Presentation is loading. Please wait.

Presentation is loading. Please wait.

Email Protocols and Troubleshooting Brandon Checketts.

Published byErin Lloyd Modified over 9 years ago

Similar presentations

Presentation on theme: "Email Protocols and Troubleshooting Brandon Checketts."— Presentation transcript:

1 Email Protocols and Troubleshooting Brandon Checketts

2 Components of an Email System Mail Transport Agent (MTA) Mail Transport Agent (MTA) Mail User Agent (MUA) Mail User Agent (MUA) Local Delivery Agent (LDA) Local Delivery Agent (LDA)..others??..others??

3 Common Email Protocols Sending Mail: Sending Mail: SMTP (Simple Mail Transport Protocol) SMTP (Simple Mail Transport Protocol) Servers include Sendmail, Postfix, Exim, Qmail Receiving Mail Receiving Mail IMAP (Internet Message Access Protocol) IMAP (Internet Message Access Protocol) POP3 (Post Office Protocol v3) POP3 (Post Office Protocol v3) Servers Include Dovecot, Courier, Qmail

4 SMTP Design Delivers a message from one machine to another Delivers a message from one machine to another Became popular in the 1980’s (as complement to UUCP) Became popular in the 1980’s (as complement to UUCP) Used for outgoing messages from a sender to their outgoing mail server Used for outgoing messages from a sender to their outgoing mail server Communication between mail servers on the Internet Communication between mail servers on the Internet Typically listens on TCP Port 25 Typically listens on TCP Port 25 and also on 587 and 465 and also on 587 and 465

5 SMTP Servers Sendmail Sendmail Widely available, complicated to configure (M4 macros, etc) Widely available, complicated to configure (M4 macros, etc) The term ‘sendmail’ is used in multiple contexts The term ‘sendmail’ is used in multiple contexts Postfix Postfix Widely available, semi-straightforward Widely available, semi-straightforward Exim Exim Generaly available, semi-complicated to configure Generaly available, semi-complicated to configure Qmail Qmail Generally available, completely different than most other *nix servers Generally available, completely different than most other *nix servers (These are my opinions - your mileage may vary) (These are my opinions - your mileage may vary)

6 SMTP Uses If ever configuring a mail server, try to separate these two types of services Outgoing Mail Server Outgoing Mail Server Should have some kind of authentication Should have some kind of authentication Queue messages when receiving server is unavailable Queue messages when receiving server is unavailable Sends bounce message to sender after retrying delivery Sends bounce message to sender after retrying delivery Incoming Mail Server (or MX server) Incoming Mail Server (or MX server) Receives incoming messages from the Internet Receives incoming messages from the Internet Delivers message to a mailbox Delivers message to a mailbox (Should never send a bounce) (Should never send a bounce)

7 Basic SMTP Commands HELO (and EHLO) HELO (and EHLO) MAIL FROM MAIL FROM RCPT TO RCPT TO DATA DATA QUIT QUIT Response Codes Response Codes 2xx (Success) 2xx (Success) 4xx (Temporary Failure) 4xx (Temporary Failure) 5xx (Permanent Failure 5xx (Permanent Failure

8 Simple SMTP Session [root@xpgrinders ~]# telnet filter1.roundsphere.com 25 [root@xpgrinders ~]# telnet filter1.roundsphere.com 25 Trying 64.18.6.14... Trying 64.18.6.14... Connected to filter1.roundsphere.com. Connected to filter1.roundsphere.com. Escape character is '^]'. Escape character is '^]'. 220 Postini ESMTP rtisements. 220 Postini ESMTP rtisements. ehlo example.com ehlo example.com 250-Postini says hello back 250-Postini says hello back 250-STARTTLS 250-STARTTLS 250-8BITMIME 250-8BITMIME 250 HELP 250 HELP mail from: mail from: 250 Ok 250 Ok rcpt to: rcpt to: 250 Ok 250 Ok data data 354 Feed me 354 Feed me Subject: This is a test Subject: This is a test From: "Brandon Testing" From: "Brandon Testing" To: "Brandon Testing Again" To: "Brandon Testing Again" this is my message this is my message. 250 Thanks 250 Thanks quit quit 221 Catch you later 221 Catch you later

