Mail processing model

Email is submitted by a mail client (MUA, ) to a mail server (MSA, ) using SMTP on port 587. Most still allow submission on traditional port 25. From there, the MSA delivers the mail to its mail transfer agent (MTA, ). Often, these two agents are just different instances of the same software launched with different options on the same machine. Local processing can be done either on a single machine, or split among various appliances; in the former case, involved processes can share files; in the latter case, SMTP is used to transfer the message internally, with each host configured to use the next appliance as a . Each process is an MTA in its own right; that is, an SMTP server.

The boundary MTA has to locate the target host. It uses the (DNS) to look up the mail exchanger record (MX record) for the recipient's domain (the part of the on the right of @). The returned MX record contains the name of the target host. The MTA next connects to the exchange server as an SMTP client. (The article on discusses many factors in determining which server the sending MTA connects to.)

Once the MX target accepts the incoming message, it hands it to a (MDA) for local mail delivery. An MDA is able to save messages in the relevant format. Again, mail reception can be done using many computers or just one —the picture displays two nearby boxes in either case. An MDA may deliver messages directly to storage, or them over a network using SMTP, or any other means, including the (LMTP), a derivative of SMTP designed for this purpose.

Once delivered to the local mail server, the mail is stored for batch retrieval by authenticated mail clients (MUAs). Mail is retrieved by end-user applications, called email clients, using (IMAP), a protocol that both facilitates access to mail and manages stored mail, or the (POP) which typically uses the traditional mail file format or a proprietary system such as Microsoft Exchange/Outlook or /. clients may use either method, but the retrieval protocol is often not a formal standard.

SMTP defines message transport, not the message content. Thus, it defines the mail envelope and its parameters, such as the , but not the header or the body of the message itself. STD 10 and define SMTP (the envelope), while STD 11 and define the message (header and body), formally referred to as the .

[] Protocol overview

SMTP is a , protocol in which a mail sender communicates with a mail receiver by issuing command strings and supplying necessary data over a reliable ordered data stream channel, typically a (TCP) connection. An SMTP session consists of commands originated by an SMTP (the initiating , sender, or transmitter) and corresponding responses from the SMTP (the listening agent, or receiver) so that the session is opened, and session parameters are exchanged. A session may include zero or more SMTP transactions. An SMTP transaction consists of three command/reply sequences (see example below.) They are:

1. MAIL command, to establish the return address, a.k.a. Return-Path, 5321.From, mfrom, or envelope sender. This is the address for .
2. RCPT command, to establish a recipient of this message. This command can be issued multiple times, one for each recipient. These addresses are also part of the envelope.
3. DATA to send the message text. This is the content of the message, as opposed to its envelope. It consists of a message header and a message body separated by an empty line. DATA is actually a group of commands, and the server replies twice: once to the DATA command proper, to acknowledge that it is ready to receive the text, and the second time after the end-of-data sequence, to either accept or reject the entire message.

Besides the intermediate reply for DATA, each server's reply can be either positive (2xx reply codes) or negative. Negative replies can be permanent (5xx codes) or transient (4xx codes). A reject is a permanent failure by an SMTP server; in this case the SMTP client should send a bounce message. A drop is a positive response followed by message discard rather than delivery.

The initiating host, the SMTP client, can be either an end-user's , functionally identified as a (MUA), or a relay server's (MTA), that is an SMTP server acting as an SMTP client, in the relevant session, in order to relay mail. Fully capable SMTP servers maintain queues of messages for retrying message transmissions that resulted in transient failures.

A MUA knows the outgoing mail SMTP server from its configuration. An SMTP server acting as client, i.e. relaying, typically determines which SMTP server to connect to by looking up the (Mail eXchange) resource record for each recipient's . Conformant MTAs (not all) fall back to a simple in case no MX record can be found. Relaying servers can also be configured to use a .

An SMTP server acting as client initiates a connection to the server on the "" designated for SMTP: 25. MUAs should use port 587 to connect to an MSA. The main difference between an MTA and an MSA is that is mandatory for the latter only.

[] SMTP vs mail retrieval

SMTP is a delivery protocol only. It cannot pull messages from a remote server on demand. Other protocols, such as the (POP) and the (IMAP) are specifically designed for retrieving messages and managing . However, SMTP has a feature to initiate mail queue processing on a remote server so that the requesting system may receive any messages destined for it (see below). POP and IMAP are preferred protocols when a user's personal computer is only intermittently powered up, or Internet connectivity is only transient and hosts cannot receive messages during off-line periods.

[] Remote Message Queue Starting

Remote Message Queue Starting is a feature of SMTP that permits a remote host to start processing of the mail queue on a server so it may receive messages destined to it by sending the TURN command. This feature however was deemed insecure and was extended in with the command which operates more securely using an method based on Domain Name System information.

[] On-Demand Mail Relay

On-Demand Mail Relay (ODMR) is an standardized in that allows e-mail to be relayed to an authenticated recipient.

