(SMTP) is the standard for e-mail. Originally fixed in RFC 821 (1982), it was last updated in 2008 with extended additions to SMTP over RFC 5321 (a widely used protocol today).
Although mail servers and other mail agents use SMTP to send and receive e-mail correspondence, custom-class software typically uses SMTP ports only to send data to the server for relaying. Client applications typically use either IMAP or POP3 to receive messages. These protocols are the most convenient and in demand for these purposes: they have advanced functionality and a wide range of capabilities.
Characteristics
SMTP communication between mail servers uses TCP port 25. Mail clients often send outgoing mail to the mail server on port 587. Although legacy mail providers still allow the non-standard port 465 to be used for this purpose.
SMTP connections secured by TLS, known as SMTPS, can be made using STARTTLS technology.
Proprietary email systems and systems use their own non-standard protocols to access mailboxes on their mail servers - all companies use SMTP server ports when sending or receiving email occurs outside of their own systems.
SMTP destination
Almost all activities on the Internet are made possible by protocols - special rules of network software that allow a computer to communicate with all networks so that users can shop, read news, and send emails. Protocols are vital to day-to-day networking — they are built into network software and are used by default.
The SMTP Port Protocol provides a set of codes that facilitate the exchange of e-mail messages between servers (the network computer that handles incoming and outgoing e-mail). It is a kind of shorthand that allows the server to break down different parts of the message into categories that another server can understand. When a user submits a message, it turns into lines of text separated by code words (or numbers) that define the purpose of each section.
Technical terminology
SMTP is a TCP / IP protocol used to handle e-mail. However, because it is limited by the ability to send messages to the queue on the receiving end, it is usually used with either POP3 or IMAP, which allows data to be stored on the server and downloaded when needed. In other words, they usually use an application that chooses SMTP for sending e-mail and POP3 or IMAP for receiving correspondence. On Unix based systems, sendmail is the most widely used SMTP server for email. The commercial Sendmail package includes a POP3 server. Microsoft Exchange includes an SMTP server and can also be configured to support POP3.
SMTP is typically used to work over Internet port 25. An alternative to SMTP that is widely used in Europe is X.400. Many mail servers now support the Extended Simple Mail Transfer Protocol (ESMTP), which allows you to transfer media files as e-mail.
Story
In the 1960s, various forms of electronic messaging were used. Users communicated using systems designed for specific mainframes. As more computers became interconnected, there was a need to develop standards to allow users of different systems to send e-mail to each other. SMTP arose out of these standards developed in the 1970s.
Further implementations include the FTP Mail Protocol since 1973. Development work continued in the 1970s until ARPANET made the transition to the modern Internet in 1980. Then John Postel proposed a protocol for transferring postal data.
SMTP began to be widely used in the early 1980s. At the time, this protocol was a Unix add-on for the Unix Copy Program. SMTP works best when the sending and receiving machines are connected to the Net, use a storage and send mechanism, and are examples of push technology.
Mail processing model
E-mail is sent by the mail client (Mail User Agent, MUA) to the mail server (Mail Submitter Agent, MSA) using SMTP on TCP port 587. Most mailbox providers still allow sending on the traditional port 25. MSA delivers mail to your mail agent (mail transfer agent, MTA). These agents are often instances of shared software, activated with different parameters on the same computer. Local processing can be performed either on a single machine or shared across multiple machines. Mail agent processes on the same machine can exchange files, but if the processing is done on multiple machines, they pass messages among themselves using the SMTP port, where each machine is configured to use the next machine as the smart host.
Protocol overview
SMTP is a text-based connection-oriented protocol in which the sender of mail communicates with the mail recipient by issuing command lines and providing the required data over a reliable, ordered data stream channel. An SMTP session consists of commands generated by an SMTP client (initiating agent, sender, or sender) and corresponding responses from the SMTP server (listening agent or receiver). A session can include zero or more SMTP transactions, which consist of three sequences of commands / responses:
In addition to the intermediate response for DATA, the response from each server can be either positive or negative (code 2xx). Negative answers can be permanent (5xx codes) or temporary (4xx codes). A rejection is a permanent failure and the client has to send a rejection message to the server it received it on. Downfall is a positive response followed by rejection of the message.
SMTP mail ports and their meaning
SMTP is a delivery protocol only. In normal use, mail is sent to the target mail server, such as the SMTP server on the mail port. Data is routed based on the target server, not the individual users to which it is addressed. Other protocols (POP or IMAP) are specifically designed for use by individual users who receive messages and manage mailboxes. SMTP, POP, and IMAP are unacceptable protocols for relaying mail using intermittent computers. They are designed to function after final delivery, when information critical to the correct operation of the mail relay has been removed.
Starting a queue of empty messages
Remote Message Queue Starting is an SMTP feature that allows a remote host to start mail processing on the server so that it can receive messages intended for it by issuing a TURN command. However, this feature posed a potential data security threat and was extended in RFC 1985 by the ETRN team, which works more reliably using the Domain Name System Information authentication method.
