Postal communication protocols analysis comparison. Mail protocols smtp, pop3 and imap. What is SMTP

SMTP protocol

SMTP(English) Simple Mail Transfer Protocol-- simple mail transfer protocol) is a network protocol designed to transfer Email in TCP/IP networks.

SMTP is used to send mail from users to servers and between servers for further forwarding to the recipient. To receive mail, the mail client must use the POP3 or IMAP protocols.

Data is transferred using TCP, which typically uses port 25 or 587. Messages between servers typically use port 25.

To deliver a message to the addressee, it is necessary to forward it to the mail server of the domain in which the addressee is located. This is usually done using an MX record. Mail eXchange-- mail exchange) DNS systems. If there is no MX record, then an A record can be used for the same purpose. Some modern implementations of SMTP servers (for example, Exim) can also use an SRV record (RFC 2782) to determine the server serving mail in the recipient's domain.

SMTP Server is a state machine with an internal state. The client sends a command string to the server<пробел>parameters<перевод строки>. The server responds to each command with a string containing a response code and a text message separated by a space. The response code is a number from 100 to 999, represented as a string, interpreted as follows:

• 2XX - command completed successfully
• 3XX -- waiting for additional data from the client
• 4XX - temporary error, the client should try again after a while
• 5XX -- fatal error

The text part of the answer is for reference only and is intended for a person, not a program.

SMTP security and spam

Initially, SMTP did not support a single authorization scheme. As a result, spam became an almost intractable problem, as it was impossible to determine who the real sender of the message was - in fact, you can send a letter on behalf of any person. At present, attempts are being made to solve this problem using the SPF, Sender ID, Yahoo Domain Keys specifications. There is currently no single specification.

POP3 protocol

POP3(English) post office Protocol Version 3-- Post Office Protocol Version 3) is a network protocol used to receive e-mail messages from a server. Usually used in conjunction with the SMTP protocol.

Rice. 10. Scheme "Client-server via POP3 protocol"

Description of the POP3 protocol

Consider the one shown in Fig. 10. scheme "Client-server via POP3 protocol". The design of the POP3 protocol allows the user to contact his mail server and retrieve the mail that has accumulated for him. The user can access the POP server from any Internet access point. At the same time, he must launch a special mail agent (UA) that works according to the POP3 protocol and configure it to work with his mail server. So, at the head of the POP model is a separate personal computer operating exclusively as a mail system client (server). We also emphasize that messages are delivered to the client using the POP protocol, but are still sent using SMTP. That is, there are two separate interface agents to the mail system on the user's computer - delivery (POP) and sending (SMTP). The designers of the POP3 protocol call this situation "split UAs". The concept of separate agents is briefly discussed in the POP3 specification.

The POP3 protocol specifies three stages in the process of receiving mail: authorization, transaction, and update. Once the POP3 server and client have established a connection, the authorization phase begins. During the authorization stage, the client identifies itself to the server. If the authorization is successful, the server opens the client's mailbox and the transaction phase begins. In it, the client either asks the server for information (for example, a list of mail messages) or asks it to perform a certain action (for example, issue a mail message). Finally, at the update stage, the communication session ends. The following are the POP3 protocol commands that are required for an Internet-based implementation of the minimum configuration.

POP protocol version 3 commands (for minimal configuration)

USER Identifies the user with the given name.

PASS Specifies the password for the client-server pair.

QUIT Closes a TCP connection

STAT Server returns number of messages in mailbox plus mailbox size

LIST Server returns message IDs along with message sizes (command parameter can be a message ID)

RETR Retrieves a message from the mailbox (requires a message ID argument)

DELE Marks a message for deletion (requires a message ID argument)

NOOP The server returns a positive response but does nothing

LAST The server returns the largest message number from those previously accessed

RSET Cancels the deletion of a message previously marked with a DELE command.

