SMTP and ncat

https://github.com/heig-vd-dai-course

Web · PDF

L. Delafontaine and H. Louis, with the help of GitHub Copilot.

Based on the original course by O. Liechti and J. Ehrensberger.

This work is licensed under the CC BY-SA 4.0 license.

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Objectives

  • Learn electronic messaging protocols:
    • SMTP
    • POP3
    • IMAP
  • Focus on the SMTP protocol
  • Learn how to use ncat and Java to send an email to an SMTP server
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Electronic messaging protocols: SMTP, POP3 and IMAP

More details for this section in the course material. You can find other resources and alternatives as well.

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Electronic messaging protocols: SMTP, POP3 and IMAP

  • Email clients are called Mail User Agents (MUA)
  • Email servers are called Mail Transfer Agents (MTA)
  • They use different protocols to communicate
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

SMTP

  • SMTP: Simple Mail Transfer Protocol
  • Uses TCP port 25 (unencrypted) or 465 (encrypted)
  • Used to send emails
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

POP3

  • POP3: Post Office Protocol
  • Uses TCP port 110 (unencrypted) or 995 (encrypted)
  • Used to retrieve emails from a server
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

IMAP

  • IMAP: Internet Message Access Protocol
  • Uses TCP port 143 (unencrypted) or 993 (encrypted)
  • Used to retrieve emails from a server
  • Much more powerful than POP3 (synchronization, ...)
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

More details for this section in the course material. You can find other resources and alternatives as well.

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0
  • MX: Mail eXchange - Specifies the mail server responsible for a domain name
  • TXT: Store any text-based information. Used for SPF records, for email authentication
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Security concerns and spam

More details for this section in the course material. You can find other resources and alternatives as well.

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Security concerns and spam

  • SMTP is old and insecure
  • Easy to spoof and forge emails
  • Hard to maintain
  • ➡️ Your email server can be used for spam and can be blocked
  • ➡️ We will use a mock server to simulate an email server
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

A focus on the SMTP protocol

More details for this section in the course material. You can find other resources and alternatives as well.

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

A focus on the SMTP protocol

  • SMTP is a text-based protocol
  • Messages are sent by the client to the server
  • The server responds with a status code
  • The client can send the next command
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0
  • HELO /EHLO
  • MAIL FROM
  • RCPT TO
  • DATA
    • Subject:
    • From:
    • To:
    • End by .
  • QUIT
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

ncat

More details for this section in the course material. You can find other resources and alternatives as well.

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

ncat

  • ncat is network utility for reading from and writing to network connections
  • It is used to connect to a remote server (SMTP, HTTP, ...)
  • We will use it to interact with a SMTP server
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Questions

Do you have any questions?

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Practical content

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

What will you do?

  • Install and configure ncat
  • Start a SMTP server with Docker Compose
  • Send an email with ncat to the SMTP server
  • Send an email with Java to the SMTP server
HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Find the practical content

You can find the practical content for this chapter on GitHub.

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Finished? Was it easy? Was it hard?

Can you let us know what was easy and what was difficult for you during this chapter?

This will help us to improve the course and adapt the content to your needs. If we notice some difficulties, we will come back to you to help you.

➡️ GitHub Discussions

You can use reactions to express your opinion on a comment!

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

What will you do next?

We are arriving at the end of the second part of the course.

An evaluation will be done to check your understanding of all the content seen in this second part.

More details will be given in the next chapter.

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0

Sources

HEIG-VD - DAI Course 2024-2025 - CC BY-SA 4.0