The Internet as we know it started in 1960 as a project of a small research community with manageable and trustworthy users. Therefore, security was not a primary consideration in the development of the Internet protocols and still has gaps today, but in recent decades many security elements have been established, such as SSL connections.
Email is the electronic evolution of the postal service and is faster and cheaper than traditional messaging. This internet application is one of the oldest and most important worldwide. As early as 1971, electronic mail could be sent on ARPANET and in 1982 the RFC821 and RFC822 standards defined the communication protocol, format and character encoding. Email is a message handling system and consists of the two components “User Agent” and “Message Transfer Agent”.
the User Agent
The first part of the email system is a (local) application programme that provides the user with a user interface to the email service. Well-known user agents are, for example, Microsoft Outlook, Gmail, Apple Mail or Thunderbird. According to RFC 5322/6854, users can receive and read messages as well as create, edit and send messages with these applications. The User Agent takes care of some default settings in the background, the correct generation and insertion of header information, the correct display and much more.
the Message Transfer Agent
The second part of the email system is responsible for the transport of messages between sender and receiver and is defined by RFC 5321. In order to successfully deliver a mail, several MTAs usually work together and are usually presented as mail servers. The Message Transfer Agent establishes connections to other agents, transmits messages and provides feedback on errors (causes).
To ensure that the Message Transfer Agent delivers the message to the correct person, the sender specifies both his email address and that of the recipient. These special addresses consist of the two parts username and server address and are linked with an ”@”. The username references the sender’s/recipient’s mailbox while the server address contains the DNS name or IP address of the email server.
the MIME extension
The first mails according to Internet standard RFC5322 only provided for the use of 7-bit ASCII characters. This means no umlauts, special characters or graphics. Only plain text can be sent, so all special characters, graphics and binary files had to be recoded into 7-bit ASCII. In 1993, the Multipurpose Internet Mail Extension Standard, MIME Standard for short, defined new rules for data type handling and offers not only 7-bit ASCII but also 8-bit ASCII incl. national additions (umlauts/special characters) and Base64 (universal) encoding. With this standard, senders and recipients or their user agents can do the decoding themselves and decorate messages with many different characters and graphics.
The transport of a mail
There are three different communication protocols for the transport of an electronic message SMTP, POP3 and IMAP. These protocols are necessary for the communication between the user agents and message transfer agents as well as between the message transfer agents.
SMTP -Simple Mail Transfer Protocol
This protocol determines how a message is transferred, i.e. the communication between the MTAs. Communication via SMTP is easy to understand, as all messages are exchanged in 7-bit ASCII plain text only. Standard ports are the unencrypted port 25 or the encrypted and today mostly exclusive port 587. In the meantime, the protocol has undergone many extensions, for example Extended SMTP, to exchange messages encrypted and as 8-bit ASCII.
POP3 and IMAP
After a message has finally arrived at the destination address via SMTP using different mail delivery agents, the responsible server stores the email in the recipient’s mailbox and notifies the sender of a successful delivery. Therefore, many mail servers run both a mail transfer agent and a mail delivery agent and are referred to as combined server software. The “Post Office Protocol 3” - POP3 for short - is used for communication with the mail server. This protocol has a relatively small range of functions and uses port 110 (unencrypted) and 995 (encrypted) via TCP. It handles the registration with the mail server, authentication of the user by password request and retrieval of mail messages. In addition, messages can be deleted from the mail server and copies can be stored on computers/mobile devices. The “Interactive Mail Access Protocol” - IMAP for short - which was added later, offers a much wider range of functions and is thus increasingly replacing POP3. Communication takes place with TCP on port 143 (unencrypted) and port 993 (encrypted). Additional functions include parallelism to read emails on different devices, state storage (read/unread) synchronisation and cross-device folder structure. In addition, only the headers of the mails are retrieved and displayed and only when the mail is selected is the rest of the message retrieved from the mail server. Storage and sorting takes place on the server and thus also enables access to large mailboxes from CPU-weak end devices, e.g. mobile phones. For performance reasons, mails are temporarily stored locally, but the administration and long-term storage takes place on the mail server.
Attacks on emails
After the basics of mail have been consolidated, you can also read up on various loopholes and attack methods on emails. We have written more articles about this topic in the articles section.
💬 Comments
Comments are not enabled for this article yet.