Electronic Mail 4: Application Protocols: SMTP and others Last - PDF document

Electronic Mail 4: Application Protocols: SMTP and others Last Modified: 2/3/2003 8:07:08 PM 2: Application Layer 2: Application Layer 1 2 Electronic Mail Electronic Mail: mail servers outgoing message queue user mailbox user Three major components: Mail Servers user agent agent ❒ user agents ❒ mailbox contains incoming mail mail user messages (yet to be read) ❒ mail servers user server server agent for user agent ❒ simple mail transfer SMTP SMTP ❒ message queue of outgoing protocol: smtp mail mail (to be sent) mail messages server user server user SMTP (if message cannot be agent User Agent SMTP agent delivered will stay in queue) ❒ a.k.a. “mail reader” SMTP ❒ smtp protocol between mail SMTP ❒ composing, editing, reading user servers to send email mail user mail messages mail agent messages agent server server ❒ e.g., Eudora, Outlook, elm, ❍ Mail server is an SMTP Netscape Messenger user client when sending mail user ❒ outgoing, incoming messages agent agent ❍ Mail server is an SMTP stored on server user user server” when receiving agent agent mail 2: Application Layer 2: Application Layer 3 4 SMTP History Electronic Mail: smtp [RFC 2821] ❒ Uses tcp to reliably transfer email msg from ❒ SMTP has been around a long time client to server, port 25 ❍ RFC done in 1982 ❒ direct transfer: sending server to receiving server ❍ In use well before that ❒ three phases of transfer ❒ Messages must be in 7-bit ASCII ❍ handshaking (greeting) (made sense in text-based early days) ❍ transfer of messages ❍ closure ❒ Requires encoding for binary data ❒ command/response interaction (jpegs, etc.) in 7-bit ASCII (yuck!) ❍ commands: ASCII text ❍ response: status code and phrase ❍ Much like HTTP 2: Application Layer 2: Application Layer 5 6

try smtp interaction for yourself: Sample smtp interaction S: 220 hamburger.edu C: HELO crepes.fr ❒ telnet servername 25 S: 250 Hello crepes.fr, pleased to meet you ❒ see 220 reply from server C: MAIL FROM: <alice@crepes.fr> ❒ enter HELO, MAIL FROM, RCPT TO, DATA, QUIT S: 250 alice@crepes.fr... Sender ok C: RCPT TO: <bob@hamburger.edu> commands S: 250 bob@hamburger.edu ... Recipient ok above lets you send email without using email client C: DATA (reader) S: 354 Enter mail, end with "." on a line by itself C: Do you like ketchup? ❒ How do you know the right server name? C: How about pickles? Trace it – does your mail data go in the C: . S: 250 Message accepted for delivery clear? C: QUIT S: 221 hamburger.edu closing connection 2: Application Layer 2: Application Layer 7 8 What is missing? Mail message format SMTP Data ❒ Some commands processed by SMTP protocol smtp: protocol for exchanging email msgs mirror mail headers we are used to seeing in our Message headers blank RFC 2822: standard for text email messages (To, From, …), but are not the line message format (format of same things data from smtp ❒ Email headers (To, From, CC, Subject, Date, ..) are perspective) considered part of the data by SMTP and are not Message body ❒ header lines, e.g., processed SMTP server at all! ❍ To: ❍ CC: ❒ Email headers are processed by the mail reader ❍ Subject: software and ignored by SMTP different from SMTP ❍ How is Bcc implemented? commands ! ❒ Another example of “protocol” layering (like HTML ❒ body and HTTP) ❍ the “message”, ASCII characters only 2: Application Layer 2: Application Layer 9 10 SMTP format Sample smtp interaction S: 220 hamburger.edu ❒ SMTP requires that message (header & body) be C: HELO crepes.fr S: 250 Hello crepes.fr, pleased to meet you in 7-bit ascii C: MAIL FROM: <alice@crepes.fr> ❒ Certain character strings are not permitted in S: 250 alice@crepes.fr... Sender ok C: RCPT TO: <bob@hamburger.edu> message (e.g., CRLF.CRLF ). Thus message has to S: 250 bob@hamburger.edu ... Recipient ok be encoded (usually into either base-64 or C: DATA quoted printable) S: 354 Enter mail, end with "." on a line by itself C: To: bob@hamburger.edu ❒ SMTP server uses CRLF.CRLF to determine end C: Subject: dinner preferences of message C: From: alice@crepes.fr C: C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 hamburger.edu closing connection 2: Application Layer 2: Application Layer 11 12

