Email Protocols and Troubleshooting - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

Email Protocols and Troubleshooting

Description:

Sends bounce message to sender after retrying delivery. Incoming Mail Server (or MX server) ... (Should never send a bounce) Basic SMTP Commands. HELO (and EHLO) ... – PowerPoint PPT presentation

Number of Views:108
Avg rating:3.0/5.0
Slides: 23
Provided by: brandonc
Category:

less

Transcript and Presenter's Notes

Title: Email Protocols and Troubleshooting


1
Email Protocols and Troubleshooting
  • Brandon Checketts

2
Components of an Email System
  • Mail Transport Agent (MTA)
  • Mail User Agent (MUA)
  • Local Delivery Agent (LDA)
  • ..others??

3
Common Email Protocols
  • Sending Mail
  • SMTP (Simple Mail Transport Protocol)
  • Servers include Sendmail, Postfix, Exim, Qmail
  • Receiving Mail
  • IMAP (Internet Message Access Protocol)
  • POP3 (Post Office Protocol v3)
  • Servers Include Dovecot, Courier, Qmail

4
SMTP Design
  • Delivers a message from one machine to another
  • Became popular in the 1980s (as complement to
    UUCP)
  • Used for outgoing messages from a sender to their
    outgoing mail server
  • Communication between mail servers on the
    Internet
  • Typically listens on TCP Port 25
  • and also on 587 and 465

5
SMTP Servers
  • Sendmail
  • Widely available, complicated to configure (M4
    macros, etc)
  • The term sendmail is used in multiple contexts
  • Postfix
  • Widely available, semi-straightforward
  • Exim
  • Generaly available, semi-complicated to configure
  • Qmail
  • Generally available, completely different than
    most other nix servers
  • (These are my opinions - your mileage may vary)

6
SMTP Uses
  • If ever configuring a mail server, try to
    separate these two types of services
  • Outgoing Mail Server
  • Should have some kind of authentication
  • Queue messages when receiving server is
    unavailable
  • Sends bounce message to sender after retrying
    delivery
  • Incoming Mail Server (or MX server)
  • Receives incoming messages from the Internet
  • Delivers message to a mailbox
  • (Should never send a bounce)

7
Basic SMTP Commands
  • HELO (and EHLO)
  • MAIL FROM
  • RCPT TO
  • DATA
  • QUIT
  • Response Codes
  • 2xx (Success)
  • 4xx (Temporary Failure)
  • 5xx (Permanent Failure

8
Simple SMTP Session
  • root_at_xpgrinders telnet filter1.roundsphere.co
    m 25
  • Trying 64.18.6.14...
  • Connected to filter1.roundsphere.com.
  • Escape character is ''.
  • 220 Postini ESMTP ltsnipgtrtisements.
  • ehlo example.com
  • 250-Postini says hello back
  • 250-STARTTLS
  • 250-8BITMIME
  • 250 HELP
  • mail fromltsender_at_example.comgt
  • 250 Ok
  • rcpt toltrecipient_at_destination.comgt
  • 250 Ok
  • data
  • 354 Feed me
  • Subject This is a test
  • From "Brandon Testing" ltuser_at_example.comgt
  • To "Brandon Testing Again" ltrecipient_at_destination
    .comgt

9
Simple SMTP Session (Big 1)
  • root_at_xpgrinders telnet filter1.roundsphere.co
    m 25
  • Trying 64.18.6.14...
  • Connected to filter1.roundsphere.com.
  • Escape character is ''.
  • 220 Postini ESMTP ltsnipgtrtisements.
  • ehlo example.com
  • 250-Postini says hello back
  • 250-STARTTLS
  • 250-8BITMIME
  • 250 HELP
  • mail fromltsender_at_example.comgt
  • 250 Ok

10
Simple SMTP Session (Big 2)
  • rcpt toltrecipient_at_destination.comgt
  • 250 Ok
  • data
  • 354 Feed me
  • Subject This is a test
  • From "Brandon Testing" ltsender_at_example.comgt
  • To "Brandon Testing" ltrecipient_at_destination.comgt
  • This is my message
  • .
  • 250 Thanks
  • quit
  • 221 Catch you later

