Download presentation
1
SMTP / MIME Florin Zidaru
2
Outline What is SMTP? How does SMTP work? SMTP Security Issues MIME
3
1. What is SMTP? Simple Mail Transport Protocol (SMTP) is the network protocol used to send across the Internet. Simple protocol, purely ASCII text-based uses TCP port 25
4
1. What is SMTP? Ctd. a "push" protocol that does not allow one to "pull" messages from a remote server on demand. it is limited in its ability to queue messages at the receiving end so usually used with POP3 or IMAP to let the user save messages in a server mailbox and download them periodically from the server. users typically use a program that uses SMTP for sending and either POP3 or IMAP for receiving .
5
2. How does SMTP work? as the result of a user mail request, the sender-SMTP establishes a two-way transmission channel to a receiver-SMTP (destination or an intermediate) SMTP commands are generated by the sender-SMTP and sent to the receiver-SMTP SMTP replies are sent from the receiver-SMTP to the sender-SMTP in response to the commands.
6
2. How does SMTP work? Ctd.
7
2. Example of the SMTP procedure
8
3. SMTP Security Issues Fatal flaw: trusts the users
Why? Developed when the Internet was small lack of a comprehensive way of verifying an sender's identity. This makes it easy for people to mask their identities by forging return addresses and taking over victim machines to conduct their activities. Consequences: spam, viruses, trojan horses
9
3. SMTP Security Issues Authentication problem solution: SMTP over SSL/TLS protocol is available at the Internet Engineering Task Force's Web site But, how do we establish "trust relationships“? Problem: design a system that authenticates mail servers, rather than individuals. A third party would have to determine whether an server is responsible for sending spam. That kind of responsibility--voluntarily assumed by operators of various spam blacklists--could be difficult and expensive if applied to the Internet as a whole.
10
3. SMTP Security Issues : Enumeration
SMTP enumeration What is enumeration? Once an attacker has identified live hosts and running services, he will turn to probing the identified services more fully for known weaknesses SMTP provides 2 built-in commands that allow for enumeration of users VRFY – confirms names of valid users EXPN – reveals the addresses of aliases and mailing lists
11
3. SMTP Security Issues : Enumeration
Example: Enumeration can be done over a telnet connection: telnet Connected to 220 mail.bigcorp.com ESMTP 8.8.7/8.8.7 vrfy root 250 root expn adm 250 adm quit
12
3. SMTP Enumeration Countermeasures:
oldie-but-goodie service that should be turned off newer versions of SMTP server software sendmail ( offer syntax that can be embedded in the mail.cf file to disable the discussed commands Microsoft’s Exchange Server prevents nonprivileged users from using EXPN and VRFY by default in recent versions
13
4. MIME: Multipurpose Internet Mail Extensions
Internet Standard that extends the format of to support: - text in character sets other than US-ASCII; - non-text attachments; - multi-part message bodies; a fundamental component of communication protocols such as HTTP, which requires that data be transmitted in the context of -like messages, even though the data might not fit this context.
14
Resources SMTP on Wikipedia: http://en.wikipedia.org/wiki/SMTP
RFC 821 – SMTP SMTP Security:
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.