Simple Mail Transfer Protocol (SMTP)
SMTP
Simple Mail Transfer Protocol
SMTP is a protocol used for sending and receiving email messages over the internet.
Port: 25 TCP | RFC:5321
OSI Layer: 7 (Application Layer)
Cyber Security Stance:
Designed by Vivekanand Padala
Protocol Overview
SMTP is widely used on the internet, and is supported by most email clients and servers. However, it is not a secure protocol, as email messages are transmitted in clear text, which can be intercepted and read by third parties. To address this issue, email providers often use encryption protocols such as SSL or TLS to secure the transmission of email messages.
SMTP operates on a client-server model, where the client initiates a connection to the server and sends email messages to it, and the server receives the message and delivers it to the appropriate destination. SMTP also includes a set of commands and responses that are used to transfer the email message between the client and server.
SMTP messages are structured as a series of text lines, with each line terminated by a carriage return and line feed (CRLF) pair. The message consists of a header and a body, with the header providing information about the sender, recipient, subject, and other metadata, while the body contains the actual content of the message.
SMTP workflow
- The sender creates an email message using an email client or webmail interface.
- The email client or webmail interface connects to the SMTP server designated for outgoing email for the sender's email domain.
- The email client or webmail interface sends the email message to the SMTP server, which receives the message and begins the process of sending it to the recipient.
- The SMTP server checks the recipient's domain to determine which SMTP server is responsible for delivering email to that domain.
- The SMTP server establishes a connection to the recipient's SMTP server and begins the process of transmitting the email message.
- The recipient's SMTP server receives the email message and stores it in the recipient's mailbox or forwards it to another email server if necessary.
- The recipient retrieves the email message using an email client or webmail interface.