What is SMTP?
Updated at: Apr 08, 2020
Simple Mail Transfer Protocol (SMTP) is the technology that allows emails to be sent from one server to another until they are delivered to your mailbox. In other words, SMTP is an internet protocol that connects machines and helps to transport your email. It's your virtual postman.
But it's important to be clear that SMTP is exclusive for sending emails. The job of receiving and delivering messages is up to the incoming email servers, called POP3 (Post Office Protocol) and IMAP (Internet Message Access Protocol).
As in the post office, this is a team effort. SMTP takes the email and POP3 or IMAP takes care of delivering it.
In this article, you’ll review the following topics about the SMTP protocol.
- How SMTP works.
- SMTP and your business’s email security.
- How to make SMTP secure.
How SMTP works
For now, you already know that an SMTP server, or just a computer running SMTP, has the function of carrying emails on the internet. But how does it work in practice? We've created a simplified process to show you how SMTP works.
1. Sending emails via SMTP
When you click the send button, your email service or platform, such as Office 365, Zimbra or G Suite, will connect to your SMTP server and provide details of the message. This SMTP server is connected to your domain and has a specific address, such as smtp.example.com.
SMTP will now identify the recipient of the email. If your message is being sent to an email address on the same domain, it will be sent directly to the IMAP or POP3 server.
But, if the email is addressed to another domain, your SMTP server will need to connect with the recipient's SMTP server.
2. Delivering emails via IMAP or POP3
To find the recipient's server, your SMTP server connects to the DNS (Domain Name System). DNS helps to find the recipient's server using an IP address, which is a number that identifies a machine or server connected to the internet.
Now, your email will generally go through different unrelated SMTP servers until it is delivered to the recipient's SMTP. After the message is verified, it will be forwarded to the IMAP or POP3 server, which will then be responsible for delivering the message to the recipient.
SMTP and your business’s email security
As seen, SMTP is extremely important and fundamental for sending e-mails. But there is a big problem. The standard SMTP protocol is extremely vulnerable to attacks and threats.
Unlike what you might imagine, it doesn't come with major protection barriers, such as encryption and other advanced technologies. And this is where cybercriminals take advantage of the situation. Let's see how.
1. Data breaches
Cybercriminals can gain access to your SMTP server in a number of ways, including using malicious software (or malware). After they invade your server, they will have access to all the information that travels through your email network. The result could be a data breach that is likely to damage your brand and reputation.
2. BEC, phishing e spam
Once they have access to your SMTP server, hackers can use it to send malicious emails impersonating you or someone in your company. These malicious emails can be, for example, BEC (Business Email Compromise), spam, and phishing scams.
As your company is known within an area and your domain is legitimate, the chances of a successful scam increase considerably.
3. DDoS attacks
A DDoS (Distributed Denial-of-Service attack) is an attempt to interrupt a server, network or service by overloading the target with numerous requests.
Imagine that your SMTP server can be used by bad people to flood other companies' servers with thousands of emails, paralyzing services and even causing financial losses depending on the situation.
4. Ransomware and other malware
Yes, intruders can use your SMTP server to spread ransomware and other malware via email. What makes this issue even more worrying is that these attacks can be targeted at your own company, affecting your infrastructure.
Depending on the type of malware used, the hacker can block data and demand a ransom payment to release them, as in the case of ransomware. He can also change privileges and have access to confidential data, or remain hidden spying on the daily life of your company.
How to make SMTP secure
There are several layers of security that can be added to the SMTP protocol to make it more secure.
Have you heard, for example, of TLS (Transport Layer Security) and SSL (Secure Sockets Layer)?
TLS and SSL (now discontinued) are mechanisms that encrypt messages that are exchanged between your email service and server. That is, if someone without authorization accesses your SMTP, he will not see the content of the emails in a legible way, just a tangle of characters.
It's an important protective layer. But, of course, the criminal can still use your server for other illegal activities, such as sending malicious emails.
Some authentication mechanisms also reinforce your business's email protection, such as SPF, DKIM, and DMARC. These are email validation systems that prevent fraud, such as phishing, spoofing, and impersonation, as well as improve the delivery capacity of your emails.
Gatefy email protection solutions
If you have any questions about this topic, talk to us. Gatefy develops solutions based on artificial intelligence and machine learning that improve your business’s email security.
Gatefy Anti-Fraud Protection, for example, is a solution designed to simplify DMARC adoption, helping your company to fight phishing, spoofing and other types of threats.