Simple Mail Transfer Protocol is used for electronic mail transmission over a network
Is unencrypted by default but can work with SSL/TLS encryption using the STARTTLS command
Prevents spam using protocol extension ESMTP with SMTP-Auth
Mail User Agent (MUA) converts email to header and body and Mail Submission Agent (MSA) / Relay server and Mail Transfer Agent (MTA) for the SMTP server does checking for spam. The Mail Delivery Agent (MDA) is what sends it to the recipient.
Disadvantages include that there is no confirmation the mail has been delivered and users are not authenticated when they are sending emails
Extended SMTP (ESMTP) accomplished using STARTTLS command. You can also use AUTH service extension
Port
Uses port 25 for starting a connection
If encrypted, it uses a different port (i.e. port 465)
Newer server use port 587 for authenticated clients using STARTTLS command
Interaction / Commands
Command
Description
AUTH PLAIN
authenticating client
HELO
client logs in with computer name
MAIL FROM
email sender
RCPT TO
recipient
DATA
starts transmission of email
RSET
stops started transmission
VRFY
checks mailbox message transfer availability, enumerates existing users
EXPN
checks mailbox messaging availability
NOOP
client requests response
QUIT
ending session
telnet IP_Address 25
HELO Sender_Host_Name
EHLO
Sender can use relay server, which means SMTP server can send spam emails and start communicating between different users. Can be misconfigured by setting mynetworks = 0.0.0.0/0, allowing anyone to send emails