11
Weaknesses and Extensions
  • No Sender Authentication
  • SMTP Auth
  • Unencrypted
  • SSL and TLS
  • Text-Only
  • MIME
  • Bounces ?
  • SPAM ???
  • SPF and DKIM

12
POP3 Protocol
  • Retrieves messages from a mail server
  • Typically, messages are downloaded to your mail
    client, and deleted from the server
  • Designed for use with dial-up connections when
    people were intermittently connected
  • Listens on Port 110 (with Secure POP generally on
    port 995)

13
Sample POP3 Session
  • root_at_xpgrinders telnet mail.roundsphere.com
    110
  • Trying 206.71.88.102...
  • Connected to mail.roundsphere.com.
  • Escape character is ''.
  • OK Dovecot ready.
  • user user_at_testing.com
  • OK
  • pass letmein
  • OK Logged in.
  • list
  • OK 1 messages
  • 1 482
  • .
  • retr 1
  • OK 482 octets
  • ltsnipgtMessage Headerslt/snipgt
  • This is my short message

14
IMAP Protocol
  • Listens on port 143 (IMAP/SSL on port 993)
  • Mail stays on the server. Mail Client caches
    information locally
  • Extremely useful for multiple users, multiple
    machines, Webmail, etc
  • Searches are done on the server

15
Sample IMAP Session
  • root_at_xpgrinders telnet mail.roundsphere.com
    143
  • Trying 206.71.88.102...
  • Connected to mail.roundsphere.com.
  • Escape character is ''.
  • OK Dovecot ready.
  • A1 LOGIN user_at_testing.com letmein
  • A1 OK Logged in.
  • A2 SELECT Inbox
  • FLAGS (\Answered \Flagged \Deleted \Seen
    \Draft)
  • OK PERMANENTFLAGS (\Answered \Flagged \Deleted
    \Seen \Draft \) Flags permitted.
  • 1 EXISTS
  • 0 RECENT
  • OK UIDVALIDITY 1225333589 UIDs valid
  • OK UIDNEXT 2 Predicted next UID
  • A2 OK READ-WRITE Select completed.
  • A3 FETCH 1 BODYHEADER
  • 1 FETCH (BODYHEADER 454
  • ltsnipgt Message Header Deliveredlt/snipgt
  • A3 OK Fetch completed.

16
SPAM Phishing
  • SMTP has no built-in way to verify the legitimacy
    of the message
  • Anybody can say they are anybody else
  • SMTP is far too prolific to try to replace it
  • (demonstrate sending an email as PayPal)

17
Fighting Spam
  • Greylisting
  • Content Filtering
  • This can get to be incredibly CPU intensive
  • DNS-based Blacklists
  • Consider Appliances and Outsourced Services

18
SPF and SenderID
  • Concept is to validate the path the message took
  • SPF Record published in DNS gives a list of the
    servers authorized to send email for a given
    domain
  • Fairly Simple to create
  • SPF Record Looks Like
  • vspf1 a amail.domain.com all
  • SPF Wizard at http//www.openspf.org/

19
DomainKeys / DKIM
  • Cryptographic Hash to sign messages
  • Public Key and policy information is distributed
    via DNS
  • Private key is used to sign the message, and
    certain headers (From, To, Subject, etc)
  • Recipients use public key to verify authenticity
    of the message
  • Verifies a legitimate sender, and is not
    concerned about the path it took to get there.
  • Fairly complicated to set-up

20
Sample DKIM Header
  • DKIM-Signature v1 arsa-sha1 crelaxed
    dbrandonchecketts.com
  • h subjecttomessage-iddatefrom
  • smail
  • bht4KPoqmtYCr/TS32vUW oYU80M
    bE2UmQVoQVmXMopufIQ6bjnfN9as7R6R7x8ipJpLn/XmSM/
    fvt4 lV81G2Bt1hisa3V2SPemw2ecpImC27oolMA1XshTARG
    dUepTFWermUZ0WAaIt4 rWwqvhpVd/r3RNkRmSkNZv5uZYQ5
    PeulOHMBHvH4Q5R9XDWIe6MiU

21
For More Information
  • Wikipedia!

22
If Time Permits
  • Demonstrate Encrypted SMTP/POP Sessions
  • Demonstrate Postfix / Dovecot Config Files
  • Discuss Webmail?
  • Making Sense out of message headers
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Email Protocols and Troubleshooting" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!