric Key
Encryption
1. Hash Function2. Message Digest
SMTP SECURITY SMTP SECURITY FEATURESFEATURES
??????
NOTHING!!!NOTHING!!!
SMTP
NO AUTHENTICA
TION
NO CONFIDENTI
ALITY
NO INTEGRITY
No authentication for
receiver or sender
No Hash Funtion
implemented to ensure integrity
Data transferred in plain text
C I A
PGP: It incorporates mechanisms for authentication, confidentiality, compression, e-mail compatibility and segmentation &
reassembly . MAIL & FILE
Symmetric encryption-CAST-128, 3-DES, IDEA
SHA DSS+ SHA orRSA+SHA
SMIME: S/MIME provides the functionality of Enveloped data, signed data, clear signed data and signed and
enveloped data. . MIMEMIME
Diffe-Hellman ( Key Exchange)Triple-DES or RC2/40
SHA-1/MD5
SHA-1/MD5 +DSS/RSA
PEM: Mechanism of key management for authentication purposes. . Text BasedText Based
DES MD2/MD5 DES+MD5
PGP-SMIME-PEM
Authentication for ServerAuthentication for Server
Mail Server Certificate Authority
Yahoo Google
HotmailMy SMTP
Server
Message+Certificate
Issue Certificates
Issue Certificate
Issue Certificate
Message
Accepted
Not A
ccepte
d
CacheYahoo CAHotmail CA
Message
AdvantagesAdvantages
• Very PopularVery Popular
• Supported on many platformsSupported on many platforms
• Low administration and implementation costsLow administration and implementation costs
• Simple addressing schemeSimple addressing scheme
LimitationsLimitations
• Security matters for SMTP are worse.Security matters for SMTP are worse.
• Its usefulness is limited by its simplicity.Its usefulness is limited by its simplicity.
• Transmission of executable files and binary files using SMTP is Transmission of executable files and binary files using SMTP is not possible without converting into text files.not possible without converting into text files. Use MIME to Use MIME to send mail in other format.send mail in other format.
• It cannot transmit text data that contains national language It cannot transmit text data that contains national language characters. These national language characters use 8-bit codes characters. These national language characters use 8-bit codes with values of 128 decimal or more.with values of 128 decimal or more.
• It is limited to 7-bit ASCII characters only. It is limited to 7-bit ASCII characters only.
• SMTP servers may reject mail messages beyond some specific SMTP servers may reject mail messages beyond some specific length.length.
Special FeaturesSpecial Features
Mail Forwarding: SMTP server may agree to accept e-mail for Mail Forwarding: SMTP server may agree to accept e-mail for non-local mailbox and forward it to the appropriate destination.non-local mailbox and forward it to the appropriate destination.
Mail Gatewaying: SMTP servers can be implemented as e-mail Mail Gatewaying: SMTP servers can be implemented as e-mail gateways which can translate TCP/IP email in a suitable form for gateways which can translate TCP/IP email in a suitable form for some another e-mail system and vice-versa.some another e-mail system and vice-versa.
Mail Relaying: SMTP includes the ability to relay mail from one Mail Relaying: SMTP includes the ability to relay mail from one server to another, as explained earlier, provided certain server to another, as explained earlier, provided certain conditions are met.conditions are met.
Address Debugging: VRFY command allows the client to ask the Address Debugging: VRFY command allows the client to ask the sender to verify address of recipient without sending mail to sender to verify address of recipient without sending mail to recipient.recipient.
Mailing List Expansion: EXPN command allows to expand Mailing List Expansion: EXPN command allows to expand mailing list.mailing list.
ConclusionConclusion
SMTP is one of the most widely used and implemented SMTP is one of the most widely used and implemented application. With the explosively growing reliance on application. With the explosively growing reliance on electronic mail for commercial and personal services, there electronic mail for commercial and personal services, there grows the demand of authentication and confidentiality. To grows the demand of authentication and confidentiality. To complement the weak security feature of SMTP industry use complement the weak security feature of SMTP industry use PGP-SMIME-PEM. Still there is need of implementing the PGP-SMIME-PEM. Still there is need of implementing the measures to eliminate spam and other security breaches.measures to eliminate spam and other security breaches.
ReferencesReferences
Web Sites:Web Sites:
http://www.faqs.org/rfcs/rfc821.html (RFC 821).http://www.faqs.org/rfcs/rfc821.html (RFC 821). http://www.faqs.org/rfcs/rfc2821.html (RFC 2821)http://www.faqs.org/rfcs/rfc2821.html (RFC 2821) http://www.tcpipguide.com/free/http://www.tcpipguide.com/free/
t_SMTPSpecialFeaturesCapabilitiesandExtensions.htmlt_SMTPSpecialFeaturesCapabilitiesandExtensions.html http://cns.utoronto.ca/usg/technotes/smtp-intro.htmlhttp://cns.utoronto.ca/usg/technotes/smtp-intro.html http://computer.howstuffworks.com/email5.htmhttp://computer.howstuffworks.com/email5.htm
Books:Books: Programmer's Guide to Internet Mail by John RhotonProgrammer's Guide to Internet Mail by John Rhoton TCP/IP Illustrated Volume 1 by Richard Stevens TCP/IP Illustrated Volume 1 by Richard Stevens
QUESTIONSQUESTIONS
SUGGESTIONSSUGGESTIONS
COMMENTSCOMMENTS
THANK YOUTHANK YOU
top related