An Analysis of IMAP Security CMPE 209 Presented By Divya Panchal Bepsy Paul Menachery.

Slides:



Advertisements
Similar presentations
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Advertisements

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.
HEPNT/HEPiX meeting Oct 6, Securing mail access with Kerberos and SSL Wolfgang Friebel DESY.
CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT Class.
Chapter 2: Application layer  2.1 Web and HTTP  2.2 FTP 2-1 Lecture 5 Application Layer.
Electronic Mail and SMTP
Chapter 2: Application layer  2.1 Web, HTTP and HTML (We will continue…)  2.2 FTP  2.3 SMTP 9/22/2009 Lecture 7, MAT 279, Fall
POP3 Post Office Protocol v.3. Intro The Post Office Protocol (POP) is currently the most popular TCP/IP access and retrieval protocol. It implements.
Esimerkki: Sähköposti. Lappeenranta University of Technology / JP, PH, AH Electronic Mail Three major components: user agents mail servers simple mail.
26.1 Chapter 26 Remote Logging, Electronic Mail, and File Transfer Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
POP Configuration Microsoft Outlook Express 6.x.
Introduction 1 Lecture 7 Application Layer (FTP, ) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.
College Collaboration System User Office Desktop USC Mail Server College Mail Server User Home Desktop Net USC College.
Mail Server Fitri Setyorini. Content SMTP POP3 How mail server works IMAP.
-I CS-3505 Wb_ -I.ppt. 4 The most useful feature of the internet 4 Lots of different programs, but most of them can talk to each.
POP Configuration Microsoft Outlook What is POP? Short for Post Office Protocol, a protocol used to retrieve from a mail server. Most.
2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.
Electronic Mail (SMTP, POP, IMAP, MIME)
Cisco Discovery Working at a Small-to-Medium Business or ISP CHAPTER 7 ISP Services Jr.
SMTP, POP3, IMAP.
1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.
Backup Local Online For secure offsite storage of your , and making it available from any computer or smart phone. Backup accessed with.
Hands-On Microsoft Windows Server 2003 Networking Chapter Three TCP/IP Architecture.
CSE401N: Computer Networks Lecture-5 Electronic Mail S. M. Hasibul Haque Lecturer Dept. of CSE, BUET.
IT 424 Networks2 IT 424 Networks2 Ack.: Slides are adapted from the slides of the book: “Computer Networking” – J. Kurose, K. Ross Chapter 2: Application.
Intro to Computer Networks Bob Bradley The University of Tennessee at Martin.
Review: –How do we address “a network end-point”? –What services are provided by the Internet? –What is the network logical topology observed by a network.
Application Layer Protocols Simple Mail Transfer Protocol.
1 Computer Communication & Networks Lecture 27 Application Layer: Electronic mail and FTP Waleed.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
TCP/IP Protocol Suite 1 Chapter 20 Upon completion you will be able to: Electronic Mail: SMTP, POP, and IMAP Understand four configurations of architecture.
26.1 Chapter 26 Remote Logging, Electronic Mail, and File Transfer Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
Computer Networks26-1 Chapter 26. Remote Logging, Electronic Mail and File Transfer.
BY SAGAR SINHA SAPTARSHI BAKSHI SARTHAK JAIN SHAILZA CHAUDHARY
INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.
File Transfer Protocol (FTP)
and its Protocols Hina Patel TCM
05/19/2003 Christiane Schmidt 1 IMAP internet message access protocol.
POP3
Chandler What's in it for my university? Oren Sreebny University of Washington Educause 2003 This work is licensed under a Creative Commons license.
Post Office Protocol.
Slides based on Carey Williamson’s: FTP & SMTP1 File Transfer Protocol (FTP) r FTP client contacts FTP server at port 21, specifying TCP as transport protocol.
26.1 Electronic Mail Sending/Receiving Mail Addresses User Agent MIME Mail Transfer Agent Mail Access Protocols.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
1 Outlook web app مریم جعفری. Preface 2 Webmail (or web-based ) is any client implemented as a web application running on a web server. Examples.
26.1 Chapter 26 Remote Logging, Electronic Mail, and File Transfer Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
Application Layer instructors at St. Clair College in Windsor, Ontario for their slides. Special thanks to instructors at St. Clair College in Windsor,
Spring 2006 CPE : Application Layer_ 1 Special Topics in Computer Engineering Application layer: Some of these Slides are Based on Slides.
Mail Server Mail is just a message in any form sends from sender to receiver. Mail Server is a computerized system that is equivalent to virtual post office.
Network Programming 10- SMTP-POP3
Remote Logging, Electronic Mail, and File Transfer
Application layer tcp/ip
SMTP SMTP stands for Simple Mail Transfer Protocol. SMTP is used when is delivered from an client, such as Outlook Express, to an server.
Instructor Materials Chapter 5 Providing Network Services
SMTP SMTP stands for Simple Mail Transfer Protocol. SMTP is used when is delivered from an client, such as Outlook Express, to an server.
Welcome to Salem State University
Working at a Small-to-Medium Business or ISP – Chapter 7
Working at a Small-to-Medium Business or ISP – Chapter 7
Chapter 4 Core TCP/IP Protocols
Topic 5: Communication and the Internet
Working at a Small-to-Medium Business or ISP – Chapter 7
Chapter 2: Application layer
CLASP Project AAI Workshop, Nov 2000 Denise Heagerty, CERN
Chapter 2 Application Layer
MESSAGE ACCESS AGENT: POP AND IMAP
Presentation transcript:

