STARTTLS SMTP Extension
STARTTLS is defined as a protocol that is an upgraded form of an existing protocol that provides an encrypted connection so that email messages can be protected over the network from unauthorized users. STARTTLS can encrypt the data that is being transmitted from one server to another. Once a secure connection is established between two servers, the sending server sends a signal to the receiving server that it is capable of encryption. This means that encryption can only be done if it has been negotiated between the sending and receiver servers.
STARTTLS is still prone to some attacks such as the Man in the Middle attack. In this attack, the attacker places himself between the sender and receiver server and pretends to be a legitimate user. As SMTP does not provide any other security methods, the SMTP server is not able to identify Man in the Middle. The sending server communicates with the wrong server.
Working of STARTTLS SMTP Extension:
Below figure describes the working of STARTTLS.
- SMTP protocol messages are unencrypted. in STARTTLS the messages are encrypted and maintains the security. Below are steps for working of STARTTLS according to the above figure.
- First in order to identify the email client and email sever, the process starts with the TCP(Transmission Control Protocol) handshake.
- The server then responds to the client with 220 Ready so that email client can proceed for the further communication.
- The client then sends a “EHLO” message to server to inform that the client wants to use the Extended SMTP for the further communication.
- The client then sends “250-STARTTLS” to the mail server. It asks whether the STARTTLS is accepted or not.
- Upon asking, if server sends back the message of “GO HEAD” the STARTTLS connection can be implemented.
- Once client receives message from server, client restarts the connection and the email message is in encrypted form.
SMTP Extensions: STARTTLS, and DANE
SMTP stands for Simple Mail Transfer Protocol. SMTP is an application layer protocol. Whenever a client needs to send mail, opens a TCP connection to the SMTP server and then sends mail over the network. The connection is established by the SMTP server through port 25.