Smtp syntax. Basic SMTP client commands. Managed File Transfers and Network Solutions

As a result of such a session, the letter will be delivered to the addressee [email protected], but will not be delivered to the recipient [email protected], because such an address does not exist.

Additional extensions

Many clients request SMTP extensions supported by the server using the EHLO command from the Enhanced SMTP specification (RFC 1870). HELO is only used if the server did not respond to EHLO. Modern clients can use the ESMTP extension key SIZE to request the maximum message size that will be accepted. Older clients and servers may attempt to transmit excessively large messages, which will be rejected after consuming network resources, including connection time. Users can manually pre-define the maximum size accepted by ESMTP servers. The client replaces the HELO command with EHLO.

smtp2.example.com declares that it will accept a message no larger than 14,680,064 octets (8-bit bytes). Depending on the actual usage of the server, it may this moment do not accept a message of this magnitude. In the simplest case, the ESMTP server will only advertise the maximum SIZE when interacting with the user via EHLO.

SMTP Security and Spam

The original SMTP specification did not include any means to authenticate senders. Subsequently, an extension was introduced in RFC 2554. The SMTP extension (ESMTP) provides a mechanism for email clients to specify a security mechanism for the server, authentication, and SASL (Simple Authentication and Security Layer) security profile for subsequent message transmissions.

Microsoft products implement their own protocol - SPA (Secure Password Authentication) using the SMTP-AUTH extension.

However, the impracticality of widespread implementation and management of SMTP-AUTH means that the spam problem cannot be solved with it.

Extensive modification of SMTP, as well as complete replacement, are considered impractical due to the huge installed base of SMTP. Internet Mail 2000 was one of the candidates for such a replacement.

Spam operates due to various factors, including non-standard MTA implementations, operating system security vulnerabilities (exacerbated by persistent broadband connections), which allow spammers to remotely control the end user's computer and send spam from it.

There are several proposals for side protocols to help SMTP work. The Anti-Spam Research Group (ASRG), a division of the Internet Technology Research Group, is working on mail authentication and other proposals to provide simple authentication that is flexible, lightweight, and scalable. Recent Internet Engineering Task Force (IETF) work includes MARID (2004), which led to two IETF-approved experiments in 2005, and DomainKeys Identified Mail in 2006.

ESMTP extensions

RFC 1869 requires that the session be started with the EHLO command rather than with the HELO command. If the server does not support extensions, it will respond to EHLO with an error; in this case, the client must send the HELO command and not use protocol extensions.

If the server supports ESMTP, then in addition to the greeting it will provide a list of supported SMTP protocol extensions, for example:

Ehlo office.company1.tld 250-mail.company2.tld is pleased to meet you 250-DSN 250-SIZE 250-STARTTLS 250-AUTH LOGIN PLAIN CRAM-MD5 DIGEST-MD5 GSSAPI MSN NTLM 250-ETRN 250-TURN 250-ATRN 250-NO-SOLICITING 250-HELP 250-PIPELINING 250 EHLO

RFC Standards

• RFC 1870 SMTP Service Extension for Message Size Declaration (supersedes RFC 1653)
• RFC 2034 SMTP Service Extension for Returning Enhanced Error Codes
• RFC 2505 Anti-Spam Recommendations for SMTP MTAs (BCP 30)
• RFC 4954 SMTP Service Extension for Authentication (replaces RFC 2554)
• RFC 2822 Internet Message Format (replaces RFC 822 aka STD 11)
• RFC 2920 SMTP Service Extension for Command Pipelining (STD 60)
• RFC 3030 SMTP Service Extensions for Transmission of Large and Binary MIME Messages
• RFC 3207 SMTP Service Extension for Secure SMTP over Transport Layer Security (supersedes RFC 2487)
• RFC 3461 SMTP Service Extension for Delivery Status Notifications (supersedes RFC 1891)
• RFC 3462 The Multipart/Report Content Type for the Reporting of Mail System Administrative Messages (supersedes RFC 1892)
• RFC 3463 Enhanced Status Codes for SMTP (replaces RFC 1893)
• RFC 3464 An Extensible Message Format for Delivery Status Notifications (supersedes RFC 1894)
• RFC 3552 Guidelines for Writing RFC Text on Security Considerations
• RFC 3834 Recommendations for Automatic Responses to Electronic Mail
• RFC 4409 Message Submission for Mail (replaces RFC 2476)
• RFC 5321 Simple Mail Transfer Protocol (supersedes RFC 821 aka STD 10, RFC 974, RFC 1869, RFC 2821)
• RFC 5336 SMTP Extension for Internationalized Email Addresses
• Translation of RFC 2505 - Spam Prevention Guidelines for SMTP MTAs
• Translation of RFC 2554 - SMTP Service Extension for Authentication
• Translation of RFC 5321 - Simple Mail Transfer Protocol (SMTP)

