Mail agents. Introduction to Internet Mail. Message format (1) Message format (2)

Similar documents
Introduction to Internet Mail. Philip Hazel. University of Cambridge Computing Service. Mail agents

. SMTP, POP, and IMAP

Mail agen ts. Introduction to Internet Mail Abridged & Up dated by Hervey Allen. Message form at (1) Message form at (2)

Application: Electronic Mail

How Internet Works

CIT 470: Advanced Network and System Administration. Topics. Mail Policies.

Fortinet.Certdumps.FCESP.v by.Zocki.81q. Exam Code: FCESP. Exam Name: Fortinet Certified Security Professional

[Prof. Rupesh G Vaishnav] Page 1

CS 43: Computer Networks. 12: and SMTP September 28, 2018

Electronic mail, usually called , consists of simple text messages a piece of text sent to a recipient via the internet.

Outline. EEC-484/584 Computer Networks. Slow Start Algorithm. Internet Congestion Control Algorithm

Objectives CINS/F1-01

Lecture 25. Tuesday, November 21 CS 475 Networks - Lecture 25 1

CCNA Exploration1 Chapter 3: Application Layer Functionality and Protocols

Electronic Mail

Protocols and Software. Nixu Ltd.

Chapter 10: Application Layer

Application Layer: OSI and TCP/IP Models

Electronic Mail. Electronic Mailboxes

Symantec ST0-250 Exam

Electronic Mail Paradigm

Debian/GNU Linux Mailing

Internet Technology. 03r. Application layer protocols: . Paul Krzyzanowski. Rutgers University. Spring 2016

Index. B Big Brother, 218 BMC Patrol, 219

Computer Network 1 1

is still the most used Internet app. According to some studies around 85% of Internet users still use for communication.

anti-spam techniques beyond Bayesian filters

Electronic Mail. Prof. Indranil Sen Gupta. Professor, Dept. of Computer Science & Engineering Indian Institute of Technology Kharagpur

FTP. Mail. File Transfer Protocol (FTP) FTP commands, responses. Electronic Mail. TDTS06: Computer Networks

Networking Revision. TCP/IP Protocol Stack & OSI reference model. Basic Protocols. TCP/IP Model ANTHONY KAO NETWORKING FINAL EXAM SPRING 2014 REVISION

Handling unwanted . What are the main sources of junk ?

CSN09101 Networked Services. Module Leader: Dr Gordon Russell Lecturers: G. Russell

Aka (or according to Knuth) Karst Koymans. Friday, September 25, 2015

Investigating . Tracing & Recovery

Objective. Application Layer Functionality and Protocols. CCNA Exploration 4.0 Network Fundamentals Chapter 03. Universitas Dian Nuswantoro

Chapter 2: Application layer

Chapter 26 Remote Logging, Electronic Mail, and File Transfer 26.1

Electronic Mail (SMTP)

Chapter 20 SMTP. Slides from TCP/IP - Forouzan. User Agent (UA) Addressing Delayed Delivery Aliases Mail Transfer Agent (MTA) MIME POP.

APPLICATION LAYER APPLICATION LAYER : DNS, HTTP, , SMTP, Telnet, FTP, Security-PGP-SSH.

DNS and SMTP. James Walden CIT 485: Advanced Cybersecurity. James WaldenCIT 485: Advanced Cybersecurity DNS and SMTP 1 / 31

Aka (or according to Knuth) Karst Koymans. Tuesday, September 27, 2016

Filtering 7 April 2014

Computer Engineering II Solution to Exercise Sheet Chapter 4

System: Basic Functionality

Debian/GNU Linux Mailing

SPF (Sender Policy Framework)

Lab 3.4.3: Services and Protocols

SCS3004 Networking Technologies Application Layer Protocols

COSC 301 Network Management. Lecture 14: Electronic Mail

CSCE 463/612 Networks and Distributed Processing Spring 2018

Lecture 6: Application Layer Web proxies, , and SMTP

ECE 435 Network Engineering Lecture 6

Simple Network Management Protocol (SNMP)

Error Codes have 3 Digits

Mail Protocol, Postfix and Mail security

Application Layer Services Omer F. Rana. Networks and Data Communications 1

Debian/GNU Linux Mailing

Documentation for: MTA developers

Mail Server. Introduction

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Configure Exchange 2003 Server

SMTP. George Porter CSE 124 February 12, 2015

This material is based on work supported by the National Science Foundation under Grant No

Ciphermail Webmail Messenger Administration Guide

FTP. FTP offers many facilities :

Applications & Application-Layer Protocols: (SMTP) and DNS

Internet Architecture

Version SurfControl RiskFilter - Administrator's Guide

CCNA Exploration Network Fundamentals. Chapter 03 Application Functionality and Protocols

Week 3: . Johan Bollen Old Dominion University Department of Computer Science

Introduction to Network. Topics

CSCD 330 Network Programming Winter 2015

Chapter 2 Application Layer

Networking. Layered Model. DoD Model. Application Layer. ISO/OSI Model

Agenda. What is ? Brief Introduction To . History Of . Components Of System. Basics

Configuring Sendmail. The Sendmail Module

Request for Comments: 5321 October 2008 Obsoletes: 2821 Updates: 1123 Category: Standards Track

Simple Network Management Protocol (SNMP)

The Application Layer: & SMTP

You should not have any other MX records for your domain name (subdomain MX records are OK).