9 Simple SMTP Session (Big #1) [root@xpgrinders ~]# telnet filter1.roundsphere.com 25 [root@xpgrinders ~]# telnet filter1.roundsphere.com 25 Trying 64.18.6.14... Trying 64.18.6.14... Connected to filter1.roundsphere.com. Connected to filter1.roundsphere.com. Escape character is '^]'. Escape character is '^]'. 220 Postini ESMTP rtisements. 220 Postini ESMTP rtisements. ehlo example.com ehlo example.com 250-Postini says hello back 250-Postini says hello back 250-STARTTLS 250-STARTTLS 250-8BITMIME 250-8BITMIME 250 HELP 250 HELP mail from: mail from: 250 Ok 250 Ok

10 Simple SMTP Session (Big #2) rcpt to: rcpt to: 250 Ok 250 Ok data data 354 Feed me 354 Feed me Subject: This is a test Subject: This is a test From: "Brandon Testing" From: "Brandon Testing" To: "Brandon Testing" To: "Brandon Testing" This is my message This is my message. 250 Thanks 250 Thanks quit quit 221 Catch you later 221 Catch you later

11 Weaknesses and Extensions No Sender Authentication No Sender Authentication SMTP Auth SMTP Auth Unencrypted Unencrypted SSL and TLS SSL and TLS Text-Only Text-Only MIME MIME Bounces  Bounces  SPAM  SPAM  SPF and DKIM SPF and DKIM

12 POP3 Protocol Retrieves messages from a mail server Retrieves messages from a mail server Typically, messages are downloaded to your mail client, and deleted from the server Typically, messages are downloaded to your mail client, and deleted from the server Designed for use with dial-up connections when people were intermittently connected Designed for use with dial-up connections when people were intermittently connected Listens on Port 110 (with Secure POP generally on port 995) Listens on Port 110 (with Secure POP generally on port 995)

13 Sample POP3 Session [root@xpgrinders ~]# telnet mail.roundsphere.com 110 [root@xpgrinders ~]# telnet mail.roundsphere.com 110 Trying 206.71.88.102... Trying 206.71.88.102... Connected to mail.roundsphere.com. Connected to mail.roundsphere.com. Escape character is '^]'. Escape character is '^]'. +OK Dovecot ready. +OK Dovecot ready. user user@testing.com user user@testing.com +OK +OK pass letmein pass letmein +OK Logged in. +OK Logged in. list list +OK 1 messages: +OK 1 messages: 1 482 1 482. retr 1 retr 1 +OK 482 octets +OK 482 octets Message Headers Message Headers This is my short message This is my short message. quit quit +OK Logging out. +OK Logging out.

14 IMAP Protocol Listens on port 143 (IMAP/SSL on port 993) Listens on port 143 (IMAP/SSL on port 993) Mail stays on the server. Mail Client caches information locally Mail stays on the server. Mail Client caches information locally Extremely useful for multiple users, multiple machines, Webmail, etc Extremely useful for multiple users, multiple machines, Webmail, etc Searches are done on the server Searches are done on the server

15 Sample IMAP Session [root@xpgrinders ~]# telnet mail.roundsphere.com 143 [root@xpgrinders ~]# telnet mail.roundsphere.com 143 Trying 206.71.88.102... Trying 206.71.88.102... Connected to mail.roundsphere.com. Connected to mail.roundsphere.com. Escape character is '^]'. Escape character is '^]'. * OK Dovecot ready. * OK Dovecot ready. A1 LOGIN user@testing.com letmein A1 LOGIN user@testing.com letmein A1 OK Logged in. A1 OK Logged in. A2 SELECT Inbox A2 SELECT Inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted. * 1 EXISTS * 1 EXISTS * 0 RECENT * 0 RECENT * OK [UIDVALIDITY 1225333589] UIDs valid * OK [UIDVALIDITY 1225333589] UIDs valid * OK [UIDNEXT 2] Predicted next UID * OK [UIDNEXT 2] Predicted next UID A2 OK [READ-WRITE] Select completed. A2 OK [READ-WRITE] Select completed. A3 FETCH 1 BODY[HEADER] A3 FETCH 1 BODY[HEADER] * 1 FETCH (BODY[HEADER] {454} * 1 FETCH (BODY[HEADER] {454} Message Header Delivered Message Header Delivered A3 OK Fetch completed. A3 OK Fetch completed. A4 LOGOUT A4 LOGOUT * BYE Logging out * BYE Logging out A4 OK Logout completed. A4 OK Logout completed. Connection closed by foreign host. Connection closed by foreign host.

16 SPAM & Phishing SMTP has no built-in way to verify the legitimacy of the message SMTP has no built-in way to verify the legitimacy of the message Anybody can say they are anybody else Anybody can say they are anybody else SMTP is far too prolific to try to replace it SMTP is far too prolific to try to replace it (demonstrate sending an email as PayPal) (demonstrate sending an email as PayPal)

17 Fighting Spam Greylisting Greylisting Content Filtering Content Filtering This can get to be incredibly CPU intensive This can get to be incredibly CPU intensive DNS-based Blacklists DNS-based Blacklists Consider Appliances and Outsourced Services Consider Appliances and Outsourced Services

18 SPF and SenderID Concept is to validate the path the message took Concept is to validate the path the message took SPF Record published in DNS gives a list of the servers authorized to send email for a given domain SPF Record published in DNS gives a list of the servers authorized to send email for a given domain Fairly Simple to create Fairly Simple to create SPF Record Looks Like: SPF Record Looks Like: v=spf1 a a:mail.domain.com ~all v=spf1 a a:mail.domain.com ~all SPF Wizard at http://www.openspf.org/

19 DomainKeys / DKIM Cryptographic Hash to sign messages Cryptographic Hash to sign messages Public Key and policy information is distributed via DNS Public Key and policy information is distributed via DNS Private key is used to sign the message, and certain headers (From, To, Subject, etc) Private key is used to sign the message, and certain headers (From, To, Subject, etc) Recipients use public key to verify authenticity of the message Recipients use public key to verify authenticity of the message Verifies a legitimate sender, and is not concerned about the path it took to get there. Verifies a legitimate sender, and is not concerned about the path it took to get there. Fairly complicated to set-up Fairly complicated to set-up

20 Sample DKIM Header DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=brandonchecketts.com; h= subject:to:message-id:date:from; h= subject:to:message-id:date:from; s=mail; s=mail; bh=t4KP+oqmtYCr/TS32vUW oYU+80M=; b=E2UmQVoQVm+XMopufIQ6bjnfN9as7R6R7x8i pJpLn/Xm+SM/fvt4 lV81G2Bt1hisa3V2SP+emw2ecpImC27o+olMA1X shTARGdUepTFWermUZ0WAaIt4 rWwqv+hpVd/r3RNkRmS+kNZv5uZYQ5PeulOHM BHvH4Q5R9XDWIe6MiU= bh=t4KP+oqmtYCr/TS32vUW oYU+80M=; b=E2UmQVoQVm+XMopufIQ6bjnfN9as7R6R7x8i pJpLn/Xm+SM/fvt4 lV81G2Bt1hisa3V2SP+emw2ecpImC27o+olMA1X shTARGdUepTFWermUZ0WAaIt4 rWwqv+hpVd/r3RNkRmS+kNZv5uZYQ5PeulOHM BHvH4Q5R9XDWIe6MiU=

21 For More Information Wikipedia! Wikipedia!

22 If Time Permits Demonstrate Encrypted SMTP/POP Sessions Demonstrate Encrypted SMTP/POP Sessions Demonstrate Postfix / Dovecot Config Files Demonstrate Postfix / Dovecot Config Files Discuss Webmail? Discuss Webmail? Making Sense out of message headers Making Sense out of message headers

Download ppt "Email Protocols and Troubleshooting Brandon Checketts."