[] Internationalization

Many users whose native script is not Latin based have had difficulty with the Latin email address requirement. Often this leads to meaningless, but easy to type, locale addresses.

was created to solve that problem, providing internationalization features for SMTP, the SMTPUTF8 extension. provides support for multi-byte and non-ASCII characters in email addresses, such as Pelé@live.com (simple diacritic), δοκιμή@παράδειγμα.δοκιμή, and 测试@测试.测试. Current support is limited, but there is strong interest in broad adoption of and the related RFCs in countries like China that have a large user base where Latin (ASCII) is a foreign script.

[] Outgoing mail SMTP server

An needs to know the IP address of an SMTP server and this has to be given as part of its configuration (usually given as a name). The server will deliver outgoing messages on behalf of the user.

[] Outgoing mail server access restrictions

Server administrators need to impose some control on which clients can use the server. This enables them to deal with abuse, for example . Two solutions have been in common use:

• In the past, many systems imposed usage restrictions by the location of the client, only permitting usage by clients whose IP address is one that the server administrators control. Usage from any other client IP address is disallowed.
• Modern SMTP servers typically offer an alternative system that requires of clients by credentials before allowing access.

[] Restricting access by location

Under this system, an 's SMTP server will not allow access by users who are 'outside the ISP's network'. More precisely, the server may only allow access to users with an IP address provided by the ISP, which is equivalent to requiring that they are connected to the Internet using that same ISP. A mobile user may often be on a network other than that of their normal ISP, and will then find that sending email fails because the configured SMTP server choice is no longer accessible.

This system has several variations. For example, an organisation's SMTP server may only provide service to users on the same network, enforcing this by firewalling to block access by users on the wider Internet. Or the server may perform range checks on the client's IP address. These methods were typically used by corporations and institutions such as universities which provided an SMTP server for outbound mail only for use internally within the organisation. However, most of these bodies now use client authentication methods, as described below.

By restricting access to certain IP addresses, server administrators can readily recognise the IP address of any abuser. As it will be a meaningful address to them, the administrators can deal with the rogue machine or user.

Where a user is mobile, and may use different ISPs to connect to the internet, this kind of usage restriction is onerous, and altering the configured outbound email SMTP server address is impractical. It is highly desirable to be able to use email client configuration information that does not need to change.

dasdadadadasdasd

[] Client authentication

Modern SMTP servers typically require of clients by credentials before allowing access, rather than restricting access by location as described earlier. This more flexible system is friendly to mobile users and allows them to have a fixed choice of configured outbound SMTP server.

[] Open relay

A server that is accessible on the wider Internet and does not enforce these kinds of access restrictions is known as an . This is now generally considered a bad practice worthy of .

[] Ports

Server administrators choose whether clients use port 25 (SMTP) or port 587 (Submission), as formalized in (previously ), for relaying outbound mail to a . The specifications and many servers support both. Although some servers support port 465 for legacy secure SMTP in violation of the specifications, it is preferable to use standard ports and standard ESMTP commands according to if a secure session needs to be used between the client and the server.

Some servers are set up to reject all relaying on port 25, but valid users authenticating on port 587 are allowed to relay mail to any valid address.

Some intercept port 25, redirecting traffic to their own SMTP server regardless of the destination address. This means that it is not possible for their users to access an SMTP server outside the ISP's network using port 25.

Some SMTP servers support authenticated access on an additional port other than 25 to allow users to connect to them even if port 25 is blocked.

2013 has an SMTP service listening on ports 25, 587, 2525, 465 and 475 depending upon server role and function. Port 25 and 587 for server and client connectivity, and 25 or 2525 and 465 on the Mailbox role for accepting internal SMTP connections (from other Exchange Servers in the organization), where 25 is the Hub Transport service for receiving SMTP from other SMTP servers and 465 is the Hub Transport service for receiving proxied connections from clients connected to the CAS Frontend Transport service. On servers that have the Client Access role (CAS) and the Mailbox role installed on the same machine 25 and 2525 are in use - 25 for the Frontend Transport role (a CAS feature) and 2525 for the Hub Transport service rather than port 25 running for both Frontend Transport and Hub Transport services. Port 475 is the Mail Delivery service and this is an SMTP server that takes email from the Hub Transport service and places in the mailbox databases on the local server where it is running.

[] SMTP transport example

A typical example of sending a message via SMTP to two mailboxes (alice and theboss) located in the same mail domain (example.com or localhost.com) is reproduced in the following session exchange. (In this example, the conversation parts are prefixed with S: and C:, for server and client, respectively; these labels are not part of the exchange.)

After the message sender (SMTP client) establishes a reliable communications channel to the message receiver (SMTP server), the session is opened with a greeting by the server, usually containing its (FQDN), in this case smtp.example.com. The client initiates its dialog by responding with a HELO command identifying itself in the command's parameter with its FQDN (or an address literal if none is available).