Basics BUPT/QMUL

FortiMail Gateway Setup and Configuration Technical Note

Basics BUPT/QMUL

Additional laboratory

FTP,HTTP. By Nidhi Jindal

Oversimplified DNS. ... or, even a rocket scientist can understand DNS. Step 1 - Verify WHOIS information

Fig (1) sending and receiving s

Network Working Group. Updates: 1894 June 2000 Category: Standards Track

Components of an (1)

CSC 4900 Computer Networks:

IT Certification Exams Provider! Weofferfreeupdateserviceforoneyear! h ps://

Chapter 10: Application Layer CCENT Routing and Switching Introduction to Networks v6.0

Contents. Management. Client. Choosing One 1/20/17

Set Up with Microsoft Outlook 2013 using POP3

The Application Layer: SMTP, FTP

How do I setup Outlook Express to get my s?

Mail System. chenshh

WWW: the http protocol

Network concepts introduction & wireshark

Transcription:

Introduction to Internet Mail Noah Sematimba Based on Materials by Philip Hazel. Mail agents MUA = Mail User Agent Interacts directly with the end user Pine, MH, Elm, mutt, mail, Eudora, Marcel, Mailstrom, Mulberry, Pegasus, Simeon, Netscape, Outlook,... Multiple MUAs on one system - end user choice MTA = Mail Transfer Agent Receives and delivers messages Sendmail, Smail, PP, MMDF, Charon, Exim, qmail, Postfix,... One MTA per system - sysadmin choice Message format (1) Message format (2) From: Philip Hazel <ph10@cus.cam.ac.uk> To: Julius Caesar <julius@ancient-rome.net> Cc: Mark Anthony <MarkA@cleo.co.uk> Subject: How Internet mail works Julius, I'm going to be running a course on... Format was originally defined by RFC 822 in 1982 Now superseded by RFC 2822 Message consists of Header lines A blank line Body lines An address consists of a local part and a domain julius@ancient-rome.net A basic message body is unstructured Other RFCs (MIME, 2045) add additional headers which define structure for the body MIME supports attachments of various kinds and in various encodings Creating/decoding attachments is the MUA's job

log in Folders MUA Mailbox MTA Spool Authenticating senders Embedded MUA uses inter process call to send to MTA May use pipe, file, or internal SMTP over a pipe MTA knows the identity of the sender Folders MUA SMTP SMTP MTA SMTP MTA Spool Spool Normally inserts Sender: header if differs from From: Freestanding MUA uses SMTP to send mail MTA cannot easily distinguish local/remote clients No authentication in basic protocol AUTH command in extended SMTP POP / IMAP Server Folders Mailbox Use of security additions (TLS/SSL) MUA can point at any MTA whatsoever Need for relay control Host and network blocks A message in transit (1) A message in transit (2) Headers added by the MUA before sending Headers added by MTAs From: Philip Hazel <ph10@cus.cam.ac.uk> To: Julius Caesar <julius@ancient-rome.net> cc: Mark Anthony <MarkA@cleo.co.uk> Subject: How Internet mail works Date: Fri, 10 May 2002 11:29:24 +0100 (BST) Message-ID: <Pine.SOL.3.96.990117111343. 19032A-100000@taurus.cus.cam.ac.uk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=us-ascii Julius, I'm going to be running a course on... Received: from taurus.cus.cam.ac.uk ([192.168.34.54] ident=exim) by mauve.csi.cam.ac.uk with esmtp (Exim 4.00) id 101qxX-00011X-00; Fri, 10 May 2002 11:50:39 +0100 Received: from ph10 (helo=localhost) by taurus.cus.cam.ac.uk with local-smtp (Exim 4.10) id 101qin-0005PB-00; Fri, 10 May 2002 11:50:25 +0100 From: Philip Hazel <ph10@cus.cam.ac.uk> To: Julius Caesar <julius@ancient-rome.net> cc: Mark Anthony <MarkA@cleo.co.uk>...

