Lecture05 Email DNS

8/3/2019 Lecture05 Email DNS

1/32

GeorgiaTech

CS 3251- Computer

Networking I:Email and DNS

Revised from Professor Patrick TraynorsLecture 059/1/2009


2/32

GeorgiaTech

Review

Last week we talked about design principles, and theapplication protocols HTTP and FTP

Text commands sent over a port (recall telnet example)

Difference in statefulness (HTTP is not and FTP is)

HTTP and FTP are primarily pullprotocols

2


3/32

GeorgiaTech

3

Chapter 2: Application layer

2.1 Principles of network applications

2.2 Web and HTTP

2.3 FTP

2.4 Electronic Mail

2.5 DNS

2.6 P2P Applications


4/32

GeorgiaTech

4

Electronic Mail

Three major components:

user agents

mail servers

simple mail transfer protocol:SMTP

User Agent

a.k.a. mail reader

composing, editing, reading mailmessages

e.g., Eudora, Outlook, elm,Netscape Messenger

outgoing, incoming messagesstored on server

user mailbox

outgoing message queue

mailserver

user

agent

user

agent

user

agentmail

server

user

agentuser

agent

mail

server

user

agent

SMTP

SMTP

SMTP


5/32

GeorgiaTech

5

Electronic Mail: mail servers

Mail Servers

mailbox contains incomingmessages for user

messagequeue of outgoing (tobe sent) mail messages

SMTP protocol between mailservers to send email messages

client: sending mail server

server: receiving mail server

mailserver

user

agent

user

agent

user

agentmail

serveruser

agentuser

agent

mail

server

user

agent

SMTP

SMTP

SMTP


6/32

GeorgiaTech

6

Electronic Mail: SMTP [RFC 2821]

uses TCP to reliably transfer email message from client to server, port 25

direct transfer: sending server to receiving server

three phases of transfer handshaking (greeting)

transfer of messages

closure

command/response interaction commands:ASCII text

response: status code and phrase

messages must be in 7-bit ASCII


7/32

GeorgiaTech

7

Scenario: Alice sends message to Bob

1) Alice uses UA to composemessage and [email protected]

2) Alices UA sends message toher mail server; message

placed in message queue3) Client side of SMTP opens TCP

connection with Bobs mailserver

4) SMTP client sends Alices messageover the TCP connection

5) Bobs mail server places themessage in Bobs mailbox

6) Bob invokes his user agent toread message

user

agent

mail

server

mail

serveruser

agent

1

2 3 4 56


8/32

GeorgiaTech

8

Sample SMTP interaction

S: 220 hamburger.eduC: HELO crepes.frS: 250 Hello crepes.fr, pleased to meet youC: MAIL FROM: S: 250 [email protected]... Sender okC: RCPT TO:

S: 250 [email protected] ... Recipient okC: DATAS: 354 Enter mail, end with "." on a line by itselfC: Do you like ketchup?C: How about pickles?C: .

S: 250 Message accepted for deliveryC: QUITS: 221 hamburger.edu closing connection


9/32

GeorgiaTech

9

Try SMTP interaction for yourself:

telnet servername 25

see 220 reply from server

enter HELO, MAIL FROM, RCPT TO, DATA, QUITcommands

above lets you send email without using email client (reader)


10/32

GeorgiaTech

10

SMTP: final words

SMTP uses persistentconnections Just like...?

SMTP requires message (header& body) to be in 7-bit ASCII

SMTP server uses CRLF.CRLFto determine end of message

Comparison with HTTP:

HTTP: pull SMTP: push both have ASCII command/

response interaction, statuscodes

HTTP: each object encapsulatedin its own response msg

SMTP: multiple objects sent inmultipart msg


11/32

GeorgiaTech

11

Mail message format

SMTP: protocol for exchangingemail msgs

RFC 822: standard for textmessage format:

header lines, e.g.,

To:

From:

Subject:

differentfrom SMTPcommands!