S: 220 smtp.example.com ESMTP PostfixC: HELO relay.example.orgS: 250 Hello relay.example.org, I am glad to meet youC: MAIL FROM:
     
      S: 250 OkC: RCPT TO:
      
       S: 250 OkC: RCPT TO:
       
        S: 250 OkC: DATAS: 354 End data with 
        
         
          .
          
           
            C: From: "Bob Example" 
            
             C: To: "Alice Example" 
             
              C: Cc: theboss@example.comC: Date: Tue, 15 January 2008 16:02:43 -0500C: Subject: Test messageC:C: Hello Alice.C: This is a test message with 5 header fields and 4 lines in the message body.C: Your friend,C: BobC: .S: 250 Ok: queued as 12345C: QUITS: 221 Bye{The server closes the connection}
             
            
           
          
         
        
       
      
     

The client notifies the receiver of the originating email address of the message in a MAIL FROM command. In this example, the email message is sent to two mailboxes on the same SMTP server: one each for each recipient listed in the To and Cc header fields. The corresponding SMTP command is RCPT TO. Each successful reception and execution of a command is acknowledged by the server with a result code and response message (e.g., 250 Ok).

The transmission of the body of the mail message is initiated with a DATA command after which it is transmitted verbatim line by line and is terminated with an end-of-data sequence. This sequence consists of a new-line (<CR><LF>), a single (period), followed by another new-line. Since a message body can contain a line with just a period as part of the text, the client sends two periods every time a line starts with a period; correspondingly, the server replaces every sequence of two periods at the beginning of a line with a single one. Such escaping method is called dot-stuffing.

The server's positive reply to the end-of-data, as exemplified, implies that the server has taken the responsibility of delivering the message. A message can be doubled if there is a communication failure at this time, e.g. due to a power shortage: Until the sender has received that 250 reply, it must assume the message was not delivered. On the other hand, after the receiver has decided to accept the message, it must assume the message has been delivered to it. Thus, during this time span, both agents have active copies of the message that they will try to deliver. The probability that a communication failure occurs exactly at this step is directly proportional to the amount of filtering that the server performs on the message body, most often for anti-spam purposes. The limiting timeout is specified to be 10 minutes.

The QUIT command ends the session. If the second recipient were located elsewhere, the client would QUIT and connect to the appropriate SMTP server after the first message had been queued. The information that the client sends in the HELO and MAIL FROM commands are added (not seen in example code) as additional header fields to the message by the receiving server. It adds a Received and Return-Path header field, respectively.

[] Optional extensions

Although optional and not shown in this example, many clients ask the server for the SMTP extensions that the server supports, by using the EHLO greeting of the extended SMTP specification (). Clients fall back to HELO only if the server does not respond to EHLO.

Modern clients may use the ESMTP extension keyword SIZE to query the server for the maximum message size that will be accepted. Older clients and servers may try to transfer excessively sized messages that will be rejected after consuming network resources, including connect time to network links that is paid by the minute.

Users can manually determine in advance the maximum size accepted by ESMTP servers. The client replaces the HELO command with the EHLO command.

S: 220 smtp2.example.com ESMTP PostfixC: EHLO bob.example.orgS: 250-smtp2.example.com Hello bob.example.org [192.0.2.201]S: 250-SIZE 14680064S: 250-PIPELININGS: 250 HELP

Thus smtp2.example.com declares that it will accept a fixed maximum message size no larger than 14,680,064 (8-bit bytes). Depending on the server's actual resource usage, it may be currently unable to accept a message this large. In the simplest case, an ESMTP server will declare a maximum SIZE with only the EHLO user interaction.

[] Security and spamming

The original SMTP specification did not include a facility for authentication of senders. Subsequently, the extension was defined by . The (ESMTP) provides a mechanism for email clients to specify a security mechanism to a mail server, authenticate the exchange, and negotiate a security profile (, SASL) for subsequent message transfers.

Microsoft products implement the proprietary (SPA) protocol through the use of the SMTP-AUTH extension.

However, the impracticality of widespread SMTP-AUTH implementation and management means that E-mail is not and cannot be addressed by it.

Modifying SMTP extensively, or replacing it completely, is not believed to be practical, due to the of the huge installed base of SMTP. was one such proposal for replacement.

Spam is enabled by several factors, including vendors implementing that are not standards-compliant, which make it difficult for other MTAs to enforce standards, security vulnerabilities within the operating system (often exacerbated by always-on broadband connections) that allow spammers to remotely control end-user PCs and cause them to send spam, and a lack of "intelligence" in many MTAs.

There are a number of proposals for sideband protocols that will assist SMTP operation. The (ASRG) of the (IRTF) is working on a number of and other proposals for providing simple source authentication that is flexible, lightweight, and scalable. Recent (IETF) activities include (2004) leading to two approved IETF experiments in 2005, and in 2006.