SMTP
When you press the SEND button on your email client it appears simple and straightforward. In actuality, a series of events occurs which causes the message to be transferred from your client (Outlook, Outlook Express, Eudora, Netscape or whatever) to the destination.
Most email on the internet is send using a protocol (the rules for communicating) called Simple Mail Transfer Protocol (SMTP for short). This is defined in a document called RFC 821; it specifies how to communicate with an SMTP mail server.
What happens when you press send is described below. Text sent by the email client is underlined.
-
Your email client connects to the SMTP server (which is defined by you when you set it up). It usually uses port 25.
-
The email client will print a header to confirm it is, indeed, an email server running SMTP.
220 rglapache SMTP NAVIEG 2.1 bld 63; Thu, 17 Oct 2002 09:18:30 -0700
-
Your email client will now get the attention of the SMTP server. It can do so with a "HELO" or an "EHLO" command. HELO is standard SMTP, and EHLO is extended and more or less asks the SMTP server to identify which advanced functions it supports.
HELO localhost
-
The SMTP server responds to let the client know it is alive, well and waiting for commands.
250 rglapache Hello
-
The client identifies who the email is from using the "MAIL FROM:" command.
MAIL FROM: test@testingsmtp.com
-
The SMTP server responds with a confirmation that it's okay to continue.
250 <test@testingsmtp.com>... Sender ok
-
Now the client informs the SMTP server who the email is to be sent to using the "RCPT TO:" command. More than one of these commands may be used to send to more than one recipient.
RCPT TO: richlowe@internet--tips.net
-
The SMTP server responds that this is okay:
250 <richlowe@internet-tips.net>... Recipient ok
-
The client sends the command "DATA" to tell the SMTP server it will now send the message. After that, text is sent, line by line, until the entire message has been transmitted. The message is ended with a "." on a line all by itself.
DATA
354 Enter mail, end with "." on a line by itself
Message-Id: <02101708262848@testingsmtp.com>
From: test@testingsmtp.com
To: richlowe@internet--tips.net
Subject: This is a test of SMTP
This example shows how SMTP works. Pretty nifty, isn't it?
.
You should note from the above that the "Message-id", "To:" and "Subject:" (as well as others such as "Cc:", "Bcc:" and so on) are sent to the email server as part of the message data. These are what displays as the "Subject" and "To" when you open the email. Note that the actual recipient and who the email is from is sent BEFORE the data.
The implication is that since these are part of the message they can be forged. In fact, that is exactly what spammers and some of the newer viruses do. Klez, for example, chooses a random email address for the "From:" and "To:" fields, making it appear that someone else has sent the message.
-
The SMTP server replies that this is fine and will be delivered.
250 M2002101709193007556 Message accepted for delivery
-
The client can either start another message or quit using the "QUIT" command.
And example of a full session to send an email is shown below.
220 rglapache SMTP NAVIEG 2.1 bld 63; Thu, 17 Oct 2002 09:18:30 -0700 HELO localhost 250 rglapache Hello MAIL FROM: test@testingsmtp.com 250 <test@testingsmtp.com>... Sender ok RCPT TO: richlowe@internet--tips.net 250 <richlowe@internet--tips.net>... Recipient ok DATA 354 Enter mail, end with "." on a line by itself Message-Id: <02101708262848@testingsmtp.com> From: test@testingsmtp.com To: richlowe@internet--tips.net Subject: This is a test of SMTP This example shows how SMTP works. Pretty nifty, isn't it? . 250 M2002101709193007556 Message accepted for delivery QUIT |
This is all very easy to see, as you can do it all from a standard TELNET
client. Just connect to an email server on port 25 and type the commands by
hand. How do you get to TELNET? Simply invoke it from the CMD prompt or RUN
as shown to the left. You can then enter the commands to the SMTP server to
send an email.