Similar presentations

Securing Email Bruce Maggs. Separate Suites of Protocols Protocols for retrieving email: POP, IMAP, MAPI (Microsoft Exchange) Protocols for sending email:

Securing Bruce Maggs. Separate Suites of Protocols Protocols for retrieving POP, IMAP, MAPI (Microsoft Exchange) Protocols for sending
INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)

INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)
1 Electronic Mail u Three major components: u user agents u mail servers u simple mail transfer protocol: SMTP u User Agent u a.k.a. “mail reader” u composing,

1 Electronic Mail u Three major components: u user agents u mail servers u simple mail transfer protocol: SMTP u User Agent u a.k.a. “mail reader” u composing,
TCP/IP Protocol Suite 1 Chapter 20 Upon completion you will be able to: Electronic Mail: SMTP, POP, and IMAP Understand four configurations of email architecture.

TCP/IP Protocol Suite 1 Chapter 20 Upon completion you will be able to: Electronic Mail: SMTP, POP, and IMAP Understand four configurations of architecture.
CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT 740 Class.

CPSC 441: FTP & SMTP1 Application Layer: FTP & Instructor: Carey Williamson Office: ICT Class.
Electronic Mail and SMTP

Electronic Mail and SMTP
Esimerkki: Sähköposti. Lappeenranta University of Technology / JP, PH, AH Electronic Mail Three major components: user agents mail servers simple mail.

Esimerkki: Sähköposti. Lappeenranta University of Technology / JP, PH, AH Electronic Mail Three major components: user agents mail servers simple mail.
Simple Mail Transfer Protocol (SMTP) Team: Zealous Team: Zealous Presented By: Vishal Parikh (003749955) Vishal Parikh (003749955) Ribhu Pathria(004698318)

Simple Mail Transfer Protocol (SMTP) Team: Zealous Team: Zealous Presented By: Vishal Parikh ( ) Vishal Parikh ( ) Ribhu Pathria( )
SMTP Simple Mail Transfer Protocol. Content I.What is SMTP? II.History of SMTP III.General Features IV.SMTP Commands V.SMTP Replies VI.A typical SMTP.

SMTP Simple Mail Transfer Protocol. Content I.What is SMTP? II.History of SMTP III.General Features IV.SMTP Commands V.SMTP Replies VI.A typical SMTP.
Simple Mail Transfer Protocol

Simple Mail Transfer Protocol
2440: 141 Web Site Administration Email Services Instructor: Enoch E. Damson.

2440: 141 Web Site Administration Services Instructor: Enoch E. Damson.
Introduction 1 Lecture 7 Application Layer (FTP, e-mail) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.

Introduction 1 Lecture 7 Application Layer (FTP, ) slides are modified from J. Kurose & K. Ross University of Nevada – Reno Computer Science & Engineering.
Mail Server Fitri Setyorini. Content SMTP POP3 How mail server works IMAP.

Mail Server Fitri Setyorini. Content SMTP POP3 How mail server works IMAP.
1 Lecture #3 Electronic Mail Protocols HAIT Summer 2005 Shimrit Tzur-David.

1 Lecture #3 Electronic Mail Protocols HAIT Summer 2005 Shimrit Tzur-David.
Introduction 1-1 Chapter 2 FTP & Email Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 IC322 Fall.

Introduction 1-1 Chapter 2 FTP & Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 IC322 Fall.
Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES E-mail Internet Protocols Simple Mail Transfer Protocol, SMTP RFC821 (August 1982)

Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES Internet Protocols Simple Mail Transfer Protocol, SMTP RFC821 (August 1982)
2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.

2: Application Layer1 Chapter 2 Application Layer These slides derived from Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross.
Electronic Mail (SMTP, POP, IMAP, MIME)

Electronic Mail (SMTP, POP, IMAP, MIME)
1 Web Server Administration Chapter 8 Providing E-mail Services.

1 Web Server Administration Chapter 8 Providing Services.
SMTP, POP3, IMAP.

SMTP, POP3, IMAP.

Similar presentations

Ads by Google