body the message, ASCII characters

only

header

body

blank

line


12/32

GeorgiaTech

12

Message format: multimedia extensions

MIME: multimedia mail extension, RFC 2045, 2056

additional lines in msg header declare MIME content type

From: [email protected]: [email protected]: Picture of yummy crepe.MIME-Version: 1.0Content-Transfer-Encoding: base64Content-Type: image/jpeg

base64 encoded data ....................................base64 encoded data

multimedia data

type, subtype,parameter declaration

method usedto encode data

MIME version

encoded data


13/32

GeorgiaTech

13

Mail access protocols

SMTP: delivery/storage to receivers server

Mail access protocol: retrieval from server POP: Post Office Protocol [RFC 1939]

authorization (agent server) and download IMAP: Internet Mail Access Protocol [RFC 1730]

more features (more complex)

manipulation of stored msgs on server HTTP: Hotmail , Yahoo! Mail, etc.

user

agent

senders mail

server

user

agent

SMTP SMTP access

protocol

receivers mail

server


14/32

GeorgiaTech

14

POP3 protocol

authorization phase client commands:

user: declare username

pass: password

server responses

+OK

-ERR

transaction phase, client:

list: list message numbers

retr: retrieve message by number

dele: delete

quit

C: list

S: 1 498S: 2 912S: .C: retr 1S: S: .C: dele 1

C: retr 2S: S: .C: dele 2C: quitS: +OKPOP3 server signing off

S: +OK POP3 server readyC: user bobS: +OKC: pass hungryS: +OKuser successfully logged on


15/32

GeorgiaTech

15

POP3 (more) and IMAP

More about POP3

Previous example usesdownload and deletemode.

Bob cannot re-read e-mail if he changes client

Download-and-keep:copies of messages on

different clients

POP3 is stateless acrosssessions

IMAP

Keep all messages in oneplace: the server

Allows user to organizemessages in folders

IMAP keeps user stateacross sessions:

names of folders andmappings between message

IDs and folder name


16/32

GeorgiaTech

16

Chapter 2: Application layer

2.1 Principles of networkapplications

2.2 Web and HTTP

2.3 FTP 2.4 Electronic Mail

2.5 DNS

2.6 P2P Applications


17/32

GeorgiaTech

17

DNS: Domain Name System

People: many identifiers:

SSN, name, passport #

Internet hosts, routers:

IP address (32 bit) - used foraddressing datagrams

name, e.g., www.yahoo.com- used by humans

Q: map between IPaddresses and name ?

Domain Name System:

distributed databaseimplemented in hierarchy ofmany name servers

application-layer protocol host,routers, name servers tocommunicate to resolve names(address/name translation)

note: core Internet function,implemented as application-layerprotocol

complexity at networks edge


18/32

GeorgiaTech

18

DNS

Why not centralize DNS?

single point of failure

traffic volume

distant centralized database maintenance

doesnt scale!

DNS services Hostname to IP address

translation

Host aliasing Canonical and alias names

Mail server aliasing Load distribution

Replicated Web servers: setof IP addresses for onecanonical name


19/32

GeorgiaTech

19

Root DNS Servers

com DNS servers org DNS servers edu DNS servers

poly.edu

DNS servers

umass.edu

DNS serversyahoo.comDNS servers

amazon.comDNS servers

pbs.orgDNS servers

Distributed, Hierarchical Database

Client wants IP for www.amazon.com; 1st approx:

Client queries a root server to find com DNS server

Client queries com DNS server to get amazon.com DNSserver

Client queries amazon.com DNS server to get IP addressfor www.amazon.com


20/32

GeorgiaTech

20

DNS: Root name servers

contacted by local name server that can not resolve name root name server:

contacts authoritative name server if name mapping not known

gets mapping

returns mapping to local name server

13 root name serversworldwide

b USC-ISI Marina del Rey, CAl ICANN Los Angeles, CA

e NASA Mt View, CAf Internet Software C. Palo Alto,CA (and 17 other locations)

i Autonomica, Stockholm (plus 3 other locations)

k RIPE London (also Amsterdam, Frankfurt)

m WIDE Tokyo

a Verisign, Dulles, VAc Cogent, Herndon, VA (also Los Angeles)d U Maryland College Park, MDg US DoD Vienna, VAh ARL Aberdeen, MD j Verisign, ( 11 locations)


21/32

GeorgiaTech

21

TLD and Authoritative Servers

Top-level domain (TLD) servers: responsible for com,org, net, edu, etc, and all top-level country domains uk,fr, ca, jp.

