1

CS242 Computer Networks Department of Computer Science Wellesley College

File transfer and e-mail FTP and SMTP protocols

o  The original specification for the File Transfer Protocol was written by Abhay Bhushan (RFC 114, April 1971).

o  It ran on NCP until 1980* when it was replaced by a TCP/IP version (RFC 114).

FTP and SMTP 4-2

FTP History 101

*Flag day.

FTP and SMTP 4-3

File Transfer Protocol (FTP)*

o  Like HTTP, FTP is a file transfer protocol and shares many common characteristics. However, there are some important differences.

*Fetch on the Mac and Winsock on the PC. FTP and SMTP 4-4

FTP and HTTP o  FTP, like HTTP, runs on top of TCP. o  However, unlike HTTP, FTP uses two parallel TCP

connections to transfer a file, a control connection and a data connection. We say FTP sends its control information out-of band.

o  Also unlike HTTP, FTP maintains state. In particular, FTP remembers the current directory and earlier authentication.

2

Control and data connection o  When a user starts an FTP

session, the client side of FTP initiates a control TCP connection with the server.

o  When the server receives a command for a file transfer, it initiates a TCP data connection. to the client side.

o  The control connect stays open. The data connection stays open for one file only.

FTP and SMTP 4-5 FTP and SMTP 4-6

FTP commands*, responses** Sample commands: sent as ASCII text over

control channel USER username PASS password LIST return list of file in

current directory RETR filename retrieves

(gets) file STOR filename stores

(puts) file onto remote host

Sample return codes status code and phrase (as in

HTTP) 331 Username OK,

password required 125 data connection

already open; transfer starting

425 Can’t open data connection

452 Error writing file

*Four uppercase 7-bit ASCII characters followed by some optional arguments. **Replies are three-digit numbers with optional message.

Web browser support o  Most web browser can retrieve files hosted on FTP servers.

FTP URL syntax is described in RFC1738: ftp://[<user>[:<password>]@]<host>[:<port>]/<url-path>

o  For example,

FTP and SMTP 4-7

Innocence abroad o  A host that provides an

FTP service may provide anonymous FTP access.

o  Users log into the service with an ‘anonymous’ account with prompted for a user name.

o  Users may be asked to send their email address instead of a password, but no verification is performed.

FTP and SMTP 4-8

3

Danger Will Robinson o  FTP was not designed to be

a secure protocol and it isn’t.

o  It is not able to encrypt its traffic; all transmissions are in clear text, and usernames, passwords, commands and data can be easily read by anyone able to perform packet capture

o  Exploits include: Offline password cracking, spoof attacks; and bounce attacks.

FTP and SMTP 4-9

Getting by in a dangerous world o  Explicit SFTP is an

extension to the FTP standard that allows clients to request that the FTP session be encrypted. This is done by sending the "AUTH TLS" command.

o  SFTP, SSH* File Transfer Protocol, is not related to FTP except that it also transfers files and has a similar command set for users.

FTP and SMTP 4-10

*More later in the semester.

o  In 1971 Ray Tomlinson sent the first successful email from one computer, to another sitting right next to it – through ARPANET.

o  He used the @ sign to delineate what host the user receiving the message was on.

o  Tomlinson can’t remember his first message but stated it was “QWERTYUIOP or something similar.”

FTP and SMTP 4-11

email: The killer app of the seventies You’ve got mail o  Like ordinary mail (and

unlike either the HTTP or FTP), e-mail is asynchronous.

o  It has three major components: User agents; mail servers; and Simple Mail Transfer Protocol (SMTP).

FTP and SMTP 4-12

4

FTP and SMTP 4-13

Electronic mail in the Internet

User agents allow users read, reply, forward, save, and compose messages.

*Currently, our browser acts as a user agent. Formerly, we used a proprietary agent from FirstClass. FTP and SMTP 4-14

Servers form the core Each recipient has a mailbox located in

one of the mail servers.

FTP and SMTP 4-15

SMTP*

SMTP (Simple Mail Transfer Protocol,

is the principal application-layer

protocol for Internet electronic

mail.

Like HTTP, SMTP has a client and

server side. Both sides run on every

server.

*Something of a legacy technology (RFC 1982), SMTP requires body of all mail messages to be in simple seven-bit ASCII. FTP and SMTP 4-16

Alice sends Bob a message

5

FTP and SMTP 4-17

Alice sends Bob a message Alice invokes her user

agent, provides Bob's address, composes message, and

instructs user agent to send.

FTP and SMTP 4-18

Alice sends Bob a message Alice's user agent sends

the message to her mail server, where it is placed in

message queue

FTP and SMTP 4-19

Alice sends Bob a message Client side of SMTP,

running on Alice's server sees message, opens TCP

connection to SMTP server on Bob's mail server

FTP and SMTP 4-20

Alice sends Bob a message

After initial SMTP handshaking. SMTP client sends Alices's

message into TCP connection

6

FTP and SMTP 4-21

Alice sends Bob a message

At Bob’s mail server, the server side of SMTP

receives message

and puts it into Bob’s mailbox

FTP and SMTP 4-22

Alice sends Bob a message

Bob invokes his user agent to read the

message

FTP and SMTP 4-23

Sample SMTP interaction [rshull@tempest ~] telnet ALT2.ASPMX.L.GOOGLE.COM 25Trying 74.125.136.27...Connected to ALT2.ASPMX.L.GOOGLE.COM.Escape character is '^]'.220 **********************************************HELO wellesley.edu250 mx.google.com at your serviceMAIL FROM:<rshull@wellesley.edu>250 2.1.0 OK q9si11377440wiv.93 - gsmtpRCPT TO:<rshull@wellesley.edu>250 2.1.5 OK q9si11377440wiv.93 - gsmtpDATA354 Go ahead q9si11377440wiv.93 - gsmtpFROM: Randy Shull <rshull@wellesley.edu>TO: Randy Shull <rshull@wellesley.edu>SUBJECT: Using telnet to email yourself

I used telnet!.250 2.0.0 OK 1439384221 q9si11377440wiv.93 - gsmtpQUIT221 2.0.0 closing connection q9si11377440wiv.93 - gsmtpConnection closed by foreign host.

FTP and SMTP 4-24

SMTP message format

header

body

blank line

From: rshull@wellesley.edu To: myFriend@crepes.fr Subject: Home again

The message in ASCII Characters only

*Header lines are part of the message and are different from the SMTP protocol commands we’ve just seen.

7

Only spoofing [rshull@tempest ~]$ telnet ALT2.ASPMX.L.GOOGLE.COM 25Trying 209.85.203.27...Connected to ALT2.ASPMX.L.GOOGLE.COM.

Escape character is '^]'.220 ***********************************************HELO wellesley.edu250 mx.google.com at your serviceMAIL FROM: <president@wellesley.edu>250 2.1.0 OK h33si1099667edh.158 - gsmtp

RCPT TO: <rshull@wellesley.edu>250 2.1.5 OK h33si1099667edh.158 - gsmtpDATA354 Go ahead h33si1099667edh.158 - gsmtpFROM: President Johnson <president@wellesley.edu>TO: Randy Shull <rshull@wellesley.edu>

SUBJECT:Raising your salaryIn recognition of your excellent teaching and research I hereby double your salary./Paula.

FTP and SMTP 4-25

Show original Delivered-To: rshull@wellesley.eduReceived: by 10.103.72.135 with SMTP id c7csp5959962vsg; Thu, 29 Jun 2017 08:58:56 -0700 (PDT)X-Received: by 10.80.220.200 with SMTP id v8mr2212960edk.91.1498751935995;

Thu, 29 Jun 2017 08:58:55 -0700 (PDT) Some authentication signatures hereARC-Authentication-Results: i=1; mx.google.com;

spf=pass (google.com: domain of president@wellesley.edu designates 149.130.136.40 as permitted sender) smtp.mailfrom=president@wellesley.edu; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=wellesley.edu

Return-Path: <president@wellesley.edu>Received: from wellesley.edu (tempest.wellesley.edu. [149.130.136.40]) by mx.google.com with SMTP id h33si1099667edh.158.2017.06.29.08.57.40 for rshull@wellesley.edu;

Thu, 29 Jun 2017 08:58:55 -0700 (PDT) More authentication stuff hereDate: Thu, 29 Jun 2017 08:58:55 -0700 (PDT)Message-Id: <595523bf.e489500a.2058b.d60dSMTPIN_ADDED_MISSING@mx.google.com>

FROM: President Johnson <president@wellesley.edu>TO: Randy Shull <rshull@wellesley.edu>SUBJECT:Raising your salaryIn recognition of your excellent teaching and research I hereby double your salary./Paula

FTP and SMTP 4-26

FTP and SMTP 4-27

Comparing HTTP & SMTP o  Both transfer files using

persistent connections on top of TCP.

o  HTTP is mainly a pull protocol, while SMTP is a push protocol.

o  SMTP requires each message to be 7-bit ASCII.

o  HTTP encapsulates each object in its own HTTP message. SMTP places all objects in one message.

FTP and SMTP 4-28

Problem: How do we send attachments?

From: alice@crepes.fr To: bob@hamburger.edu Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data ..... ......................... ......base64 encoded data

multimedia data type/subtype

parameters

method used to encode data

MIME* version

encoded data

*Multipurpose Internet Mail Extensions.

8

FTP and SMTP 4-29

Base64 encoding

6 bits

0 0 1 0 1 1

6 bits

0 0 1 0 1 1

6 bits

0 0 1 0 1 1

6 bits

0 0 1 0 1 1

8 bits 8 bits 8 bits

Binary input is processed in blocks of 3 octets, or 24 bits.

Each 6 bits in the 24-bit block is mapped to a printable ASCII character

FTP and SMTP 4-30

Base64 ER

Content-Type: image/jpeg; name="rshull.jpg"Content-Disposition: attachment; filename="rshull.jpg"Content-Transfer-Encoding: base64X-Attachment-Id:

9j4RC6RXhpZgAATU0AKgAAAAgACQESAAMAAAABAAEAAAESAAMAAAABAAEAAAEaAAUAAAABAAAAegEbAAUAAAABAAAAggEoAAMAAAABAAIAAAExAAIAAAAOAAAAigEyAAIAAAAUAAAAmAE8AAIAAAAQAAAArAITAAMAAAABAAEAAAAAALwASAAAAAEAAABIAAAAAQAAUXVpY2tUaW1lIDcuNQAyMDA4OjA5OjA5IDA5OjQxOjM0AE1hYyBPUyBYIDEwLjUuNAAABwEDAAMAAAABAAYAAAEaAAUAAAABAAABFgEbAAUAAAABAAABHgEoAAMAAAABAAIAAAIBAAQAAAABAAABJgICAAQAAAABAAAPjAITAAMAAAABAAEAAAAAAAAASAAAAAEAAABIA

. . .

FTP and SMTP 4-31

Common MIME types Content-Type: type/subtype; parameters

o  Video quicktime

o  Application msword; octet-stream

o  Text plain; html

o  Image jpeg; gif

o  Audio basic; 32kadpcm

For example, Text/plain; charset=us-ascii or text/plain; charset= "ISO-8859-1"

Type = Text Subtype = plain

Parameters modifying subtype

FTP and SMTP 4-32

From: alice@crepes.fr To: bob@hamburger.edu Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=StartOfNextPart --StartOfNextPart Dear Bob, Please find a picture of a crepe. --StartOfNextPart Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data ..... ......................... ......base64 encoded data --StartOfNextPart Do you want the recipe?