International email address
Users whose script is not Latin, or who use non-ASCII diacritics, have had difficulty requesting a Latin alphabet email address (SMTP port mail.ru). RFC 6531 was created to address this problem by providing internationalization capabilities for SMTP, the SMTPUTF8 extension, and support for multibyte and non-ASCII characters in email addresses. Examples: diacritics and other language characters (Greek and Chinese). Also relevant for the Yandex SMTP port.
Current support for this document is limited at the moment, but there is great interest in the widespread adoption of RFC 6531 and related RFCs in countries such as China that have a large user base where Latin (ASCII) is a foreign script.
Outgoing mail from SMTP server
The email client needs to know the IP address of its original SMTP server. This should be listed as part of its configuration (usually a DNS name). This server will serve outgoing messages on behalf of the user.
Restricting access to the outgoing mail server
Server administrators need to impose some control on which clients can use the server. This helps fight abuse and spam. Similar solutions were widely used:
many systems used to impose restrictions on the use of the client's location, allowing only use by clients whose IP address is one of the server administrators. Use from any other client's IP address is prohibited.
Modern SMTP servers usually offer an alternative system that requires client credentials to be authenticated before allowing access.
SMTP - which port is being used?
Communication between mail servers usually always uses the default TCP port 25 assigned for SMTP. However, mail clients typically use specific ports on the smtp ssl port instead. Most ISPs now block all outbound port traffic from their customers as an anti-spam measure. For the same reason, enterprises usually configure their firewall to allow outbound port from designated mail servers.
Sample SMTP Transport
A typical example of sending a message via SMTP to two mailboxes (alice and theboss) located in the same mail domain (example.com or localhost.com) is reproduced in the next exchange. After the sender of a message (SMTP client) establishes a reliable communication channel for the receiver of the message (SMTP server), a session is opened with the server, usually containing its fully qualified domain name (FQDN), in this case smtp, example, or com. The client initiates its dialog box by responding with a HELO command identifying itself in a command parameter with its fully qualified domain name (or address literal if not available).
Additional extensions
Clients learn which options the server supports by using the EHLO greeting instead of the original HELO. Clients are returned to HELO only if the server does not support SMTP extensions.
Modern customers can use the ESMTP extension SSRE keyword to query the server for the maximum message size to be accepted. Older clients and servers may attempt to send oversized messages, which will be rejected after using network resources, including the time it takes to connect to network links.
Anti-spam techniques and email authentication
The original design of SMTP did not have the ability to identify senders or check if servers were allowed to send on their behalf. As a result, it is possible to exploit email spoofing, which is commonly used in email spam and phishing.
Special offers are made to change SMTP or replace them entirely. Internet Mail 2000 is one example of this, but neither has been much successful in the face of the network effect of the massive established base of classic SMTP. Instead, mail servers now use a variety of methods, including DomainKeys, DomainKeys Identified Mail, Policy Policy Framework and DMARC, DNSBLs, and greylisting to reject or quarantine suspicious emails.
SMTP protocol
O In this chapter:
O Basic protocol commands
O Relay servers
O Direct shipment
For mail delivery, in most cases, the SMTP protocol is used ( Simple Mail Transfer Protocol).
When creating the SMTP protocol, the developers made a gross mistake that spoiled a lot of blood, both for system administrators and ordinary users. Its essence lies in the fact that the SMTP protocol does not require user authentication before sending a message, and this allows you to use someone else's servers for mass mailing.
Modern SMTP servers use various security mechanisms to prevent unknown users from sending mail. This is discussed in detail in the chapter "Mail Server from the Inside".
In the terminology of the SMTP protocol, there are no such concepts as "client" and "server". Instead, they talk about the sender ( sender) and recipient ( receiver). What most people call "SMTP Server" is both a sender and a receiver. When a client establishes a connection with him to send a letter, the server acts as a recipient, and when it delivers a message to a subscriber, it becomes a sender.
Each mailbox is an SMTP recipient that can be contacted directly to send a message without intermediaries. However, this method has not gained much popularity. Communication with distant nodes can be slow and unreliable, so the mission of delivering the message is conveniently entrusted to a special server, often referred to as the outgoing mail server. If the connection to the outgoing mail server is fast and reliable, then this approach is quite justified. On the contrary, it makes no sense to send letters through distant, slow and unstable servers. In this case, it is better to put the message directly into the recipient's mailbox. However, few email clients support this capability.
The example below demonstrates how to send a message to a subscriber using the SMTP protocol. The first step is to start the telnet client and, having established a connection to the selected SMTP server (for example, mail.aport.ru) on the twenty-fifth port, wait for the invitation to be issued.
Figure 009 Connecting to the mail.aport.ru server
The first three characters of the string returned by the server are the completion code of the operation. A complete list of error codes of all kinds is contained in RFC-821, and is not provided here.