Several commands are defined in the POP3 protocol, but only two responses are given to them: +OK (positive, similar to an ACK confirmation message) and -ERR (negative, similar to a NAK not acknowledged message). Both responses confirm that the server has been contacted and is responding to commands at all. As a rule, each answer is followed by its informative verbal description. RFC 1225 has examples of several typical POP3 sessions. Now we will consider several of them, which will make it possible to catch the sequence of commands in the exchange between the server and the client.

After the program has established a TCP connection to the POP3 protocol port (official number 110), you must send the USER command with the username as a parameter. If the server response is +OK, send a PASS command with that user's password:

CLIENT: USER kcope ERVER: +OK CLIENT: PASS secret SERVER: +OK kcope's maildrop has 2 messages (320 octets) (Kcope's mailbox has 2 messages (320 bytes) ...)

POP3 transactions

The STAT command returns the number of messages and the number of bytes in the messages:

SERVER: +OK 2 320

The LIST command (with no parameter) returns a list of messages in the mailbox and their sizes:

The NOOP command does not return any useful information, except for a positive response from the server. However, a positive response means that the server is connected to the client and is waiting for requests:

The following examples show how the POP3 server performs actions. For example, the RETR command retrieves the message with the specified number and puts it in the local UA's buffer:

CLIENT: RETR 1 SERVER: +OK 120 octets SERVER: (POP3 server sends whole message) SERVER: . . . . . .

The DELE command marks the message to be deleted:

SERVER: +OK message 1 deleted ... CLIENT: DELE 2 SERVER: -ERR message 2 already deleted message 2 already deleted)

The RSET command removes the deletion marks from all previously marked messages:

(2 messages in mailbox (320 bytes))

As expected, the QUIT command closes the connection to the server:

CLIENT: QUIT SERVER: +OK dewey POP3 server signing off CLIENT: QUIT SERVER: +OK dewey POP3 server signing off (maildrop empty) CLIENT: QUIT SERVER: +OK dewey POP3 server signing off (2 messages left)

Note that messages marked for deletion are not actually deleted until the QUIT command is issued and the update phase begins. At any time during the session, the client has the option to issue a RSET command and all messages marked for deletion will be restored.

IMAP protocol

IMAP(English) Internet message Access Protocol) is an application layer Internet protocol for accessing e-mail.

IMAP provides the user with rich options for working with mailboxes located on a central server. A mail program that uses this protocol accesses the mail storage on the server as if the mail was located on the recipient's computer. E-mails can be manipulated from the user's (client's) computer without the need to constantly send files with the complete contents of the messages back and forth from the server.

Advantages over POP

IMAP was designed to replace the simpler POP3 protocol and has the following advantages over the latter:

• · Letters are stored on the server, not on the client. It is possible to access the same mailbox from different clients. Also supported simultaneous multiple client access. There are mechanisms in the protocol by which a client can be informed of changes made by other clients.
• · Support for multiple mailboxes (or folders). The client can create, delete and rename mailboxes on the server, as well as move messages from one mailbox to another.
• · It is possible to create shared folders that can be accessed by multiple users.
• · Information about the state of letters is stored on the server and is available to all clients. Emails can be marked as read, important, etc.
• · Support search on the server. There is no need to download many messages from the server in order to find the one you need.
• · Support online operation. The client can maintain a permanent connection with the server, while the server informs the client in real time about changes in mailboxes, including new letters.
• · A mechanism for extending protocol capabilities is provided.

SMTP (English Simple Mail Transfer Protocol - a simple mail transfer protocol) is a widely used network protocol designed to transfer e-mail over TCP / IP networks.

SMTP was first described in RFC 821 (1982); the latest update in RFC 5321 (2008) includes a scalable extension - ESMTP (Extended SMTP). Currently, the term "SMTP protocol" usually refers to its extensions. The SMTP protocol is designed to transmit outgoing mail using TCP port 25.

While electronic mail servers and other message transfer agents use SMTP to send and receive mail messages, user-level mail client applications typically use SMTP only to send messages to the mail server for relaying. To receive messages, client applications typically use either POP (Post Office Protocol) or IMAP (Internet Message Access Protocol) or proprietary protocols (such as Microsoft Exchange and Lotus Notes/Domino) to access the account. record your mailbox on the server.