Literature

• Hughes L Internet e-mail Protocols, Standards and Implementation. - Artech House Publishers, 1998. - ISBN 0-89006-939-5
• Hunt C sendmail Cookbook. - O"Reilly Media, 2003. - ISBN 0-596-00471-0
• Johnson K Internet Email Protocols: A Developer's Guide. - Addison-Wesley Professional, 2000. - ISBN 0-201-43288-9
• Loshin P Essential Email Standards: RFCs and Protocols Made Practical. - John Wiley & Sons, 1999. - ISBN 0-471-34597-0
• Rhoton J Programmer's Guide to Internet Mail: SMTP, POP, IMAP, and LDAP. - Elsevier, 1999. -

SMTP is implemented in modern networks TCP/IP standard. Information about the use of the protocol first appeared back in 1982. Despite the fact that the SMTP server can also be used to receive messages, today most email clients use it only for sending, preferring other technologies (for example, POP or IMAP) for receiving information. The protocol is one of the most popular and is used by the overwhelming number of mail programs and servers.

The function of SMTP is to check that the settings and parameters for sending a letter are specified correctly. This protocol verifies the settings of the user’s computer trying to send messages, and then delivers them if all settings have been made correctly. After this, the SMTP work does not end and the server waits for a message about successful data delivery. If a message cannot be delivered for some reason, a corresponding message is sent to the sender.

SMTP setup

Setting up SMTP involves installing the necessary software and determining the server address used for sending. To send from the user side, you need to install a client program that can send letters and communicate with the SMTP server using the TCP/IP protocol. After this, the program is launched and configured to work with the service for sending and receiving mail by specifying the necessary settings. The user then tries to send a message. If the setting is correct, the letter will be delivered to the recipient.

Majority modern services emails already have servers configured to send messages. If you do not use third-party software to send letters, you can send a letter without making additional settings on the service website where you have an account.

Modern SMTP server administrators require users to authenticate before they can send their message. The user must first indicate his login and password on the server, and only then proceed to sending. This protection used to block the possibility of sending spam using simple SMTP protocols. Previously, for identification in SMTP protocol the sender's unique IP address was used.

Dear blog readers, I haven’t written new articles for a long time, but there are objective reasons for this. I am very glad that you continue to comment on my previous articles and remain readers of our blog. I will try to catch up with you in the near future and please you with a lot of interesting and useful articles. Today’s article will be devoted to SMTP servers, which are indispensable in email newsletters messages.

SMTP is a protocol that is responsible for receiving messages originating from the user and transmitting them to a specific recipient. Messages always pass through multiple servers to reach their destination, and SMTP simplifies this procedure.

Let's say you are sending a message to a specific recipient. Your e-mail ID, for example, “user” and you have an account registered at “mail.ru” – “ [email protected]" Address of the recipient - " [email protected]».

When you created an account on the mail.ru mail service, your mail client (for example, Microsoft Outlook) automatically saved account settings. What happens next:

1. The mail client communicates with your Mail.ru mail server via port 25.
2. The mail client communicates with the mail server's SMTP server, providing it with the sender and recipient addresses, and the text of the message.
3. The SMTP server splits the recipient's address into two parts: the recipient's name/login (recipient) and the domain name (gmail.com).
4. The SMTP server “talks” with DNS server (Domain Name Server) and receives information about the IP address of the recipient's SMTP server gmail.com. DNS responds by sending one or more IP addresses SMTP servers, which gmail.com uses.
5. The SMTP server on mail.ru contacts the SMTP server gmail.com via port 25 and sends a message to it. The gmail.com SMTP server determines that the domain name for "recipient" exists on gmail.com and passes the POP3 message to the gmail.com server, which places the message in the recipient's mailbox.
6. If for some reason the SMTP server mail.ru cannot contact the SMTP server gmail.com, then the message is put in the sending queue. SMTP servers often use message senders to resend messages that are in a queue. The message sender will periodically try to send a message that is in the queue. Attempts will be repeated at certain intervals (for example, 15 minutes). After four hours of waiting and trying to send, the program usually sends the sender a letter informing about sending errors. After five days, most sending programs stop trying and return the email to the sender as unsent.

In the case when the source SMTP server (mail.ru) cannot communicate directly with the SMTP server gmail.com, it transmits the message through one or more intermediate relay SMTP servers. In turn, the relay server receives the original message and then sends it to the destination server, or redirects it to another relay server. The process is repeated until the message is delivered, or until the specified time and number of retries have passed to wait for a response from the server.

The SMTP server understands simple text commands. The standard ones are:

HELO – session start

EHLO - start of a session and request for extended mode - ESMTP (If the server does not support extensions, it will respond to EHLO with an error, in this case the client must send the HELO command and not use protocol extensions.)

MAIL FROM: — sender's address

RCPT TO: - recipient address

DATA – data transfer (letters). The “To”, “From” and “Subject” fields should occupy the first three lines

RSET – session reset

QUIT – disconnection

HELP – help (additional information)

VRFY – checking an address for its existence

EXPN – extended address

(SMTP) is a standard for e-mail. Originally documented in RFC 821 (1982), it was last updated in 2008 with expanded additions of SMTP to RFC 5321 (a widely used protocol today).

Although mail servers and other mail agents use SMTP to send and receive e-mail correspondence, user-class software, as a rule, uses SMTP ports only to send data to the server for relaying. Client applications typically use either IMAP or POP3 to receive messages. These protocols are the most convenient and in demand for these purposes: they have advanced functionality and a wide range of capabilities.

Characteristics

SMTP communication between mail servers uses TCP port 25. Mail clients often send outgoing emails to the mail server on port 587. Although legacy mail providers still allow the use of the non-standard port 465 for this purpose.

SMTP connections protected by TLS, known as SMTPS, can be made using STARTTLS technology.

Proprietary and email systems use their own non-standard protocols to access mailboxes on their email servers - all companies use SMTP server ports when sending or receiving email occurs outside of their own systems.

SMTP destination

Almost everything on the Internet is made possible by protocols—special network software rules that allow a computer to communicate with all networks so users can shop, read the news, and send email. Protocols are vital to day-to-day networking—they're built into networking software and used by default.

The SMTP port protocol provides a set of codes that facilitate the exchange of email messages between servers (a networked computer that processes incoming and outgoing email). This is a kind of shorthand that allows the server to break down the different parts of the message into categories that another server can understand. When a user sends a message, it turns into lines of text separated by code words (or numbers) that define the purpose of each section.

Technical terminology

SMTP is a TCP/IP protocol used for working with e-mail. However, since it is limited to the ability to send messages to a queue on the receiving end, it is typically used with either POP3 or IMAP, which allows data to be stored on a server and downloaded when needed. In other words, they usually use an application that selects SMTP for sending e-mail and POP3 or IMAP for receiving correspondence. On Unix-based systems, sendmail is the most widely used SMTP server for email. The commercial Sendmail package includes a POP3 server. Microsoft Exchange includes an SMTP server and can also be configured to support POP3.

SMTP is typically used to operate over Internet port 25. An alternative to SMTP that is widely used in Europe is X.400. Many mail servers now support Extended Simple Mail Transfer Protocol (ESMTP), which allows you to transfer multimedia files in the form of email.

Story

In the 1960s they used different shapes exchange of electronic messages. Users communicated using systems built for specific mainframe computers. As more and more computers became interconnected, there was a need to develop standards to allow users of different systems to send email to each other. SMTP evolved from these standards developed in the 1970s.

Further implementations include the FTP Mail Protocol, starting in 1973. Development work continued into the 1970s until ARPANET became modern Internet in 1980. Then Jon Postel proposed a protocol for transferring mail data.

SMTP began to be widely used in the early 1980s. While this protocol was a Unix add-on for the Unix Copy Program mail program. SMTP works best when the sending and receiving machines are connected to the Internet, use a store and send mechanism, and are examples of push technology.

Mail processing model

E-mail is sent by an email client (Mail User Agent, MUA) to a mail server (Mail Submission Agent, MSA) using SMTP on TCP port 587. Most mailbox providers still allow sending to traditional port 25. MSA delivers mail to your mail agent (mail transfer agent, MTA). Often these agents are instances of generic software activated with various parameters on one computer. Local processing can either be done on a single machine or shared across multiple machines. Processes postal agent one machine can exchange files, but if processing is done on multiple machines, they pass messages between each other using an SMTP port, where each machine is configured to use the next machine as the smart host.

