Application Protocols: SMTP and Others Electronic Mail
Total Page:16
File Type:pdf, Size:1020Kb
Electronic Mail 4: Application Protocols: SMTP and others Last Modified: 2/3/2003 8:07:08 PM 2: Application Layer 1 2: Application Layer 2 outgoing Electronic Mail message queue Electronic Mail: mail servers user mailbox Three major components: user Mail Servers user agent agent ❒ user agents ❒ mailbox contains incoming mail mail ❒ user user mail servers server messages (yet to be read) server agent agent ❒ simple mail transfer for user SMTP ❒ protocol: smtp mail message queue of outgoing SMTP mail server user (to be sent) mail messages server user User Agent SMTP agent (if message cannot be agent delivered will stay in queue) SMTP ❒ a.k.a. “mail reader” ❒ smtp protocol between mail ❒ composing, editing, reading SMTP SMTP mail user servers to send email user mail messages agent mail server messages server agent ❒ e.g., Eudora, Outlook, elm, ❍ Mail server is an SMTP Netscape Messenger user client when sending mail user ❒ outgoing, incoming messages agent ❍ Mail server is an SMTP agent stored on server user user agent server” when receiving agent mail 2: Application Layer 3 2: Application Layer 4 Electronic Mail: smtp [RFC 2821] SMTP History ❒ Uses tcp to reliably transfer email msg from ❒ SMTP has been around a long time client to server, port 25 ❒ direct transfer: sending server to receiving ❍ RFC done in 1982 server ❍ In use well before that ❒ three phases of transfer ❒ ❍ handshaking (greeting) Messages must be in 7-bit ASCII ❍ transfer of messages (made sense in text-based early days) ❍ closure ❒ Requires encoding for binary data ❒ command/response interaction ❍ commands: ASCII text (jpegs, etc.) in 7-bit ASCII (yuck!) ❍ response: status code and phrase ❍ Much like HTTP 2: Application Layer 5 2: Application Layer 6 1 try smtp interaction for yourself: Sample smtp interaction S: 220 hamburger.edu C: HELO crepes.fr ❒ telnet servername 25 S: 250 Hello crepes.fr, pleased to meet you ❒ C: MAIL FROM: <[email protected]> see 220 reply from server S: 250 [email protected]... Sender ok ❒ enter HELO, MAIL FROM, RCPT TO, DATA, QUIT C: RCPT TO: <[email protected]> commands S: 250 [email protected] ... Recipient ok C: DATA above lets you send email without using email client S: 354 Enter mail, end with "." on a line by itself (reader) C: Do you like ketchup? C: How about pickles? ❒ How do you know the right server name? C: . S: 250 Message accepted for delivery Trace it – does your mail data go in the C: QUIT clear? S: 221 hamburger.edu closing connection 2: Application Layer 7 2: Application Layer 8 What is missing? Mail message format SMTP Data ❒ Some commands processed by SMTP protocol smtp: protocol for exchanging mirror mail headers we are used to seeing in our email msgs Message headers blank email messages (To, From, …), but are not the RFC 2822: standard for text message format (format of line same things data from smtp ❒ Email headers (To, From, CC, Subject, Date, ..) are perspective) considered part of the data by SMTP and are not ❒ header lines, e.g., Message body processed SMTP server at all! ❍ To: ❒ Email headers are processed by the mail reader ❍ CC: ❍ software and ignored by SMTP Subject: different from SMTP ❍ How is Bcc implemented? commands! ❒ Another example of “protocol” layering (like HTML ❒ body and HTTP) ❍ the “message”, ASCII characters only 2: Application Layer 9 2: Application Layer 10 Sample smtp interaction SMTP format S: 220 hamburger.edu C: HELO crepes.fr ❒ SMTP requires that message (header & body) be S: 250 Hello crepes.fr, pleased to meet you C: MAIL FROM: <[email protected]> in 7-bit ascii S: 250 [email protected]... Sender ok ❒ Certain character strings are not permitted in C: RCPT TO: <[email protected]> S: 250 [email protected] ... Recipient ok message (e.g., CRLF.CRLF). Thus message has to C: DATA be encoded (usually into either base-64 or S: 354 Enter mail, end with "." on a line by itself quoted printable) C: To: [email protected] C: Subject: dinner preferences ❒ SMTP server uses CRLF.CRLF to determine end C: From: [email protected] of message C: C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 hamburger.edu closing connection 2: Application Layer 11 2: Application Layer 12 2 What about sending pictures and other MIME types: Extensible binary data? Content-Type: type/subtype; parameters ❒ Don’t try this by hand ☺ ❒ MIME: multimedia mail extension, RFC 2045, 2056 Text Video ❒ ❒ example subtypes: plain, ❒ example subtypes: mpeg, additional lines in msg header declare MIME content html type quicktime From: [email protected] MIME version To: [email protected] Image ❒ Application Subject: Picture of yummy crepe. example subtypes: jpeg, ❒ method used MIME-Version: 1.0 gif other data that must be to encode data Content-Transfer-Encoding: base64 processed by reader Content-Type: image/jpeg before “viewable” multimedia data Audio ❒ type, subtype, ❒ example subtypes: basic example subtypes: base64 encoded data ..... msword, octet-stream parameter