Electronic Mail: SMTP, POP, IMAP

 At the beginning of the Internet era, the messages sent

by electronic mail were short and consisted of text only.
Today, electronic mail is much more complex.
 It allows a message to include text, audio, and video.

 It also allows one message to be sent to one or more

recipients.
 The main components of an e-mail system are:
 user agent, message transfer agent, and message
access agent.

1
 Architecture of e-mail
To explain the architecture of e-mail, we give four
scenarios. We begin with the simplest situation and add
complexity as we proceed. The fourth scenario is the most
common in the exchange of e-mail.

First Scenario:
• In the first scenario, the sender and the receiver of the
e-mail are users (or application programs) on the same
mail server; they are directly connected to a shared
mail server.
• The administrator has created one mailbox for each user
where the received messages are stored.
2
• User-1 runs a user agent ( UA ) program to prepare the
message and store it in user-2’s mailbox. The message
has the sender and recipient mailbox addresses (names
of files).
• User-2 can retrieve and read the contents of his mailbox
using a user agent. Figure below shows the concept.
User-1 and user-2 are directly connected to the mail
server.

3
Second Scenario
o In the second scenario, the sender and the receiver of the
e-mail are users on two different mail servers.
o Each User-1 and User-2 are directly connected to his
mail server.
o The message needs to be sent over the Internet. Here we
need user agents (UAs) and message transfer agents
(MTAs) to send the message through the Internet from
User-1’s site to User-2’s site. as shown in Figure below.

4
o In this scenario; two message transfer agents are needed: one
client and one server.
o Like most client-server programs on the Internet, the server needs
to run all of the time because it does not know when a client will
ask for a connection.
o The client, on the other hand, can be triggered by the system when
there is a message in the queue to be sent.

• The primary function of the SPOOL is to temporarily store

email messages before they are sent to their final destination.
• Here are some of the key functions of spool in a mail server:
1. Temporary storage: It stores emails temporarily until
they can be sent to their final destination (This is
useful in situations where there is network
congestion or when the recipient mail server is
temporarily unavailable).
2. Organization: The spool organizes email messages based on 5
3. Priority management: The spool can prioritize email
messages, ensuring that the most important messages are
delivered first.
4. Filtering: The spool can filter out spam or malicious
emails, preventing them from reaching users' inboxes.
5. Tracking: The spool can track the status of email
messages, allowing users to see if their messages have
been sent, delivered, or rejected.

• Overall, the spool is a fundamental component for

ensuring the smooth and error-free operation of a mail
server.
• The spool is sometimes referred to as a "mail queue" or
"mail buffer".
6
Third Scenario
 Figure below shows the third scenario.
 User-2, as in the second scenario, is directly connected to
his mail server.
 User-1, however, is separated from his mail server.
 User-1 is either connected to the mail server via a point-to-
point WAN (such as a dial-up modem, a DSL, or a cable
modem) or she/he is connected to a LAN in an organization
that uses one mail server for handling e-mails; all users
need to send their messages to this mail server.
 User-1 still needs a user agent to prepare his message.
 He then needs to send the message through the LAN or
WAN.
 This can be done through a pair of message transfer
agents (client and server).
7
We need pair of
message
transfer agents (MTA)

8
Fourth Scenario
 In the fourth and most common scenario, User-2 is
also connected to his mail server by a WAN or a
LAN.
 After the message has arrived at User-2’s mail
server, User-2 needs to retrieve it.
 Here, we need another set of client-server agents,
which we call message access agents (MAAs).
 User-2 uses an MAA client to retrieve his messages.
 The MAA client sends a request to the MAA
server, which is running all the time, and requests
the transfer of the messages.
 The situation is shown in Figure below.
9
(push program) (pull program)

10
USER AGENT
o The first component of an electronic mail system is the
user agent (UA).
o It provides service to the user to make the process of
sending and receiving a message easier.
o A user agent is a software package (program) that
composes, reads, replies to, and forwards messages.
o It also handles local mailboxes on the user computers.
o User Agent Types:
There are two types of user agents:
1. command-driven and
2. GUI-based.
 Command-driven user agents belong to the early days
of electronic mail.
11
• A command-driven user agent normally accepts a one
character command from the keyboard to perform its
task.
• For example, a user can type the character r, at the
command prompt, to reply to the sender of the message,
or type the character R to reply to the sender and all
recipients.
 Modern user agents are GUI-based.
• They contain graphical user interface (GUI)
components that allow the user to interact with the
software by using both the keyboard and the mouse.
• They have graphical components such as icons, menu
bars, and windows that make the services easy to access.
• Some examples of GUI-based user agents are Eudora,
Outlook, and Netscape. 12
Sending Mail
To send mail, the user, through the UA, creates mail that
looks very similar to postal mail (see next Figure). It has an
envelope and a message.

