Mail Protocols

Now that we've seen how the mail process works, let's look at some of the protocols that are used to tie everything together. First we need to be aware that while there are a number of different mail protocols, we are primarily referring here to what's commonly known as "Internet mail"that is, TCP-based Simple Mail Transfer Protocol (SMTP) mail.

We'll also briefly describe some of the "surrounding" protocols that help to make mail retrieval possible on non-SMTP servers. While these aren't bundled with the operating system, they are used often enough to make it worthwhile documenting them here.

Simple Mail Transfer Protocol

Let's start with the SMTP. The program that uses this protocol is named /usr/lib/sendmail and is the main component used by the MTA to send mail. Its task is to listen on port 25 for any incoming connections. These could be from an MUA or another MTA that is trying to forward mail. When a connection is established, the client should supply enough information to "address" the mail and deliver it to either a local user (via an MDA) or a remote one (via the remote MTA).

SMTP is a relatively simple protocol that expects to receive a command and issue a three-digit code in return. This is used to indicate the status of the command.

We can emulate an SMTP session by using telnet to connect to the correct port (25). The following example shows how to introduce ourselves to the server, enter the envelope details, and follow this with the data. We can see the server accept the mail and generate a message ID for it:

[View full width]
 hydrogen# telnet smtp_server.some-corp.com 25 <lines removed for clarity> 220 smtp_server.some-corp.com ESMTP Sendmail 8.9.3+Sun/8.9.3; Wed, 19 Dec 2001 09:04:30  GMT HELO harrysmachine.some-corp.com 250 some-corp.com mail from:harry.king@some-corp.com 250 Sender <harry.king@some-corp.com> Ok rcpt to: jim.davies@destination.com 250 Recipient <jim.davies@destination.com> Ok data 354 Enter mail, end with "." on a line by itself Subject: Re Design Timetable Hi Jim, Thanks for the letter earlier--I'll work on the design timetable and get it to you asap. Regards, Harry . 250 TAA17372 Message accepted for delivery quit hydrogen# 

This example uses the "standard" SMTP protocol. We know this because the user (or MUA) introduced itself using the "HELO" keyword. We can also see that sendmail indicates that it supports ESMTP, which is an "enhanced" version of SMTP (it displays ESMTP in the welcome banner). We can use this instead by simply introducing ourselves with the correct keyword ("EHLO"), as shown here:

[View full width]
 hydrogen# telnet smtp_server.some-corp.com 25 220 smtp_server.some-corp.com ESMTP Sendmail 8.9.3+Sun/8.9.3; Wed, 19 Dec 2001 09:04:30  GMT EHLO harrysmachine.some-corp.com <lines removed for clarity> hydrogen# 

Relaying

When an MTA sends mail to another MTA, it is said to be acting as a mail relay. This is a normal, valid function of the MTA and is perfectly valid in some situations. For example, many administrators will allow mail to be relayed as long as it involves a local user. In other words, they will allow either of the following tasks:

• Local users sending mail externally

• External users sending mail to a local user

However, if you are accepting mail from a remote user and forwarding it to another remote user, you are acting as a third-party relay. This is usually a very bad idea (although there are machines that may have a perfectly valid reason for acting as a third-party relay). Machines configured this way are sought by people wanting to send junk mail (known as "spam"), since it allows them to use your machine to process and send out bulk mail on their behalf. Apart from the fact that someone else is using your machine, you will quickly be recognized as an "open relay" and blacklisted so that any remote MTAs will simply reject any mail coming from you.

If the mail server is allowed to relay, make sure you are controlling it correctly. For example, the file /etc/mail/relay-domains can be configured to list the domains that are allowed to relay. It's worth checking that your MTA is working correctly after you've finished configuring ita number of Internet sites offer a service to check whether your machine is acting as an open relay.

Other Issues

Several other issues are based around catching spam mail. For example, many MTAs allow further checking of the messages in an attempt to deny junk mail. A few examples of what they look for are listed here:

• Receipt harvesting programs that interrogate the MTA, trying to obtain a list of valid recipients

• User logins programs that interrogate the MTA, trying to find valid local user names

• Numerous connections programs that make lots of connections to an MTA, trying to bring the service down

Post Office Protocol

Good. Now we know how to send mail, so let's move on and look at ways it can be read (besides using mail.local).

Sometimes it may not be possible to run an SMTP server on a machinemaybe it doesn't have enough resources, or perhaps the operating system does not include the required software. Whatever the reason, this could prove to be a problem if we need access to a mailbox. The Post Office Protocol (POP) was designed to get around this by allowing machines such as these to access a mailbox on an SMTP server.

Let's look at a practical example of this. We'll assume that Jim Davies (to whom we sent the example letter earlier) works on a laptop most of the time. While it doesn't contain an SMTP server, it does have a mail client (MUA) that allows him to manipulate his mailboxif he can download it. This leaves him with the problem that his machine cannot accept mail directly, because of its lack of an SMTP server. Instead, it must be sent to the main mail server at "destination.com," where he has a mailbox allocated to him.

