UD6.
MAIL SERVERS
� INTRODUCTION
• E-mail works similarly to snail mail
• It has replaced most non-administrative ordinary mail and almost all fax mailings.
• Initially, only text messages could be sent, thanks to MIME they can send attachments.
•Disadvantages:
It does not guarantee that messages will reach their destination It does not ensure that the
sender is who they say they are.
You are not obliged to report any anomaly that occurs during shipment or Receiving the
message. Viruses, Trojans, hoaxes, etc. use this medium for their transmission.
2
� INTRODUCTION(2)
Interpersonal messaging system, with one sender and one or various
recipients.
• Non-interactive, as it does not expect immediate response
• Non-intrusive, because it is read when you want or can
• Not online, allows the user to craft their content quietly and save it
in a draft to send when considers appropriate.
3
� MAIL ACCOUNTS
• It is our identification within the service to be able to receive and send in a unequivocal messages.
• They are made up of two parts separated by the @ at symbol:
• The first part indicates the username of the account
• The second specifies the domain of the mail server where the account is hosted
•Example:
• [email protected]
• There are two basic ways to set up email account downloads:
• IMAP (Internet Message Access Protocol): messages are stored on the mail server.
• POP (Post Office Protocol): messages are saved on the user's computer.
4
� FUNCTIONING
• Client/Server Model
• When an email is sent, the message is routed through from different
servers until it reaches the receiver's.
• The server has defined the email accounts of theusers and the
corresponding mailboxes.
• Clients are responsible for downloading emails and their elaboration.
5
� SERVICE AGENTS
• MUA (Mail User Agent)
• Mail User Agent
• Computer program used to send and receive mail
• MTA (Mail Transfer Agent)
• Mail Transfer Agent
• Mail Server
• Communicates with other servers using Simple Mail Transfer Protocol (SMTP)
• MDA (Mail Delivery Agent)
• Mail Delivery Agent
• Program that manages mailing list mailboxes
• Copies the message from the mail server (MTA) to the user's mailbox
• It is the bridge between MTA and MUA
6
� Service Agent(2)
• The user's MTA communicates with other
MTAs until you reach your destination.
The latter delivers the message to the MDA,
that stores it until the recipient download it
with POP or IMAPAP.
7
� MESSAGE FORMAT
• The SMTP protocol indicates that messages should include:
•Headboard
• From or Sender: indicates the user sending the message
• To or recipient: indicates the user to whom the email is addressed
• CC or carbon copy: recipient of copy. Users who are on the list will receive the email but will see that it is not addressed only to them.
This field is visible to everyone.
• BCC or hidden carbon copy: in this case, they are not added to the list of recipients, they will remain hidden from the rest, whether they
are hidden or not.
• Date: Specifies the date and time of the message being sent
• Subject: brief description of the content of the message
• Body
• It contains the message
• It can be plain text or have some kind of formatting.
8
� MIME EXTENSIONS
Multipurpose Internet Mail Extensions
• Multipurpose Email Extensions
• Set of specifications that set the exchange of all types of files
transparently to the user
• Support:
• Text with non-ASCII characters such as ñ or ç Non-text attachments,
such as images Headers with non-ASCII characters
9
� MAIL DOWNLOAD PROTOCOLS
POP
• Post Office Protocol
• Used to receive mailings
• Allows the user to download received emails to their computer in order to review them later
without the need to be connected to the Internet.
• It was developed in the 80s, and since then it has undergone a series of Improvements
• POP3 is currently used
10
� POP
Funcionamiento de POP3
• Connection: the server listens on port 110, waiting for the connection of a mail client.
• Authentication: The server waits for the name and password of an account. It can be
sent in plaintext (POP3) or encrypted (APOP). USER and PASS command.
• Transaction: once the user has been validated, their mailbox on the server is blocked
(to avoid inconsistencies) and is available to be consulted. The LIST, RETR, and DELE
commands allow you to display, download, and delete messages from the server,
respectively. The QUIT command allows you to move on to the next stage.
• Update: the user disconnects and the server updates the mailbox, deletes messages
that have been marked for deletion, and unlocks the mailbox (new emails can now
enter).
11
� IMAP
• Internet Message Access Protocol(IMAP)
• Internet Message Access Protocol, currently using version 4 (IMAP4)
• Alternative to POP
• Allows the user to access the mail server from any computer with Internet access
and define folders on the server to save messages.
• Allows you to remotely manipulate mailboxes (create, delete and rename)
• The user has access to email from any machine with Internet access
12
� IMAP(2)
●
It provides mobility to users, as messages can be accessed from different
machines. It allows multiple users to work on the same email account, which is
very useful in the case of companies, commercial information departments, etc.
The mail remains on the server until it is explicitly deleted by the user. It
supports the MIME standard, with which attachments can be received. It is used
by webmail servers and clients but it is also possible to download them to a
local machine with POP3.
