fir3net
PPS-Firenetbanner-780.5x190-30-03-17

SMTP

SMTP is an Application layer protocol (RFC 821,1982). Being a completely ASCII text based communication protocol, any binary or not text based attachments must be encoded before it can be sent using SMTP.
To allow users to send rich content is MIME (Multipurpose Internet Mail Extension) was introduced. MIME is an Internet standard that extends the format of email to support. Which allows for:

•    Text in character sets other than ASCII (Such as German, Japanese, Chinese and other high ASCII and double byte languages)
•    Non-text attachments
•    Message bodies with multiple parts
•    Header information in non-ASCII character sets

SMTP Response Codes

2xx Everything is fine, go ahead
3xx Generally are informational
4xx Temporary problem try again later (also known as temp fail or deferral) 
5xx Permanent error, giving up (rejection or term fail)

SMTP Commands

The SMTP message envelope refers to the sender and recipient addresses used within the SMTP transaction. These can be different from the addresses within the message headers.

Command (From Sender) Action after received command (Remote Mail Gateway)
Helo / ehlo States who it is (its host name)
MAIL From States who the sender is (Envelope From:)
RCPT To: States where the message is going (Envelope Recipients(s)
Data Transmits content of the message, following by Headers
Quit Terminates connection

DNS & SMTP

SMTP relies on DNS records to determine which address will deliver mail for the subsequent domain.
Below are the various DNS records involved with SMTP mail transfer,

NS Record Provides the host names of the servers that hold the information about the domain.
MX Record The host name of the mail exchange that will accept mail for the domain. Along with their priorities.
A Record The IP address associated with the Hostname
Ptr Record The mirror image of an A record. Provides the host name when given the IP address

Registering the DNS

In order to register your device (mail exchange, spam filter etc) with DNS you need to do the following,

  1. Create A record that maps the host name of the appliance to an IP address
  2. Create MX record that maps your public domain to the appliances host name
  3. Specify a priority fo the MX record to advertise your appliance as a primary or backup Mail Exchange

The MX Record

The MX record is the main DNS record that is associated with SMTP. As mentioned previously the MX record contains the Mail Exchanges for the necessary domain.

C:\Documents and Settings\administrator>nslookup
Default Server:  dnsserver.myisp.com
Address:  8.8.8.8
> set type=mx
> bbc.com

Non-authoritative answer:
bbc.com MX preference = 20, mail exchanger = cluster8a.eu.messagelabs.com
bbc.com MX preference = 10, mail exchanger = cluster8.eu.messagelabs.com

As you can see from the output of a queried MX record for bbc.com, we get the A records of 2 mail exchanges.  The preference number dictates which Mail Server the your mail will be sent to. This is based on Lower the value = higher the priority.

This allows for you to DNS round robin between equal cost Mail Servers and in turn equally load balance the SMTP traffic between your Mail Servers.
A common scenario is that spammers will try and connect (and relay) their spam though MX records with the highest preference number. This is due to the general thought being that companies will only have spam filter systems deployed upon their primary Mail exchangers (Mail Servers).

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001