Multipart type SMTP places all objects in the same message; a

special MIME type is used to tell them apart

Boundary markers are

used to separate objects

9

FTP and SMTP 4-33

Unanswered questions o  Alice user agent uses SMTP to push e-mail to her mail

server. o  Mail server relays e-mail to Bob. Why the two step? o  How does Bob’s user agent obtain his message from Alice?

FTP and SMTP 4-34

Mail access protocols o  Since SMTL is a PUSH protocol and Bob wants to PULL his

messages, he needs another application-layer protocol. o  There are several to choose from: Post Office Protocol

(POP3); Internet Mail Access Protocol (IMAP); and HTTP.

POP3 protocol

FTP and SMTP 4-35

o  POP3 is an extremely simple mail access protocol with rather limited functionality, ...

o  ... but it does get the job done.

Example session [w-141-224:~] rshull% telnet fc.wellesley.edu 110Trying 149.130.13.40...Connected to firstclass.wellesley.edu.Escape character is '^]'.+OK POP3 server at firstclass.wellesley.edu ready <20050818141546.112790008@firstclass.wellesley.edu>user rshull+OK rshull authenticate pleasepass dbsabzb+OK rshull's mailbox has 41 messages (491520 octets)list+OK 41 messages (491520 octets)1 6144…quit+OK firstclass.wellesley.edu POP3 server closing connectionConnection closed by foreign host.

FTP and SMTP 4-36

Protocol begins with the user agent opening

a TCP connection to the mail server

on port 110.

10

Example session [w-141-224:~] rshull% telnet fc.wellesley.edu 110Trying 149.130.13.40...Connected to firstclass.wellesley.edu.Escape character is '^]'.+OK POP3 server at firstclass.wellesley.edu ready <20050818141546.112790008@firstclass.wellesley.edu>user rshull+OK rshull authenticate pleasepass dbsabzb+OK rshull's mailbox has 41 messages (491520 octets)list+OK 41 messages (491520 octets)1 6144…quit+OK firstclass.wellesley.edu POP3 server closing connectionConnection closed by foreign host.

FTP and SMTP 4-37

Connected!

Example session [w-141-224:~] rshull% telnet fc.wellesley.edu 110Trying 149.130.13.40...Connected to firstclass.wellesley.edu.Escape character is '^]'.+OK POP3 server at firstclass.wellesley.edu ready <20050818141546.112790008@firstclass.wellesley.edu>user rshull+OK rshull authenticate pleasepass dbsabzb+OK rshull's mailbox has 41 messages (491520 octets)list+OK 41 messages (491520 octets)1 6144…quit+OK firstclass.wellesley.edu POP3 server closing connectionConnection closed by foreign host.

FTP and SMTP 4-38

authorization phase user: declare username pass: password

server responses +OK -ERR

Example session [w-141-224:~] rshull% telnet fc.wellesley.edu 110Trying 149.130.13.40...Connected to firstclass.wellesley.edu.Escape character is '^]'.+OK POP3 server at firstclass.wellesley.edu ready <20050818141546.112790008@firstclass.wellesley.edu>user rshull+OK rshull authenticate pleasepass dbsabzb+OK rshull's mailbox has 41 messages (491520 octets)list+OK 41 messages (491520 octets)1 6144…quit+OK firstclass.wellesley.edu POP3 server closing connectionConnection closed by foreign host.

FTP and SMTP 4-39

transaction phase list: list message numbers retr: retrieve message by number dele: delete quit

FTP and SMTP 4-40

IMAP and HTTP o  POPS is a no frills access

protocol. o  IMAP is somewhat more

luxurious. Keep all messages on server; allows users to organize messages into folders; keeps user state across sessions (like FC).

o  Alternatively, we could build an e-mail application on top of HTTP (Gmail, FC, … ).