|
SMTP-AUTH
SMTP Authentication, often abbreviated SMTP AUTH, is an extension of the Simple Mail Transfer Protocol (SMTP) whereby a client may log in using any authentication mechanism supported by the server. It is mainly used by submission servers, where authentication is mandatory. History SMTP as specified by Jon Postel in the 1970s did not provide for using passwords for sending email messages; each server was by design an open mail relay. As a result, spam and worms, while not initially a problem, had become a plague by the late '90s. Before SMTP AUTH, a ''relay client'' had to be identified by IP address, which is only practical for email services provided by the same Internet service provider (ISP) supplying the connection, or else using specific hacks, such as POP before SMTP. John Gardiner Myers published the first draft of SMTP AUTH in 1995, and it has been successively developed and discussed in the IETF along with mail submission protocol, Extended SMTP (ESMTP), and Simple Authe ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Simple Mail Transfer Protocol
The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per . For retrieving messages, IMAP (which replaced the older POP3) is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync. SMTP's origins began in 1980, building on concepts implemented on the ARPANET since 1971. It has been updated, modified and extended multiple times. The protocol version in common use today has extensible structure with various extensions for authentication, encryption, binary data transfer, and internationalized email addresses. SMTP servers commonly use the Transmission Control Protocol on port number 25 (for plaintext) ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Mail Submission Agent
A message submission agent (MSA), or mail submission agent, is a computer program or software agent that receives electronic mail messages from a mail user agent (MUA) and cooperates with a mail transfer agent (MTA) for delivery of the mail. It uses ESMTP, a variant of the Simple Mail Transfer Protocol (SMTP), as specified in RFC 6409. Many MTAs perform the function of an MSA as well, but there are also programs that are specially designed as MSAs without full MTA functionality. Historically, in Internet mail, both MTA and MSA functions use port number 25, but the official port for MSAs is 587. The MTA accepts a user's incoming mail, while the MSA accepts a user's outgoing mail. Benefits Separation of the MTA and MSA functions produces several benefits. One benefit is that an MSA, since it is interacting directly with the author's MUA, can correct minor errors in a message's format (such as a missing ''Date'', '' Message-ID'', ''To'' fields, or an address with a missing d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Mail Relay
An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers. History and technology Until the 1990s, mail servers were commonly intentionally configured as open relays; in fact, this was frequently the installation default setting. The traditional store and forward method of relaying e-mail to its destination required that it was passed from computer to computer (through and beyond the Internet) via modems on telephone lines. For many early networks, such as UUCPNET, FidoNet and BITNET, lists of machines that were open relays were a core pa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Mail Submission Agent
A message submission agent (MSA), or mail submission agent, is a computer program or software agent that receives electronic mail messages from a mail user agent (MUA) and cooperates with a mail transfer agent (MTA) for delivery of the mail. It uses ESMTP, a variant of the Simple Mail Transfer Protocol (SMTP), as specified in RFC 6409. Many MTAs perform the function of an MSA as well, but there are also programs that are specially designed as MSAs without full MTA functionality. Historically, in Internet mail, both MTA and MSA functions use port number 25, but the official port for MSAs is 587. The MTA accepts a user's incoming mail, while the MSA accepts a user's outgoing mail. Benefits Separation of the MTA and MSA functions produces several benefits. One benefit is that an MSA, since it is interacting directly with the author's MUA, can correct minor errors in a message's format (such as a missing ''Date'', '' Message-ID'', ''To'' fields, or an address with a missing d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Mail Relay
An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers. History and technology Until the 1990s, mail servers were commonly intentionally configured as open relays; in fact, this was frequently the installation default setting. The traditional store and forward method of relaying e-mail to its destination required that it was passed from computer to computer (through and beyond the Internet) via modems on telephone lines. For many early networks, such as UUCPNET, FidoNet and BITNET, lists of machines that were open relays were a core pa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Sender Policy Framework
Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF alone, though, is limited to detecting a forged sender claim in the envelope of the email, which is used when the mail gets bounced. Only in combination with DMARC can it be used to detect the forging of the visible sender in emails (email spoofing), a technique often used in phishing and email spam. SPF allows the receiving mail server to check during mail delivery that a mail claiming to come from a specific domain is submitted by an IP address authorized by that domain's administrators. The list of authorized sending hosts and IP addresses for a domain is published in the DNS records for that domain. Sender Policy Framework is defined in RFC 7208 dated April 2014 as a "proposed standard". History The first public mention of the concept was in 2000 but went mostly unnoticed. No mention was made of the concept again until a first a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Standards
Standard may refer to: Symbols * Colours, standards and guidons, kinds of military signs * Standard (emblem), a type of a large symbol or emblem used for identification Norms, conventions or requirements * Standard (metrology), an object that bears a defined relationship to a unit of measure used for calibration of measuring devices * Standard (timber unit), an obsolete measure of timber used in trade * Breed standard (also called bench standard), in animal fancy and animal husbandry * BioCompute Standard, a standard for next generation sequencing * ''De facto'' standard, product or system with market dominance * Gold standard, a monetary system based on gold; also used metaphorically for the best of several options, against which the others are measured * Internet Standard, a specification ratified as an open standard by the Internet Engineering Task Force * Learning standards, standards applied to education content * Standard displacement, a naval term describing the w ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Email Client
An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email. A web application which provides message management, composition, and reception functions may act as a web email client, and a piece of computer hardware or software whose primary or most visible role is to work as an email client may also use the term. Retrieving messages from a mailbox Like most client programs, an email client is only active when a user runs it. The common arrangement is for an email user (the client) to make an arrangement with a remote Mail Transfer Agent (MTA) server for the receipt and storage of the client's emails. The MTA, using a suitable mail delivery agent (MDA), adds email messages to a client's storage as they arrive. The remote mail storage is referred to as the user's mailbox. The default setting on many Unix systems is for the mail server to store formatted messages in mbox, within the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
E-mail Authentication
Email authentication, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the domain ownership of any message transfer agents (MTA) who participated in transferring and possibly modifying a message. The original base of Internet email, Simple Mail Transfer Protocol (SMTP), has no such feature, so forged sender addresses in emails (a practice known as email spoofing) have been widely used in phishing, email spam, and various types of fraud. To combat this, many competing email authentication proposals have been developed, but only fairly recently have three been widely adopted – SPF, DKIM and DMARC. The results of such validation can be used in automated email filtering, or can assist recipients when selecting an appropriate action. This article does not cover user authentication of email submission and retrieval. Rationale In the early 1980s, when Simple Mail Transfer Protocol (SMTP) was desig ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
John Klensin
John C. Klensin is a political scientist and computer science professional who is active in Internet-related issues. Career His career includes 30 years as a principal research scientist at MIT, including a period as INFOODS Project Coordinator for the United Nations University, distinguished engineering fellow at MCI WorldCom, and Internet architecture vice president at AT&T; he is now an independent consultant. The Cambridge Project Klensin was involved in The Cambridge Project, a social science data management cooperation project taking place at MIT, Harvard and other universities from 1969 to 1977. As a part of this program, John Klensin led the development of the Consistent System targeted for use by Social Scientists. The Consistent System ran on top of the Multics operating system. Internet His involvement with Internet protocols began in 1969, when he worked on the File Transfer Protocol. In 1992, Randy Bush and John Klensin created the ''Network Startup Resource C ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OAuth
OAuth (short for "Open Authorization") is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. This mechanism is used by companies such as Amazon, Google, Facebook, Microsoft, and Twitter to permit the users to share information about their accounts with third-party applications or websites. Generally, OAuth provides clients a "secure delegated access" to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without providing credentials. Designed specifically to work with Hypertext Transfer Protocol (HTTP), OAuth essentially allows access tokens to be issued to third-party clients by an authorization server, with the approval of the resource owner. The third party then uses the access token to access the protected resources hosted by the r ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Digest Access Authentication
Digest access authentication is one of the agreed-upon methods a web server can use to negotiate credentials, such as username or password, with a user's web browser. This can be used to confirm the identity of a user before sending sensitive information, such as online banking transaction history. It applies a hash function to the username and password before sending them over the network. In contrast, basic access authentication uses the easily reversible Base64 encoding instead of hashing, making it non-secure unless used in conjunction with TLS. Technically, digest authentication is an application of MD5 cryptographic hashing with usage of nonce values to prevent replay attacks. It uses the HTTP protocol. This standard is obsolete since July 2011. Overview Digest access authentication was originally specified by RFC 2069 (''An Extension to HTTP: Digest Access Authentication''). RFC 2069 specifies roughly a traditional digest authentication scheme with security maintain ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
