reference

Home

Shopping

Articles

Local

News

Simple Mail Transfer Protocol

History

Various forms of one-to-one electronic messaging were used in the 1960s. People communicated with one another using systems developed for specific mainframe computers. As more computers were interconnected, especially in the US Government's ARPANET, standards were developed to allow users using different systems to be able to e-mail one another. SMTP grew out of these standards developed during the 1970s.

SMTP can trace its roots to two implementations described in 1971, the Mail Box Protocol, which has been disputed to actually have been implemented, but is discussed in RFC 196 and other RFCs, and the SNDMSG program, which according to RFC 2235 by Ray Tomlinson of BBN "invents" for TENEX computers the sending of mail across the ARPANET. Fewer than 50 hosts were connected to the ARPANET at this time.

Further implementations include FTP Mail and Mail Protocol, both from 1973. The work continued throughout the 1970s, until the ARPANET converted into the modern Internet around 1980. Jon Postel then proposed a Mail Transfer Protocol in 1980 that began to remove the mail's reliance on FTP. SMTP was published as RFC 821 in August 1982, also by Postel.

The SMTP standard was developed around the same time as Usenet, a one-to-many communication network with some similarities.

SMTP became widely used in the early 1980s. At the time, it was a complement to Unix to Unix Copy Program (UUCP) mail, which was better suited to handle e-mail transfers between machines that were intermittently connected. SMTP, on the other hand, works best when both the sending and receiving machines are connected to the network all the time. Both use a store and forward mechanism and are examples of push technology. Though Usenet's newsgroups are still propagated with UUCP between servers, UUCP mail has virtually disappeared along with the "bang paths" it used as message routing headers.

The article about sender rewriting contains technical background info about the early SMTP history and source routing before RFC 1123.
Sendmail was one of the first (if not the first) mail transfer agents to implement SMTP. Some other popular SMTP server programs include Postfix, qmail, Novell GroupWise, Exim, Novell NetMail, Microsoft Exchange Server, Sun Java System Messaging Server.

Message submission (RFC 2476) and SMTP-AUTH (RFC 2554) were introduced in 1998 and 1999, both describing new trends in e-mail delivery. Originally, SMTP servers were typically internal to an organization, receiving mail for the organization from the outside, and relaying messages from the organization to the outside. But as time went on, SMTP servers (Mail transfer agents), in practice, were expanding their roles to become message submission agents for Mail user agents, some of which were now relaying mail from the outside of an organization. (e.g. A company executive wishes to send e-mail while on a trip using the corporate SMTP server.) This issue, a consequence of the rapid expansion and popularity of the World Wide Web, meant that the SMTP protocol had to include specific rules and methods for relaying mail and authenticating users to prevent abuses such as unsolicited e-mail (spam) relaying.

As this protocol started out purely ASCII text-based, it did not deal well with binary files. Standards such as Multipurpose Internet Mail Extensions (MIME) were developed to encode binary files for transfer through SMTP. Mail transfer agents (MTAs) developed after Sendmail also tended to be implemented 8-bit-clean, so that the alternate "just send eight" strategy could be used to transmit arbitrary data via SMTP. 8-bit-clean MTAs today tend to support the 8BITMIME extension, permitting binary files to be transmitted almost as easily as plain text.

Many people contributed to the core SMTP specifications, among them Jon Postel, Eric Allman, Dave Crocker, Ned Freed, Randall Gellens, John Klensin, and Keith Moore.

Mail processing model

The overall flow for message creation, mail transport and delivery may be illustrated as follows:

sending MUA → MSA → sending MTA → receiving MTA → MDA → Mailstore for retrieval by MUA

E-mail is submitted from a message user agent (MUA), the user's email client, to a mail server (MSA), usually using SMTP. From there, the MSA delivers the mail to an MTA, often running on the same machine. These functions may not be distinguished, or merged into one program, and a message may be directly submitted to an MTA: port 587 is used for submission to MSAs (thence to MTAs), while port 25 is used for transferring to MTAs.

The MTA looks up the destination mail exchanger records in the DNS, and relays the mail to the server on record via TCP port 25 and SMTP. Once the receiving MTA accepts the incoming message, it is delivered via a mail delivery agent (MDA) to a server which is designated for local mail delivery. The MDA either delivers the mail directly to storage, or forwards it over a network using either SMTP or the Local Mail Transfer Protocol (LMTP), a derivative of ESMTP designed for this purpose. Once delivered to the local mail server, the mail is stored for batch retrieval by authenticated mail clients (MUAs). Mail is retrieved by end-user applications, the email clients, using IMAP, a protocol that both facilitates access to mail and manages stored mail, or the Post Office Protocol (POP) which typically uses the traditional mbox mail file format. Webmail clients may use either method, but the retrieval protocol is often not a formal standard. Some local mail servers and MUAs are capable of either push or pull mail retrieval.

