Simple Mail Transfer Protocol (SMTP)
Simple Mail Transfer Protocol (SMTP) is the used
protocol for sending e-mail messages between servers.
Most e-mail systems that send mail over the Internet
use SMTP to send messages from one server to another.
However, SMTP does not has facility for authentication
How it works?
The sender-SMTP establishes a two-way transmission
channel to a receiver-SMTP on the request of opt-in
users.The receiver-SMTP may be either the ultimate
destination or an intermediate.SMTP commands are
generated by the sender-SMTP and sent to the receiver-SMTP.SMTP
replies are sent from the receiver-SMTP to the
sender-SMTP in response to the commands.
Once the transmission channel is established,
the SMTP-sender sends a MAIL command indicating
the sender of the mail.If the SMTP-receiver can
accept mail it responds with an OK reply.The SMTP-sender
then sends a RCPT command identifying a recipient
of the mail.If the SMTP-receiver can accept mail
for that recipient it responds with an OK reply;
if not, it responds with a reply rejecting that
recipient (but not the whole mail transaction).
The SMTP-sender and SMTP-receiver may negotiate
several recipients.When the recipients have been
negotiated the SMTP-sender sends the mail data,
terminating with a special sequence.If the SMTP-receiver
successfully processes the mail data it responds
with an OK reply.The dialog is purposely lock-step,
||Sign-up for the full-featured BlacklistedIP Service for only $39.95 for 6 months. Peace of mind for less than
23 cents a day!
Proposals offered to
nip the spam bud
In recent times, several proposals to combat the
growing menace of spam emails are being considered.
The proposals being considered would require better
identification of who the Sender of an email is
and putting a stop to forging practice.
There is a major flaw in STMP, it does not provide
a way to authenticate sender. Spammers use this
loophole to forge the 'From' lines and send bulk
emails. However, the new proposals claim to put
lid on such practice. It offers better identification
of who the "sender" of an e-mail message is and
blocking emails which are not authenticated.
Sender Policy Framework (SPF)
Sender Policy Framework (SPF) makes it easy
to counter most forged "From" addresses in email
and thus stop email spams. It is an extention
to Simple Mail Transfer Protocol (SMTP). Normal
SMTP without SPF allows anyone to forge anyone
else's email address. For example - if Mr. XYZ
wants to send an email, he can forge your email
address and send it across claiming to be from
you. SPF is said to put stoppage to that practice,
as one is required to send emails from their real
SPF allows an internet domain to specify which
machines are authorized to transmit for that particular
domain. For example- if Mr. XYZ wants to send
an email, he/she has to use only their authorized
domain address and if he uses an unauthorized
domain the email will not proceed further.
SPF only keeps spammers from forging the domain
names given in the From address of an email. The
spammer can still send emails from legitimate
domain account. However; this can be traced out
easily, making it easier to automatically black
list a domain that sends spam.