declaration ......................... (8-bit mu-law encoded), ......base64 encoded data 32kadpcm (32 kbps encoded data coding) 2: Application Layer 13 2: Application Layer 14 Multipart Type From: [email protected] To: [email protected] Spam/forged mail Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=98766789 ❒ “Received:” and “MessageID” headers are --98766789 part of the data Content-Transfer-Encoding: quoted-printable Content-Type: text/plain ❍ Accurate and helpful from legitimate servers Dear Bob, and user agents Please find a picture of a crepe. ❒ --98766789 Start with a legitimate server you trust Content-Transfer-Encoding: base64 ❍ Content-Type: image/jpeg Don’t relay messages from a site outside your domain to another host outside your domain base64 encoded data ..... ❍ ......................... Verify the Mail From field (resolvable domain ......base64 encoded data and matching IP address) --98766789-- ❍ Refuse traffic from known spammers 2: Application Layer 15 2: Application Layer 16 Sample Spam Tracking and Reporting Spam From [email protected] Sat Sep 4 16:55:41 1999 Received: from cs2.CS.Berkeley.EDU (cs2.CS.Berkeley.EDU [169.229.60.56]) ❒ by mnemosyne.CS.Berkeley.EDU (8.9.1a/) with ESMTP id QAA20836 for <[email protected]>; Record IP address of sender and time and Sat, 4 Sep 1999 16:55:38 -0700 (PDT) date of message transfer Received: from mail.everfaster.com (mail.everfaster.com [197.46.220.4]) by cs2.CS.Berkeley.EDU (8.9.1a/8.6.6.Beta11) with ESMTP id LAA18735 for <[email protected]>; Sat, 4 ❒ Sep 1999 16:55:04 -0700 (PDT) Spamcop uses a combination of tools like Received: from gate.hypermoon.com (pool37.qs4w.longlink.net [217.6.1.7]) dig, nslookup and finger to cross-check all by mail.everfaster.com (8.8.7/8.8.7) with SMTP id PAA20074; Sat, 4 Sep 1999 19:54:21 -0400 (EDT) Received: from fritz.hotdogcity.com (fritz.hotdogcity.com [221.88.9.16]) the information in an email header and find by server.big-hello.com (8.8.8/8.8.8) with SMTP id RAA04617; Sat, 4 Sep 1999 19:53:33 -0400 (EDT) the email address of the system Received: by fritz.hotdogcity.com with Internet Mail Service (5.5.248.0) id Q19G494F; Sat, 4 Sep 1999 19:53:25 -0400 (EDT) Date: Sat, 4 Sep 1999 19:53:23 -0400 (EDT) From: Charles Lewis <[email protected]> administrator responsible for the network To: [email protected] Subject: You'll never believe this! from which the mail was sent Message-ID: <[email protected]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii ❒ postmaster@domain or abuse@domain You won't believe this, but some company just paid me to surf the web! Check out... 2: Application Layer 17 2: Application Layer 18 3 Multiple recipients Email viruses ❒ When you send mail to your outgoing mail ❒ Often attachments which once opened run server, transfer one copy of message with the users full privileges and corrupt regardless of how many recipients the system on which mail is read ❍ Great for spammers ❒ Viruses tend to target Windows as it is the ❒ Mail servers could play the same trick platform used by the majority of people ❍ Look at RCPT to list ❍ If more than one recipient per destination mail server then transfer just one mail ❒ Could also send one copy per recipient ❍ Recommended configuration? 2: Application Layer 19 2: Application Layer 20 SMTP vs HTTP Outgoing Mail Server? ❒ Why not just SMTP server on local ❒ Smtp: persistent connections like HTTP 1.1 machine? ❒ “Push not pull” means your PC must be ❒ Both have ASCII command/response interaction, status codes constantly on to accept “push” ❒ http: each object is encapsulated in its own response message ❒ smtp: multiple objects message sent in a multipart message ❒ http: pull; smtp: push 2: Application Layer 21 2: Application Layer 22 SMTP = outgoing Incoming mail? SMTP SMTP ❒ POP3 or user Notice we didn’t see any SMTP commands user agent to “get” or “retrieve” mail agent IMAP ❒ SMTP is for outgoing mail only sender’s mail receiver’s mail ❒ How do we get mail? server server ❒ Mailbox file ❍ Early days: log on to server and read mail from ❒ POP: Post Office Protocol [RFC 1939] authorization (agent <- a mailbox = file on server ->server) and download ❍ How many people still read mail that way? (I do ❒ IMAP: Internet Mail Access Protocol [RFC 1730] more ☺) features (more complex) manipulation of stored messages ❍ Today many people read mail on their PC on server ❒ HTTP: Hotmail , Yahoo! Mail, etc. ❍ How do they get their mail from the mail ❍ Why not use HTTP to transfer random things like email? server? ❍ Convenient – don’t need mail reader just the ubiquitous web browser ❒ 2: Application Layer 23 Other? 2: Application Layer 24 4 try POP interaction for yourself: POP3 protocol S: +OK POP3 server ready C: user alice authorization phase S: +OK ❒ C: pass hungry telnet servername 110 ❒ client commands: S: +OK user successfully logged on ❒ see “OK POP3 server ready” reply from server ❍ user: declare username ❒ ❍ pass: password C: list enter user, pass, list, retr, dele commands ❒ S: 1 498 server responses S: 2 912 ❍ +OK S: .