Envelope
The envelope usually contains the sender address, the
receiver address, and other information.
Message
• The message contains the header and the body. The
header of the message defines the sender, the receiver,
the subject of the message, and some other information.
• The body of the message contains the actual
information to be read by the recipient.
13
Format of an e-mail

14
Receiving Mail
• If a user has mail, the UA informs the user (triggered by
the user (or a timer)) with a notice.
• A list of emails is displayed in which each line contains a
summary of the information about the messages in the
mailbox.
• The summary usually includes the sender mail address,
the subject, and the time the mail was sent or received.
• The user can select any of the messages and display its
contents on the screen.
Addresses
The email address must be a unique address.
In the Internet, the address consists of two parts:
a local part and a domain name, separated by an @ sign
(see Figure below) 15
Local Part
The local part defines the name of a special file, called
the user mailbox, where all of the mail received for a user
is stored for retrieval by the message access agent.
Domain Name
• The second part of the address is the domain name.
• An organization usually selects one or more hosts to
receive and send e-mail; they are sometimes called mail
servers or exchangers .
• The domain name assigned to each mail exchanger
either comes from the DNS database or is a logical name
(for example, the name of the organization). 16
Message Transfer Agent: Simple Mail Transfer
(SMTP) Protocol
 The formal protocol that defines the MTA in the Internet is
called Simple Mail Transfer Protocol (SMTP).
 Two pairs of MTA client-server programs are used in the
most common situation (fourth scenario).
 Figure below shows the range of the SMTP protocol in
this scenario.

17
Commands and Responses
• SMTP uses commands and responses to transfer
messages between an MTA client and an MTA server
(see Figure below).
• Each command or reply is terminated by a two-
character (carriage return and line feed) end-of-line
token.

1. Commands
Commands are sent from the client to the server. The
format of a command is shown below:
18
It consists of a keyword followed by zero or more
arguments.
SMTP defines 14 commands listed in Table below and
described in more detail in the following.

❑HELO.
This command is used by the client to identify itself. The
argument is the domain name of the client host. The
format is (for example) HELO:challenger.atc.fhda.edu
19
❑MAIL FROM.
This command is used by the client to identify the sender
of the message. The argument is the e-mail address of the
sender (local part plus the domain name). The format is

MAIL FROM:
[email protected]

❑RCPT TO.
This command is used by the client to identify the intended
recipient of the message. The argument is the e-mail
address of the recipient. If there are multiple recipients,
the command is repeated. The format is
RCPT TO: [email protected]
20
❑DATA.
This command is used to send the actual message.
All lines that follow the DATA command are treated as the
mail message.
The message is terminated by a line containing just one
period. The format is
DATA
This is the message
to be sent to the McGraw-Hill
Company.
❑QUIT.
This command terminates the message. The format is
QUIT
21
❑RSET.
This command aborts the current mail transaction.
The stored information about the sender and recipient is
deleted. The connection will be reset.

RSET

❑VRFY.
This command is used to verify the address of the recipient,
which is sent as the argument.
It can be used to check the validity of an e-mail address
without actually sending mail to it. Its format is

VRFY: [email protected]
22
❑NOOP (No Operation).
This command is used by the client to check the status of the
recipient (check if the connection with the mail server is alive).
It requires an answer from the recipient. Its format is
NOOP.
❑TURN .
This command lets the sender and the recipient switch
positions, whereby the sender becomes the recipient and vice
versa.
However, most SMTP implementations today do not
support this feature. The format is

TURN
23
❑EXPN.
In this command (EXPN: expand), the sending server can query the
receiving server to see if it will accept Enhanced SMTP commands. If
it does it will send back to the connecting server the enhanced
commands it will accept.
❑HELP.
In this command, the client asks the recipient to send
information about the command sent as the argument. The
format is HELP: mail

24
2. Responses
• Responses are sent from the server to the client.
• A response is a three-digit code that may be followed by
additional textual information.
• The idea is the same as discussed in the case of HTTP
responses in previous lecture. Table below lists some of
the responses.

25
26
SMTP Client/Server 27
 SMTP Transaction Session Establishment and
Termination
HELO is a command sent by a client to a server to start an extended SMTP session. The server
is asked to identify itself and declare what extensions or features it supports, such as 28
Mail Transfer Phases
The process of transferring a mail message
occurs in three phases :
 connection establishment,
 mail transfer, and
 connection termination.

1-Connection Establishment:
• The SMTP server starts the connection phase,
after a client has made a TCP connection to the
well-known port 25 (see next figure ).
• This phase involves the following steps, as
shown in figure:
29
 After a client has
made a TCP
connection

1. The server sends code 220 (service ready) to tell the

client that it is ready to receive mail. If the server is not
ready, it sends code 421 (service not available).
2. The client sends the HELO message to identify itself
using its domain name address.
3. The server responds with code 250 (request command
completed) or some other code depending on the situation.
30
2-Message Transfer:
• After connection has been established between
the SMTP client and server, a single message
between a sender and one or more recipients can
be exchanged.
• This phase involves eight steps.
• Steps 3 and 4 are repeated if there is more than
one recipient (see Figure below).

1. The client sends the MAIL FROM message to

introduce the sender of the message.
It includes the mail address of the sender
(mailbox and the domain name). 31
32
This step is needed to give the server the return mail
address for returning errors and reporting messages.

2. The server responds with code 250 (request command

completed) or some other appropriate code.

3. The client sends the RCPT TO (recipient) message,

which includes the mail address of the recipient.

