An Inside Look at SMTP

FRAMINGHAM (01/31/2000) - "No man is an island so long as he is on at least one mailing list."

- Anon.

This week, we will start to look at the root of all e-mail: Simple Mail Transfer Protocol, or SMTP. SMTP is a venerable protocol first defined in 1982 (an Internet epoch ago) by the legendary late Jon Postel. Such antiquity makes SMTP probably the most widely used protocol on the Internet after the Web's HTTP.

SMTP is used to send messages as distinct from protocols such as the Post Office Protocol (POP) and the Internet Message Access Protocol (IMAP), which are used for retrieving messages.

Given the huge number of mail servers on the Internet, it would be impossible for these retrieval tools to poll all of them looking for mail. So instead, SMTP servers look at the destination address of a message and contact the target mail server directly. Of course, this means the Domain Name Service (DNS) has to be configured correctly otherwise mail could be handed to the wrong server - potentially a big problem because, unless you have encrypted your messages, your e-mail will be in plain text!

By changing the DNS data that defines the name of a mail server for a given domain, a hacker could simply read and relay all the mail. And with a little skill, the hacker could make the relay undetectable to even quite experienced system administrators.

Neither rain nor snow

SMTP was designed to be a reliable message delivery system. Reliable in this case means that a message handled by SMTP is intended to get to its destination or generate an error message accordingly. Now, before Gearhead goes further you must realize that SMTP is not a guaranteed delivery service, it just does its best. To guarantee delivery requires all sorts of data exchanges that would add considerable communications overhead that would be pointless for everyday purposes.

TCP provides reliability

SMTP communications are transported by TCP to ensure reliable end-to-end transport. RFC 822 (titled "Standard For The Format Of ARPA Internet Text Messages" and also dated 1982 - see http://www.ietf.org/rfc/rfc0822.txt) defines the format of SMTP messages.

RFC 822 is a straightforward specification that defines the layout of messages. It breaks the message into headers and bodies separated by a blank line. In the header are a number of keywords and values that define the sending date, sender's address, where replies should go, and so on, while the body contains the data.

To send an SMTP message requires an exchange between the sender and receiver.

First, the sending server says "HELO." Honest - SMTP servers are very polite.

The sender should announce the domain it is sending from, and the receiver should reply with a completion code of 200 if it is willing to talk.

Of course, if the sender has been a bad boy and has sent a lot of junk mail, he may have been listed on the Mail Abuse Prevention System (MAPS) Realtime Blackhole List (RBL). See http://maps.vix.com/ rbl/. In which case, if the receiver subscribes to RBL, a lookup will determine if the sender is to be trusted and act accordingly.

In a future Gearhead, we'll take a look at the MAPS RBL, a fascinating example of a collaborative effort to thwart spammers.

Next week, we'll get beyond saying "hi" and actually get a message transferred.

Well, we'll try, but you know how it goes. How does it go? Tell us at gearhead@gibbs.com.

Join the newsletter!

Error: Please check your email address.

More about EpochIETFIslandMail Abuse Prevention System

Show Comments

Market Place