For the transmission of correspondence, only a TCP connection is not enough, and it is necessary to establish another, the so-called SMTP connection. This is accomplished by returning a hello to the server with the client's hostname (if it has a name) or an IP address (if the client does not have a name).
It is far from always required to indicate your accurate the address. It is often enough to enter an arbitrary text string, for example “ABDCEF”
HELO ppp-15.krintel.ru
A response greeting is carried out by the command “HELO
”. The server, having established an SMTP connection, returns a success code (250) and in most cases determines the client's IP address or its domain name.
The next step is to specify the sender of the message. To do this, you need to use the "MAIL FROM" command indicating your own mailing address, if desired, enclosed in angle brackets.
For instance:
HELO ppp-15.krintel.ru
250 camel.mail.ru Hello ppp-15.krintel.ru
· MAIL FROM: " [email protected]»
Then the recipient of the message is specified using the “RCPT TO” command, an example of which is shown below:
HELO ppp-15.krintel.ru
250 camel.mail.ru Hello ppp-15.krintel.ru
· MAIL FROM: " [email protected]»
· 250 " [email protected]»Is syntactically correct
· RCPT TO: " [email protected]»
If there is a need to send the same message to several respondents, it is enough to call “RCPT TO” one more (or more) times (the maximum number of recipients is usually not limited). If the server does not undertake to deliver the message to one of them, it will return an error, in no way, but not affecting the rest of the recipients.
The “DATA” command, invoked with no arguments, puts the server in waiting for the message text.
· 354 Enter message, ending with "." on a line by itself
The sequence of completion of the input is an ordinary period, "bordered" on both sides by line breaks. If such a sequence occurs in the text of the message, the formation of the letter will be completed immediately. Mail clients usually recognize this situation and resort to transcoding, but when working with a telnet client, this concern lies with the user.
An example of using the “DATA” command is shown below:
HELO ppp-15.krintel.ru
250 camel.mail.ru Hello ppp-15.krintel.ru
· MAIL FROM: " [email protected]»
· 250 " [email protected]»Is syntactically correct
· RCPT TO: " [email protected]»
· 250 " [email protected]»Verified
· Hello, Sailor!
250 OK id = 12ZDEd-000Eks-00
The “QUIT” command ends the session and closes the connection.
221 camel.mail.ru closing connection
The content of the received message (the mechanism for receiving messages to the user's local computer is discussed in the chapters "POP" and "IMAP4") may look, for example, as follows:
From [email protected] Sun Mar 26 17:38:03 2000
Received: from ppp-15.krintel.ru ()
By camel.mail.ru with smtp (Exim 3.02 # 107)
Id 12ZDEd-000Eks-00
· Message-Id: " [email protected]»
From: [email protected]
· Hello, Sailor!
It will be shown below how attackers find and use someone else's outgoing mail servers. One way to find public SMTP servers is to parse the headers of incoming mail. Among the nodes that left their addresses in the “Received” field, sometimes there are servers that do not require user authentication to send letters.
For example, below is the header of a letter pulled by the author of this book from his own mailbox:
From [email protected] Wed Mar 22 16:57:03 2000
Received: from gate.chiti.uch.net()
By msk2.mail.ru with esmtp (Exim 3.02 # 116)
Id 12Xld1-0008jx-00
Received: from 13.chiti.uch.net()
By gate.chiti.uch.net(8.8.8 / 8.8.8) with SMTP id PAA29678
· From: "irt" " [email protected] »
Analysis of the header allows us to establish that the letter was sent from the 13.chiti.uch.net address through the outgoing mail server gate.chiti.uch.net. If you try to establish a connection with it, the result may look like this:
To test the possibility of forwarding a message, you must send an invitation to the server, and then identify the sender and recipient of the message. For example, it might look like this:
HELO kpnc.krintel.ru
250 gate.chiti.uch.net Hello kpnc.krintel.ru, pleased to meet you
· MAIL FROM: " [email protected]»
· 250 " [email protected]"… Sender ok
· RCPT TO: " [email protected]»
· 250 " [email protected]"… Recipient ok
The success code (250) and the "Recipient ok" timeout indicate that the server has agreed to the transfer. It remains to enter the text of the message and you can send the letter. After some time (usually not exceeding one minute), the message should arrive at its destination. And its title might look like this:
From [email protected] Sun Mar 26 17:28:33 2000
Received: from gate.chiti.uch.net ()
By camel.mail.ru with esmtp (Exim 3.02 # 107)
Id 12ZD5a-000Dhm-00
Received: from kpnc.krintel.ru (kpnc.krintel.ru)
By gate.chiti.uch.net (8.8.8 / 8.8.8) with SMTP id QAA02468
(Envelope-from [email protected])
From: [email protected]
· Message-Id: " [email protected]»
The sender's address is highlighted in bold, indicating that he could not remain anonymous. If this turns out to be unacceptable, among the incoming letters of your mailbox, you can try to find those whose headers do not contain any information about the sender, except for the information that he wished to provide himself.