Network solutions maintains servers for com TLD

Educause for edu TLD

Authoritative DNS servers: organizations DNS servers,providing authoritative hostname to IP mappings fororganizations servers (e.g., Web and

mail). Can be maintained by organization or

service provider


22/32

GeorgiaTech

22

Local Name Server

Does not strictly belong to hierarchy

Each ISP (residential ISP, company, university) has one. Also called default name server

When a host makes a DNS query, query is sent to itslocal DNS server

Acts as a proxy, forwards query into hierarchy.


23/32

GeorgiaTech

23

requesting hostcis.poly.edu

gaia.cs.umass.edu

root DNS server

local DNS serverdns.poly.edu

1

23

4

5

6

authoritative DNS serverdns.cs.umass.edu

78

TLD DNS server

Example

Host at cis.poly.eduwants IP address forgaia.cs.umass.edu


24/32

GeorgiaTech

24

requesting hostcis.poly.edu

gaia.cs.umass.edu

root DNS server

local DNS serverdns.poly.edu

1

2

45

6

authoritative DNS serverdns.cs.umass.edu

7

8

TLD DNS server

3

Recursive queries

recursive query:

puts burden of nameresolution oncontacted name server

heavy load?iterated query:

contacted serverreplies with name of

server to contact I dont know this

name, but ask thisserver


25/32

GeorgiaTech

25

DNS: caching and updating records

once (any) name server learns mapping, it caches the mapping cache entries timeout (disappear) after some time

TLD servers typically cached in local name servers

Thus root name servers not often visited update/notify mechanisms under design by IETF

RFC 2136

http://www.ietf.org/html.charters/dnsind-charter.html


26/32

GeorgiaTech

26

DNS records

DNS: distributed db storing resource records (RR)

Type=NS name is domain (e.g.

foo.com)

value is hostname ofauthoritative nameserver for this domain

RR format:(name, value, type, ttl)

Type=A name is hostnamevalue is IP address

Type=CNAME name is alias name for some

canonical (the real) name

www.ibm.comis reallyservereast.backup2.ibm.com

value is canonical name

Type=MXvalue is name of mailserver

associated with name


27/32

GeorgiaTech

27

DNS protocol, messages

DNS protocol :query and reply messages, both with same message format

msg header

identification:16 bit # forquery, reply to query usessame #

flags: query or reply recursion desired

recursion available reply is authoritative


28/32

GeorgiaTech

28

DNS protocol, messages

Name, type fieldsfor a query

RRs in responseto query

records forauthoritative servers

additional helpfulinfo that may be used


29/32

GeorgiaTech

29

Inserting records into DNS

Example: just created startup Network Utopia Register name networkuptopia.com at a registrar (e.g.,

Network Solutions)

Need to provide registrar with names and IP addresses of yourauthoritative name server (primary and secondary)

Registrar inserts two RRs into the com TLD server:

(networkutopia.com, dns1.networkutopia.com, NS)

(dns1.networkutopia.com, 212.212.212.1, A)

Put in authoritative server Type A record forwww.networkuptopia.com and Type MX record fornetworkutopia.com

How do people get the IP address of your Web site?


30/32

GeorgiaTechDNS Security Issues

Given that so many different servers can respond toyour request, how do you know that what you get back iscorrect?

Are you sure that you spoke to the resolver you think youspoke to?

What happens if you manage to give a resolver falselook-up information?

30


31/32

GeorgiaTechDNS Cache Poisoning

31

Victim

nameserver

Root

Servers

evil.net

neighborhoodbank.com

1

QID=

599

IPforwww.neighborhoodbank.com

2

QID=599

referraltoneighborhoodbank.com

ns.neighborhoodbank.com

www.neighborhoodbank.com

www.neighborhoodbank.comfake!

evil client

3QID=600

IP for www.neighborhoodbank.com

4QID=600

IP: 192.168.1.100

QID=600QID=601

QID=599

1a - IP: 192.188.42.18

Client

0

IPforwww.neighborhoodbank.com5

Transaction


32/32

GeorgiaTechSame Bat Time...

Peer-to-Peer architectures/applications Read Section 2.6

Socket Programming The book uses Java, we are going

to use C

If you havent looked at the PocketSockets Guide.

32

Lecture05 Email DNS

Documents

Transcript of Lecture05 Email DNS