Email Protocols
Introduction
There are two main types of communication protocols used by email software:
Some of these protocols are quite ancient and are based on a plain text data exchange.
More recently has been developed the secure version of each protocol, using secure sockets to encrypt the data during exchanges between client and server.
Each protocol can be configured to use various types of authentication.
SMTP
SMTP (Simple Mail Transfer Protocol)
Which is used to send messages one server to another.
POP3
POP3 (Post Office Protocol 3)
Is a very simple connection based protocol
IMAP
IMAP (Internet Message Access Protocol)
Is a more lightweigth messaging protocol, which does not require authentication each time (which is safer)
Authentication
Each of the protocols above can use one or more authentication protocol to allow the users to identify themselves.
Failure to authenticate users securely can lead to a compromise of user's passwords, loss of privacy, exploitation for spam relaying, etc.
The main authentication protocols in use are:
- Login,
- Plain,
- Cram-MD5,
- Digest-MD5,
- NTLM,
- Anonymous,
- Scram-MD5,
- OTP,
- GSSAPI,
- Kerberos
Some of these protocols offer some form of encryption (*MD5, Kerberos,...) , but some others do not and are quite unsafe to use without a layer of encryption (secure sockets)
copyleft