One of the anonymous servers is located (more precisely, it was once located at the time of this writing) at dore.on.ru. However, its use by unauthorized persons is prohibited, which is demonstrated by the following experiment:
HELO kpnc.krintel.ru
· MAIL FROM: " [email protected]»
· 250 " [email protected]»Sender Ok
· RCPT TO: " [email protected]»
· 550 Relaying denied for « [email protected]»
The server, indeed, does not make any visible attempts to determine the client's address, but at the same time, it flatly refuses to forward its correspondence outside the server. Moreover, it is reliably known that the owners of this server use it to send messages to non-local addresses. This implies the existence of a mechanism that allows you to distinguish "friends" from "outsiders". The rights of "outsiders" are limited to the delivery of letters to local addresses, while "friends" are allowed to send messages outside the server. Due to the lack of user authentication means in the SMTP protocol, the client's IP address helps to distinguish one from the other. Local users located in the same subnet with the server are considered “own” and vice versa.
But if the server is not equipped with the function of determining the IP addresses of clients, it has no choice but to use the information provided by the sender himself, taking his word for it. Therefore, it is possible to report false data, and impersonate a local user who has the right to send messages to any address.
The client specifies his address twice: when greeting the server, with the “HELO” command he indicates his domain, and in the “MAIL FROM” field he gives his own return address. Some servers check one of these values, and some check both at the same time.
In the experiment below, the sender does not provide his own domain, but the domain of the server owner, and uses one of the addresses of the server's local users as a return address (to find out, you need to receive at least one letter from this server, or try to find out the names registered users by brute-force method):
220 WITHELD FTGate server ready -Fox Mulder
· HELO dore.on.ru
· MAIL FROM: " [email protected]»
· RCPT TO: " [email protected]»
250 Recipient Ok
As a result of this forgery, the server was deceived and agreed to deliver the letter. Obviously, the real sender of the message cannot be identified by the header, since it contains only the information that the sender wished to leave on his own.
It is impossible to think of a better way for mass mailing, but this method is not suitable for ordinary correspondence. After all, the answer to the letter will return to the address [email protected]! This can be avoided by adding a “Reply-To” field to the header containing the sender's true address (the one he wanted to keep himself). It might look like this, for example:
220 WITHELD FTGate server ready -Fox Mulder
HELO dore.on.ru
· MAIL FROM: " [email protected]»
· 250 " [email protected]»Sender Ok
· RCPT TO: " [email protected]»
250 Recipient Ok
354 Start mail input; end with "CRLF". "CRLF"
· Reply-To: " [email protected]»
250 Ok Message queued
221 dore.on.ru Service closing transmission channel
The title of such a letter should look something like this:
Received: from relay1.aha.ru(verified)
By aha.ru (CommuniGate Pro SMTP 3.1b2)
Received: from warlock.miem.edu.ru (miem-as.ins.ru)
By relay1.aha.ru(8.9.3 / 8.9.3 / aha-r / 0.04B) with ESMTP id UAA07173
Received: from dore.miem.edu.ru (rtuis.miem.edu.ru)
By warlock.miem.edu.ru (8.9.3 / 8.9.3) with ESMTP id UAA00637
Received: from fox by dore.on.ru(FTGate 2, 1, 2, 1);
· Message-ID: " [email protected]»
· From: " [email protected]»
· To: " [email protected]»
Subject: TEST
· Reply-To: " [email protected]»
When trying to reply to the sender, the recipient's mail client will extract the contents of the "Reply-To" field and send the letter to the address specified in it. This is exactly what spammers use to achieve complete anonymity, on the one hand, and the ability to receive answers from interested parties, on the other.
If you look closely at the email header, you will find several "Received" lines in it. They were left by transit servers, otherwise called Rayleighs (from English relay).
Any mail client can send a letter directly. However, to do this, you will have to personally specify the recipient's address in the settings of the outgoing mail server.
For example, to send an email to [email protected] using “OutLock Express” you will have to go to “Accounts” (menu “Tools”), select “Properties” and go to the “Servers” tab, setting the server “computerra.ru” for outgoing mail.
Obviously, this is too tedious and impractical. Until the software learns to perform such an operation automatically, users will be forced to use the old methods.
The work of a typical small-scale outgoing mail server looks like this: having received a letter at its disposal, it immediately establishes a connection with the recipient's mailbox and sends the message. In doing so, he faces the same difficulties as an ordinary client. Therefore, message relaying is widely used. If the letter for some reason cannot be transmitted directly, it is transmitted to the relay.
