Protocols
To understand how the protocols work, let’s look at an example. In this example, the sender wants to send an email to the recipient. To do this, the sender sends the email to their email server using the Simple Mail Transfer Protocol or SMTP. SMTP is the standard communication protocol used for sending email across the internet. It uses a client-server model where the client, in this case the sender, sends the message to the email server. The email server’s job is to forward the email to the destination using the SMTP protocol.
On this network, there is a public mail server. A public mail server has been set up to help keep the sender’s email more secure from attack because it can be placed behind a firewall. This kind of configuration is quite common.
The sender’s mail server will forward the email to the public mail server using the SMTP protocol. The public mail server will then send the email to the recipient’s public mail server over the internet using the SMTP protocol.
This is a very simple example; when transferring emails on the internet, it is not uncommon for the emails to go through many different mail servers before reaching the destination. Once at the recipient’s public email server, it is forwarded to the recipient’s mail server once again using the SMTP protocol.
So far, the SMTP protocol has been used for everything, but to get the email from the mail server, either IMAP or POP protocols are used. These are the three different protocols used to send and receive emails. I will now take a closer look at each protocol.
Simple Mail Transfer Protocol (SMTP)
Simple Mail Transfer Protocol or SMTP is the protocol used to send emails across the internet. There are many bad actors on the internet who may try to intercept those emails.
SMTP is the internet standard for transferring email. However, SMTP is only designed to send, or technically forward, emails to the next server. If we consider an example, our user will forward their emails to an email server.
SMTP was created in 1980, so you could say it has been around since the start of the internet. It has been updated and expanded since then, but at its core, it remains much the same.
The original version ran by default over port 25 and is text-based, thus not secure. In 2002, a secure version was standardized. The secure version runs by default on port 587. For the exam, it is important to remember these port numbers.
The secure version has been around for a long time now, so it is unlikely that your email provider does not support it. It is not recommended to use the unsecure version of SMTP.
SMTP is also used to forward emails between email servers. The email servers may use unsecure or secure communication. You would think nowadays it would all be secure, but some old servers and equipment still don’t use secure communication. If you are sending emails and want to ensure they are encrypted, consider using client email encryption. The recipient will also need to support the encryption to read the email.
Since SMTP is only for forwarding emails, let’s now look at how to receive emails.
Post Office Protocol (POP)
To get emails from your email server to your device, two protocols are used. The older protocol is Post Office Protocol or POP. You may also hear it referred to as POP3 after version 3, as that is the only version we use.
It is debatable when version 3 was released, as the original protocol was updated and improved. The version we use today is based on the version released in 1988. Although it has been updated and improved since then, the basic functionality has remained the same.
The default port for unsecure transfers is 110. For secure transfers, the default port is 995. The protocol is limited to downloading emails only. This may sound sufficient, but the protocol is quite limited. It allows for deleting emails after download but lacks other management features. In other words, the only real management of the mailbox on your server is to delete the email on download; otherwise, you need to go onto the email server and delete it from there.
If you want to use email folders, you can create them on the local email client, but they won’t be created on the email server. These local folders won’t be replicated to the email server, so if you lose the data files on your local computer, you lose those emails. Thus, POP is quite limited for today’s needs.
Whether it is considered a legacy protocol depends on who you ask. The problem is that it still works but has limited functions. For this reason, you see it available from email providers, but its use has declined over the years. This is because people generally use the next protocol.
Internet Message Access Protocol (IMAP)
The Internet Message Access Protocol or IMAP is the standard protocol used for email clients today. The main difference between IMAP and POP is that the mailbox is stored on the server. The mailbox is replicated to the local client. Thus, if the data on the client’s computer is lost, it can simply be downloaded again.
IMAP also allows email to be sorted into folders. All these changes are replicated to the mailbox stored on the server. The IMAP protocol we use today was released in 1994. Of course, it has been updated since then. You can see that when it comes to email, the protocols used were released a long time ago and are well supported.
IMAP uses port 143 for unsecure communication and port 993 for secure communication. To better understand how the protocols work, let’s look at an example.
Example
In this example, a user is sending an email to another person. The user first creates the email. The email is sent using SMTP to the user’s local SMTP server. The email is then copied to the sent folder. Depending on the email client, the email may be placed in an outbox and then copied to the sent folder once it is sent.
