Vous êtes sur la page 1sur 22

Simple Mail Transfer

 standard e-mail protocol on the internet where email data
packets are transferred from one networked machine to
 was originally designed for only plain text (ASCII text), but
MIME and other encoding methods enable executable
programs and multimedia files to be attached to and
 mail servers use SMTP for both sending and receiving
mails, whereas, user-end clients only use SMTP for
submitting mails or sending
SMTP Model

Client- Server-
File and Mail
System System

Client Server

sending MUA → MSA → sending MTA → receiving MTA → MDA →

Mailstore for retrieval by MUA
 When an SMTP client has a message to transmit, it
establishes a two-way transmission channel to an SMTP
server. The responsibility of an SMTP client is to transfer
mail messages to one or more SMTP servers.

 Once the transmission channel is established and initial

handshaking completed, the SMTP client normally
initiates a mail transaction. Such a transaction consists of a
series of commands.
Basic Commands

 HELO/EHLO - Initial State Identification

 MAIL- Mail Sender Reverse Path
 RCPT - One Recipient’s Forward Path
 DATA - Mail Message Text State
 RSET - Abort Transaction and Reset all buffers
 NOOP - No Operation
 QUIT- Commit Message and Close Channel
 does not require authentication. It is this
characteristic of SMTP that makes junk email or
spam possible

 One problem relates to message length. Some

older implementations cannot handle messages
exceeding 64KB.
 Another problem relates to timeouts. If the client
and server have different timeouts, one of them
may give up while the other is still busy,
unexpectedly terminating the connection.
 provides a mechanism for email clients to
specify a security mechanism to a mail server,
authenticate the exchange, and negotiate a
security profile (Simple Authentication and
Security Layer, SASL) for subsequent message
 Modern clients may use the ESMTP extension
keyword SIZE to query the server for the
maximum message size that will be accepted
Post Office Protocol
 standard e-mail protocol used by local e-mail clients to
retrieve e-mail from a remote server over a TCP/IP connection
 E-mail client using POP3 connect to server, retrieve messages
and download them to PC, deletes them from the server and
 Listens to port 110 by default.
 POP3 transferred emails are secured by SSL or TLS.
 Two ways for authorization
 Using “USER and PASS” which is not safe as password is

sent in plain text

 APOP: MD5 hashes are generated on a block of data that

contains the password and random data

(pid.clock@hostname). It is the hash that is sent to the
server to prove that the user knows the password. 
POP3 Telnet
 telnet pop3server 110
 USER userid
 PASS password
 LIST {message number}
 RETR message-id
 DELE message-id
 RSET message-id
Internet Message Access
Protocol (IMAP)
 standard e-mail protocol used by local e-mail clients to
retrieve e-mail from a remote server over a TCP/IP
 supports both on-line and off-line modes of operation.
 leaves messages on to server while client can store
local copies.
 more than one client can connect at the same time.
 IMAP protocol based on a TCP connection (port 143).
Procedure of the IMAP protocol
 All emails are kept on a mail server
 Functionality:
 Treat as local directory
 work directly on server
 copy
 delete
 different folders
 download message headers and later on
the full messages
Different states of an IMAP
 Most commands are only valid in special states
(otherwise: protocol error)
 4 states (initialization is not an own state)
 Non-Authenticated : when TCP connection is
 Authenticated : on authenticating
 Selected : on selecting a mailbox
 Logout, Closed : on logging out of the IMAP server.
 List of token associated with the message that
is sent by the server
 Set by addition of message to list and cleared
on removal.
 Types ( either of them can be permanent or session
 System flag: predefined in IMAP specification and
begin with ‘\’. Eg: \Seen, \Deleted, \Answered…
 Keywords: defined by server implementation and
don’t begin with ‘\’
IMAP Telnet
 telnet imap.server.com 143
 1 Login userid pass
 2 list “” *
 3 delete mailbox1
 4 rename mailbox1 mailbox2
 5 Fetch 1:*
 6 select inbox/mailbox1
 7 logout
Downloads all messages during Downloads only headers and when
‘check new mail’ process. clicked loads full body.

Connects to server once whenHave to remain connected forever.

checking for mails.
Only one client can access. Multiple clients can access.
Mailboxes can be created only inMultiple mailboxes can be created
PC. on to server.
Outgoing mail stored on to PC. Outgoing mail stored in sent folder
of server (optional).
Messages deleted from PC. Messages deleted directly from the
Server side searching not possible Server side searching possible

Messages retrieved from the hardComparatively slower since

drive and hence fast. retrieving from server.
Secure Multipurpose
Internet Mail Extension
 is a security enhancement to the MIME Internet e-mail format
 is not restricted to mail; it can be used with any transport mechanism
that transports MIME data, such as HTTP.
 based on technology from RSA Security
 Uses PKCS7 (Public Key Cryptography Standard)
 S/MIME provides the following cryptography security services:
 Authentication.
 Message Integrity. (By using digital signing)
 Non-repudiation of origin.
 Privacy and data security. (By using encryption)
S/MIME Functions
 Enveloped data:
 This consists of encrypted content of any type and encrypted content
encryption keys for one or more users. This functions provides privacy
and data security.

 Signed data:
 standard digital signature (“hash and sign”)
 content + signature is encoded using base64 encoding

 Clear signed data:

 standard digital signature
 only the signature is encoded using base64

 Signed and enveloped data:

 signed and encrypted entities may be nested in any order
S/MIME - Certificates
 Before S/MIME can be used, one must obtain and install an individual
key/certificate either from certificate authority (CA) or from a public
 a certificate can only be trusted if:
 every certificate in the chain is successfully verified.
 every CA in the certificate chain is trusted.
The End