A relay is exactly the same SMTP server as the others discussed in this chapter. Depending on the server settings, the message forwarding route may vary. One message can be sent directly, while the other - for a long time "spinning" on the Relays. Trust is great, but only when it is not about security issues. Who dares to trust repeaters of unknown origin? Moreover, the further route of the letter is determined by each of the transit servers independently, and there are no guarantees that an intruder will not wedge into this chain.
But the SMTP protocol allows the sender to independently define the route of message forwarding. The parameter of the “RCPT TO” command can contain not only the recipient's address, but also the relay path!
Its format is as follows:
· RCPT TO: "@ s1, @ s2, @ s3, @ sn: [email protected]»
where s1, s2, s3, sn are the names (or IP addresses) of the intermediate tails, and [email protected] recipient's mailbox. First, the message is sent to node s1, the leftmost server in the chain. It modifies the parameter of the RCPT TO command, "biting" from it the name of its node:
· RCPT TO: "@ s2, @ s3, @ sn: [email protected]»
Then, the address of the next recipient is retrieved - s2. If the s1 server does not undertake the delivery of correspondence to the s2 server, the letter is returned back to the sender with an error message. Otherwise, the process repeats until the message ends up in the recipient's mailbox.
The disadvantage of this scheme is that some SMTP servers may use their own relaying services for forwarding to the next tail. Thus, it is guaranteed that the letter, upon successful delivery, will visit all the specified nodes in the specified order. However, direct transfer between adjacent tails in a chain is not always performed.
Therefore, the task of selecting transit servers is complicated. Each of them should not only be protected from intruders, but deliberately not use the services of third-party repeaters.
Unfortunately, most email clients, when checking the correctness of the recipient's address, consider such an operation to be syntactically incorrect and refuse to send a letter. I have to start telnet again and send the message manually.
You can find out which commands are supported by a specific SMTP server using "HELP", and in more detail about the purpose of each of them "HELP command".
For details on SMTP commands, refer to RFC-788, RFC-821, RFC-822, RFC-1341, RFC-1342, RFC-1426, RFC-1521, RFC-1806, RFC-1830, RFC-2045 , RFC-2046, RFC-2047, RFC-2048, RFC-2049, RFC-2076.
From the book Network Attack Technique author Kaspersky ChrisSMTP O In this chapter: O Basic Protocol Commands O Relay Servers O Direct Forwarding O Email Automation and Spam O Anonymous Mailing O The Simple Mail Transfer Protocol (SMTP) is used to deliver mail in most cases.
the author Raymond Eric Stephen5.3.1. Case Study: SMTP, Simple Mail Transfer Protocol Example 5.7. illustrates the Simple Mail Transfer Protocol (SMTP) transaction, which is described in the RFC 2821 specification. In this example, lines beginning with C: are sent by the mail transport.
From the book The Art of Unix Programming the author Raymond Eric Stephen5.3.1. Case Study: SMTP, Simple Mail Transfer Protocol Example 5.7. illustrates the Simple Mail Transfer Protocol (SMTP) transaction, which is described in the RFC 2821 specification. In this example, lines beginning with C: are sent by the mail transport.
From the book TCP / IP Architecture, Protocols, Implementation (including IP version 6 and IP Security) by Faith Sidney M5.24 ARP Protocol Before a datagram is forwarded from one LAN system to another, it will be framed by a header and a trailing frame. The frame is delivered to a network adapter whose physical address matches the physical destination address from
From the book Programming in Ruby [Ideology of Language, Theory and Practice of Application] by Fulton Hal8.9 RIP The most widely used IGP is RIP, derived from the Xerox Network System (XNS) routing protocol. The popularity of RIP is based on its simplicity and availability. RIP was originally implemented in the TCP / IP operating room.
From the book Linux Networking author Smith Roderick W.8.17 BGP The Border Gateway Protocol (BGP) is widely used on the Internet. The current version of the protocol is BGP-4. On the modern Internet, there are many providers interconnected like a network of interconnections. When moving to a point
From the author's book14.6 FTP Protocol The following concepts are related to the FTP protocol :? Commands and their parameters sent over the control connection? Numeric codes returned in response to a command? Format of Data Transferred The following is a set of FTP commands. They are transmitted by the manager
From the author's book15.17 NFS Protocol The latest implementation of NFS is version 3, although implementations of version 2 continue to be used successfully. The NFS server program is numbered 100003 and, by convention, NFS grabs the port on initialization
From the author's book16.9 SMTP Commands The script in Section 16.6.1 contained the most commonly used SMTP commands. The complete set of SMTP commands is shown in Table 16.1. Table 16.1 SMTP Commands Command Description HELO Identifies the sender to the recipient. MAIL FROM Start of mail transaction and point to
From the author's book16.12.2 Conversation in Enhanced SMTP The following example demonstrates how the Enhanced Mail Transfer Agent constructs a transaction to send a MIME message in 8-bit format :? The recipient is announcing their enhanced capabilities, including 8BITMIME.? The MAIL FROM command has
Programs that implement the SMTP server in Linux sendmail. The most popular mail server currently available on Linux is sendmail. This package provides extensive functionality and many programs assume that it is installed by default.
