Last Lecture Start the Applicatin Layer DNS SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 1
This Lecture SMTP SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 2
Electrnic Mail Infrastructure Fur majr cmpnents: User s Mail s SMTP Mail access prtcl IMAP/POP3 User Agent ( Mail Reader ) Cmpsing, editing, reading mail messages E.g., Eudra, Outlk, Pine, Thunderbird, Apple Mail mail SMTP mail IMAP/POP3 SMTP SMTP mail SMTP (25) ESMTP (587) Secure SMTP (465) utging message queue mailbx SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 3
Typical Scenari: Alice Emails Bb 1) Alice uses UA t cmpse message t bb@smeschl.edu 2) Alice s UA sends message t her mail ; message placed in message queue 3) Client side f SMTP pens TCP cnnectin with Bb s mail Hw des it knw IP f Bb s mail? 4) SMTP client sends Alice s message ver the TCP cnnectin 5) Bb s mail places the message in Bb s mailbx 6) Bb invkes his t retrieve the message There are ften mre than 1 mail n the path (fllw MX preference) 1 mail mail 2 3 4 5 6 SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 4
Mail Servers Typical functinalities Mailbx cntains incming messages fr Message queue f utging (t be sent) mail messages mail SMTP SMTP mail SMTP prtcl between mail s t send email messages mail SMTP Client : sending mail Server : receiving mail SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 5
SMTP Uses TCP t reliably transfer email message frm client t, prt 25 Three phases f transfer handshaking (greeting) transfer f messages clsure Cmmand/respnse interactin Cmmands (r Verb): ASCII text Respnse : status cde and phrase 200-399: acceptance 400-499: temprary rejectin 500-599: permanent rejectin Messages must be in 7-bit ASCII SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 6
Sample SMTP Interactin [hungng@saign] ~ $ telnet ubmx.buffal.edu 25 Trying 128.205.5.197... Cnnected t ubmx.buffal.edu. Escape character is '^]'. 220 mxb.acsu.buffal.edu ESMTP Prefixe HELO buffal.edu 250 mxb.acsu.buffal.edu MAIL FROM: <hungng@buffal.edu> 250 2.1.0 Ok RCPT TO: <my_email@gmail.cm> 554 5.7.1 <my_email@gmail.cm>: Relay access denied RCPT TO: <hungng@buffal.edu> 250 2.1.5 Ok DATA 354 End data with <CR><LF>.<CR><LF> This is just a test. 250 2.0.0 Ok: queued as 7FE8B2889 QUIT 221 2.0.0 Bye Cnnectin clsed by freign hst. SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 7
SMTP (Basic) Mail Message Frmat SMTP: prtcl fr exchanging email msgs RFC 822: standard fr text message frmat: header lines, e.g., T: Frm: Subject: Header lines are different frm SMTP cmmands! bdy the message, 7-bit ASCII characters nly header bdy blank line SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 8
Message Frmat: Multimedia Extensins MIME: multimedia mail extensin, RFC 2045, 2056 Additinal lines in msg header declare MIME cntent type MIME versin methd used t encde data multimedia data type, subtype, parameter declaratin encded data Frm: alice@crepes.fr T: bb@hamburger.edu Subject: Picture f yummy crepe. MIME-Versin: 1.0 Cntent-Transfer-Encding: base64 Cntent-Type: image/jpeg base64 encded data.........base64 encded data SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 9
Mail Access Prtcls SMTP ESMTP SMTP access prtcl sender s mail receiver s mail Mail access prtcl: retrieval frm POP: Pst Office Prtcl [RFC 1939] authrizatin ( <-->) and dwnlad IMAP: Internet Mail Access Prtcl [RFC 1730] mre features (mre cmplex) manipulatin f stred messages n HTTP: gmail, Htmail, Yah! Mail, etc. SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 10
POP3 Prtcl Authrizatin phase client cmmands: : declare name pass: passwrd respnses +OK -ERR Transactin phase, client: list: list message numbers retr: retrieve message by number dele: delete quit S: +OK POP3 ready C: bb S: +OK C: pass hungry S: +OK successfully lgged n C: list S: 1 498 S: 2 912 S:. C: retr 1 S: <message 1 cntents> S:. C: dele 1 C: retr 2 S: <message 1 cntents> S:. C: dele 2 C: quit S: +OK POP3 signing ff SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 11
POP3 and IMAP Mre abut POP3 Previus example uses dwnlad and delete mde. Bb cannt re-read e-mail if he changes client Dwnlad-and-keep : cpies f messages n different clients POP3 is stateless acrss sessins IMAP Keep all messages in ne place: the Allws t rganize messages in flders IMAP keeps state acrss sessins: names f flders and mappings between message IDs and flder name SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 12
SMTP: a Cinderella Stry A simple idea (1971) changes ur lives frever! Accrding t pingdm.cm: 1.4 billin The number f email s wrldwide. 247 billin The number f emails sent per day in 2009. 90 trillin The ttal number f emails sent in 2009 81% The percentage f emails that are spam. Remember Sabeer Bhatia? Yu culd d the same. SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 13
Our Cinderella is Nt Very Smart RFC 2821 S Simple Mail Transfer Prtcl (SMTP) RFC 1123 S Requirements fr Internet hsts - applicatin and supprt RFC 974 S Mail ruting and the dmain system (MX recrds) RFC 1869 S SMTP Service Extensins RFC 1870 S SMTP Service Extensin fr Message Size Declaratin RFC 1652 D SMTP Service Extensin fr 8bit-MIMEtransprt RFC 3030 P SMTP Service Extensins fr Transmissin f Large and Binary MIME Messages RFC 1845 E SMTP Service Extensin fr Checkpint/Restart RFC 1846 E SMTP 521 Reply Cde RFC 2920 S SMTP Service Extensin fr Cmmand Pipelining RFC 1985 P SMTP Service Extensin fr Remte Message Queue Starting (ETRN) RFC 2645 P On-Demand Mail Relay (ODMR) SMTP with Dynamic IP Addresses RFC 2852 P Deliver By SMTP Service Extensin RFC 2034 P SMTP Service Extensin fr Returning Enhanced Errr Cdes RFC 3464 P An Extensible Message Frmat fr Delivery Status Ntificatins (DSNs) RFC 3463 D Enhanced Mail System Status Cdes RFC 3461 P SMTP Service Extensin fr Delivery Status Ntificatins RFC 3462 P Multipart/Reprt Cntent Type fr the Reprting f Mail System Administrative Messages RFC 2476 P Message Submissin RFC 2554 P SMTP Service Extensin fr Authenticatin RFC 2505 B Anti-Spam Recmmendatins fr SMTP MTAs RFC 2442 I Batch SMTP Media Type RFC 1047 I Duplicate messages and SMTP RFC 1090 I SMTP n X.25 SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 14
The Headache T filter r nt t filter, that s the prblem! The number f spam emails sent in 2009 (assuming 81% are spam) is 73 trillin Nte: Spam is a registered trademark f a meat prduct made by Hrmel Spam cmes frm a Mnty Pythn sketch What s the rt cause f spamming? SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 15
Main Prblem Btnet! NY Times, Jan 23, 2009: Wrm Infects Millins f Cmputers Wrldwide A new digital plague has hit the Internet, infecting millins f persnal and business cmputers in what seems t be the first step f a multistage attack. The wrld s leading cmputer security experts d nt yet knw wh prgrammed the infectin, r what the next stage will be. In recent weeks a wrm, a malicius sftware prgram, has swept thrugh crprate, educatinal and public cmputer netwrks arund the wrld. Knwn as Cnficker r Dwnadup, it is spread by a recently discvered Micrsft Windws vulnerability, by guessing netwrk passwrds and by hand-carried cnsumer gadgets like USB keys. Much mre abut btnets later in the curse SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 16
Sme Partial Slutins Authenticatin (SMTP ver SSL/TLS) Users Mail s Hw t trust peple/s? A trusted third party causes ther prblems. Rewrite SMTP Key CS phrase: Backward cmpatibility Currently there are millins f SMTP s n the net Tk IETF > 6 years t decide that spam is harmful and frmed a research grup t study slutins Ad Hc extensins t SMTP (e.g. TEOS) Micrsft: why dn t we amend DNS? SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 17
Mre Partial Slutins Challenge-respnse technlgy SpamArrest.cm, Mail-blck.cm, ipermitmail.cm Pses prblems n its wn RFC 2505: D nt relay Use DNS infrmatin (hpefully with secure DNS RFC2065 which makes IP spfing much harder) This is currently in use n many MTAs Anther prblem: DS n DNS s Delays: waiting fr DNS respnse SUNY at Buffal; CSE 489/589 Mdern Netwrking Cncepts; Fall 2010; Instructr: Hung Q. Ng 18