If the mail server also supports POP, however, he can use this to download his mailbox. He simply needs to configure his mail client with the correct POP settings that he's been provided with, which could be similar to those shown in Table 20.1.

His mail client will connect to the POP server on port 110, where it will be listening for any connections. Once it has authenticated correctly, it will be able to download the mail to his local system.

POP is very simplistic, with a limited set of commands. The real choices for the user is to list, retrieve, or delete mailthe user cannot create folders or organize it. The example below uses telnet to connect to the correct port (110) and emulate the types of commands that may be used by Jim's mail client to access his mail. We can see that after each command is entered, the POP server replies with either "+OK" or "-ERR," followed by information text:

 hydrogen# telnet pop_server.destination.com 110 <lines removed for clarity> +OK Pop server is ready. user jim +OK please enter your password pass jims_passwd +OK jim has 1 mail messages stat +OK 1 1117 list +OK 1 message (1117 octets) retr 1 +OK 1117 octets Received from: smtp_server.some-corp.com by pop_server.destination.com Reply-To: harry.king@some-corp.com Date: Mon, 22 Oct 2001 11:07:59 GMT To: jim.davies@destination.com From: harry.king@some-corp.com Subject: Re Design Timetable Status: U <lines removed for clarity> Hi Jim, Thanks for the letter earlierI'll work on the design timetable and get it to you asap. Regards, Harry dele 1 +OK message 1 deleted stat +OK 0 0 dele 1 -ERR message 1 already deleted quit +OK bye hydrogen# 

Notice that POP wasn't concerned about the machine that Jim was using to connect in withit's only concerned with authenticating him.

An analogy between POP and "normal" mail would be that your messages are delivered to a central location and sit there until you phoned up to see if there was anything for you. At that oint, it would be delivered to wherever you were currently located. Using this method, you would receive all of your mail OK, but it could be scattered around different locations around the world if you weren't careful!

Internet Message Access Protocol

The Internet Message Access Protocol (IMAP) uses port 143 to provide similar functionality to POP, but takes it a step further by allowing messages to be accessed and manipulated as if they were located on the client machine. Mail administration is included, which means folders can be created and removed, and messages can be moved between them. This can be carried out by the IMAP client either while it's connected or disconnected to the server; in the latter case, the IMAP server will simply synchronize the two at a later date.

Again, using a telnet session to connect to the correct port (143), we can emulate an IMAP session from a mail client. This example assumes the user's name and password are the same as the ones used for the POP connection.

IMAP supports a large subset of commands, which means that sessions can become quite complex. The one below highlights some of the available commands and the syntax involved. It also shows that a short identifier tag precedes each command; we've used "a01" for this example:

 hydrogen# telnet imap_server.destination.com 143 <lines removed for clarity> * OK IMAP4 server ready Thu, 11 Jan 2001 00:08:59 (GMT) a01 login jim jims_passwd a01 OK LOGIN completed a01 select inbox * 257 EXISTS * OK [UIDVALIDITY 979153065] UIDs valid * FLAGS (\Answered \Flagged \Deleted \Draft \Seen) * OK [PERMANENTFLAGS (\* \Answered \Flagged \Deleted \Draft \Seen)] Permanent flags * 257 RECENT a01 OK [READ-WRITE] SELECT completed a01 fetch 1 rfc822 * 1 FETCH (RFC822 {546} <message removed for clarity>  FLAGS (\Recent \Seen)) a01 OK FETCH completed a01 list "" "" * LIST (\Noselect) "/" "" a01 OK LIST completed a01 list "" "*" * LIST () "/" "Inbox" * LIST () "/" "SentMail" * LIST () "/" "Trash" a01 OK LIST completed a01 logout hydrogen# 

The analogy here would be that all your mail is stored at the central post office. They've allocated a filing cabinet for you and you can add or delete folders from it as you wish. You don't need to allocate space for it at your own office, but it's a little slower to work with your mail because it's not local.

Web Mail

While Web mail isn't really a protocol, lots of people use this form of interface to manage their mailbox. Users connect to a URL supplied by their ISP, where they can carry out any tasks they require, such as sending or receiving mail, and even managing their folders and mail options.

The mail messages are entered into the Web interface and dispatched using the Hypertext Transfer Protocol (HTTP) (port 80), where they are transparently passed on to the correct mail protocol, such as SMTP or POP.

The analogy here would be that you are located somewhere in the world, along with a phone number to contact someone on (you may not even be sure where the person is!). You contact the person to see if any mail has been received for you, and if so, the person reads it out to you. If you wish to send any mail, this person will do it on your behalf.

Secure Communication

Secure versions of the above protocols are available. These communicate on the ports listed below:

• SSL-enabled SMTP uses 465.

• SSL-enabled POP uses 995.

• SSL-enabled IMAP uses 993.

These are beyond the scope of this book. Consequently, we won't discuss these in any more detail.

Which Is Best?

Which method you use will depend upon a number of factors, such as the capabilities of the machine, how you wish to access mail, and where you would prefer it to be stored. Table 20.2 summarizes the advantages and disadvantages of each of the different retrieval protocols.