From the author's book From the author's bookSpecial Features of the SMTP Server The following sections describe the various characteristics of the mail server that are specified when configuring the mail server. In order not to describe these characteristics for each server, consider them.
This article covers the most commonly used email protocols on the Internet - POP3, IMAP, and SMTP. Each of them has a specific function and way of working. The content of the article explains which configuration is best for the specific needs of the user when using an e-mail client. It also reveals the answer to the question of which protocol supports e-mail.
What is POP3?
Version 3 (POP3) is a standard postal protocol used to receive e-mail from a remote server to a local mail client. Allows you to download messages to your local computer and read them even when the user is offline. Please note that when you use POP3 to connect to your account, messages are downloaded locally and deleted from the email server.
By default, the POP3 protocol runs on two ports:
port 110 is the unencrypted POP3 port;
port 995 - this must be used if you want to securely connect to POP3.
What is IMAP?
Internet Messaging Access Protocol (IMAP) is an e-mail retrieval protocol that is used to access e-mail on a remote web server from a local client. IMAP and POP3 are the two most commonly used protocols for receiving emails and are supported by all modern email clients and web servers.
POP3 assumes that your email address is only accessible from one application, while IMAP allows you to log in from multiple clients at the same time. This is why IMAP is better if you are going to access your email from different places or if your messages are managed by multiple users.
IMAP runs on two ports:
Port 143 is the default unencrypted IMAP port.
port 993 - this must be used if you want to connect securely using IMAP.
What is SMTP?
Protocol is a standard protocol for sending e-mail over the Internet.
SMTP works on three ports:
port 25 is unencrypted by default;
port 2525 - it opens on all SiteGround servers if port 25 is filtered (for example by your ISP) and you want to send unencrypted emails using SMTP.
port 465 - This is used if you want to send messages securely using SMTP.
What are the protocols for e-mail exchange? Concepts and terms
The term "email server" refers to the two servers required to send and receive emails, that is, SMTP and POP.
The Incoming Mail Server is the server associated with your email account. There can be no more than one incoming mail server for it. To access incoming messages, you need an email client - a program that can receive email from an account, allowing the user to read, forward, delete, and reply to messages. Depending on your server, you can use a dedicated email client (such as Outlook Express) or a web browser. For example, Internet Explorer is used to access email-based accounts. Emails are stored on the incoming mail server until they are downloaded. Once you have downloaded your mail from the mail server, you will not be able to do it again. To download the data successfully, you need to enter the correct settings in your email program. Most of the incoming mail servers use one of the following protocols: IMAP, POP3, HTTP.
Outgoing mail server (SMTP)
This is a server used only for sending emails (for transferring them from your email client program to the receiver). Most outgoing mail servers use Protocol) to send mail. Depending on your network settings, the outgoing mail server may belong to your ISP or the server on which you set up your account. Alternatively, you can use a subscription based SMTP server that will allow you to send emails from any account. Due to spam issues, most outbound mail servers will not allow you to send emails unless you are logged into your network. An open relay server will allow you to use it to send emails, whether you belong to its network group or not.
Email ports
For networks, a port refers to the endpoint of a logical connection. The port number determines its type. The following are the default email ports:
POP3 - port 110;
IMAP - port 143;
SMTP - port 25;
HTTP - port 80;
secure SMTP (SSMTP) - port 465;
secure IMAP (IMAP4-SSL) - port 585;
IMAP4 over SSL (IMAPS) - port 993;
Secure POP3 (SSL-POP) - port 995.
Email protocols: IMAP, POP3, SMTP and HTTP
Basically, the protocol refers to the standard method used at each end of the communication channel. To deal with email, you must use a dedicated client to access the mail server. In turn, they can exchange information with each other using completely different protocols.
IMAP protocol
IMAP (Internet Messaging Access Protocol) is a standard protocol for accessing email from your local server. IMAP is a client / server protocol in which email is received and the data is stored by your internet server. Since it only requires a little data transfer, it works well even on slow connections, such as when connecting with a modem. When trying to read a specific email message, the client downloads data from the server. You can also create and manage folders or mailboxes on the server, delete messages.
POP3 protocol
Post Office Protocol 3 (POP) e-mail protocol provides a simple, standardized way for users to access mailboxes and download messages to their computers.
With POP, all your e-mails will be downloaded from the mail server to your local computer. You can also leave copies of your emails on the server. The advantage is that after downloading your messages, you can disconnect your internet connection and read your e-mail at your leisure without incurring additional communication costs. On the other hand, with this protocol, you receive and download a lot of unwanted messages (including spam or viruses).