SMTP defines message transport, not the message content. Thus, it defines the mail envelope and its parameters, such as the envelope sender, but not the header or the body of the message itself. STD 10 and RFC 5321 define SMTP (the envelope), while STD 11 and RFC 5322 define the message (header and body), formally referred to as the Internet Message Format.

Protocol overview

SMTP is a relatively simple, text-based protocol, in which a mail sender communicates with a mail receiver by issuing simple command strings and supplying necessary data over a reliable ordered data stream channel, typically a Transmission Control Protocol (TCP) connection. An SMTP session consists of a series of commands, initiated by the SMTP client, and responses from the SMTP server through which the session is opened, operating parameters are exchanged, the recipients are specified, and possibly verified, and the message is transmitted, before the session is closed.
The originating host is either an end-user's email client also known as mail user agent (MUA), or a relay server's mail transfer agent (MTA).

SMTP was designed as an electronic mail transport and delivery protocol, and as such it is used between SMTP systems that are operational at all times. However, it has capabilities for use as a mail submission protocol for email clients (split user-agent) that do not have the capability to operate as MTA. Such agents are also called message submission agents (MSA),RFC 4409, Message Submission for Mail, R. Gellens, J. Klensin, The Internet Society (April 2006) sometimes also referred to as mail submission agents. They are typically end-user applications and send all messages through a smart relay server, often called the outgoing mail server, which is specified in the programs' configuration. A mail transfer agent, incorporated either in the e-mail client directly or in the relay server, typically determines the destination SMTP server by querying the Domain Name System for the mail exchanger (MX record) of each recipient's domain name. Conformant MTAs fall back to a simple address lookup (A record) of the domain name when no mail exchanger is available. In some cases an SMTP client, even a server, may also be configured to use a smart host for delivery. The SMTP client typically initiates a Transmission Control Protocol (TCP) connection to the SMTP server on the well-known port designated for SMTP, port number 25.

SMTP is a delivery protocol only. It cannot pull messages from a remote server on demand. Other protocols, such as the Post Office Protocol (POP) and the Internet Message Access Protocol (IMAP) are specifically designed for retrieving messages and managing mail boxes. However, the SMTP protocol has a feature to initiate mail queue processing on a remote server so that the requesting system may receive any messages destined for it (cf. Remote Message Queue Starting). POP and IMAP are preferred protocols when a user's personal computer is only intermittently powered up, or Internet connectivity is only transient and hosts cannot receive message during off-line periods.

Remote Message Queue Starting

Remote Message Queue Starting is a feature of the SMTP protocol that permits a remote host to start processing of the mail queue on a server so it may receive messages destined to it by sending the TURN command. This feature however was deemed insecure and was extended in RFC 1985 with the ETRN command which operates more securely using an authentication method based on Domain Name System information.

SMTP transport example

A typical example of sending a message via SMTP to two mailboxes (alice and theboss) located in the same mail domain (example.com) is reproduced in the following session exchange.

For illustration purposes here (not part of protocol), the protocol exchanges are prefixed for the server (S:) and the client (C:).

After the message sender (SMTP client) establishes a reliable communications channel to the message receiver (SMTP server), the session is opened with a greeting by the server, usually containing its fully qualified domain name, in this case smtp.example.com. The client initiates its dialog by responding with a HELO command identifying itself in the command's parameter.


 S: 220 smtp.example.com ESMTP Postfix
 C: HELO relay.example.org
 S: 250 Hello relay.example.org, I am glad to meet you
 C: MAIL FROM:
 S: 250 Ok
 C: RCPT TO:
 S: 250 Ok
 C: RCPT TO:
 S: 250 Ok
 C: DATA
 S: 354 End data with .
 C: From: "Bob Example" 
 C: To: Alice Example 
 C: Cc: theboss@example.com
 C: Date: Tue, 15 Jan 2008 16:02:43 -0500
 C: Subject: Test message
 C:
 C: Hello Alice.
 C: This is a test message with 5 header fields and 4 lines in the message body.
 C: Your friend,
 C: Bob
 C: .
 S: 250 Ok: queued as 12345
 C: QUIT
 S: 221 Bye
 {The server closes the connection}

The client notifies the receiver of the originating e-mail address of the message in a MAIL FROM command. In this example, the email message is sent to two mailboxes on the same SMTP server: one each for each recipient listed in the To and Cc header fields. The corresponding SMTP command is RCPT TO. Each successful reception and execution of a command is acknowledged by the server with a result code and response message (e.g., 250 Ok).

The transmission of the body of the mail message is initiated with a DATA command after which it is transmitted verbatim line by line and is terminated with a characteristic sequence of a new line () with just a single full stop (period) followed by another line indication ().

The QUIT command ends the session.

The information that the client sends in the HELO and MAIL FROM commands are added (not seen in example code) as additional header fields to the message by the receiving server. It adds a Received and Return-Path header field, respectively.

Optional extensions

Although optional and not shown in this example, many clients ask the server for the SMTP extensions that the server supports, by using the EHLO greeting of the extended SMTP specification (RFC 1870). Clients fall back to HELO only if the server does not respond to EHLO.

