Simple Message Transfer Protocol (SMTP) is an asymmetric response protocol. This means that it transmits a command, and then waits for a response before transmitting the next command. The commands that SMTP uses are words, but the responses are numeric codes. Following are some common SMTP commands.
The HELO command is used to initiate an SMTP session. When one host needs to establish an SMTP session with another host, it transmits the HELO command to the receiving host. The host wanting to establish the session cannot transmit the next SMTP command until it has received a response from the initial command. To ensure that the receiving host knows where to send that response, the sending host uses its fully qualified domain name (FQDN) as an argument to the HELO command.
Because the MAIL FROM: command is used primarily to send email addresses, it needs a way to alert the recipient host to who is sending the inbound message. The HELO command provides the receiving host with the FQDN of the server sending the message, but the receiving server doesn't know which email address within that domain actually sent the message.
There is no guarantee that the sending email address belongs to the same domain as the server that transmitted the HELO command because that server could have been acting as a relay. It is important for the transmitting host to send the receiving host the originating email address so that the recipient can respond to the message, if necessary.
The RCPT TO: command tells the receiving host the email address of the message recipient. While this SMTP command may seem simple, it is very common for an email message to be sent to multiple recipients. Often, the recipients are in different domains.
If a message is being sent to multiple recipients within a common domain, SMTP transmits the RCPT TO: command multiple times -- once for each recipient.
If the recipients are in different domains, then the transmitting SMTP host performs a DNS query against all of the recipient's email addresses to obtain the MX record associated with the recipient's domain. This query happens every time an SMTP message is sent, regardless of the number of recipients.
This query returns the IP address of the recipient's mail server. If the message is going to multiple mail servers, which may imply that it is going to recipients in different domains, then SMTP must establish a separate session with each domain.
All of the aforementioned SMTP commands have one thing in common -- they are used in conjunction with a parameter, such as an email address. The DATA command works differently. When the sending host transmits the DATA command, it tells the receiving host that a stream of data will follow. That stream of data is the message body.
Because an email message can be any length, the receiving host needs a way to know when all of the data has been received. To do so, SMTP appends a CRLF and a period (.) at the end of the message body. This period, on a line by itself, allows the receiving host to determine when the entire message has been received.
The subject of the message is included in the message data stream, and is treated as a header line. Header lines aren't actually SMTP commands, but they are placed on a line by themselves, and a blank line separates them from the rest of the data stream.
The QUIT command is used to terminate an SMTP session, but it's not always necessary. If the transmitting host has only one message to send to the receiving host, then the transmitting host will issue a QUIT command once the email has been delivered. However, if the transmitting host has multiple messages to send to the receiving host, issuing another MAIL FROM: command and sending another email is more efficient than using a QUIT command followed by a HELO command. There is no reason to terminate the session if more messages need to be sent to the receiving host.
The RSET command performs an SMTP reset, and then aborts the message that is currently being sent.
This SMTP command was originally designed to allow the transmitting host to verify that the receiving address was valid prior to sending an email. The rationale behind this command was that it would conserve bandwidth because messages wouldn't be sent to invalid recipients.
The problem with the VRFY command is that it is a huge security risk. For example, when the VRFY command is used in a Unix implementation, the receiving host will respond with the login name of the user who owns the corresponding email address. This is problematic because it allows spammers to look for valid email addresses and hackers to hunt for valid login names.
The Exchange 2003 implementation of SMTP uses the VRFY command, but doesn't give out login names. I ran the VRFY command against a valid user on my Exchange server and received this response:
252 2.1.5 Cannot VRFY user, but will take messages for email@example.com
The TURN command is used only in dial-up environments. For example, a recipient that doesn't host his own mail server would rely on an ISP's SMTP server. The MX record for the recipient's domain would therefore point to the ISP's SMTP server.
When the recipient needed to retrieve mail from the ISP's SMTP server, he could establish a connection, and then issue the TURN command. This command polls the host for any messages that have been queued.
SMTP response codes
All SMTP commands are met with numeric responses. Following are some common SMTP server response codes and their meanings.
- 220: The SMTP service is ready
- 221: SMTP is closing the transmission channel
- 250: The command has been completed
- 354: OK to transmit message
- 450: Command can not be completed because the mailbox is busy
- 451: Command has been aborted because of an error
- 452: Command has been aborted because the receiving host
is out of disk space
- 500: Syntax error
- 550: Specified mailbox is unavailable or does not exist
- 552: Command was aborted because the recipient has exceeded
their storage quota
- 554: The transaction has failed
TUTORIAL: A PRIMER ON SMTP AND ESMTP SERVERS AND COMMANDS
Part 1: SMTP commands and server response codes
Part 2: How to perform a Telnet SMTP session for Exchange Server 2003
Part 3: How Extended SMTP works and common ESMTP commands
Part 4: Security-related and Exchange-specific ESMTP commands
|ABOUT THE AUTHOR:|
| Brien M. Posey, MCSE
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com.