Embed Size (px)
Citation preview
SIMPLE MAIL TRANSFER PROTOCOL
SECURITY
Guided ByProf : Richard Sinn
Bhavesh JadavMayur Mulani
Introduction
• Simple Mail Transfer Protocol is the standard e-mail protocol on the Internet and part of the TCP/IP protocol suite. SMTP defines the message format and the message transfer agent (MTA), which stores and forwards the mail. SMTP was originally designed for only plain text (ASCII text), but MIME and other encoding methods enable executable programs and multimedia files to be attached to and transported with the e-mail message.
• SMTP is a relatively simple, text-based protocol, where one or more recipients of a message are specified and then the message text is transferred. SMTP uses TCP port 25.
Purpose
• The primary purpose of SMTP is to transfer email between mail servers. However, it is critical for email clients as well. In order to send email, the client sends the message to an outgoing mail server, which in turn contacts the destination mail server for delivery. For this reason, it is necessary to specify an SMTP server when configuring an email client.
• One important point to make about the SMTP protocol is that it does not require authentication. This allows anyone on the Internet to send email to anyone else or even to large groups of people. It is this characteristic of SMTP that makes junk email or spam possible.
Basic Architecture
SMTP Model
Operation
• When an SMTP client has a message to transmit, it establishes a two- way transmission channel to an SMTP server. The responsibility of an SMTP client is to transfer mail messages to one or more SMTP servers.
• Once the transmission channel is established and initial handshaking completed, the SMTP client normally initiates a mail transaction. Such a transaction consists of a series of commands to specify the originator and destination of the mail and transmission of the message content (including any headers or other structure) itself.
Operation (contd..)
• The server responds to each command with a reply; replies may indicate that the command was accepted, that additional commands are expected, or that a temporary or permanent error condition exists.
• Once a given mail message has been transmitted, the client may either request that the connection be shut down or may initiate other mail transactions.
Basic Commands
SMTP defines a small required command set, with several optional commands included for convenience purposes. The minimal set required for an SMTP sending client are:
• HELO - Initial State Identification • MAIL- Mail Sender Reverse Path • RCPT - One Recipient’s Forward Path• DATA - Mail Message Text State • RSET - Abort Transaction and Reset all buffers • NOOP - No Operation • QUIT- Commit Message and Close Channel
SMTP PROCEDURE
There are three steps in SMTP mail transactions.
• The transaction is started with a MAIL command which gives the sender identification. If accepted the receiver-SMTP returns a 250 OK reply.
• A series of one or more RCPT commands follows giving the receiver
information. If accepted, the receiver-SMTP returns a 250 OK reply, and stores the forward-path. If the recipient is unknown the receiver-SMTP returns a 550 Failure reply.
• Then a DATA command gives the mail data. If accepted, the receiver-SMTP returns a 354 Intermediate reply and considers all succeeding lines to be the message text. And finally, the end of mail data indicator confirms the transaction. When the end of text is received and stored the SMTP-receiver
sends a 250 OK reply.
Example of SMTP Procedure This SMTP example shows mail sent by Smith at host Alpha.ARPA, to Jones, Green, and Brown at host Beta.ARPA.
