COMPSCI 316 (Network Security)

Email Security Cont

Manoranjan Mohanty

m.mohanty@auckland.ac.nz

9/19/2019 1

https://commons.wikimedia.org/wiki/File:Email_Shiny_Icon.svg

Some slides are taken from http://cse.unl.edu/~ylu

Email Architecture

9/19/2019 2

Transfer world

User world

Network Security Essentials by Stallings, Pearson.

MIME

ESMTP is essentially SMTP with latest modifications

SMTP

9/19/2019 3

SMTP (Simple Mail Transfer Protocol) A text-based client-server protocol that uses TCP

connectionPush-based protocol: A client (email sender/hop)

issues a set of commands to tell the server about the message to be sent, and then sending the message Coded Command: A client sends ASCII command,

the server responds with return code Encapsulates an email message in an envelope,

and relay the encapsulated message from source to destination through multiple MTAs

How SMTP Works

9/19/2019 4

1. The client (SMTP sender) initiates a TCP connection (port 25)

2. The server activates SMTP and sends “220” reply to the client

3. Once the connection is established, the client sends commands (single line text starting with four letter command code followed by an argument) • Ex: HELO bar.com (for identifying sending domain)

4. The receiver responds with exactly one reply (typically, single line) beginning with a three-digit code• Ex: 250 OK

SMTP Example

9/19/2019 5

Client Domain: bar.com

Server Domain: foo.com

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client bar.com should initiate a TCP connection to foo.com via Port No 25

SMTP Example

9/19/2019 6Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 7Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 8Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 9Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 10Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 11Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 12Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 13Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 14Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 15Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 16Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 17Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 18Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 19Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 20Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 21Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Example

9/19/2019 22Network Security Essentials by Stallings, Pearson.

Smith@bar.com wants to send email to Jones@foo.com,Green@foo.com andBrown@foo.com

Client Domain: bar.com

Server Domain: foo.com

SMTP Envelope

9/19/2019 23Network Security Essentials by Stallings, Pearson.

Quiz

9/19/2019 24

Would you use SMTP to send confidential message?

Tip: The text-based protocol SMTP uses TCP

Ans: No?

STARTTLS: SMTP over Transport Layer Security

STARTTLS

9/19/2019 25

Client initiates connection over TLS-enabled port Port 465 for SMTP over SSL

Server replies with a message indicating if STARTTLS option is available

POP3/IMAP

9/19/2019 26

Allows the message recipient to download message from MS A “pull-based” protocol User connects via TCP connection (Port 110) User (receiver) authorization required – user

name and password Then user issues POP command to retrieve

and delete email IMAP is more complex than POP. IMAP

provides stronger authentication

Network Security Essentials by Stallings, Pearson.

Email Formats

9/19/2019 27

Can transport text-based ASCII

Text

What type of message the user can send?

Image Video

Email Formats: RFC 5322

9/19/2019 28

RFC 5322 defines a format for text message emails RFC 5332 replaces RFC 822

Messages are viewed as having an envelope and content

Envelope contains information needed for email transmission and delivery

RFC 5332 applies to content (header and body). Header field can be used to create the envelope

TCP/IP protocol Suits by Forouzan

Email Formats: RFC 5322

9/19/2019 29

Header is separated from the body through a single blank line Everything till the blank line is

part of the header

The header usually consists of a keyword, followed by a colon, and then keyword arguments

TCP/IP protocol Suits by Forouzan

Header

Body

Email Formats

9/19/2019 30

Can transport text-based ASCII

Can the user send image and video using 5322?

MIME – An extension of RFC 5322

Email Formats: MIME

9/19/2019 31

MIME (Multipurpose Internet Mail Extensions)

Extension to RFC 5322 to handle multiple message format (e.g., text, image, audio, video, etc.)

Other reasons for MIME For transmitting binary files over SMTP For transmitting non-English test files over SMTP For transmitting longer emails so on.

TCP/IP protocol Suits by Forouzan

MIME Cont.