POP3

POP3 (Post Office Protocol Version 3 - Post Office Protocol, version 3) is a standard application layer Internet protocol used by email clients to receive mail from a remote server over a TCP/IP connection.

Standard port POP3 - 110.

POP and IMAP (Internet Message Access Protocol) are the most common Internet protocols for retrieving mail. Almost all modern email clients and servers support both standards. The POP protocol has been developed in several versions, the current standard being the third version (POP3). Most email providers (such as Hotmail, Gmail, and Yahoo! Mail) also support IMAP and POP3. Previous versions of the protocol (POP, POP2) are obsolete.

An alternative protocol for collecting messages from a mail server is IMAP.

IMAP

IMAP (Internet Message Access Protocol) is an application layer protocol for accessing e-mail.

It is based on the TCP transport protocol and uses port 143.

IMAP provides the user with extensive options for working with mailboxes located on a central server. A mail program that uses this protocol accesses the mail storage on the server as if the mail was located on the recipient's computer. E-mails can be manipulated from the user's (client's) computer without the constant transfer from the server and back of files with the complete contents of the messages.

In the age of modern technology, communication via e-mail has become a part of our daily life. If earlier faxes were used to transmit graphic information, now it is already quite rare.

In this video, I propose to understand the operation of e-mail, or rather, the configuration and operation of the SMTP, POP3 and IMAP protocols, thanks to which we can exchange electronic messages.

The abbreviation SMTP stands for Simple Mail Transfer Protocol or Simplified Mail Transfer Protocol and its main purpose is to send messages. But, for normal work with e-mail, we must, in addition to sending mail, also receive it! And these tasks are taken over by the POP3 protocols (Post Office Protocol 3) or the mail protocol version 3 and IMAP (Interactive Mail Access Protocol) or the protocol for interactive access to e-mail.

So the main goal of this video will be to figure out exactly what are the differences between these two protocols, and which one is better to use in your work.

For testing, I will use the free Thunderbird email client from Mozilla. If necessary, you can download it from the link that I will give in additional materials for this video on the official website of the IT Training Center. https://www.mozilla.org/en/thunderbird/

Let's start the mail client and add 2 mailboxes that I specifically created to test the POP3 () and IMAP () protocols. To connect mailboxes, go to (Menu \ Settings \ Account settings \ Account actions \ Add mail account \ Enter name \ Email address \ Password \ Continue)

The message “Thunderbird could not find the settings for your mail account” is displayed), so we need to do more fine-tuning.

First you need to select the incoming mail protocol, select POP3, since I created this mailbox specifically for testing this protocol.

Server name - if you have mail on mail.ru, then most likely it will be able to correctly substitute the name of the pop3.mail.ru server, but since my mail is from the hoster on which my domain is registered, then my server name will be different pop3.beget .com. In general, you can find these settings on the website of the mail service where you have registered a mailbox and, as a rule, it is pop3. and the domain name of the mail service.

Click "Retest" and the mail client successfully reached the server and automatically set the necessary settings for work. Here we can see that the POP3 protocol works on port 110, SMTP on port 25. Click "Finish" and configure another mailbox in the same way (), but specify IMAP with port 143 as the incoming mail protocol.

So what are the differences between POP3 and IMAP?

If we go to the test-imap mailbox in the Inbox folder, then we immediately receive letters that are in this mailbox on the server. Similarly, if we went directly to the server through the web interface. And there is nothing in the test-pop3 mailbox, since the work through the POP3 protocol is on request, i.e. you need to give the command "Get mail".

So the main difference between the POP3 and IMAP protocols is that the IMAP protocol has a constant connection with the mail server, and POP3 works on a request to receive mail.