Modern clients may use the ESMTP extension keyword SIZE to query the server for the maximum message size that will be accepted. Older clients and servers may try to transfer excessively-sized messages that will be rejected after consuming network resources, including connect time to network links that is paid by the minute.

Users can manually determine in advance the maximum size accepted by ESMTP servers. The client replaces the HELO command with the EHLO command.
S: 220 smtp2.example.com ESMTP Postfix
C: EHLO bob.example.org
S: 250-smtp2.example.com Hello bob.example.org [192.0.2.201]
S: 250-SIZE 14680064
S: 250-PIPELINING
S: 250 HELP
Thus smtp2.example.com declares that it will accept a fixed maximum message size no larger than 14,680,064 octets (8-bit bytes). Depending on the server's actual resource usage, it may be currently unable to accept a message this large. In the simplest case, an ESMTP server will declare a maximum SIZE with only the EHLO user interaction.

Internationalization

RFC 5336 describes internationalization features for SMTP, the UTF8SMTP extension, which provides support for multi-byte and non-ASCII characters in email addresses, such as Pelé@live.com (simple diacritic), δοκιμή@παράδειγμα.δοκιμή, and 测试@测试.测试.

Security and spamming

The original SMTP specification did not include a facility for authentication of senders. Subsequently, the SMTP-AUTH extension was defined by RFC 2554. The SMTP extension (ESMTP) provides a mechanism for email clients to specify a security mechanism to a mail server, authenticate the exchange, and negotiate a security profile (Simple Authentication and Security Layer, SASL) for subsequent message transfers.

Microsoft products implement the proprietary Secure Password Authentication (SPA) protocol through the use of the SMTP-AUTH extension.

However, the impracticality of widespread SMTP-AUTH implementation and management means that E-mail spamming is not and cannot be addressed by it.

Modifying SMTP extensively, or replacing it completely, is not believed to be practical, due to the network effects of the huge installed base of SMTP. Internet Mail 2000 was one such proposal for replacement.

Spam is enabled by several factors, including vendors implementing broken MTAs (that do not adhere to standards, and therefore make it difficult for other MTAs to enforce standards), security vulnerabilities within the operating system (often exacerbated by always-on broadband connections) that allow spammers to remotely control end-user PCs and cause them to send spam, and a lack of "intelligence" in many MTAs.

There are a number of proposals for sideband protocols that will assist SMTP operation. The Anti-Spam Research Group (ASRG) of the Internet Research Task Force (IRTF) is working on a number of E-mail authentication and other proposals for providing simple source authentication that is flexible, lightweight, and scalable. Recent Internet Engineering Task Force (IETF) activities include MARID (2004) leading to two approved IETF experiments in 2005, and DomainKeys Identified Mail in 2006.

Related Requests For Comments

RFC 1123 – Requirements for Internet Hosts—Application and Support (STD 3)

RFC 1870 – SMTP Service Extension for Message Size Declaration (оbsoletes: RFC 1653)

RFC 2476 – Message Submission

RFC 2505 – Anti-Spam Recommendations for SMTP MTAs (BCP 30)

RFC 2920 – SMTP Service Extension for Command Pipelining (STD 60)

RFC 3030 – SMTP Service Extensions for Transmission of Large and Binary MIME Messages

RFC 3207 – SMTP Service Extension for Secure SMTP over Transport Layer Security (obsoletes RFC 2487)

RFC 3461 – SMTP Service Extension for Delivery Status Notifications (obsoletes RFC 1891)

RFC 3462 – The Multipart/Report Content Type for the Reporting of Mail System Administrative Messages (obsoletes RFC 1892)

RFC 3463 – Enhanced Status Codes for SMTP (obsoletes RFC 1893 )

RFC 3464 – An Extensible Message Format for Delivery Status Notifications (obsoletes RFC 1894)

RFC 3834 – Recommendations for Automatic Responses to Electronic Mail

RFC 4409 – Message Submission for Mail (obsoletes RFC 2476)

RFC 4952 – Overview and Framework for Internationalized E-mail

RFC 4954 – SMTP Service Extension for Authentication (obsoletes RFC 2554)

RFC 5068 – E-mail Submission Operations: Access and Accountability Requirements (BCP 134)

RFC 5321 – The Simple Mail Transfer Protocol (obsoletes RFC 821 aka STD 10, RFC 974, RFC 1869, RFC 2821)

RFC 5322 – Internet Message Format (obsoletes RFC 822 aka STD 11, and RFC 2822)

RFC 5336 - SMTP Extension for Internationalized Email Addresses (updates RFC 2821, RFC 2822, and RFC 4952)

RFC 5504 - Downgrading Mechanism for Email Address Internationalization

URI scheme 'mailto'

The URI scheme, as registered with the IANA and notably used in the HyperText Transfer Protocol, defines the mailto: scheme for SMTP email addresses. Though its use is not strictly defined, URLs of this form are intended to be used to open the new message window of the user's mail client when the URL is activated, with the address as defined by the URL in the "To:" field.