![]() ![]() For a very simple example, Ars Technica's SPF record says that email from should only come from the servers specified in Google's SPF record. The owner of a domain can set a TXT record in its DNS that states what servers are allowed to send mail on behalf of that domain. If an email travels from the sender through three MTAs before reaching its recipient, any server along the way can alter the content of the message-TLS encrypts the transmission from point to point but does nothing to verify the authenticity of the content itself or the path through which it's traveling. ![]() That's great, so far as it goes, but in-flight TLS is only applied when mail is being relayed from one MTA to another MTA along the delivery path. In-flight encryption is accomplished by TLS, which helps keep the content of a message from being captured or altered in-flight from one server to another. Modern email typically is encrypted in-flight, and signed and authenticated at-rest. It's still possible to send email with absolutely no thought toward encryption or authentication, but such messages will very likely get rejected along the way by anti-spam defenses. That was fine and dandy in email's earliest days of trusted machines and people, but it rapidly turned into a nightmare as the Internet scaled exponentially and became more commercially valuable. The original SMTP protocol had absolutely no thought toward security-any server was expected to accept any message, from any sender, and pass the message along to any other server it thought might know how to get to the recipient in the To: field. The analysis of email headers involves tracing that flow and looking for any funny business. Ultimately, any message from one human user to another follows the path of MUA ⟶ MTA(s) ⟶ MUA. If you use a website as your MUA, you don't need to know any pesky SMTP or IMAP server settings you just need your email address and password, and you're ready to read. This meant that you could read your mail from multiple machines (perhaps a desktop PC and a laptop) and have all of the same messages, organized the same way, everywhere you might check them.įinally, as time went by, webmail became more and more popular. IMAP largely superseded POP3 since it allowed the user to leave the actual email on the server. A traditional Mail User Agent-such as Mozilla Thunderbird-would need to know both protocols it would send all of its user's messages to the user's mail server using SMTP, and it would download messages intended for the user from the user's mail server using POP3.Īs time went by, things got a bit more complex. Traditionally, mail was sent to a mail server using the Simple Mail Transfer Protocol (SMTP) and downloaded from the server using the Post Office Protocol (abbreviated as POP3, since version 3 is the most commonly used version of the protocol). In the briefest possible terms, an MUA is the program you use to read and send mail from your own personal computer (like Thunderbird, or Mail.app, or even a webmail interface like Gmail or Outlook), and MTAs are programs that accept messages from senders and route them along to their final recipients. The basic components involved in sending and receiving email are the Mail User Agent and Mail Transfer Agent. (More experienced sysadmin types who already know what stuff like "MTA" and "SPF" stand for can skip a bit ahead to the fun part!) From MUA to MTA, and back to MUA again Today, we're going to step through a real-world set of (anonymized) email headers and describe the process of figuring out what's what.īefore we get started with the actual headers, though, we're going to take a quick detour through an overview of what the overall path of an email message looks like in the first place. Even when you know how to "view headers" or "view source" in your email client, the spew of diagnostic wharrgarbl can be pretty overwhelming if you don't know what you're looking at. I pretty frequently get requests for help from someone who has been impersonated-or whose child has been impersonated-via email. Aurich / Thinkstock reader comments 70 with ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |