Simple Mail Transfer Protocol (SMTP)

The Simple Mail Transfer Protocol (SMTP) provides a basic e-mail facility. SMTP is the
protocol that transfers e-mail from one server to another. It provides a mechanism for
transferring messages among separate servers. Features of SMTP include mailing lists,
return receipts and forwarding. SMTP accepts the incoming message and makes use of
TCP to send it to an SMTP module on another servers. The target SMTP module will
make use of a local electronic mail package to store the incoming message in a user’s
mailbox. Once the SMTP server identifies the IP address for the recipient’s e-mail server,
it sends the message through standard TCP/IP routing procedures.
Since SMTP is limited in its ability to queue messages at the receiving end, it’s usually
used with one of two other protocols, POP3 or IMAP, that let the user save messages
in a server mailbox and download them periodically from the server. In other words,
users typically use a program that uses SMTP for sending e-mail and either POP3 or
IMAP for receiving messages that have been received for them at their local server. Most
mail programs (such as Eudora) let you specify both an SMTP server and a POP server.
On UNIX-based systems, sendmail is the most widely-used SMTP server for e-mail.
Earlier versions of sendmail presented many security risk problems. Through the years,
however, sendmail has become much more secure, and can now be used with confidence.
A commercial package, sendmail, includes a POP3 server and there is also a version for
Windows NT.
Hackers often use different forms of attack with SMTP. A hacker might create a fake
e-mail message and send it directly to an SMTP server. Other security risks associated
with SMTP servers are denial-of-service attacks. Hackers will often flood an SMTP server
with so many e-mails that the server cannot handle legitimate e-mail traffic. This type
of flood effectively makes the SMTP server useless, thereby denying service to legitimate
e-mail users. Another well-known risk of SMTP is the sending and receiving of
viruses and Trojan horses. The information in the header of an e-mail message is easily
forged. The body of an e-mail message contains standard text or a real message. Newer
e-mail programs can send messages in HTML format. No viruses and Trojans can be
contained within the header and body of an e-mail message, but they may be sent as
attachments. The best defence against malicious attachments is to purchase an SMTP
server that scans all messages for viruses, or to use a proxy server that scans all incoming
and outgoing messages.

SMTP is usually implemented to operate over TCP port 25. The details of SMTP are
in RFC 2821 of the Internet Engineering Task Force (IETF). An alternative to SMTP that
is widely used in Europe is X.400.