1.SMTP is working in both cases: First, email is transferred from the client to the server; the other is transferred from a server to another. 2.SMTP is a request / response protocol, command and response is based on ASCII Text and ends with CR and LF. The response includes a three-digit code indicating the return state. 3.SMTP listening to the connection request in the TCP protocol No. 25 port 4. Connection and sending procedure:
a. Establish a TCP connection B. The client sends a helo command to identify the sender's own identity, and then the client sends a mail command server side hopes to respond with OK, indicating that you are ready to receive c. Client Send the RCPT command to identify the electronic Mail plan recipient, you can have multiple RCPT line server, indicating whether it is willing to accept mail D. negotiation end, send mail, send email with command data. End of F. End of the end of the input. This time, exit with the quit command.
5. Other two commands: vrfy --- is used to verify that the given user mailbox exists and receives more information about the user. EXPN --- is used to expand the mailing list.
6. Mail Routing Process: SMTP Server is routing email based on the domain name of the "Domain Name Service DNS. SMTP Server Route email based on MX records in DNS, the MX record registers domain names and related SMTP relay hosts, which belongs to this domain should be sent to the host. If the SMTP server mail.abc.com receives a letter to Shuser@sh.abc.com:
A.sendmail Request DNS Give the CNAME record of the host Sh.abc.com, if you have CNAME to Shmail.abc.com, then request Shmail.abc.com's CNAME record until not. b. Assume that CNAME Go to Shmail.abc.com, then Sendmail requests the DNS of the @ Abc.com domain gives the MX record of Shmail.abc.com, Shmail MX 5 Shmail.abc.com 10 shmail2.abc.com c. Sendmail finally requests DNS to give SHMAIL.ABC.com A record, ie IP address, if the return value is 1.2.3.4 d. Sendmail and 1.2.3.4 connection, transfer this to shuser@sh.abc.com to 1.2.3.4 This server SMTP background program
7.SMTP basic command set:
Command Description ---------------------------- Helo identifies the user's identity sender can spoof, lying, but in general, the server It can be detected.
Mail Initialization Mail Transfer Mail From: RCPT identifies a single mail recipient; often there is multiple RCPT TO: DATA after the mail command, indicating that all mail recipients have identified, and initialize data transfer End. VRFY is used to verify that the specified user / mailbox exists; due to safety, the server often prohibits this command EXPN to verify that the given mailbox list is existing, expand the mailbox list, and often disabled the HELP query server to support what command Noop does not operate The server should respond to the OK Quit End Session Rset reset session, the current transmission is canceled ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
8. The address specified in the mail from command is called the envelope from address, which does not need to be consistent with the sender's own address. RCPT TO and the equivalent, the specified recipient address is called the envelope to address, and what is not related to the actual TO: row.
9. Why don't have RCPT CC and RCPT BCC: All recipient negotiations are implemented via the RCPT TO command. If it is BCC, the negotiation is deleted after the other party receives the envelope 10. Mail is divided into an envelope section. , The header part and the envelope part of Envelope from, envelope to: Message TO: Not coheed at all.
EVNELOPE is provided by the server host SMTP background, while Message from / TO is provided by the user. There is a free number and difference.
11. How to check if the envelope is inspected whether a letter is forged? a. Relevance of the ReceiveD line. The current SMTP mail transmission system, in addition to the internal host processing of the envelope part, considering the part between the two corporate firewalls, if the two firewall machines are A and B, but the recipient checks the envelope Received: It was found that C. is forged.
b. Received: The host and IP address in the line correspond to whether it corresponds to: receibed: from galangal.org (Turmeric.com [104.128.23.115] by mail.bieberdorf.edu .... c. Manually added in the last side Received: resperse: from galangal.org ([104.128.23.115]) by mail .bieberdorf.edu (8.8.5) Received: from lemongrass.org by galang.org (8.7.3) Received: from graprao.com by Lemongrass.org (8.6.4)