SMTP protocol
The protocol is used by the Mail Transfer Agent (MTA) to deliver e-mail messages to a specific recipient server. SMTP can only be used to send emails, not to receive them. Depending on the settings of your network or Internet service provider, you may only use the SMTP protocol under certain conditions.
HTTP protocols
HTTP is not a protocol designed for email communication, but it can be used to access your mailbox. It is also often referred to as web email. It can be used to compose or receive emails from your account. Hotmail is a good example of using HTTP as the email protocol.
Managed file transfers and networking solutions
Your ability to send and receive email is mainly due to three TCP protocols. These are SMTP, IMAP and POP3.
SMTP
Let's start with SMTP because its main function is different from the other two. SMTP, or Simple Mail Transfer Protocol, is mainly used to send email from an email client (such as Microsoft Outlook, Thunderbird, or Apple Mail) to an email server. It is also used to relay or forward mail messages from one mail server to another. This is necessary if the sender and the recipient have different email providers.
SMTP, which is specified in RFC 5321, uses port 25 by default. It can also use port 587 and port 465. The latter, which was introduced as the port of choice for secure SMTP (a.k.a. SMTPS), is deprecated. But in reality, it is still used by several postal service providers.
POP3
The Post Office Protocol, or POP, is used to retrieve e-mail messages from the latest version that is widely used is version 3, hence the term "POP3".
POP version 3 specified in RFC 1939 supports extensions and several authentication mechanisms. Authentication features are required to prevent attackers from gaining access to user messages.
The POP3 client receives email as follows:
connects to the mail server on port 143 (or 993 for SSL / TLS connections);
retrieves email messages;
serves to connect before closing the mail client application and download messages on demand.
connects to the mail server on port 110 (or 995 for SSL / TLS connections);
deletes copies of messages stored on the server;
disconnects from the server.
Although POP clients can be configured so that the server can continue to store copies of downloaded messages, the steps above are common practice.
IMAP
IMAP, especially the current version (IMAP4), is a more complex protocol. This allows users to group related messages and place them in folders, which in turn can be organized hierarchically. It also features message flags that indicate whether a message has been read, deleted, or received. It even allows users to search server mailboxes.
Operation logic (imap4 settings):
Please note that messages are not deleted on the server. This can have serious consequences. The IMAP specifications can be found in RFC 3501.
Choosing between IMAP and POP3
Since the basic function of SMTP is fundamentally different, the dilemma of choosing the best protocol usually involves only IMAP and POP3.
If storage space on the server is important to you, then choose POP3. A server with limited memory is one of the main factors that can make you support POP3. Because IMAP leaves messages on the server, it can consume memory space faster than POP3.
If you want to access your mail at any time, then IMAP is the best choice. There is one good reason why IMAP was designed to store messages on a server. It is used to search for messages from multiple devices - sometimes even simultaneously. So if you have an iPhone, Android tablet, laptop, and desktop and want to read email from any or all of these devices, then IMAP is your best bet.
Synchronization is another benefit of IMAP. If you're accessing your email messages from multiple devices, chances are you'll want them all to reflect whatever actions you've taken.
For example, if you read messages A, B, and C, you want them to be marked as “read” on other devices as well. If you deleted letters B and C, then you want the same messages to be deleted from your mailbox on all gadgets. All of these syncs can only be achieved if you are using IMAP.
Because IMAP allows users to organize messages in a hierarchical order and place them in folders, it helps users to better organize their correspondence.
Of course, all IMAP functionality comes at a price. These solutions are more difficult to implement, and ultimately the protocol consumes a lot more CPU and RAM, especially when it is performing the synchronization process. In fact, high CPU and memory usage can happen on both the client side and the server side if there are a ton of messages to sync. From this point of view, the POP3 protocol is less expensive, although less functional.
Privacy is also one of the concerns that will be highly dependent on end users. They would generally prefer to download all emails and not leave copies of them on an unknown server.
Speed is an advantage that varies and depends on the situation. POP3 has the ability to download all email messages when connected. And IMAP can, if necessary (for example, with insufficient traffic), download only message headers or certain parts and leave attachments on the server. Only when the user decides that the remaining parts are worth downloading will they become available to him. Therefore, IMAP can be considered faster.
However, if all messages on the server have to be downloaded every time, then POP3 will work much faster.
As you can see, each of the described protocols has advantages and disadvantages. It's up to you to decide which features or capabilities are more important.
Also, the preferred way to access the e-mail client determines the preference of the protocol. Users with only one machine and using webmail to access their new emails will appreciate POP3.
However, users who exchange mailboxes or access their emails from different computers will prefer IMAP.
Spam firewalls with SMTP, IMAP and POP3
Most spam firewalls only deal with and protect SMTP. The servers send and receive SMTP email and they will be checked by the spam firewall at the gateway. However, some spam firewalls provide the ability to protect POP3 and IMAP4 when external users need these services to access their email.