The email in the sent folder is replicated to the user’s IMAP server. You can see that the SMTP and IMAP servers do not need to be the same server. They can be, but it is not a requirement. If the POP protocol were used instead, there would be no replication step, and thus the sent email would only be stored on the local client. If the local client data was lost, the sent email would be lost.
The local SMTP server looks up the DNS MX record for the email address. This is the email server that is able to receive emails for that DNS domain. The email is then forwarded to the remote SMTP server. This is a simple example; in the real world, the email may go through many different servers to reach the destination.
The email is received by the remote SMTP server, assuming it is accepted. The email is copied to the user’s mailbox. Usually, the IMAP server will receive the email using SMTP, but it depends on the email server being used.
The client replicates the email from the IMAP server, and now they have the email in their local mailbox. If POP was used, the email would be copied from the server. If the delete option was enabled, the email would be deleted from the server when it is downloaded.
I will now have a look at how to configure an email client.
Demonstration
In this demonstration, I will set up email on a free email client, Thunderbird. Regardless of which email client you use, the process is pretty similar. If possible, I recommend getting the settings from your email provider. If the settings are standard, you may be able to automatically detect them. If your email provider uses non-standard ports or settings, you will need this information.
I will open the Thunderbird email client. On the first run, the new account wizard will automatically start. I will enter the name, email address, and password. If I press the continue button, Thunderbird will attempt to detect the email settings using commonly used configurations.
In this example, I will select the option to configure manually. This will allow me to see the settings that can be configured. Thunderbird will attempt to automatically detect the settings; at the bottom is the button “Re-test” if you want to run the auto-detect again.
In this case, the settings were not detected, so I will manually add them. By default, IMAP will be used, so I will leave it on that setting as it is the preferred protocol. I won’t go through POP since it is the same process as IMAP. For the hostname, I will add “mail” to the start of the DNS address. For the port, I will enter 993. This is the default port for secure communication. You will notice that if I select SSL/TLS under connection security, the port will remain the same.
Under the pull-down menu, there are other options. Autodetect will attempt to auto-detect the connection type; however, sometimes this will not work. “None” will use unencrypted. STARTTLS initiates the connection without encryption. If both parties support it, the connection is changed to encrypted; if not, it remains unencrypted. This approach ensures backward compatibility with servers that do not support encryption. If your server is upgraded and supports STARTTLS, the connection will be changed to encrypted. Importantly, this shift to encryption occurs without altering the port number; only the connection changes, transitioning from unencrypted to encrypted.
The top section is the IMAP or POP. The bottom section is the SMTP. I will now add “mail SMTP” to the start of the domain name and enter the port number. For this mail provider, the mail server and SMTP server use the same domain name. This is not always the case; some email providers will have the two separated. SMTP is for forwarding emails to the destination, so there is no need for it to be on the same server as the mailbox.
I will next select SSL/TLS from the pull-down menu so the connection will be secure. I have tried these settings before, and they have not worked. To get them to work, I will go up to the top and select the authentication method.
Under authentication method, determine how the username and password are verified. Autodetect works sometimes, but for this email server, it is not working, so I will need to manually set it. In this case, I will select “normal password,” where the username and password are sent as text. Since the connection is encrypted, this is not a concern. The other authentication methods require the email server to support the chosen authentication method.
I will also set the authentication method at the bottom to “normal password.” I will next press the “done” button. The account will be created. If you are having problems getting the connection to work, I recommend switching off the automatic detection settings and trying to set the settings manually.
I will now press “finish,” and my newly set-up email account will be shown at the top in the inbox. When I right-click the inbox, I can select a number of options. In particular, notice the option for “New folder.”
This will allow me to create a new folder to sort emails. Once the folder is created, it will be synced to the IMAP server. If POP were used, the folder would be created on the local computer, meaning if the data on the local computer was lost, all the data stored locally would also be lost.
You can see why IMAP is so popular nowadays. Whenever possible I would recommend it be used over POP.
End Screen
If you ever get confused by email, think of digital postcards, flying through the internet bringing smiles or spam to someone’s inbox. Until the next video, I would like to thank you for watching.
References
“The Official CompTIA A+ Core Study Guide (Exam 220-1101)” pages 204 to 206
“Picture: Thunderbird logo” https://en.wikipedia.org/wiki/Mozilla_Thunderbird#/media/File:Thunderbird_2023_icon.png
Credits
Trainer: Austin Mason http://ITFreeTraining.com
Voice Talent: HP Lewis http://hplewis.com
Quality Assurance: Brett Batson http://www.pbb-proofreading.uk
