SMTP / MIME Florin Zidaru.

Slides:



Advertisements
Similar presentations
How Clients and Servers Work Together. Objectives Web Server Protocols Examine how server and client software work Use FTP to transfer files Initiate.
Advertisements

Layer 7- Application Layer
Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Remote mailbox access gateway Software lab project.
CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT Class.
Simple Mail Transfer Protocol (SMTP) CS-328 Dick Steflik.
Implementing Application Protocols. Overview An application protocol facilitates communication between applications. For example, an client uses.
Technion – Israel Institute of Technology Department of Electrical Engineering Software Lab Remote Mailbox based on.NET technology Michael and Eugene Shamis.
SNMP & MIME Rizwan Rehman, CCS, DU. Basic tasks that fall under this category are: What is Network Management? Fault Management Dealing with problems.
Chapter 30 Electronic Mail Representation & Transfer
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
Architecture of SMTP, POP, IMAP, MIME.
Introduction 1 Lecture 7 Application Layer (FTP, ) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.
-I CS-3505 Wb_ -I.ppt. 4 The most useful feature of the internet 4 Lots of different programs, but most of them can talk to each.
Introduction 1-1 Chapter 2 FTP & Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 IC322 Fall.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
Electronic Mail (SMTP, POP, IMAP, MIME)
INTRODUCTION TO WEB DATABASE PROGRAMMING
SMTP, POP3, IMAP.
1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.
Human-Computer Interface Course 5. ISPs and Internet connection.
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 9
Chapter 7: Internet-Based Applications Business Data Communications, 6e.
1 Computer Communication & Networks Lecture 27 Application Layer: Electronic mail and FTP Waleed.
SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.
Fall 2005 By: H. Veisi Computer networks course Olum-fonoon Babol Chapter 7 The Application Layer.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.
 TCP/IP is the communication protocol for the Internet  TCP/IP defines how electronic devices should be connected to the Internet, and how data should.
26.1 Chapter 26 Remote Logging, Electronic Mail, and File Transfer Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.
Computer Networks26-1 Chapter 26. Remote Logging, Electronic Mail and File Transfer.
Sending and Receiving Mails
Simple Mail Transfer Protocol (SMTP)
Component 9 – Networking and Health Information Exchange Unit 1-1 ISO Open Systems Interconnection (OSI) This material was developed by Duke University,
Electronic Mail. Client Software and Mail Hosts –Client PC has client software that communicates with user’s mail host –Mail hosts deliver.
File Transfer Protocol (FTP)
1 SMTP - Simple Mail Transfer Protocol –RFC 821 POP - Post Office Protocol –RFC 1939 Also: –RFC 822 Standard for the Format of ARPA Internet Text.
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
Concepts  messages are passed through the internet by using a protocol called simple mail transfer protocol.  The incoming messages are.
SIMPLE MAIL TRANSFER PROTOCOL. Introduction Simple Mail Transfer Protocol is the standard protocol on the Internet and part of the TCP/IP protocol.
CS 3830 Day 9 Introduction 1-1. Announcements r Quiz #2 this Friday r Demo prog1 and prog2 together starting this Wednesday 2: Application Layer 2.
SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.
4343 X2 – Outline The Domain Name System The Web.
SMTP - Simple Mail Transfer Protocol RFC 821
CS440 Computer Networks 1 Neil Tang 12/01/2008.
Slides based on Carey Williamson’s: FTP & SMTP1 File Transfer Protocol (FTP) r FTP client contacts FTP server at port 21, specifying TCP as transport protocol.
Mr C Johnston ICT Teacher G055 - Lecture 10 Network Protocols.
Ch 2. Application Layer Myungchul Kim
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
26.1 Electronic Mail Sending/Receiving Mail Addresses User Agent MIME Mail Transfer Agent Mail Access Protocols.
Dr. Adil Yousif University of Alneelian – Master of CS - IT Electronic Mail.
© 2010 Computer Science Faculty, Kabul University FTP AND ELECTRONICE MAIL 5 TH LECTURE 4, May, 2010 Baseer Ahmad Baheer.
Application Layer instructors at St. Clair College in Windsor, Ontario for their slides. Special thanks to instructors at St. Clair College in Windsor,
Spring 2006 CPE : Application Layer_ 1 Special Topics in Computer Engineering Application layer: Some of these Slides are Based on Slides.
درس مهندسی اینترنت – مهدی عمادی مهندسی اینترنت برنامه‌نویسی در اینترنت 1 SMTP, FTP.
SMTP - Simple Mail Transfer Protocol POP - Post Office Protocol
Networking Applications
Remote Logging, Electronic Mail, and File Transfer
Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 9
Working at a Small-to-Medium Business or ISP – Chapter 7
Working at a Small-to-Medium Business or ISP – Chapter 7
Working at a Small-to-Medium Business or ISP – Chapter 7
Chapter 2: Application layer
Remote Logging, Electronic Mail,
The Application Layer: SMTP, FTP
Protocol Application TCP/IP Layer Model
Chapter 7 Network Applications
Chapter 2 Application Layer
Computer Networks Protocols
MESSAGE ACCESS AGENT: POP AND IMAP
Presentation transcript:

SMTP / MIME Florin Zidaru

Outline What is SMTP? How does SMTP work? SMTP Security Issues MIME

1. What is SMTP? Simple Mail Transport Protocol (SMTP) is the network protocol used to send email across the Internet. Simple protocol, purely ASCII text-based uses TCP port 25

1. What is SMTP? Ctd. a "push" protocol that does not allow one to "pull" messages from a remote server on demand. it is limited in its ability to queue messages at the receiving end so usually used with POP3 or IMAP to let the user save messages in a server mailbox and download them periodically from the server. users typically use a program that uses SMTP for sending e-mail and either POP3 or IMAP for receiving e-mail.

2. How does SMTP work? as the result of a user mail request, the sender-SMTP establishes a two-way transmission channel to a receiver-SMTP (destination or an intermediate) SMTP commands are generated by the sender-SMTP and sent to the receiver-SMTP SMTP replies are sent from the receiver-SMTP to the sender-SMTP in response to the commands.

2. How does SMTP work? Ctd.

2. Example of the SMTP procedure

3. SMTP Security Issues Fatal flaw: trusts the users Why? Developed when the Internet was small lack of a comprehensive way of verifying an e-mail sender's identity. This makes it easy for people to mask their identities by forging return addresses and taking over victim machines to conduct their activities. Consequences: spam, viruses, trojan horses

3. SMTP Security Issues Authentication problem solution: SMTP over SSL/TLS protocol is available at the Internet Engineering Task Force's Web site But, how do we establish "trust relationships“? Problem: design a system that authenticates mail servers, rather than individuals. A third party would have to determine whether an e-mail server is responsible for sending spam. That kind of responsibility--voluntarily assumed by operators of various spam blacklists--could be difficult and expensive if applied to the Internet as a whole.

3. SMTP Security Issues : Enumeration SMTP enumeration What is enumeration? Once an attacker has identified live hosts and running services, he will turn to probing the identified services more fully for known weaknesses SMTP provides 2 built-in commands that allow for enumeration of users VRFY – confirms names of valid users EXPN – reveals the addresses of aliases and mailing lists

3. SMTP Security Issues : Enumeration Example: Enumeration can be done over a telnet connection: telnet 192.168.202.34 25 Connected to 192.168.202.34 220 mail.bigcorp.com ESMTP 8.8.7/8.8.7 vrfy root 250 root <root@bigcorp.com> expn adm 250 adm <adm@bigcorp.com> quit

3. SMTP Enumeration Countermeasures: oldie-but-goodie service that should be turned off newer versions of SMTP server software sendmail (www.sendmail.org) offer syntax that can be embedded in the mail.cf file to disable the discussed commands Microsoft’s Exchange Server prevents nonprivileged users from using EXPN and VRFY by default in recent versions

4. MIME: Multipurpose Internet Mail Extensions Internet Standard that extends the format of e-mail to support: - text in character sets other than US-ASCII; - non-text attachments; - multi-part message bodies; a fundamental component of communication protocols such as HTTP, which requires that data be transmitted in the context of e-mail-like messages, even though the data might not fit this context.

Resources SMTP on Wikipedia: http://en.wikipedia.org/wiki/SMTP RFC 821 – SMTP http://www.ietf.org/rfc/rfc0821.txt SMTP Security: http://news.com.com/2100-1038_3-5058610.html

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.