SMTPS

from Wikipedia, the free encyclopedia
SMTPS on the TCP / IP protocol stack :
application SMTP
transport SSL / TLS
TCP
Internet IP ( IPv4 , IPv6 )
Network access Ethernet Token
bus
Token
ring
FDDI ...

SMTPS (Simple Mail Transfer Protocol Secure) refers to a procedure for securing communication during e-mail transport via SMTP over SSL / TLS and thus enables authentication of the communication partners on the transport level as well as the integrity and confidentiality of the transmitted messages . End-to-end security is not achieved, however, since all mail servers and mail relays (must) process the e-mail in clear text. E-mail security at application level cannot be achieved with SMTPS.

SMTPS is not a separate protocol, nor is it an extension of SMTP, as it works completely transparently and independently of this on the transport layer .

This means that the connection over which SMTP is processed is secured by software using the SSL or TLS procedures. This happens directly when the connection is established, before any mail data is exchanged. So since the use of the security layer is not negotiated, SMTPS services usually are on a separate TCP - Port achievable.

The Internet Assigned Numbers Authority originally registered port 465 for SMTPS in early 1997. At the end of 1998 this was (temporarily) revoked when STARTTLS was specified. With STARTTLS, the same port can be used without TLS and with TLS. This was considered to be particularly important for SMTP because clients also use this protocol to address external servers , which they cannot know whether they offer a separate port for TLS. In 2001, port 465 was assigned for URL Rendezvous , which is part of Source Specific Multicast for audio and video. In 2018 the recommendation changed again. Since then, RFC 8314 has recommended SMTPS with implicit TLS on port 465 to be preferred over STARTTLS and completely unencrypted SMTP.

Individual evidence

  1. ^ Re: Regularizing Port Numbers for SSL . Internet Mail Consortium. April 30, 1997. Accessed on September 25, 2009.  ( Page no longer available , search in web archivesInfo: The link was automatically marked as defective. Please check the link according to the instructions and then remove this notice. @1@ 2Template: Dead Link / www.imc.org  
  2. Paul Hoffman: revoking the smtps TCP port . Internet Mail Consortium. November 12, 1998. Archived from the original on March 31, 2009. Retrieved January 22, 2015.
  3. ^ Paul Hoffman: Do we need IMAP / TLS or POP / TLS? . Internet Mail Consortium. June 1, 1997. Archived from the original on August 19, 2009. Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. Retrieved January 22, 2015. @1@ 2Template: Webachiv / IABot / www.imc.org
  4. Port Numbers . Internet Assigned Numbers Authority. June 4, 2001. Archived from the original on June 4, 2001. Retrieved July 23, 2017.
  5. Port Numbers . Internet Assigned Numbers Authority. July 25, 2001. Archived from the original on August 13, 2001. Retrieved July 23, 2017.
  6. Source Specific Multicast with IGMPv3, IGMP v3lite, and URD . Cisco Systems . Retrieved July 23, 2017.
  7. Chris Newman, Keith Moore: Cleartext Considered Obsolete: Use of Transport Layer Security (TLS) for Email Submission and Access. Accessed February 11, 2019 .