Table of Contents
Protocols
Transfer Protocols
- Send e-mail: SMTP
- Receive e-mail: POP3, IMAP
SMTP
- SMTP: Simple Mail Transfer Protocol
- OSI Layer: Application Layer
- Port: 25 (default, insecure), 2525 (insecure), 587 (secure with TLS) & 465 (deprecated, secure with TLS)
- TCP/UDP: TCP
- Only used to send e-mails
- from sender to sender’s mail server
- from sender’s mail server to receiver’s mail server
- It is a ‘Push Protocol’ as it is used to send data.
- Uses TCP, so it is a connection oriented protocol.
POP3
- POP3: Post Office Protocol 3
- OSI Layer: Application Layer
- Port: 110 (insecure) & 995 (secure with TLS)
- TCP/UDP: TCP
- Only used to receive e-mails from receivers’s mail server to receiver.
- It is a ‘Pull Protocol’ as it is used to receive data.
- Uses TCP, so it is a connection oriented protocol.
- Does not provide synchronization of e-mails and folders.
- One e-mail delivered to one of receiver’s devices, the e-mail is deleted from the server. (It can be configured to prevent this though.)
IMAP
- IMAP: Internet Message Access Protocol
- OSI Layer: Application Layer
- Port: 143 (insecure) & 993 (secure with TLS)
- TCP/UDP: TCP
- Only used to receive e-mails from receivers’s mail server to receiver.
- It is a ‘Pull Protocol’ as it is used to receive data.
- Uses TCP, so it is a connection oriented protocol.
- Provides synchronization of e-mails and folders.
- The e-mail is kept on the server and local copies are cached on devices as well.
Utility Protocols
MIME
- MIME: Multipurpose Internet Mail Extensions
- Supplementary/add-on protocol to the e-mail transfer protocols.
- e-mail transfer protocols can inherently only transfer normal text (NVT 7-bit ASCII) data, but it uses the MIME to extend its capabilities.
- MIME allows the user to send audio, video, image and other types of files via e-mail. It also helps support different languages like German, French, etc. that don’t follow the 7-bit ASCII format.
- Converts files to the NVT 7-bit format for sending them and parses them back to their original format on the other end.
- Although MIME was created for SMTP, it can be used with POP3, IMAP and HTTP as well.
- MIME headers
Mime-Version: 1.1Content-Type: media-type/media-subtype(Eg:text/html,multipart/form-data,image/png,video/mp4,text/css,audio/mp3, etc.)Content-Transfer-Encoding(Values:7bit,8bit,base64, etc.)Content-IdContent-Description
An e-mail MIME header :point_down:
Security Protocols
PGP
- PGP: Pretty Good Privacy
- Read more
S/MIME
- S/MIME: Secure/Multipurpose Internet Mail Extensions
- Provides security (authentication and encryption) for e-mails.
- Main functions
- Digital signature (authentication and non-repudiation)
- Encryption (integrity and confidentiality)
Sending an Encrypted and Signed e-mail
NOTE:
- Instructions in the e-mail assignment.
- Read about PGP in cryptography.md.
- Tools
- Gmail
- GPG (command line)
- Plan of action
- Generate a keypair that will be used for encryption and signing.
- Import the other person’s public key into GPG.
- Prepare plaintext data.
- Sign and encrypt the plaintext data to get the signed ciphertext.
- Send the signed ciphertext and your public key in the e-mail to the other person (the receiver).
- Process writeup
Resources
- Explained from First Principles: e-mail
- Working of e-mail infrastructure
- SMTP
- How SMTP Works (Hindi)
- What is SMTP
- What SMTP Port Should I Use?
- MIME (Hindi)
- POP3 and IMAP
- e-mail security
- Misc