An Analysis of IMAP Security CMPE 209 Presented By Divya Panchal Bepsy Paul Menachery

Agenda What is IMAP State Flow Diagram Advantages of IMAP over POP3 Analysis of IMAP Security Future of IMAP Security Conclusion

What is IMAP IMAP – Internet Message Access Protocol It is the most popular Internet Standard Protocol to retrieve The other protocol is POP3 It will allow a client to access and manipulate electronic mail messages on server IMAP4version1 assumes a reliable data stream such as that provided by TCP When TCP is used IMAP4version 1 will listen on port 143

State Flow Diagram Not Authenticated Logout Both sides close the connection Connection Establishment Server Greeting Selected Authenticated Client Client Command [tag] [string line] Server Command [tag] [+] or [*] [string] Server

Advantages of IMAP over POP3 FeaturesIMAPPOP Where is INBOX being stored?  Server Where are Mail Folders being stored?  Server  Mainly on User's own local desktop Can Mail Folders be created on Mail Server?  Yes  No, only on User's own local desktop Can Mail Folders be created on local desktop?  Yes Can Mail Folders be accessed from different computers, like the PC at home, in office, or from oversea?  Yes  No, only on the local desktop the mail being saved Typical Clients Netscape Messenger Outlook Express Outlook 2000 Outlook 98 PINE MailDrop, etc Eudora Outlook 97, etc

Analysis of IMAP Security The basic IMAP sends username and pass word in clear To secure IMAP, the use of Kerberos was recommended as part of SASL proposal Another method is to use SSH for securing the IMAP messages. A perfect solution is to use SSL or SSL wrapper to encrypt both login information and data in the messages.

Analysis of IMAP Security (contd.) The restriction of LOGIN command usage Recommended use of STARTTLS Must used cipher suite - TLS_RSA_WITH_RC4_128_MD5 [TLS] Recommended cipher suite - TLS_DHE_DSS_WITH_3DES_EDE_CBC_ SHA [TLS]

Future of IMAP Security With the demand for universal multi-device connectivity, IMAP is best suited for accessing from different devices simultaneously The importance of IMAP for both back-end and front-end user interfaces are increasingly popular IMAP for use with client devices such as PDAs, Palm OS, Win CE and cell phones are becoming popular Use of IMAP in messaging products are an essential requirement in the market

Conclusion IMAP when used by itself is not secure IMAP used with secure mechanisms such as SSH, SSL or Kerberos is secure With the demand for universal multi- device connectivity, the future of IMAP is very promising

Refrences s_Protocol s_Protocol ty.html ty.html Managing IMAP, 1st Editionby Dianna Mullet; Kevin MulletDianna MulletKevin Mullet

Q &A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.