What about sending pictures and other MIME types: Extensible binary data? Content-Type: type/subtype; parameters ❒ Don’t try this by hand ☺ Text Video ❒ MIME: multimedia mail extension, RFC 2045, 2056 ❒ example subtypes: plain, ❒ example subtypes: mpeg, ❒ additional lines in msg header declare MIME content html quicktime type From: alice@crepes.fr Image MIME version Application To: bob@hamburger.edu ❒ example subtypes: jpeg, Subject: Picture of yummy crepe. method used ❒ other data that must be gif MIME-Version: 1.0 to encode data processed by reader Content-Transfer-Encoding: base64 before “viewable” Audio Content-Type: image/jpeg multimedia data ❒ example subtypes: type, subtype, ❒ example subtypes: basic base64 encoded data ..... msword, octet-stream parameter declaration (8-bit mu-law encoded), ......................... 32kadpcm (32 kbps ......base64 encoded data coding) encoded data 2: Application Layer 2: Application Layer 13 14 Multipart Type Spam/forged mail From: alice@crepes.fr To: bob@hamburger.edu Subject: Picture of yummy crepe. MIME-Version: 1.0 ❒ “Received:” and “MessageID” headers are Content-Type: multipart/mixed; boundary=98766789 part of the data --98766789 Content-Transfer-Encoding: quoted-printable ❍ Accurate and helpful from legitimate servers Content-Type: text/plain and user agents Dear Bob, ❒ Start with a legitimate server you trust Please find a picture of a crepe. --98766789 ❍ Don’t relay messages from a site outside your Content-Transfer-Encoding: base64 Content-Type: image/jpeg domain to another host outside your domain base64 encoded data ..... ❍ Verify the Mail From field (resolvable domain ......................... and matching IP address) ......base64 encoded data --98766789-- ❍ Refuse traffic from known spammers 2: Application Layer 2: Application Layer 15 16 Sample Spam Tracking and Reporting Spam ❒ Record IP address of sender and time and From dogboyseven@aol.com Sat Sep 4 16:55:41 1999 Received: from cs2.CS.Berkeley.EDU (cs2.CS.Berkeley.EDU [169.229.60.56]) by mnemosyne.CS.Berkeley.EDU (8.9.1a/) with ESMTP id QAA20836 for <jnm@mailspool.CS.Berkeley.EDU>; date of message transfer Sat, 4 Sep 1999 16:55:38 -0700 (PDT) Received: from mail.everfaster.com (mail.everfaster.com [197.46.220.4]) ❒ Spamcop uses a combination of tools like by cs2.CS.Berkeley.EDU (8.9.1a/8.6.6.Beta11) with ESMTP id LAA18735 for <jnm@cs.berkeley.edu>; Sat, 4 Sep 1999 16:55:04 -0700 (PDT) dig, nslookup and finger to cross-check all Received: from gate.hypermoon.com ( pool37.qs4w.longlink.net [217.6.1.7]) by mail.everfaster.com (8.8.7/8.8.7) with SMTP id PAA20074; Sat, 4 Sep 1999 19:54:21 -0400 (EDT) the information in an email header and find Received: from fritz.hotdogcity.com (fritz.hotdogcity.com [221.88.9.16]) the email address of the system by server.big-hello.com (8.8.8/8.8.8) with SMTP id RAA04617; Sat, 4 Sep 1999 19:53:33 -0400 (EDT) administrator responsible for the network Received: by fritz.hotdogcity.com with Internet Mail Service (5.5.248.0) id Q19G494F; Sat, 4 Sep 1999 19:53:25 -0400 (EDT) Date: Sat, 4 Sep 1999 19:53:23 -0400 (EDT) From: Charles Lewis <clewis@hotmail.com> from which the mail was sent To: jnm@cs.berkeley.edu Subject: You'll never believe this! Message-ID: <19990904195323.H8159@fritz.hotdogcity.com> ❒ postmaster@domain or abuse@domain Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii You won't believe this, but some company just paid me to surf the web! Check out... 2: Application Layer 2: Application Layer 17 18