Example SMTP conversation
Have you ever wondered what your email program is actually doing when it sends an email?
Outbound emails are usually sent by SMTP (Simple Mail Transfer Protocol). Your email program (Outlook, Thunderbird etc) starts a conversation with your mailserver using this protocol to send an email. SMTP is one of the oldest internet protocols and because of this is also one of the simplest in terms of technology. The whole process of sending an email can be seen in human readable type.
To see a complete STMP conversation for yourself you will need a terminal program like telnet. Open up a command prompt on your machine and type:
telnet smtp.server 25
where smtp.server is the name of your outbound email server. The server should respond with a “220″ welcome message – you are then able to type commands into the system to send an email. Here is an example conversation:
C:\> telnet some_mailserver.net 25 SERVER SAYS: 220 some_mailserver.net ESMTP Sendmail 8.13.8/8.13.8; Thu, 23 Apr 2009 12:34:07 +0100 YOU SAY: helo localhost.localdomain SERVER SAYS: 250 some_mailserver..net Hello ???? [???.???.???.???] (may be forged), pleased to meet you YOU SAY: MAIL From:firstname.lastname@example.org SERVER SAYS: 250 2.1.0 email@example.com... Sender ok YOU SAY: RCPT To:firstname.lastname@example.org SERVER SAYS: 250 recipient <email@example.com> OK YOU SAY: DATA SERVER SAYS: 354 enter mail, end with line containing only "." YOU SAY: Hello Fred, can you call me? YOU SAY: . SERVER SAYS: 250 message sent YOU SAY: QUIT SERVER SAYS: 221 goodbye
HELO <your domain name> This command starts the SMTP conversation. The host connecting to the remote SMTP server identifies itself by it’s fully qualified DNS host name.
EHLO <your domain name> An alternative command for starting the conversation. This states that the sending server wants to use the extended SMTP (ESMTP) protocol.
MAIL From:<source email address> This is the start of an email message. The source email address is what will appear in the “From:” field of the message.
RCPT To:<destination email address> This identifies the receipient of the email message. This command can be repeated multiple times for a given message in order to deliver a single message to multiple receipients.
SIZE=<number of bytes> The size command tells the remote sendmail system the size of the attached message in bytes. If ommited, mail readers and delivery agents will try to determine the size of a message based on indicators such as them being terminated by a “.” on a line by themselves and headers being sent on a line separated from body text by a blank line. But these methods get confused when you have headers or header like information embedded in messages, attachements, etc.
DATA This command signifies that a stream of data, ie the email message body, will follow. The stream of data is terminated by a “.” on a line by itself.
QUIT This terminates an SMTP connection. Multiple email messages can be transfered during a single TCP/IP connection. This allows for more efficient transfer of email. To start another email message in the same session, simply issue another “MAIL” command.
VRFY <username> This command will request that the receiving SMTP server verify that a given email username is valid. The SMTP server will reply with the login name of the user. This feature can be turned off in sendmail because allowing it can be a security hole. VRFY commands can be used to probe for login names on a system. See the security section below for information about turning off this feature.
EXPN <aliasname> EXPN is similar to VRFY, except that when used with a distribution list, it will list all users on that list. This can be a bigger problem than the “VRFY” command since sites often have an alias such as “all”.
MAIL Data Sections
Reply-To: Email header lines are not SMTP commands per se. They are sent in the DATA stream for a message. Header lines appear on a line by themselves, and are seperated from the body of a message by a blank line.
Example – sending an email with a CC and a subject:
SERVER SAYS: 220 some_mailserver.net ESMTP Sendmail 8.13.8/8.13.8; Thu, 23 Apr 2009 12:34:07 +0100 YOU SAY: helo localhost.localdomain SERVER SAYS: 250 some_mailserver..net Hello ???? [???.???.???.???] (may be forged), pleased to meet you YOU SAY: MAIL From:firstname.lastname@example.org SERVER SAYS: 250 2.1.0 email@example.com... Sender ok YOU SAY: RCPT To:firstname.lastname@example.org SERVER SAYS: 250 recipient OK YOU SAY: RCPT To:email@example.com SERVER SAYS: 250 recipient OK YOU SAY: DATA SERVER SAYS: 354 enter mail, end with line containing only "." YOU SAY: Subject: I need the sales figures YOU SAY: CC: firstname.lastname@example.org YOU SAY: (a blank line) YOU SAY: Hello Fred, can you call me? YOU SAY: . SERVER SAYS: 250 message sent YOU SAY: QUIT SERVER SAYS: 221 goodbyeIf this has been useful to you, and you would like to buy me a coffee, or help towards my monthly server costs please click here to make a donation via paypal.