In order to more clearly understand how it all works, let's simulate the work of an employee with mail:

Let's create a folder "Clients" to be able to sort letters into different groups;

Send 3 test emails from test-pop3 to test-imap

In the test-imap box: move one letter to the Clients folder; we will answer the second; leave the third unread.

In the test-pop3 mailbox, we will reply to the received letter and move it to the "Clients" folder

Now let's see through the web interface what is happening on the server with the test-imap mailbox. As you can see, everything is the same here as in the mail client (there are all incoming letters and even those that we did not have time to read are also marked as unread; in the sent folder, there are letters that we sent; in the Trash folder deleted; and even the Clients folder was created and there is a letter that we moved there). Those. everything we did through the Thunderbird pro mail client was duplicated on the server.

What's in the test-pop3 box? Only letters in the inbox that came to the mail server. No emails in Sent Items, Trash, and no Clients folder. Even the letter that we moved to the "Clients" folder also remained in place. All this suggests that the POP3 protocol only works to receive mail, without any feedback.

What conclusion can we draw from our experiments? If you work with mail from the same computer through a mail client, then the POP3 protocol will suit you. If you work with one mailbox on different devices (work computer, home computer, mobile phone), then the IMAP protocol, since when you make changes on any device, they will appear on all devices.

Plus, when the computer is broken, we can add a mail account on another computer and continue to work as if nothing had happened, all the accumulated information will be up to date.

Personally, I use POP3 so as not to take up space on the server, since I still work with personal mail only from my home computer. And in case of failure hard drive I have mirrored RAID configured and synced to Acronis Cloud.

By the way, if you are interested, I can record a video tutorial on connecting your corporate mail to the mail.ru or Yandex.mail web interface. In fact, this is very convenient, since usually users are used to working with mail on these sites and it is difficult for them to switch to working in an email client or in another web interface. And thanks to this opportunity, they will be able to work with corporate mail in a familiar environment.

On the Internet, to deliver e-mail, the source machine establishes a TCP connection to port 25 on the destination machine. This port is listened on by the mail daemon and they communicate using the Simple Mail Transfer Protocol (SMTP). This daemon accepts incoming connections and copies messages from them to the appropriate mailboxes. If the email cannot be delivered, an error message is sent to the sender containing the first part of the email.

MTA (Mail Transfer Agent)- mail transfer agent - is the main component of the Internet mail transfer system, which represents a given network computer for a network e-mail system. Usually users do not work with the MTA, but with the program MUA (Mail User Agent)- an email client. Schematically, the principle of interaction is shown in the figure.

The SMTP protocol is a simple ASCII protocol. Having established a TCP connection on port 25, the sending machine acting as a client waits for a request from the receiving machine operating in server mode. The server starts the conversation by sending a text string containing its identifier and indicating its readiness (or not) to receive mail. If the server is not ready, the client drops the connection and tries again later.

If the server is ready to receive mail, the client announces who the mail is from and to whom it is intended. If the recipient of the mail exists, the server gives the client the go-ahead to forward the message. The client then sends a message. And the server acknowledges its receipt. Checksums are not checked because the TCP protocol provides a reliable byte stream. If the sender has more mail. She also leaves. After all mail has been sent in both directions, the connection is terminated.

The simplest example of an SMTP session C: - client, S: - server

S: (awaiting connection)

C: (Connects to server port 25)

S:220 mail.company.tld ESMTP CommuniGate Pro 5.1.4i is glad to see you!

S:250 domain name should be qualified

S:250 This e-mail address is being protected from spambots. You need JavaScript enabled to view it sender accepted

S:250 This e-mail address is being protected from spambots. You need JavaScript enabled to see it ok

S:550 This e-mail address is being protected from spambots. You need JavaScript enabled to view it unknown user account

S:354 Enter mail, end with "." on a line by itself

S:250 769947 message accepted for delivery

S:221 mail.company.tld CommuniGate Pro SMTP closing connection

S: (closes connection)

As a result of such a session, the letter will be delivered to the addressee This e-mail address is being protected from spambots. You need JavaScript enabled to view it , but it will not be delivered to the recipient This e-mail address is being protected from spambots. You need JavaScript enabled to see it, because no such address exists.

Some SMTP commands

Due to spam issues, almost all modern servers ignore the VRFY and EXPN commands as revealing user information.

To solve some problems. An extended SMTP protocol, ESMTP, has been developed. Clients wishing to use it should start their communication session by sending an EHLO instead of a HELO. If the command is not accepted by the server, then the server only supports the regular SMTP protocol and the client should work in normal mode. If EHLO is accepted, then an ESMTP session has been established and it is possible to work with new parameters and commands.

Post Office Protocol Version 3- Post Office Protocol Version 3 is a network protocol used by an email client to receive email messages from a server. Usually used in conjunction with the SMTP protocol.

Previous versions of the protocol (POP, POP2) are obsolete. An alternative protocol for collecting messages from a mail server is IMAP. By default, it uses TCP port 110. There are POP3 server implementations that support TLS and SSL.

After a connection is established, the POP3 protocol goes through three successive states.

• 1. Authorization the client goes through the authentication procedure
• 2. The client transaction receives information about the state of the mailbox, accepts and deletes mail.
• 3. The server update deletes the selected emails and closes the connection.

While the POP3 protocol does support the ability to receive one or more emails and leave them on the server, most email programs simply download all the emails and empty the mailbox on the server.

Session example

S:<Сервер ожидает входящих соединений на порту 110>

C:<подключается к серверу>

S: +OK POP3 server ready< Этот адрес e-mail защищен от спам-ботов. Чтобы увидеть его, у Вас должен быть включен Java-Script >

C: APOP mrose

S:<сервер передает сообщение 1>

S: +OK message 1 deleted

S:<сервер передает сообщение 2>

S: +OK message 2 deleted

S: +OK dewey POP3 server signing off (maildrop empty)

C:<закрывает соединение>

S:<продолжает ждать входящие соединения>

For a user who has one account with one provider and always connects to the provider from the same machine, the POP3 protocol is enough. This protocol is widely used due to its simplicity and reliability. But many users have one account at an educational institution or at work, but they want to have access to it from home, from their place of work (study), and during a business trip, those from different places. Although the POP3 protocol allows you to resolve this situation. But the problem is that with this use of e-mail, all the user's correspondence will very quickly spread to random machines from which he accessed the Internet, and some of these computers may not belong to the user at all.

This inconvenience led to the creation of an alternative protocol for receiving mail, IMAP.

IMAP (Internet Message Access Protocol)- Internet application layer protocol for accessing e-mail.

IMAP provides the user with rich options for working with mailboxes located on a central server. A mail program that uses this protocol accesses the mail storage on the server as if the mail was located on the recipient's computer. E-mails can be manipulated from the user's (client's) computer without the need to constantly send files with the complete contents of the messages back and forth from the server.

IMAP was designed to replace the simpler POP3 protocol and has the following advantages over the latter:

• 4. Letters are stored on the server, not on the client. It is possible to access the same mailbox from different clients. Simultaneous access by multiple clients is also supported. There are mechanisms in the protocol by which a client can be informed of changes made by other clients.
• 5. Support for multiple mailboxes (or folders). The client can create, delete and rename mailboxes on the server, as well as move messages from one mailbox to another.
• 6. It is possible to create shared folders that can be accessed by multiple users.
• 7. Information about the status of letters is stored on the server and is available to all clients. Emails can be marked as read, important, etc.
• 8. Support search on the server. There is no need to download many messages from the server in order to find the one you need.
• 9. Support online operation. The client can maintain a permanent connection with the server, while the server informs the client in real time about changes in mailboxes, including new letters.
• 10. A mechanism for extending protocol capabilities is provided.

The current version of the protocol is designated IMAP4rev1 (IMAP version 4, revision 1). The protocol supports the transmission of the user's password in encrypted form. In addition, IMAP traffic can be encrypted using SSL.

3. Summary table for mail clients and servers for various operating systems

4. The most famous WEB mail clients

Eudora Mail- an e-mail client that appeared at the dawn of the Internet, when e-mail was almost the only means of communication.

evolution is a graphical client program for managing e-mail, contacts and time for the Linux platform. Developed and maintained by Novell. Contains a calendar, a time planning system, an address book, supports all common mail protocols IMAP, POP, SMTP.

fidolook- an e-mail client that is a plug-in for Outlook Express from the Internet Explorer package. Significantly expands such features of Outlook Express as quoting messages, message templates, customizing message headers, the ability to work with news folders, importing and exporting messages.

foxmail! is a free email program for Windows OS. Developed by the Chinese corporation TenCent. Supports SMTP, POP3 and RSS protocols. Key features:

• o sending letters without the participation of an SMTP server (the user's computer acts as an SMTP server);
• o the ability to set a password for the account;
• o setting up receiving mail from several E-mail addresses in one account;
• o mail sorter based on filters;
• o creating and editing templates for new letters;
• o work with the dispatcher of letters (management of messages on the server);
• o the ability to encrypt messages;
• o convenient address book integrated into the interface;
• o RSS aggregator.

Kmail- an e-mail client distributed in operating systems*nix families. Supports SMTP, POP3, IMAP, local mailboxes, and there is also support for antivirus, antispam, custom filters.

M2- the internal name of the mail and news client built into the Opera browser and officially called Opera Mail. Its interface differs from other email clients in order to provide better integration with Opera, as well as a spam filter, support for POP3 and IMAP, newsgroups, RSS and Atom news feeds.

mailman- mail client for mobile devices and phones, is a java application. Key features:

• o work with the file system (saving, adding file attachments of any format, working with the address book, saving the history of downloads to disk in .txt, playing a given melody);
• o the ability to work with encodings and transliteration;
• o viewing html, wml, pda and xml-like pages as text without links and images with the ability to customize the font;
• o a huge number of parameters and flexible settings;
• o The program is distributed free of charge.

Microsoft Outlook- a computer program organizer with the functions of an e-mail client, included in the package of office Microsoft programs office. Key features:

• o is a full-fledged Organizer that provides the functions of a calendar, task scheduler, notebook and contact manager;
• o allows you to track work with documents of the Microsoft Office package for automatic compilation of a work diary;
• o can be used as a standalone application or act as a client for the Microsoft Exchange Server mail server, which provides additional features for collaboration between users of the same organization: shared mailboxes, task folders, calendars, conferences, scheduling and booking common meetings, coordination documents.

Mozilla Thunderbird- free, open source program for working with e-mail and newsgroups. It is part of the Mozilla project. Supports SMTP, POP3, IMAP, NNTP, RSS protocols, works on Windows, Mac OS X and Linux, and the set of features and layout of controls are the same on all platforms.

Outlook Express- a program for working with e-mail and newsgroups, which is included in the Windows operating system, starting with Windows 95 OSR 2.5, as well as with the Internet Explorer browser, starting with version 4.0. The new version of Outlook Express included with Windows Vista along with Internet Explorer 7.0 is called Windows Mail. The name Outlook Express suggests that this program is a "light" version of Microsoft Outlook and, unlike Outlook Express, does not have features for working with newsgroups.

The Bat! is a shareware email program for Windows OS. Developed by the Moldovan company RitLabs. It supports SMTP, POP3, IMAP protocols, has a fairly advanced message filtering system and supports a large number of Cyrillic encodings. There are two versions of the program: Home and Professional. The Professional version has the ability to spell check, message encryption and biometric authentication.

6. Security settings in mail systems: TLS, SSL, digital signature, certificate. The concept of SPAM

TLS (Transport Layer Security) is a cryptographic protocol that provides secure data transfer between users on the Internet.

The TLS protocol is based on Netscape SSL protocol version 3.0 and consists of two parts - TLS Record Protocol and TLS Handshake Protocol. The difference between SSL 3.0 and TLS 1.0 is minor, so the term "SSL" will refer to both in the rest of the text. Most modern browsers support this protocol. The TLS Working Group, founded in 1996, continues to work on the protocol.

SSL, using cryptography, provides authentication and secure communication over the Internet. Often only the server is authenticated, while the client remains unauthenticated. For mutual authentication, each party must support a public key infrastructure (PKI) that allows you to protect client-server applications from intercepting messages, editing existing messages, and creating fake ones.

SSL includes three main phases:

• o Dialogue between the parties, the purpose of which is to choose an encryption algorithm
• o Key exchange based on public key cryptosystems or certificate based authentication.
• o Transfer of data encrypted using symmetric encryption algorithms

In the first phase, the client and server discuss the choice of a cryptographic algorithm for further use. The following algorithms are available in this version of the protocol:

• o Key exchange and authentication uses a combination of algorithms: RSA (Asymmetric Cipher), Diffie-Hellman (Secure Key Exchange), DSA (Digital Signature Algorithm), and Fortezza technology algorithms.
• o For symmetric encryption: RC2, RC4, IDEA, DES, Triple DES or AES;
• o For hash functions: MD5 or SHA.

SSL (Eng. Secure Sockets Layer - secure socket protocol) - a cryptographic protocol that provides secure data transmission over the Internet. When used, a secure connection is created between the client and the server. SSL was originally developed by Netscape Communications and is now accepted as a standard by the IETF. Supported by all popular browsers.

Uses public key encryption to verify the identity of the transmitter and receiver. Maintains the reliability of data transmission through the use of correction codes and secure hash functions.

SSL consists of two levels. At the bottom layer of a layered transport protocol (such as TCP), it is a write protocol and is used to encapsulate (i.e., package) various protocols. For each encapsulated protocol, it provides conditions under which the server and client can authenticate to each other, execute encryption algorithms, and exchange cryptographic keys before the application protocol starts sending and receiving data.

To access pages protected by the SSL protocol, in the URL, instead of the usual (schema) http prefix, as a rule, the https prefix (port 443) is used, indicating that an SSL connection will be used. Since encryption / decryption operations require a lot of computing resources, hardware SSL accelerators are used to reduce the load on web servers.

SSL requires the server to have an SSL certificate.

An electronic digital signature (EDS) is an attribute of an electronic document designed to certify the source of data and protect this electronic document from forgery.

The digital signature provides:

• o Identification of the source of the document. Depending on the details of the document definition, fields such as “author”, “changes made”, “timestamp”, etc. can be signed.
• o Protection against changes to the document. Any change to the document (or signature) accidentally or intentionally will change the hash and therefore invalidate the signature.
• o The impossibility of repudiation of authorship. Since it is possible to create a correct signature only if the private key is known, and it is known only to the owner, the owner cannot refuse his signature on the document.

The following digital signature threats are possible:

• o An attacker may try to forge a signature for a document of their choice.
• o An attacker can try to match a document to a given signature so that the signature matches it.
• o An attacker can try to forge a signature for any document.

When using a reliable hash function, it is computationally difficult to create a fake document with the same hash as the genuine one. However, these threats can be realized due to weaknesses in specific hash algorithms, signatures, or bugs in their implementations.

However, the following threats to digital signature systems are still possible:

• o An attacker who steals a private key can sign any document on behalf of the owner of the key.
• o An attacker can trick the owner into signing a document, for example using a blind signature protocol.
• o An attacker can replace the owner's public key (see key management) with his own, impersonating him.

Certificate (public key certificate, EDS certificate) is a digital or paper document confirming the correspondence between the public key and information identifying the owner of the key. Contains information about the owner of the key, information about the public key, its purpose and scope, the name of the certification authority, etc.

The public key can be used to organize a secure communication channel with the owner in two ways:

• o to verify the owner's signature (authentication)
• o to encrypt the data sent to it (confidentiality)

There are two models for organizing the infrastructure of certificates: centralized (PKI) and decentralized (PGP). In the centralized model, there are root CAs whose signatures each user must trust. In a decentralized model, each user independently chooses which certificates he trusts and to what extent.

Spam (English spam) - messages sent in bulk to people who have not expressed a desire to receive them. The term “spam” primarily refers to emails.

Ways to fight spam

• o Preventive methods
• o The most reliable way to fight spam is to prevent spammers from knowing your email address. This is a difficult task, but some precautions can be taken.
• o Unfortunately, even such harsh measures do not fully guarantee that the spammer will not recognize the email address. Address harvesting methods include using viruses to hunt down users' contact lists. Viruses exploit flaws in well-known mail programs and send addresses from the contact list to an attacker or send copies of unwanted messages to these addresses on their own.
• o Automatic filtering
• o There is software (software) for automatic detection of spam (so-called filters). It may be intended for end users or for use on servers. This software uses two main approaches.
• o The first is that the content of the letter is analyzed and a conclusion is made whether it is spam or not. If an email is classified as spam, it may be flagged, moved to another folder, or even deleted. Such software can run both on the server and on the client's computer. With this approach, you do not see filtered spam, but you continue to bear all or part of the costs associated with receiving it, since anti-spam software receives each spam email anyway (spending your money), and only then decides whether to show it or not. On the other hand, if the software is running on a server, you don't incur the cost of copying it to your computer.
• o The second approach is to use various methods to identify the sender as a spammer without looking at the text of the letter. This software can only work on a server that directly receives emails. With this approach, you can reduce costs - the money is spent only on communicating with spammer mailers (ie, refusing to accept letters) and accessing other servers (if any) during verification. The payoff, however, is not as big as one might expect. If the recipient refuses to accept the email, the spammer tries to bypass the protection and send it in another way. Each such attempt has to be reflected separately, which increases the load on the server.

Automatic filtering methods

Automatic filtering programs use a statistical analysis of the content of an email to decide if it is spam. The greatest success has been achieved with algorithms based on Bayes' theorem. For these methods to work, filters need to be “trained”, i.e., manually sorted emails must be used to identify statistical features of normal emails and spam.

Optional filtering

Many programs and mail services on the Web allow the user to set their own filters. Such filters may consist of words or, more rarely, regular expressions, depending on the presence or absence of which the message gets or does not get into the dustbin. However, such filtering is time consuming and inflexible, and it also requires the user to have a certain degree of familiarity with computers. On the other hand, it allows you to effectively filter out some of the spam, and the user knows exactly which messages will be filtered out and why.

Blacklists. Blacklists include the IP addresses of computers that are known to be sending spam. Also widely used are lists of computers that can be used for mailing - "open relays" and "open proxies", as well as lists of "dialups" - client addresses that cannot have mail servers. You can use a local list or a list maintained by someone else. Due to the ease of implementation, blacklists, which are requested through the DNS service, have become widespread. They are called DNSBL (DNS Black List). Currently, this method is not very efficient. Spammers find new computers for their purposes faster than they can be blacklisted. In addition, multiple computers sending spam can compromise an entire mail domain or subnet, and thousands of legitimate users will be unable to send mail to servers using such a blacklist indefinitely.

Authorization of mail servers. Various methods have been proposed to confirm that the computer sending the letter is indeed eligible (Sender ID, SPF, Caller ID, Yahoo DomainKeys, MessageLevel), but they have not yet become widespread. In addition, these technologies limit some common types of mail server functionality: it becomes impossible to automatically forward correspondence from one mail server to another (SMTP Forwarding).

A common policy among ISPs is that clients are only allowed to establish SMTP connections with the ISP's servers. In this case, it becomes impossible to use some of the authorization mechanisms.

Greylisting Greylisting is based on the fact that spamming software behaves differently from regular mail servers, namely that spammers do not try to resend email when a temporary error occurs, as required by the SMTP protocol. More precisely, when trying to bypass the protection, on subsequent attempts they use a different relay, a different return address, etc., so it looks to the receiving party as attempts to send different letters.