Once we know how an e-mail looks, the next step is see how it’s delivered from end to end. When the e-mail has written in the mail application (for example, Outlook of you are using Windows or simply Mail if you are using Mac OS X) it must be send to the destination, but this is usually a multistep process.
In first place, the mail application must use the SMTP (Simple Mail Transport Protocol) protocol to send the message to the server we are using. This server is assigned by our ISP and usually it’s name is smtp.ourisp.com or similar to this. We can see an example of the interchange of data in a tipical SMTP session (> represents data send by the server and < data send to the server):
Continue reading ‘E-mail security: how does e-mail work (II).’
To be able to know how to protect our e-mail from all the threats it’s important to know how does it work. Let’s have a look at it from up to down.
In first place, what do you need to know to send an e-mail to someone? Of course, you need his e-mail direction, which is made of two parts, a username and a server, separate by the @ symbol. So if the username is john and the server is test.com the e-mail dir will be john@test.com. Reversing it, if your e-mail dir is joe@mailtest.com then the username is joe and the server is mailtest.com.
An e-mail is made of two different parts: a header and a body. The header is where data abou the e-mail itself is stored, as the sender, the destination, the date it was sent, the subject,… The body is where the text of the e-mail is stored and it can only contain plain text. If you are asking, then, how can you send files by e-mail, the answer is they are converted to text format first and appended to the body of the e-mail.
Continue reading ‘E-mail security: how does e-mail work (I).’
After reading the great post by Sergio I’m doing a series of posts talking about e-mail security. I’m going to start from the beginning, explaining how does e-mail currently work, some things about the protocols used, to have a bit of background of it.
The layout of the series will be, more or less, like this:
- E-mail: how it works. Protocols.
- Undesired mail: which, why, how.
- Spam: what is it? How to detect it?
- Phishing: what is it? How to avoid it?
- Virus: do they arrive by e-mail?
- Chain letters: hoaxes and rumours.
- E-mail privacy: plain text. Digital signature.
Depending on the length I might do more than one post about each of these points. If you think I should talk about something more related to e-mail feel free to comment.