A message in transit (3) A message is transmitted with an envelope: MAIL FROM:<ph10@cus.cam.ac.uk> RCPT TO:<julius@ancient-rome.net> The envelope is separate from the RFC 2822 message Envelope (RFC 2821) fields need not be the same as the header (RFC 2822) fields MTAs are (mainly) concerned with envelopes Just like the Post Office... Error ( bounce ) messages have null senders MAIL FROM:<> An SMTP session (1) telnet relay.ancient-rome.net 25 220 relay.ancient-rome.net ESMTP Exim... EHLO taurus.cus.cam.ac.uk 250-relay.ancient-rome.net... 250-SIZE 10485760 250-PIPELINING 250 HELP MAIL FROM:<ph10@cus.cam.ac.uk> 250 OK RCPT TO:<julius@ancient-rome.net> 250 Accepted DATA 354 Enter message, ending with. Received: from... (continued on next slide) An SMTP session (2) Email forgery From:... To:... etc.... 250 OK id=10spdr-00034h-00 quit 221 relay.ancient-rome.net closing conn... SMTP return codes 2xx OK 3xx send more data 4xx temporary failure 5xx permanent failure It is trivial to forge unencrypted, unsigned mail This is an inevitable consequence when the sender and recipient hosts are independent It is less trivial to forge really well! Most SPAM usually contains some forged header lines Be alert for forgery when investigating

The Domain Name Service Use of the DNS for email (1) The DNS is a worldwide, distributed database Two DNS record types are used for routing mail DNS servers are called name servers There are multiple servers for each DNS zone Secondary servers are preferably off site Records are keyed by type and domain name Root servers are at the base of the hierarchy Mail Exchange (MX) records map mail domains to host names, and provide a list of hosts with preferences: hermes.cam.ac.uk. MX 5 green.csi.cam.ac.uk. MX 7 ppsw3.csi.cam.ac.uk. MX 7 ppsw4.csi.cam.ac.uk. Address (A) records map host names to IP addresses: green.csi.cam.ac.uk. A 131.111.8.57 ppsw3.csi.cam.ac.uk. A 131.111.8.38 ppsw4.csi.cam.ac.uk. A 131.111.8.44 Caching is used to improve performance Use of the DNS for email (2) Other DNS records MX records were added to the DNS after its initial deployment Backwards compatibility rule: If no MX records found, look for an A record, and if found, treat as an MX with 0 preference MX records were invented for gateways to other mail systems, but are now heavily used for handling generic mail domains The PTR record type maps IP addresses to names 57.8.111.131.in-addr.arpa. PTR green.csi.cam.ac.uk. PTR and A records do not have to be one to one ppsw4.cam.ac.uk. A 131.111.8.33 33.8.111.131.in-addr.arpa. PTR lilac.csi.cam.ac.uk. CNAME records provide an aliasing facility pelican.cam.ac.uk. CNAME redshank.csx.cam.ac.uk.

DNS lookup tools host is easy to use for simple queries host demon.net host 192.168.34.135 host -t mx demon.net nslookup is more widely available, but is more verbose nslookup bt.net nslookup 192.168.34.135 nslookup -querytype=mx bt.net dig is the ultimate nitty gritty tool dig bt.net dig -x 192.158.34.135 dig bt.net mx DNS mysteries Sometimes primary and secondary name servers get out of step When mystified, check for server disagreement host -t ns ioe.ac.uk ioe.ac.uk NS mentor.ioe.ac.uk ioe.ac.uk NS ns0.ja.net host mentor.ioe.ac.uk mentor.ioe.ac.uk mentor.ioe.ac.uk A 144.82.31.3 host mentor.ioe.ac.uk ns0.ja.net mentor.ioe.ac.uk has no A record at ns0.ja.net (Authoritative answer) Common DNS errors Routing a message Final dots missing on RHS host names in MX records MX records point to aliases instead of canonical names This should work, but is inefficient and deprecated Process local addresses Alias lists Forwarding files MX records point to non existent hosts Recognize special remote addresses e.g. local client hosts MX records contain an IP address instead of a host name on the right hand side Unfortunately some MTAs accept this MX records do not contain a preference value Look up MX records for remote addresses If self in list, ignore all MX records with preferences greater than or equal to own preference For each MX record, get IP address(es)

Delivering a message Checking incoming senders Perform local delivery For each remote delivery Try to connect to each remote host until one succeeds A lot of messages are sent with bad envelope senders Mis configured mail software Unregistered domains Mis configured name servers If it accepts or permanently reject the message, that's it Forgers After temporary failures, try again at a later time Forgery seems to be the largest category nowadays Time out after deferring too many times Many MTAs check the sender's domain Addresses are often sorted to avoid sending multiple copies It is harder to check the local part Uses more resources, and can be quite slow Checking incoming recipients Some MTAs check each local recipient during the SMTP transaction Errors are handled by the sending MTA The receiving MTA avoids problems with bad senders Relay control Incoming: From any host to specified domains e.g. incoming gateway or backup MTA Outgoing: From specified hosts to anywhere e.g. outgoing gateway on local network Other MTAs accept messages without checking, and look at the recipients later Errors are handled by the receiving MTA More detailed error messages can be generated The current proliferation of forged senders has made the first approach much more popular From authenticated hosts to anywhere e.g. travelling employee or ISP customer connected to remote network Encryption can be used for password protection during authentication

Policy controls on incoming mail Block known miscreant hosts and networks Realtime Blackhole List (RBL), Dial up list (DUL), etc. http://mail abuse.org (now a charged service) and others Block known miscreant senders Not as effective as it once was for SPAM Refuse malformed messages Recognize junk mail Discard Annotate

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback