E-Mail• SMTP (Simple Mail Transfer Protocol)

• How E-Mail works• MIME (Multipurpose Internet Mail Extension)

• Email Fraud• UUCP• Newsgroup

E-Mail Types SMTP (Simple Mail Transfer Protocol)

• standard protocol in TCP/IP suite for transferring mail.

• mail created by user on user agent program

• each message has header that contains recipient’s e-mail address and other information.

• also contains a body that carries the main message message then queued in through SMTP sender program (normally a server program on the host).

E-Mail

E-Mail: How it works• Step A: Sender creates and sends e-mail

through their Mail User Agent (MUA) • Step B: Sender’s MUA transfer the email to

the Mail Delivery Agent (MDA/MTA)• Step C: MDA/MTA accepts the email then

routes it to local mailboxes or forwards it if it isn’t a local address.

• Step D: Network cloud or means it enters ISP or the Internet. The network cloud includes mail servers, DNS servers, routers

• Step E: (Step A,B,C is reversed) upon arrival of e-mail on client side.

Architecture of Electronic Mail– Transfer of electronic mail breaks down into two separate

protocols.

– The first protocol transfers e-mail between the UA (or mail client) and the Local MTA (local mail server).

– This deals with both sending and receiving. Two example protocols that allow this transfer to take place are:

• Post Office Protocol (POP)

• Internet Message Access Protocol (IMAP)

– The second protocol relays e-mails between two MTAs (mail servers) and is called the Simple Mail Transport Protocol.

Why do we need two protocols?– The reason we need two protocols to transfer e-mails,

one between UA and Local MTA and one between MTAs, is because computer users can switch off their computers.

– If the intended recipient switches off their computers then the MTAs will store the e-mail until the recipient chooses to read their e-mail again.

– Thus using two protocols improves the reliability of message transfer.

– It is also important to remember that if the Local MTA has crashed, then the other MTAs will store mail messages until the local MTA is rebooted before transferring the mail messages. This is another step towards the reliable delivery of messages.

Sending an Electronic Mail

– To send an email message, the sender must provide the message, the destination address and possibly some other parameters (e.g. whether an acknowledgement of receipt is required).

– The message can be constructed with any text editor or word processing program

– The destination address must be in a format that the user agent can understand.

– POP and IMAP expect DNS addresses in the form mailbox@location.com, mailbox identifies the user who will receive the e-mail.

– Other address formats are possible.

Sending an Electronic Mail

– The email message has to be in a well-defined format before it can be transferred from UA to MTA and then from MTA to MTA.

– The format of an e-mail message consists of two parts: Header and Body.

– The header of an email message is used by the UA and MTAs to transfer the message to its destination.

– The body of an email message can consist of text, audio, video etc.

Sending an Electronic Mail– E-mail header has a number of parts:

Header Name DescriptionTo: Address of intended receiverCc: Address of other receiversBcc: Address of other receiversFrom: Address of senderReply-To: Address to reply to, usually the

same as the senders address.Received: Line added by each transfer agent

along the path that the email traveled.

Return-Path Can be used to trace sender.Content-Length Length of email message

Sending an Electronic Mail

– Once the email has been constructed, the User Agent transfers the message to the Local Mail Transfer Agent using either POP or IMAP.

– This message transfer is carried out using a TCP connection.– The Local Mail Transfer Agent uses the destination address,

mailbox@location.com, to make a TCP connection to the intended recipients local Mail Transfer Agent, location.com, and transfers the message using SMTP.

– The recipients local Mail Transfer Agent copies the incoming email message into the correct mailbox.

– The next time that the recipient reads their email, the UA will transfer the email to their computer from the Local MTA using POP or IMAP.

Sending MTA Receiving MTA

Open TCP connection on port 25

220 ***** [id, ready, time]

Hello name

250 [id, Hello pleased to meet….]

Mail From: source_name@yahoo.com

250 source_name@yahoo.com Sender OK

RCPT To: receiver_name@hotmail.com

250 receiver_name@hotmail.com Recipient OK

DATA

354 Mail goes here, end with a “.” line

…………….

“.”

250 Mail Accepted

QUIT

221 Delivering Mail

• each queued message has 2 parts; – RFC 822 header which is a recipients

‘address’. Body of the message.– a list of mail destination.

E-mail : SMTP

Attaching Documents

– Electronic mail was first used on the Internet in 1971. During the 1970s and 1980s, email consisted of ASCII text. If users wanted to transfer files then they had to resort to using the File Transfer Protocol.

– As the use of email increased in the late 1980s, it was soon realised there was a need to attach different type of objects to emails.

– Examples of objects that were to be attached to emails include: image files, audio files, video files, executable programs.

– The standard invented in June of 1992 to handle these various attachments to email was called Multipurpose Internet Mail Extensions or MIME.

– MIME was designed to be fully compatible with existing electronic mail protocols – SMTP, POP and IMAP.

– MIME is not just restricted to email it is now used in HTTP to deliver audio, video, etc

MIME (Multipurpose Internet Mail Extension)

• able to transmit binary, text, graphics, audio, video type files.

• solves much of SMTP limitations.

• complies with RFC 822 implementations.

• specification has following elements;

– five header fields defined and provide information about the body of the message.

– Contents format are defined (standardizing representations that support multimedia e-mail)

– Transfer encoding defined.

E-mail : MIME

• The five header fields are;

– Mime-Version : parameter value 1 indicating message conforms to RFCs

– Content-type : describe data contained in body

– Content-transfer encoding : type of transformation that’s used to represent body message so as to be acceptable for mail transport.

– Content-ID : used to uniquely identify MIME entitites in multiple context.

– Content-description : plain text description of object with body.

E-mail : Fraud and types

– Many types of fraud exist, and email is an inexpensive and popular method for distributing fraudulent messages to potential victims.

– According to the US Secret Service, hundreds of millions of dollars are lost annually and the losses continue to escalate.

– Most fraud is carried out by people obtaining access to account numbers and passwords.

– Never respond to any message that asks you to send cash or personal information. You won't receive any riches, and in fact you could get into legal trouble if you become involved with one of these scams.

E-mail : Types of Fraud

• Personal information scams (phishing)

– "Phishing" scams are currently the most popular and thus dangerous form of email fraud.

– They use email messages that appear to come from a legitimate company or institution, such as your bank or university, and ask you to "update" or "verify" your personal information;

– the scammers then use this information to commit identity theft.

E-mail : Bank Scams

• Nigerian bank scams

– A very common type of email fraud is advance fee fraud schemes. The perpetrators of advance fee fraud (sometimes referred to as Nigerian or foreign bank scams) are often very creative and innovative.

– This fraud is also called 4-1-9 fraud after the section of the Nigerian penal code that addresses fraud schemes.

– Nigerian nationals, purporting to be officials of government or banking institutions, will fax or email letters to individuals and businesses in the US and other countries.

– The correspondence states that a reputable foreign company or individual is needed for the deposit of an overpayment on a procurement contract.

E-mail : Bank Scams (2)

• Nigerian bank scams

– Some variations of this scheme have the son or daughter of a murdered official plead for your assistance in depositing an inheritance in a US bank.

– Individuals are asked to provide funds to cover various fees, and also are asked for personal identifiers such as Social Security numbers, bank account numbers, and other similar data.

– Once this information is received, the victims often find that their bank accounts are emptied. It is hard to pinpoint how much has been lost in these scams since many victims do not report their losses to authorities due to fear of embarrassment.

E-mail : Sweepstakes, lottery & Prize scams

• These scams trick you into thinking you've won large amounts of money. You sometimes have to send personal information that is then used to rob you, or you are asked for processing fees for your fictitious winnings. Be suspicious if:

– You know you didn't enter the competition or promotion that you've won.

– You're asked for any sort of processing fee.

– You're asked to buy "low-risk" sharLecture 5es in a fund for purchasing "high-stakes" tickets.

– You are offered bait prizes that are substandard or you're asked to purchase "exclusive items".

– Receipt of your prize requires travel or other arrangements at your own expense.

E-mail : Chain Mail

• Chain Mail is a form of junk mail.

• A chain mail message is generally sent to several people and includes instructions that each person should forward the letter to several others.

• These messages waste system resources and often grow quite large as senders append their own additions.

• Do not forward such messages.

• Email fraud and hoaxes often occur in chain mail.

• Never send money or personal information to people on lists via chain mail, or from whom you've received chain mail.

USENET

• Usenet is a distributed Internet discussion system that evolved from a general purpose UUCP network of the same name.

• Users read and post email-like messages (called "articles") to a number of distributed newsgroups, categories that resemble bulletin board systems in most respects.

• The medium is sustained among a large number of servers, which store and forward messages with one another.

• USENET has given rise to and popularised terms and concepts such as "FAQ" and "spam".

» Source : Wikipedia

UUCP

• UUCP stands for Unix to Unix Copy Protocol, and is a computer program and protocol allowing remote execution of commands and transfer of files, email and netnews between Unix computers not connected to the Internet proper. The UUCP package consists of several programs including uucp, uuxqt (front ends for remote copy and execution), uucico (communication program), uustat, and uuname. Nowadays it is rarely used for Modem communications, but is still used sometimes over TCP/IP.

Mailing Lists• collection of names and addresses used by

an individual or an organization to send material to multiple recipients.

• The term is often extended to include the people subscribed to such a list, so the group of subscribers are referred to as "the mailing list", or simply "the list".

• At least two quite different types of mailing lists can be defined: – the first one is closer to the literal sense, where a

"mailing list" of people is used as a recipient for newsletters, periodicals or advertising.

Mailing list…– Traditionally this was done through the postal system, but

with the rise of e-mail, the electronic mailing list became popular.

– When similar or identical material is sent out to all subscribers on a mailing-list, it is often referred to as a mailshot.

– Mailing lists are often rented or sold. – If rented the renter agrees to use the mailing list for only

the agreed upon times. – The mailing list owner typically enforces this by "salting"

the mailing list with fake addresses and creates new salts for each time the list is rented.

– Unscrupulous renters may attempt to bypass salts by renting several lists and merging the lists to find the common, valid addresses.

Mailing list…– Mailing list brokers exist to help organizations rent their lists.

For some organizations such as specialized niche publications or charitable groups, their client list may be one of their most valuable assets and mailing list brokers help them maximize the value of their lists.

Newsgroup– A repository within USENET where messages are posted by different

users in many locations.– Work : Visit http://en.wikipedia.org/wiki/Newsgroup and read on types of

newsgroup available.

» Source : wikipedia