� SMTP MAIL SENDING PROTOCOL
• Simple Mail Transfer Protocol(SMTP)
• Simple mail transfer protocol
• Defines a series of commands and procedures so that two devices can exchange email messages.
• Establishes the format of the messages, the MTA, and the procedure for storing and forwarding the mail.
•Chronology:
• RFC 821 and 822. SMTP Initial: Used only to transfer ASCII plain text messages.
• RFC 2821 SMTP Extended: Allows messages larger than 64KB in size, and avoids endless mail storms when
forwarding messages between servers.
• RFC 2920: Improves productivity by allowing multiple commands to be accepted on the same TCP segment.
• RFC 3030: Add MIME
14
� HOW SMTP WORKS
Objective: to deliver the email message to its recipient.
1. The client composes the mail message and sends it to port 25 of its SMTP server,
(outgoing mail server)
2. The outgoing SMTP server makes a request to a DNS server. It provides you with the MX
record where the IP address of the receiver's SMTP server is associated with the domain
name corresponding to the email address of the addressee.
3. The outgoing SMTP server forwards the message to the receiver's SMTP mail server.
4. The recipient SMTP server receives the mail, processes it, and leaves it in the mailbox
User input.
15
� COMMANDS AND RESPONSE CODES
Some of the most commonly used commands are:
HELO/EHLO It identifies the customer, who is responsible for sending it
followed by a domain name.
MAIL FROM Identify the sender of the message.
RCPT TO Identify the recipients of the message
DATA The client generates it to indicate that it initiates the sending of the
message content
16
� COMMANDS AND RESPONSE CODES(2)
The response from the server includes a code, the first digit may take Five values each with
a meaning:
Digit/Explanation
1yz The command is accepted, but the action is suspended waiting to know if the client
wants to continue or abort.
2yz The action has been successfully carried out.
3yz The command is accepted, but the action remains pending until the client sends
another command with more information.
4yz The command is not accepted. The client can start the script again.
5yz The command is not accepted and human intervention is needed to correct the
request.
17
� PROCEDURE
AN EMAIL MESSAGE IT IS TRANSMITTED IN THREE PHASES:
1. An SMTP connection is established and Log in.
2. The transaction process is done SMTP, i.e.,
the message is sent email address itself saying.
3. The session is closed and the SMTP connection.
18
� MAIL SERVERS
• Mail server
• MTA employing SMTP
• MDA that employs a mail download protocol such as POP3 or IMAP
• The email service is closely related to:
• DNS servers, which allow the recipient's SMTP server to be located
• Firewalls, which filter outgoing messages to ensure that they can only be used to Ship to
authorized customers
• Linux: Postfix, Sendmail or qmail
• Windows: Microsoft Exchange
19
� MAIL CLIENTS
• Installed on the client
• Applications installed on the user's computer
• Allow:
• Compose, send, receive, and download e-mail messages, • Manage mailboxes
• Microsoft Outlook: Windows
• Mozilla Thunderbird: Cross-platform
• Webmail
●
It allows you to access email without installing a specific client, only using a web browser. • Messages are
composed directly on the server.
20
� MAIL CLIENTS(2)
Advantages:
• Allows you to access the email service regardless of where and what type of device you connect with
• No email client to install or update
• Mail can be accessed even if you don't allow configuring the client application (public places)
Disadvantages:
• It is necessary to have an Internet connection even if it is to read old messages
• If the account is free, you will be exposed to unwanted ads
• When service is lost due to provider closure, password forgetting or breach of contract, emails are lost.
� SECURITY AND VULNERABILITIES
• SPAM
• In principle, security was not so important: any server accepts requests from any source.
• Characteristics:
• Anonymous: does not forward the sender's real email address or uses someone else's to hide their identity. • Duplicative: the email
received is part of a mass mailing whose content is similar. (By example, only the name and surname changes)
Types:
• Unwanted advertising: they have commercial purposes. They do not usually cause damage or theft of information.
• Hoax (hoax): includes fake news that requests the user's collaboration to forward it to the as many contacts as possible. Its purpose is to
collect email addresses.
• Phishing: making a user believe that the email that is sent to them apparently comes from a legitimate entity. Its purpose is to capture
sensitive information.
22
� SECURITY AND VULNERABILITIES
• To avoid falling into the trap of SPAM, you have to:
• Not to respond to any requests for personal information received via email.
• Hyperlinks in any email should not be clicked on, even if it comes from a known user. You can type it
directly into the address bar.
• The email address must not be made public.
• If you do so, @ can be replaced by "at" to prevent it from being collected by robots or programs designed
to recognize email addresses included in web pages.
• Ignore messages that request to be forwarded.
• Do not respond to junk mail or spam.
• Check if the connection is secure by appearing https in the browser addresses.
23
