Simple Mail Transport Protocol is the most widely adopted protocol for e-mail delivery. Simple Mail Transport Protocol (SMTP) was originally designed for a smaller community of users which was assumed to be well behaved and trust worthy. As such no heed was paid towards incorporating security protocols in it. But with its growth, this trust was breached, owing to lack of adequate security mechanism in it. Email is emerging as the one of the most valuable service in internet today. Most of the internet systems use SMTP as a method to transfer mail from one user to another.
Description about SMTP
SMTP stands for Simple Mail Transfer Protocol. This protocol allows transmitting electronic mail over the Internet or any other network. The protocol itself is designed on a character basis. Thus the entire transfer of a mail can be exanimated by a human being without having to decode first the data. This is the reason why mails can be send without major problem using a simple Telnet application. The entire process of sending a mail is describe here using a Telnet application as example base.
Most e-mail systems that send mail over the Internet use simple mail transfer protocol (SMTP) to send messages from one server to another. The mail delivery is a two-stage process that provides for mail instances when the network connection or the remote machine has failed. SMTP. SMTP is an application layer protocol. The client who wants to send the mail opens a TCP connection to the SMTP server and then sends the mail across the connection. The SMTP server is always on listening mode. As soon as it listens for a TCP connection from any client, the SMTP process initiates a connection on that port (25). After successfully establishing the TCP connection the client process sends the mail instantly.
Simple Mail Transfer Protocol (SMTP) is a standard communication protocol for sending email messages on business networks and the Internet. SMTP was originally developed in the early 1980s and remains one of the most popular protocols in use worldwide.
- Internet Engineering Task Force (IETF) – An international organization that creates standards for communicating information over the internet. The protocols that make the World Wide Web and email possible were created and promoted by the IETF.
- Mail client (or email client) – An application used to compose, send, and receive email on a user’s computer or mobile device.
- Multipurpose Internet Mail Extensions (MIME) – An internet standard that expands the capabilities of email sent via SMTP. The original SMTP specification only supported unaccented Latin characters in the body of the email, and did not support non-text attachments. The MIME standard allows for non-Latin characters, non-text attachments, and emails that contain multiple parts (such as a plain text component and an HTML component).
- Open mail relay – An SMTP server that allows anyone on the internet to send email through it, without having to authenticate (such as by providing a user name or password). SMTP servers were originally all open relays, but spammers and other malicious users soon started to abuse them. With very few exceptions, all SMTP servers now require some sort of authentication.
- SMTP Authentication – An extension of the original SMTP protocol that provides methods for email clients to authenticate when connecting to an SMTP server, such as by providing a user name and password. Using SMTP Authentication prevents unauthorized users, such as spammers, from sending email through an SMTP server.
- STARTTLS – An extension to plain text communication protocols (such as SMTP) that provides methods for encrypting connections that use those protocols. Encryption effectively prevents information sent over these connections from being intercepted by third parties.
Because SMTP is an open standard, any application can use the protocol to transmit email from a client to a server. The simple nature and thoroughly-defined rules governing the protocol make it extremely reliable and predictable. At the same time, the protocol was built to allow a great deal of flexibility. For example, the original SMTP specification was designed only to send unaccented Latin text, making it less useful for those who use languages with accented Latin characters, or non-Latin alphabets. And because the protocol has been adopted universally, there are no compatibility issues when sending messages between SMTP servers.
In the SMTP model user deals with the user agent (UA) for example Microsoft outlook, netscape, Mozilla etc. In order to exchange the mail using TCP, MTA is used. The users sending the mail do not have to deal with the MTA it is the responsibility of the system admin to set up the local MTA. The MTA maintains a small queue of mails so that it can schedule repeat delivery of mail in case the receiver is not available. The MTA delivers the mail to the mailboxes and the information can later be downloaded by the user agents.
Figure: SMTP Model
Both the SMTP-client and MSTP-server should have 2 components:
- User agent (UA)
- Local MTA
Communication between Sender and the Receiver:
The senders, user agent prepare the message and send it to the MTA. The MTA functioning is to transfer the mail across the network to the receivers MTA.
Mail is send by a series of request and response messages between the client and a server. The message which is send across consists of a header and the body. A null line is used to terminate the mail header. Everything which is after the null line is considered as body of the message which is a sequence of ASCII characters. The message body contains the actual information read by the receipt.
The user agent at the server side checks the mailboxes at a particular time of intervals. If any information is received it informs the user about the mail. When user tries to read the mail it displays a list of mails with a short description of each mail in the mailbox. By selecting any of the mail user can view its contents on the terminal.
 M. Tariq Banday, “Effectiveness and Limitations of E-Mail Security Protocols”, International Journal of Distributed and Parallel Systems (IJDPS) Vol.2, No.3, May 2011.
 Riabov, V.V., 2005. SMTP (Simple Mail Transfer Protocol). River College.
 “What is SMTP?” available online at: https://aws.amazon.com/ses/what-is-smtp/
 “SMTP – Simple Mail Transfer Protocol”, available online at: http://rvs.unibe.ch/teaching/cn%20applets/Mail_Transfer/smtp.pdf
 “Simple Mail Transfer Protocol (SMTP)”, available online at: https://www.geeksforgeeks.org/simple-mail-transfer-protocol-smtp/