4. The server responds with code 250 or some other

appropriate code.

5. The client sends the DATA message to initialize the

message transfer.
33
6. The server responds with code 354 (start mail
input) or some other appropriate message.

7. The client sends the contents of the message in

consecutive lines.
Each line is terminated by a two-character end-of-
line token (carriage return and line feed).
The message is terminated by a line containing
just one period.

8. The server responds with code 250 (OK) or

some other appropriate code.
34
Connection Termination:
After the message is transferred successfully, the client
terminates the connection. This phase involves two steps
(see Figure below).

1. The client sends the QUIT command.

2. The server responds with code 221 or some other
appropriate code.
After the connection termination phase, the TCP
connection must be closed. 35
Example
Let us see how we can directly use SMTP to send an e-mail
and simulate the commands and responses we described in
this section.
After connection establishment, we can type the SMTP
commands and then receive the responses as shown below.
We have shown the commands in black (from server)and
the responses in color(from client).
Note that we have added for clarification some comment
lines, designated by the “=” sign.
These lines are not part of the e-mail procedure.
In this example, [email protected] is sending an e-mail
to himself. 36
37
 Message Access Agent: POP And IMAP protocol
The first and the second stages of mail delivery use
SMTP (Message Transfer Agent (MTA)).
However, SMTP is not involved in the third stage
because SMTP is a push protocol; it pushes the
message from the client to the server.
In other words, the direction of the bulk data
(messages) is from the client to the server.
The third stage needs a pull protocol; the client (user-
2) must pull messages from the server.
The direction of the bulk data are from the server to
the client(user-2).
The third stage uses a Message Access Agent (MAA).
38
 Currently two message access agent (MAA) protocols
are available:
 Post Office Protocol, version 3 (POP3) and
 Internet Mail Access Protocol, version 4 (IMAP4).
Figure below shows the position of these two protocols
in the most common situation (fourth scenario).

(Client) ---- (Server) (Server) ---- (Client)

39
 Post Office Protocol, version 3 (POP3)
 Post Office Protocol, version 3 (POP3) is simple and
limited in functionality.
 POP3 is a client–server program.
 The client POP3 software is installed on the recipient
computer; the server POP3 software is installed on the
mail server.
 Mail access starts with the client when the user needs to
download its e-mail from the mailbox on the mail server.
 The client opens a connection to the server on TCP port 110.
 It then sends its user name and password to access the
mailbox.
 The user can then list and retrieve the mail messages in the
server, one by one.
40
• Figure below shows an example of downloading E-
mails using POP3.

41
POP3 has two modes:
1. The delete mode and
2. The keep mode.
• In the delete mode, the mail is deleted from the mailbox
in the server after each retrieval.
• In the keep mode, the mail remains in the mailbox of
the server after retrieval.
• The delete mode is normally used when the user is
working at his permanent computer and can save and
organize the received mail after reading or replying.
• The keep mode is normally used when the user accesses
his mail away from his primary computer (e.g., a
laptop).
• The mail is read but kept in the system for later retrieval
and organizing. 42
Internet Mail Access Protocol, version 4 (IMAP4)
• Another Message Access Agent protocol is Internet
Mail Access Protocol, version 4 (IMAP4).
• IMAP4 is similar to POP3, but it has more features;
• IMAP4 is more powerful and more complex.
• POP3 is a weak in several ways:
 It does not allow the user to organize his mail on the
mail server;
 the user cannot have different folders on the mail
server. (Of course, the user can create folders on his
own computer.)
 In addition, POP3 does not allow the user to partially
check the contents of the mail before downloading.
43
IMAP4 provides the following extra functions:
❑ A user can check the e-mail header prior to
downloading.
❑ A user can search the contents of the e-mail for a
specific string of characters prior to downloading.
❑ A user can partially download e-mail. This is
especially useful if bandwidth is limited and the e-
mail contains multimedia with high bandwidth
requirements.
❑ A user can create, delete, or rename mailboxes on
the mail server.
❑ A user can create a hierarchy of mailboxes in a
folder for e-mail storage.
44
E-MAIL SECURITY
The email protocols does not provide any security
provisions.
However, e-mail exchanges can be secured using two
application-layer securities designed in particular for e-
mail systems. Two of these protocols, Pretty Good Privacy
(PGP) and Secure MIME (SMIME).

NOTE:
1. MIME (Multipurpose Internet Mail Extensions):
MIME is a standard used to extend the capabilities of the
SMTP protocol to support sending non-text content via
email, such as images, audio files, video, or multilingual (‫متعدد‬
‫ )اللغات‬text. For example, sending attachments, supporting
UTF-8 text, or splitting messages into multiple parts
45
(Multipart Messages).
2. PGP (Pretty Good Privacy):
PGP is a cryptographic protocol used to secure electronic
communications, especially email, by providing encryption
and digital signature.
For example, encrypting email messages to ensure their
confidentiality, digitally signing messages to prove their
authenticity, or combining the two for complete security.

The difference between them:

MIME: Focuses on formatting and extending the
quality of content in email.

PGP: Focuses on security (privacy and authentication)

regardless of the type of content

46