9/19/2019 32

Cryptography and Network Security Forouzan

MIME Cont.

9/19/2019 33

New Message Headers: MIME introduces five new message header fields to 5322 header for providing information about message body

Content Format: A number of content formats for standardizing multimedia email representation (e.g., JPEG format for image)

Transfer Encoding: For converting content into a universal form that is protected from being altered by the mail system

Five New Message Header

9/19/2019 34

MIME-Version: Value is typically 1.0. Its presence tells that message is MIME-formatted. Content-Type: Describes the data in the body to help the

receiving user agent for picking the right means in dealing (e.g., showing to the user) with the data Content-Transfer-Encoding: Indicates the type of

transformation being used to represent the message body in a way acceptable to mail transport Content-ID: Optional field that identify a MIME entity Content-Description: A text description of the “message”.

Optional field.

MIME Example

9/19/2019 35

MIME Example Cont.

9/19/2019 36

MIME Content-Type: Multipart

9/19/2019 37

In RFC 5322, the message body contains only ASCII text in one-part In MIME, message body can

contain multiple parts. Each part (having individual header) can be a message, image, video etc. Two parts separated using

boundary Network Security Essentials by Stallings, Pearson.

MIME Content Type

9/19/2019 38

Type Subtype Description

Text Plain Unformatted text; may be ASCII or ISO 8859. blank

Enriched Provides greater format flexibility.

Multipart Mixed The different parts are independent but are to be transmitted together. They should be presented to the receiver in the order that they appear in the mail message.

Blank

Parallel Differs from Mixed only in that no order is defined for delivering the parts to the receiver.

Blank

Alternative The different parts are alternative versions of the same information. They are ordered in increasing faithfulness to the original, and the recipients mail system should display the "best" version to the user.

blank

Digest Similar to Mixed, but the default type/subtype of each part is message/rfc5322. A message bundling many messages.

Message rfc822 The body is itself an encapsulated message that can be any MIME message (not only 5322)

Network Security Essentials by Stallings, Pearson.

MIME Content Type Cont.

9/19/2019 39

Type Subtype Descriptionblank

Partial Used to allow fragmentation of large mail items, in a way that is transparent to the recipient.

blankBlank

External-body Contains a pointer to an object that exists elsewhere.

Image jpeg The image is in JPEG format, JFIF encoding.

Blank

gif The image is in GIF format.

Video mpeg MPEG format.

Audio Basic Single-channel 8-bit ISDN mu-law encoding at a sample rate of 8 kHz.

Application PostScript Adobe Postscript format.

blankblank

octet-stream General binary data consisting of 8-bit bytes.

Network Security Essentials by Stallings, Pearson.

MIME Transfer Encoding

9/19/2019 40

For reliable delivery across largest range of environments, encoding the message to a form that can be universally accepted by email system

Typically, two methods for encoding data (base64, quoted-printable). Although the transfer-encoding header can take six values

MIME Transfer Encoding Types

9/19/2019 41

Network Security Essentials by Stallings, Pearson.

7bit The data are all represented by short lines of ASCII characters.

8bit The lines are short, but there may be non-ASCII characters(octets with the high-order bit set).

Binary Not only may non-ASCII characters be present but the lines are not necessarily short enough for SMTP transport.

quoted-printable

Encodes the data in such a way that if the data being encoded are mostly ASCII text, the encoded form of the data remains largely recognizable by humans.

base64 Encodes data by mapping 6-bit blocks of input to 8-bit blocks of output, all of which are printable ASCII characters.

x-token A named nonstandard encoding

Indicates that no encoding has done. Provides some information about nature of data.

Some other encoding, for which a name has to be supplied.

HEX representation of non-ASCII

Quoted Printable

9/19/2019 42

Cryptography and Network Security Forouzan

Quoted Printable Conversion

9/19/2019 43

10011101 Divide 1001 1101

HEX

9 D=ASCII

TO BE CONTINUED

• See the next lecture