S: MAIL FROM:[email protected]: 250 OK
S: RCPT TO:[email protected]: 250 OK S: RCPT TO:[email protected]: 550 No such user hereS: RCPT TO:[email protected]: 250 OK S: DATAR: 354 Start mail input; end with <CRLF>.<CRLF>S: Blah blah blah...S: ...etc. etc. etc.S: <CRLF>.<CRLF>R: 250 OK
SMTP Security
• Internal Mail Server– Plain Text Message – Actual Time Delivery
• Mail Access– POP/IMAP– HTTPS
SMTP Security Issues
• No authentication– Spamming– Unauthorized use of relaying, DoS
• All communication done in plaintext– Eavesdropping– Man in the middle attacks
• VRFY, EXPN commands
SMTP Security Issues
• SMTP-AUTH:– An extension that adds access control to SMTP– A client may:
• indicate an authentication mechanism to the server• perform an authentication protocol exchange• optionally negotiate a security layer for subsequent
protocol interactions
SMTP-AUTH
• SMTP-AUTH:– Only legitimate users can relay mail– Does not guarantee authenticity of envelope header
or message header– Spoofing is still possible– The receiver can not tell if the sender was
authenticated
SMTP-AUTH
• Based on Simple Authentication and Security Layer (SASL-RFC-2222)
• SASL uses plugins to define authentication mechanisms:– Plaintext password: PLAIN– Shared secret:CRAM-MD5, DIGEST-MD5– Kerberos: KERBEROS_V4, GSSAPI
SMTP-AUTH
• S: 220 smtp.example.com ESMTP server ready• C: EHLO jgm.example.com• S: 250-smtp.example.com• S: 250 AUTH CRAM-MD5 DIGEST-MD5• C: AUTH FOOBAR• S: 504 Unrecognized authentication type.• C: AUTH CRAM-MD5• S: 334
PENCeUxFREJoU0NnbmhNWitOMjNGNndAZWx3b29kLmlubm9zb2Z0LmNvbT4=
• C: ZnJlZCA5ZTk1YWVlMDljNDBhZjJiODRhMGMyYjNiYmFlNzg2ZQ==
• S: 235 Authentication successful.
SMTP-AUTH
• AUTH verb can also be applied to mail from: verb
• Allows trusted entities to communicate authentication of individual messages
• AUTH=<> : not authenticated– C: MAIL FROM:<[email protected]>
[email protected]– S: 250 OK
SMTP-AUTH
• Spoofing is still a problem• Subject to man-in-the-middle attack• Does not provide user authentication, only
delivery authentication• Subject to brute force attacks when username
– password schemes are used
Secure SMTP over TLS
• Private, authenticated communication between client and server
• Defines a new verb, STARTTLS– Takes no parameters– Used to tell client that the server is TLS capable– Used to start a TLS handshake by client
Secure SMTP over TLS
• Sample communication:– S: <waits for connection on TCP port 25>– C: <opens connection>– S: 220 mail.imc.org SMTP service ready– C: EHLO mail.ietf.org– S: 250-mail.imc.org offers a warm hug of welcome– S: 250 STARTTLS– C: STARTTLS– S: 220 Go ahead– C: <starts TLS negotiation>– C & S: <negotiate a TLS session>– C & S: <check result of negotiation>– C: <continues by sending an SMTP command> . . .
Secure SMTP over TLS
• If security level is enough:– All info before handshake is discarded– Client should send a EHLO again:
• The server may report different services
• Security considerations:– Not end-to-end
• SMTP is not end-to-end• The entire chain has to be made secure
– Does not indicate authentication for the receiving client
Secure SMTP over TLS
• Decision on adequateness of security– Must be made locally– Implementation dependent
• Susceptible to man-in-the-middle attack:– The STARTTLS response from server may be
deleted by an eavesdropper– Client never knows that server is TSL capable
Secure SMTP over TLS
• Solution to man-in-the-middle attack:– Client records if a server offers TLS– Generates a warning if it is not offered in later
sessions
• Can not be used to authenticate author:– Every chain needs to be authenticated– Other mechanisms are used for this purpose
• PGP, MIME, etc.
Securing Email
• PGP is a key encryption program mainly intended for email privacy and authentication.
• PGP email encryption uses asymmetric key encryption algorithms.
• MIME is used to provide authentication, digital signature, data security ,privacy, message integrity and encryption for messages
PGP
Signature Required?
Generate Signature
Compress the Message
Confidentiality required?
Encrypt the Message
Message Ready to send
Yes
Yes
No
No
Received Message
Signature Required?
Confidentiality required?
Decrypt the Message
Yes
Decompress the Message
Verify Signature
Message Ready to use
Yes
No
No
Plain text Message
Conclusion
• Spamming is a serious issue– Open mail relays– Open proxies– Worms that make servers vulnerable
• Methods presented here do not provide end-to-end security– PGP, MIME must be used
Any Queries?
Thank You!