Protocol Overview

SMTP is a text-based, connection-oriented protocol in which the mail sender communicates with the mail recipient by issuing command lines and providing the required data over a reliable, orderly data flow channel. An SMTP session consists of commands issued by the SMTP client (initiating agent, sender, or transmitter) and corresponding responses from the SMTP server (listening agent or recipient). A session may include zero or more SMTP transactions, which consist of three command/response sequences:

In addition to the intermediate response for DATA, the response from each server can be either positive or negative (code 2xx). Negative responses can be permanent (codes 5xx) or temporary (codes 4xx). A rejection is a permanent failure and the client must send a rejection message to the server where it received it. A fall is a positive response followed by a rejection of the message.

Mail SMTP ports and their meaning

SMTP is a delivery protocol only. In normal use, mail is sent to the target mail server, such as the mail port SMTP server. Data is routed based on the destination server rather than the individual users it is addressed to. Other protocols (POP or IMAP) are specifically designed for use by individual users, which receive messages and manage mailboxes. SMTP, POP, and IMAP are not acceptable protocols for relaying mail over computers with intermittent connections. They are designed to operate after final delivery, when information critical to the proper operation of the mail relay has been removed.

Starting an empty message queue

Remote Message Queue Starting is an SMTP feature that allows a remote host to start mail processing on the server so that it can receive messages intended for it by sending the TURN command. However, this feature posed a potential data security risk and was extended in RFC 1985 by the ETRN command, which operates more securely using an authentication method based on Domain Name System information.

International email address

Users whose script is not Latin, or who use diacritics not in the set ASCII characters, experienced difficulties with the requirement for an email address in the Latin alphabet (mail.ru SMTP port). RFC 6531 was created to address this issue by providing internationalization capabilities for SMTP, an extension to SMTPUTF8, and support for multibyte and non-ASCII characters in email addresses. Examples: diacritics and other language symbols (Greek and Chinese). Also relevant for Yandex SMTP port.

Current support for this document is limited at the moment, but there is great interest in widespread implementation RFC 6531 and corresponding RFCs in countries like China that have a large user base where Latin (ASCII) is a foreign script.

Outgoing mail from SMTP server

The email client must know the IP address of its original SMTP server. This must be specified as part of its configuration (usually DNS name). This server will provide outgoing messages on behalf of the user.

Restrictions on access to the outgoing mail server

Server administrators need to impose certain controls on those clients who can use the server. This helps combat abuse and spam. Similar solutions were widely used:

Previously, many systems imposed restrictions on the use of client location, allowing only use by clients whose IP address was one of the server administrators. Use from any other client IP address is prohibited.

Modern SMTP servers usually offer an alternative system that requires clients to authenticate with credentials before allowing access.

SMTP - what port is used?

Communication between mail servers usually always uses the default TCP port value of 25, which is assigned to SMTP. However, email clients usually use specific ports smtp ssl port. Most Internet service providers now block all outgoing port traffic from their customers as an anti-spam measure. For the same reason, businesses typically configure their firewall to allow outgoing ports from designated mail servers.

SMTP transport example

A typical example of sending a message via SMTP to two mailboxes(alice and theboss) located in the same mail domain (example.com or localhost.com) is reproduced in the next exchange session. After the message sender (SMTP client) establishes a reliable communication channel to the message receiver (SMTP server), a session is opened with a server typically containing its fully qualified domain name (FQDN), in this case smtp, example, or com. The client initiates its dialog box by responding with a HELO command identifying itself in the command parameter with its full domain name(or an address literal if not available).

Additional extensions

Clients learn which options the server supports by using the EHLO greeting instead of the original HELO. Clients only fall back to HELO if the server does not support SMTP extensions.

Modern clients can use keyword The ESMTP extension SSRE is for querying the server for the maximum message size that will be accepted. Legacy clients and servers may attempt to transmit oversized messages that will be rejected after using up network resources, including connection time to network links.

Anti-spam methods and email authentication

The original design of SMTP had no way to identify senders or check whether servers were allowed to send on their behalf. As a result, email spoofing is possible, which is commonly used in mail spam and phishing.

Produced Special offers to change SMTP or replace them completely. Internet Mail 2000 is one example of this, but neither it nor any other achieved much success before the network effect of classic SMTP's huge installed base. Instead, mail servers now use whole line methods including DomainKeys, DomainKeys Identified Mail, Policy Framework and DMARC, DNSBLs and greylisting to reject or quarantine suspicious emails.