SMTP Security Manual-Theoretical Basis

Source: Internet
Author: User
Tags domain list telnet program

SMTP protocol Principle

SMTP-Simple Mail Transfer Protocol) is a Protocol that defines Mail transmission. It is based on the TCP application layer Protocol, defined by RFC0821. The commands specified by the SMPT protocol are in plaintext. To illustrate how SMTP works, we will describe it by sending an email to www.linuxaid.com.cn.

In linux, use "telnet www.linuxaid.com.cn 25" to connect to port 25 of www.linuxaid.com.cn (standard SMTP Service port). In windows, use the telnet program and set the remote host to www.linuxaid.com.cn, while the port number is specified as 25 and then connected to www.linuxaid.com.cn: The interaction process is as follows:

[lix@ns lix]$ telnet www.linuxaid.com.cn 25  

Trying 202.99.11.120... 

Connected to www.linuxaid.com.cn. 

Escape character is '^]'. 

HELO ideal 
220 www.linuxaid.com.cn ESMTP Sendmail 8.10.2/8.10.2; Mon,

18 Sep 2000 13:40:44 

+0800 

250 www.linuxaid.com.cn Hello [210.12.114.130],

pleased to meet you 

MAIL FROM:ideal@btamail.net.cn 
250 2.1.0 IDEAL@btamail.net.cn... Sender ok 

RCPT TO:ideal@linuxaid.com.cn 

250 2.1.5 ideal@linuxaid.com.cn... Recipient ok 

DATA 
354 Enter mail, end with "." on a line by itself 

hello , Pls to get to meet u :) good luck 

250 2.0.0 e8I5j1M11204 Message accepted for delivery 

QUIT 
221 2.0.0 www.linuxaid.com.cn closing connection 

Connection closed by foreign host. 

The simhei part is the input command, and the other content is the status information output by the recipient's email server.

Here, HELO is a command sent by the customer TO the recipient's email server TO identify itself. Here we assume that the sender is ideal; mail from command is used TO indicate the sender's email address; rcpt: identifies the recipient's email address, which indicates that you want TO send a mail TO the ideal@linuxaid.com.cn, if the recipient is not a local user, such as rcpt to: ideal@btamail.net.cn, it means you want the recipient's email server TO forward (Relay) for itself) email. If this machine allows such Email Forwarding, it indicates that the email server is open relay; otherwise, it indicates that RELAY is not allowed; DATA indicates that the following is the DATA part of the email, after the input is complete ". "The starting row is the end identifier of the Data part. QUIT indicates that the session is exited and the mail is sent.

This is a simple process of sending mail sessions. In fact, when using outlook express and other customer software to send emails, the background interaction is also like this. Of course, SMTP defines many commands and regulations to handle complex mail sending situations, such as attachments. You can refer to RFC821 for details.

When a friend of yours sends an email to you, his email server communicates with your email server through the SMTP protocol, send the email to the email server indicated by your email address. Assume that your local email server is in Linux. If you log on to the email server directly through telnet, you can use customer software such as mail to read emails directly, but if you want to use local MUA (Mail User Agent, such as outlook express and other customer software) to read emails, then, the local client interacts with the mail server through POP3 or IMAP protocol and transmits the mail information to the client (for example, win98 system ). If you reply a letter to your friends, the MUA you use also communicates with the mail service through the SMTP protocol, which is generally the email address corresponding to the mail address, instruct the email server to help forward an email to the email server specified by your friend's email address. If the local email server allows you to forward emails through it, the server sends emails to the recipient's email server through SMTP protocol. This is the entire process of receiving and sending emails.

What is mail Relay?
Generally, an email server has one or more domain names (these domain names should appear in a configuration file). When running, the mail server listens to port 25 and waits for a remote email sending request. Other mail servers on the network or MUA (Mail User Agent, such as outlook express and foxmail) sending emails will connect to port 25 of the mail server and send emails, the SMTP session process generally starts from remotely identifying your identity. The process is as follows:

HELO remote. system. domainname
250 qmailserver. domain

Mail from: user@somewherer.net
250 OK

Rcpt to: user1@elsewhere.net
The domain name in the recipient's user1@elsewhere.net is not necessarily the local domain name of the email receiving server, that is, the Mail may not be the recipient of the above Protocol interaction, instead, the mail sender wants to receive the mail server to help it forward the mail. At this time, the local system may have two answers:

250 OK

Or refuse to accept it:

553 sorry,. that domain isnot in my domain list of allowed recphosts

In the first case, the local mail server allows relay. It receives and agrees to pass a destination address that is not a local mail; in the second case, it does not receive non-local mail.

Why cannot I configure the email server as open relay?

If the system administrator sets his email server to open relay, some spam senders will use your email server as a relay station for forwarding self-forwarded emails, this will enable the recipient of spam to point at you, which may lead to retaliatory email bombs. Spam can also consume a lot of your resources and occupy your bandwidth. Even worse, your name may be blacklisted and become a target shared by other Email recipients. Your email will be rejected by these recipients.

Therefore, the system administrator should be careful not to make the email server open relay.


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.