Test Altospam’s solutions!
Thousands of companies, CTOs, CIOs, CISOs and IT managers already trust us to protect their e-mail against phishing, spear phishing, ransomware, …
How do e-mail exchanges work on the Internet?
by Stephane
Simple Mail Transfer Protocol
The SMTP protocol (Simple Mail Transfer Protocol) is the basis of all e-mail exchanges. Developed in the 80s, it is now one of the most widely used protocols in the world, and is maintained by the IETF (Internet Engineering Task Force, a working group that helps define Internet protocols). In its current version, it is defined by RFC 5321, which details the methods and codes to be used in communications between mail servers.
How do I find the destination server?
When you send a message, it’s via a MUA (Mail User Agent), more commonly known as a “mail client” (Outlook, Thunderbird or webmail). It allows you to compose the message (content and layout), with the information needed to send it (sender, recipient, etc.).
The customer then forwards the e-mail to the MTA (Mail Transfer Agent), the mail server that sends the message to the recipient(s). To do this, it first searches for the address of the server managing the recipient domain’s mailbox. This information is publicly available via DNS (Domain Name Service) and MX (Mail eXchange) fields.
Here’s an example of a DNS query to determine the mail server managing “orange.fr”.
# host -t MX orange.fr orange.fr mail is handled by 10 smtp-in.orange.fr.
How does SMTP work?
Now that the MUA knows the address of the destination server, it can start the SMTP protocol dialog. It consists of 4 compulsory stages:
– HELO”: Initializes the connection.
– MAIL FROM”: Indicates the address of the message sender.
– RCPT TO”: Indicates the address of the message recipient.
– DATA”: Provides the content of the message itself: headers, text, any images and/or attachments.
Other commands are available, but are optional. For example, “SIZE”, which asks the recipient server for the maximum message weight allowed.
Each of these steps must be validated by a return code from the receiving server: “Accept”, to continue, or “Error”, to stop. At the end of the entire communication, if all steps have been validated, a success code (“250”) will be issued. If this is not the case, an error code, more or less explicit, will justify the communication failure.
The limits of the SMTP protocol
Today, the SMTP protocol is widely used. It is virtually impossible to replace it with a new, more efficient protocol, for reasons of compatibility. However, it has a number of shortcomings: for example, it is only possible to transfer text via SMTP, and it cannot handle fonts, images or attachments. To compensate for this, extensions have been introduced, such as the MIME protocol, which encodes these various elements in a data format that can be easily used by the SMTP protocol.
On the other hand, SMTP is not a very secure protocol. In particular, it does not include any mechanism for verifying the identity of the sender.
That’s why it’s essential to protect yourself from the various threats associated with e-mail: spam, viruses (malware, ransomware, etc.), phishing and other scams (fovi, scams, etc.).
There are some very effective solutions for this, which we offer with Altospam. They are assembled and implemented transparently, so that you only receive legitimate messages on your server(more information).
