Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 2:  Communication Security (Domain 2.0; 20%)

Previous Topic/Section
2.1.8  Vulnerabilities
Previous Page
Pages in Current Topic/Section
1
Next Page
2.2.1  S/MIME
Next Topic/Section

2.2  Email

Email, or electronic mail, involves the transmission of messages over a network. An email system consists of back-end storage for email files, programs that allow users to access stored email files (“read” email), send email, and programs that relay email back and forth among email servers (called “relaying”) and clients.

Some email systems use proprietary communication protocols specific to a certain email system, and some use standardized protocols. In the Internet world, the two most common email-related protocols are SMTP (Simple Mail Transport Protocol, via TCP port 25) for sending mail, and POP3 (Post Office Protocol v3, via TCP port 110) used by clients to retrieve incoming email from its storage location on a server. A newer protocol providing a superset of the POP3 functionality allowing access to a hierarchy of mail storage folders is IMAP (Internet Mail Application Protocol, via TCP port 143).

Email Ports

Common email-related protocols include SMTP for sending mail, and POP3 and IMAP for reading mail. SMTP uses TCP port 25. POP3 uses TCP port 110. IMAP uses TCP port 143.


Internet email consists of an envelope of headers (of the form Header name: value), each on a separate line, which are interpreted by email servers and email clients, followed by a content area containing the actual message sent. Typical headers include “To:”, “From:”, “Message-ID:” (the serial number for the message), “Reply-To:” (if the reply address is different from the sender’s address), “Subject:”, and “Received:” (which is very handy when attempting to trace the source of Spam email, discussed in a later section).

A standard used for email content encoding on the Internet, is MIME (or Multipurpose Internet Mail Extensions). Email was originally used solely to transmit text; and, the SMTP protocol used for email transmission was text-based as well. But then a funny thing happened… people realized email would be useful for sending things other than text, such as pictures or even programs. Enterprising techs came up with the idea of encoding binary objects as a series of alphanumeric characters so that they could be sent through email and decoded and viewed/used by the receiver.

A number of standards for encoding email content were used over the years, but MIME was the one which took hold because of its flexible approach of using additional headers to specify the type of content included in each binary data segment. These headers are, in turn, interpreted by email client software, which determines which program to use to display or save the object, based on the object’s type.

It’s those MIME headers, in conjunction with the settings in your email program, which let your email program know to open faxes with fax-viewer software, Excel documents with Excel, .doc files with Word, .mp3 files with your favorite player, etc.

Quick navigation to subsections and regular topics in this section



Previous Topic/Section
2.1.8  Vulnerabilities
Previous Page
Pages in Current Topic/Section
1
Next Page
2.2.1  S/MIME
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.