Mail Protocols

“DATA NETWORK” FOR JTOs PH-II : SMTP

Mail Protocols
Introduction

Mail service is perhaps the most widely used application on the Internet.
Several protocols for mail service are available, but the most widely used is
the Simple Mail Transfer Protocol (SMTP). Because of large number of
mobiles and workstation users on the Internet, other support protocols, such
as POP3 (Post Office version 3) and IMAP4 (Internet Message Access
Protocol version 4), have also been developed.

Simple Mail Transfer Protocol (SMTP)

SMTP enables ASCII text messages to be sent to mailbox on TCP/IP hosts

that have been configured with mail services. Figure 13.3 shows a mail
session that uses SMTP. A user who wants to send mail interacts with the
local mail system through the user agent (UA) component of the mail system.
The mail is deposited in local mail outgoing mailbox. A sender-SMTP process
periodically polls the outgoing box, and when the process finds a mail
message in the box, it establishes a TCP connection with the destination host
to which mail is to be sent. The receiver-SMTP process running in the
destination host accepts the connection, and the mail message is sent to that
connection. The receiver-SMTP process deposits the mail message in the
destination mailbox on the destination host. If there is no mailbox with the
specified name on the destination host, a mail message is sent to the
originator. This message indicates that the mailbox does not exist. The
sender-SMTP and receiver-SMTP processes that are responsible for the
transfer of mail are called message transfer agents (MTA).

Mail addresses that are used in SMTP follow the RFC 882 standard. The mail
header is often referred to as 882 headers. An example of an 882 address is
the following:

KSS@SHIVS.COM

The test string before the @ symbol specifies the mailbox name, and the text
string after the symbol specifies the host name. If the mailbox name contains
special characters, such as %, the mailbox name contains a special encoding
that is used by mail gateways. In the mail address of KSS@SHIVA.com, the
text string KSS is the name of the mailbox on host SH IVA.COM.

If you want to send non-text message, such as binary files, audio, or images,
by using SMTP, you can encode the message as a text message by using the
UUENCODE utility that is available on many systems. The receiver will have
to decode the encoded message by using a utility called UUDECODE.

Another way of sending non-text message is to use the MIME protocol. MIME
(Multipurpose Internet Mail Extensions) is described in RFCs 1896 RFC2046
and RFC2049. MIME is used to encode different content types, such as plain
text, richly formatted text, image, audio, video, HTML documents, and so on
(see fig. 13.4).

BRBRAITT Nov-2006 2
“DATA NETWORK” FOR JTOs PH-II : SMTP

Figure 13.4 MIME message. (Courtesy Learning Tree)

Message RFC-822
header

Text

Audio
Message MIME RFC-1341
body
Image

Video

MIME message bodies can have nested contents, and MIME user agents can
select among alternative representations of contents. For example, if a
"dumb" terminal --- which does not have the capability to display an
audio/video message -- is used, the terminal can display the text portion of
this message. Another Useful feature of MIME is that it can use a pointer to
reference data that is stored elsewhere. For example, the pointer can refer to
a document on an FTP site. This process prevents the necessity of including
the document to every mail message that is sent out on a mail distribution list.
Only users that are interested in the document on the FTP site have to
retrieves this document.

Table 13.3

SMTP Sender (client) Commands for a Minimal Implementation

Command Meaning

HELO sender This command is a connection request from a

sender SMTP.

MAIL FROM : from address This command is used to initiate a mail

transaction in which the mail data is delivered
to one or more mailboxes.

RECP TO : send to This command is used to identify an individual

recipient of the mail data. Multiple recipients
are specified by multiple use of this
command.

DATA The receiver treats the line following the

command as mail data from the sender. The
mail data is terminated by a line containing
only a period, as in the character sequence

BRBRAITT Nov-2006 3
“DATA NETWORK” FOR JTOs PH-II : SMTP

<CRLF> <CRLF>.

QUIT This command specifies that the receiver

must send an OK reply and then close the
connection.

RESET This command specifies that the current mail

transaction is to be aborted.

NOOP This is a no operation command. It specifies

no other action than that the receiver send an
ok reply. This command can be used as a
diagnostic aid to check whether the receiver
responds with an OK reply.

Table 13.4

Example SMTP Receiver (Mail Server) Commands

Command Meaning

250 Requested mail action OK, completed.

251 User not local; will forward to <forward-path>.

450 Requested mail action not taken: mailbox unavailable.
For example, mailbox is busy.

550 Requested action not taken: mailbox unavailable.

451 Requested action aborted: error in processing.

551 User not local; please try <forward-path>.

452 Requested action not taken; insufficient system

storage.

552 Requested mail action aborted: exceeded storage

allocation.

553 Requested action not taken: mailbox name not allowed.

For example, mailbox syntax may be incorrect.

354 Start mail input; end with <CRLF> <CRLF>.

554 Transaction failed.

Figure 13.5 shows an SMTP session that uses some of these commands.
Notice that in this example, mail is being sent from the user kss@scs.psi.com
identified by the MAIL command.

BRBRAITT Nov-2006 4
“DATA NETWORK” FOR JTOs PH-II : SMTP

Figure 13.5 Example SMTP session showing SMTP commands.

(Courtesy Learning Tree)
_____________________________________________________________
__
Example SMTP session

S: HELO machine
R: HELO machine, pleased to meet you

S: MAIL FROM: kss@scs.psi.com

R: 250 OK

S: RCPT To: jones@scs.psi.com

R: 250 OK

S:
R:
RCPT To: bob@ltree.psi.com
550 No such user here } User bob does not have a
mailbox at ltree.psi.com

S: RCPT To: john@ltree.psi.com

R: 250 OK

S: DATA
R: 354 Start mail input: end with <CRLF> <CRLF>
S: message text
S: message text
S: message text_etc
S: <CRLF> <CRLF>
R: 250 OK

R = SMTP receiver
S = SMTP sender

The mail is being sent to jones@scsi.psi.com and bob@ltree.psi.com. Note

that the mailbox bob@ltree.psi.com does not exist, so an error message (550
status code) is returned to indicate that there is no such user. The mail server
responds to all other commands with a status code of 250.

SMTP-related standards document are described in table 13.5

Table 13.5

SMTP-Related Standard RFCs

BRBRAITT Nov-2006 5
“DATA NETWORK” FOR JTOs PH-II : SMTP

Protocol Name Status RFC# STD#

SMTP Simple Mail Transfer Rec 821 10

Protocol
SMTP-SIZE SMTP Service Ext for Rec 1870 10
Message Size
SMTP-EXT SMTP service Rec 1869 10
Extensions
MAIL Format of Electronic Rec 822 11
Mail Message

Post Office Protocol Version 3 (POP3)

SMTP expects the destination host --- the mail server receiving the mail --- to
be online; otherwise, a TCP connection cannot be established with the
destination host. For this reason, it is not practical to establish an SMTP
session with a desktop for receiving mail because desktop workstations are
often turned off at the end of the day.

In many network environments, SMTP mail is received by a SMTP host that is

always active on the network (see fig. 13.6). This SMTP host provides a mail-
drop service. Workstations interact with the SMTP host and retrieves
messages by using a client/server mail protocol, such as POP3 (Post Office
Protocol version 3) described in RFC 1939. POP3 uses the TCP transport
protocol, and the POP3 server listens on its well-known TCP port number
110.

Although POP3 is used to download messages from the server, SMTP is still
used to forward messages from the workstation user to its SMTP mail server.
Table 13.6 through 13.8 list the POP3 command based on the RFC 1939
specification. Although the USER and PASS commands (see table 13.7) are
listed as optional commands in RFC 1939, most POP3 implementations
support these commands. The reason why USER/PASS can be regarded as
optional is because they can be replaced by the MD5 (Message Digest
version 5) authentication method used in the APOP command.

Figure 13.6 POP3 client/ server architecture.

(Courtesy Learning Tree)

BRBRAITT Nov-2006 6
“DATA NETWORK” FOR JTOs PH-II : SMTP

POP3 server

110
SMTP
TCP
POP3
client
IP

TCP/IP
TCP
Internet

IP
User agent

• Message Transfer Agent (MTA) is run on a computer with more

resources than that available to the workstation.
-- offers a “maildrop” service to smaller nodes, such as workstations

• POP3 provides dynamic access to maildrop server.

BRBRAITT Nov-2006 7
“DATA NETWORK” FOR JTOs PH-II : SMTP

Table 13.6

Required POP3 Commands

Command Meaning

STAT This command is used to specify a positive response

consisting of +OK followed by a single space, the number
of messages in the mail drop, a single space, and the size
of the mail drop in octets. Example response: +OK msgid
size.

LIST (msg) When a message number is specified, the POP3 server

returns the scan listing for the message, such as its
message number and size. When no message number is
specified, a positive response is returned; and then the
response goes multiple, where each line contains a scan
listing of all messages waiting at the mailbox.

RETR msg This command is used to retrieve a list of messages

waiting for the user mailbox at the POP3 server. The POP3
server issues an initial positive response of +OK, and
then the response given is multiline. After the initial +OK,
the POP3 server sends the multiline message
corresponding to the specified message number. If a
message cannot be found, the +ERR response is returned.

DELE msg This command marks the specified message as deleted.

NOOP This command means No Operation. The POP3 server

does nothing; it merely replies with a positive response of
+OK. This command can be used as a diagnostic to check
whether the POP3 connection is OK.

RSET This command unmarks any messages that have been

marked as deleted by the POP33 server. The POP3 server
then replies with a positive response of +OK. Example
response: +OK mail drop has 3 messages (430 octets)

QUIT The POP3 server removes all messages marked as

deleted from the mail drop and issues the following replies
to the status of this operation: +OK or -ERR. The POP3
server releases any exclusive- access lock on the mail
drop and closes the TCP connection.

Table 13.7

BRBRAITT Nov-2006 8
“DATA NETWORK” FOR JTOs PH-II : SMTP

Optional POP3 commands

Command Meaning
USER name This command is used to specify the name string to
identify a mailbox.

PASS string This command specifies a server/mailbox-specific

password for the user name.

TOP msg n The POP3 server sends an +OK response followed by the
headers of the specific message, msg, than a blank line
followed by n lines in the indicated message body. If the
number of lines requested by the POP3 client is greater
than the number of lines in the message body, the POP3
server sends the entire message.

UIDL [msg] This command is used to return a unique identifier listing

(UIDL) for the message. The POP3 server sends an +OK
response with a line containing information for that
message. This line is called a unique ID listing for that
message. If no argument is given, the POP3 server issues
a +OK positive response and then the response goes
multiline. After the initial +OK for each message in the mail
drop, the POP3 server responds with a line containing
information for that message. A UIDL consists of a
message number of the message followed by a single
space and then the unique ID of the message.

APOP name digest The name in a string that identifies the mailbox, and digest
is the MD5 (Message Digest version 5) digest string. This
command is used to provide an alternative authentication
method to the normal USER/PASS exchange, which is
sent as clear as text. The APOP authentication method
provides for both origin authentication and reply
protection. More importantly, with APOP, the password is
not sent in the clear over the network.

BRBRAITT Nov-2006 9
“DATA NETWORK” FOR JTOs PH-II : SMTP

Table 13.8
POP3 Server Replies

Command Meaning

+OK Command was executed correctly

-ERR Command execution resulted in error

Figure 13.7 shows a simple interaction between a POP3 client and a POP
server. The interaction uses some of the commands listed in table 13.6
though 13.8.

Figure 13.7 POP3 sample session. (Courtesy Learning Tree)

Example POP3 Session

S: <wait for connection on TCP port 110>

C: <open connection> Connection

S: +OK dewey POP3 server ready (comments to: state
PostMaster @ UDEL.EDU)

C: USER kss
S: +OK kss is a real happy frood
C: PASS mypassword Authorization
S: +OK kss’s maildrop has7 messages (1729 octets) state

C: STAT
S: +OK 7 1729
C: LIST Transaction
S: +OK 7 messages (1729 octets) State
S: 1 340 msgid
S: 2 512 message size • STAT
: • LIST msg
S: 7 59 • RETER msgid
S: <CR>•<LF> Multiline termination • DELE msgid
C: RETR 1
S: +OK 340 octets . POP3 server sends message 1
S: <CR>•<LF>
C: QUIT
S: +OK dewey POP3 server signing off Update
C: <close connection> state
S: <wait for next connection>

S = POP server
C = POP3 client

BRBRAITT Nov-2006 10
“DATA NETWORK” FOR JTOs PH-II : SMTP

This simple POP3 session shows that the POP3 session initially enters into a
connection state. In this connection state, the TCP connection with the POP3
server is established. Next, the POP3 session enters into the authentication
state. In this state, the user must provide a user name and password to be
authenticated by the POP3 server. In earlier POP3 implementations, the user
name and password authentication information is sent to clear text and is
susceptible to compromise, which means that someone examining the POP3
packet can trace & discover the user name and password combination. In
POP3 as specified in RFC 1939, an alternative, more secure authentication
method based on MD5 can be used.

After the user has been authorized, the POP3 session enters the transaction
state. In the transaction state, a number of commands --- such as STAT, LIST,
RETR, DELE, RSET, and so on --- can be issued. In figure 13.7, the POP3
client issues a STAT command, and the server returns the number of
messages with a total size (1,729 octets) of these messages. The POP3
client then uses the LIST command to ask for a list of all the messages. The
POP3 server returns the message numbers for each message and its
corresponding size. The client then issues the RETR command and specifies
each message identifier that is to be downloaded. Depending on the setting
at the POP3 client, the POP3 client may issue a DELE command to delete a
message that has been retrieved.

After the message has been downloaded, the POP3 session enters the
update state. In the update state, the POP3 client issues a QUIT command to
close the connection. Both POP3 client and POP3 server may then update
their internal states to reflect the new count of messages in their respective
mailboxes. The TCP connection is then closed.

BRBRAITT Nov-2006 11