SMTPS
   HOME

TheInfoList



Click Here for Items Related To - SMTPS
OR:
SMTPS on:   [Wikipedia]   [Google]   [Amazon]

SMTPS (Simple Mail Transfer Protocol Secure) is a method for securing the
SMTP The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients ty ...
using
transport layer security Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...
. It is intended to provide
authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicatin ...
of the communication partners, as well as
data integrity Data integrity is the maintenance of, and the assurance of, data accuracy and consistency over its entire life-cycle and is a critical aspect to the design, implementation, and usage of any system that stores, processes, or retrieves data. The ter ...
and
confidentiality Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits the access or places restrictions on certain types of information. Legal confidentiality By law, lawyers are often required ...
. SMTPS is not a proprietary protocol and not an extension of SMTP. It is a way to secure SMTP at the
transport layer In computer networking, the transport layer is a conceptual division of methods in the layered architecture of protocols in the network stack in the Internet protocol suite and the OSI model. The protocols of this layer provide end-to-e ...
, by wrapping SMTP inside TLS. Conceptually, it is similar to how HTTPS wraps HTTP inside TLS. This means that the client and server speak normal SMTP at the
application layer An application layer is an abstraction layer that specifies the shared communications protocols and interface methods used by hosts in a communications network. An ''application layer'' abstraction is specified in both the Internet Protocol Su ...
, but the connection is secured by
SSL SSL may refer to: Entertainment * RoboCup Small Size League, robotics football competition * ''Sesame Street Live'', a touring version of the children's television show * StarCraft II StarLeague, a Korean league in the video game Natural language ...
or
TLS TLS may refer to: Computing * Transport Layer Security, a cryptographic protocol for secure computer network communication * Thread level speculation, an optimisation on multiprocessor CPUs * Thread-local storage, a mechanism for allocating vari ...
. This happens when the TCP connection is established, before any mail data has been exchanged. Since whether or not to use SSL or TLS is not explicitly negotiated by the peers, services that speak SMTPS are usually reachable on a dedicated port of their own.


Difference between SMTPS and smtps

"smtps" is also the name of an IANA-registered service, with the TCP port number 465. The service was intended for use by
Mail Transfer Agent The mail or post is a system for physically transporting postcards, letters, and parcels. A postal service can be private or public, though many governments place restrictions on private systems. Since the mid-19th century, national postal syst ...
s (MTAs), as a point of contact where these could exchange email in an encrypted form rather than in plaintext. The registration was quickly revoked, however, as standardization efforts resulted in an alternate approach. The registration has never been reinstated. When describing the IANA service registration, the official capitalization is "smtps". When describing the network protocol, the capitalization "SMTPS" is often used (similar to how HTTPS is capitalized). Port 587 is the well-known port for submitting mail to a server, frequently (but not required to be) encrypted using STARTTLS. Some email service providers allow their customers to use the SMTPS protocol to access a TLS-encrypted version of the "submission" service on port 465. This is a different service from what the original IANA registration dedicated the port to (for it used to be dedicated to encrypted content delivered as-is / in plain text, whereas nowadays' SMTPS on port 465 still uses plaintext content, only wrapped within TLS-encrypted transportation-basically the reverse mechanism). RFC 8314 aims to rectify this problem and integrate the use of port 465 as a TLS-encrypted "submission" port into the well-known port registrations published by IANA. The proposed service name is "submissions". While there is no longer any officially registered endpoint for the SMTP service, it is still possible to exchange email over an encrypted transport with similar guarantees as those offered by smtps, in particular with the guarantee that either the exchange succeeds securely, or does not happen at all, by using DANE in combination with
DNSSEC The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol ...
. Many email servers are configured to either not deliver email securely at all, or to first try secure delivery with the
STARTTLS Opportunistic TLS (Transport Layer Security) refers to extensions in plain text communication protocols, which offer a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted c ...
mechanism, and if that fails, for example, because the remote service does not offer it, or because a successful MITM-attack has stripped announcement of the feature, simply fall back to delivery by insecure means.


History

In early 1997, the
Internet Assigned Numbers Authority The Internet Assigned Numbers Authority (IANA) is a standards organization that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System (DNS), media types, and other Inte ...
registered port 465 for smtps. Late 1998 this was revoked when
STARTTLS Opportunistic TLS (Transport Layer Security) refers to extensions in plain text communication protocols, which offer a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted c ...
was standardized. With STARTTLS, the same port can be used with or without TLS. The use of well-known ports for mail exchanges communicating with SMTP was discussed in particular at the time. Port 465 currently shows as registered for both
Source-Specific Multicast Source-specific multicast (SSM) is a method of delivering multicast packets in which the only packets that are delivered to a receiver are those originating from a specific source address requested by the receiver. By so limiting the source, SSM re ...
and submissions. RFC 8314 "Cleartext Considered Obsolete: Use of TLS for Email Submission and Access" proposes to officially recognize port 465 for implicitly encrypted email submission.


See also

*


References

{{DEFAULTSORT:Smtps Internet mail protocols Transport Layer Security