SMTP firewalls are transparent to end users; there are no configuration changes for clients. Users still receive and send email messages to the email server. For example, Exchange or Dominos must configure proxy-based message routing to the firewall when sending e-mail, as well as provide the ability to send mail from the firewall.
For several decades, Internet users have been using e-mail to exchange messages and letters. Until the early 90s of the last century, employees of large organizations used electronic messages, as a rule. With extensive computerization and the spread of the World Wide Web, emails have become an integral part of the lives of ordinary users.
The development of Internet technologies has led to the emergence of the so-called postal protocols used for network correspondence. They make it possible to process large letters by providing users with all kinds of services.
It is not constrained by any specific data transmission subsystems. Its work only needs a reliable stream of their transmission with the preservation of order.
SMTP is mainly used to send letters and user requests to the server, after which mail is sent to recipients. In order to receive letters, you need the mail client to work on the IMAP or POP3 protocol.
What is it used for?
Today this is a typical postal protocol. It is used by all mail programs and servers.
Virtual hosting of sites for popular CMS:
The principle of the protocol.
SMTP is a text-based protocol, its principle of operation requires a connection through which the user sending the email communicates with its recipient using a specific command line. And the data is received through the use of a reliable communication channel. Typically, this communication channel is a TCP connection.
The working session of the protocol consists of a number of commands sent by the SMTP mail client and the server's responses to them. During a working session, both the client and the server exchange the necessary parameters.
A protocol operation includes a combination of the following sequences of commands and responses:
- MAIL FROM command - designates a return email address;
- RCPT TO command - defines the recipient of a specific letter;
- DATA is the command responsible for sending the text of an email message. This is the body of the letter, which includes the title and body of the letter, separated by a blank line.
The initial SMTP client may well be the recipient's mail client, or the mail forwarding agent on the server.
How other mail protocols work.
SMTP is only a protocol for delivering correspondence on the network. He cannot take an e-mail from a remote server on command or somehow manage an e-mail box.
There are other protocols for this, such as IMAP and POP. Their use is preferable when temporarily connected to the network or when the PC is turned on periodically.
POP.
Post Office Protocol is a simple network protocol with three flavors: POP, POP2, and POP3. They are designed to deliver correspondence to the user from the central mail server, to remove mail from the server and to identify the user. A combination of login and password is used for identification. It should be noted that all three protocols are not interchangeable.
The protocol includes SMTP, which is used to transfer outgoing mail.
In accordance with POP3, letters arriving at a specific e-mail are saved on the server until they are downloaded to a PC during the next session. When the download has occurred, it becomes possible to read the messages while disconnecting from the network. POP3 is considered to be the fastest mail protocol.
IMAP.
With the Internet Message Access Protocol, it becomes possible to store messages in file directories on the server and search for any message strings right there.
This protocol is suitable for those users whose computers use a continuous Internet connection. It differs from POP in that when checking for new messages, only their headers are downloaded.
It is a simple mail transfer protocol. Translated from English as Simple Mail Transfer Protocol... Based on the name, we can conclude that the SMTP server is responsible for sending mailing lists. Its task usually consists of two main functions:
- verifying that the settings are correct and granting permission to the computer that is trying to send the email;
- sending an outgoing message to the specified address and confirming the successful sending of the message. If delivery is not possible, the server returns a response to the sender with a sending error.
By sending email messages, the sender's SMTP server establishes a connection with the server that will receive this message. Such "communication" occurs by sending and receiving commands, forming an SMTP session with an unlimited number of SMTP operations. There are three mandatory commands for each operation:
- return address determination (MAILFROM)
- define the recipient of the email message (RCPT TO)
- send message text (DATA)
Determining the address of the sender, recipient and the presence of the contents of the letter are mandatory conditions, without which the letter will not be sent, even by ordinary, familiar to us "paper" mail. What can I say about electronic.
Briefly about the benefits of an SMTP server
- As already mentioned, the main purpose of an SMTP server is to send and control outgoing mail. A high-quality SMTP server is able to quickly send large volumeemail messages by dodging provider restrictions.
- If you are using an external SMTP server, then safetyemail messages and the percentage of their delivery to the inbox increases significantly.
Where can you find this external SMTP server? More details about this issue. - Email can go through multiple SMTP servers before reaching the recipient's mailbox. Since there is a risk of spam attacks, ISPs often stop sending e-mail without using an SMTP server. Therefore, users sometimes have problems with mailing letters.
The solution may be to install / integrate a separate external SMTP server, which, moreover, will filter outgoing mail messages for spam and viruses. - Increasing the security of mailings is achieved in the same way user authorization that uses the SMTP server: by setting an individual username and password to connect to the server.
- And, what is important, the integration of the SMTP server takes place without installing additional software or other special requirements. You just prescribe the basic parameters of the SMTP server in the settings of your mail client, and you can start bulk email campaigns.
If you are planning to do legal email marketing, consider using an external SMTP server for the security and speed of your bulk email campaigns.
