Problem solve Get help with specific problems with your technologies, process and projects.

Explanation of SMTP and POP3

I'm currently using a Watchguard firewall to protect the network of my company. I would really appreciate if you could assist me in understanding the concept of the services provided by Watchguard. The services that I would like you to explain more is SMTP and POP3. There is a user guide but I still need more information on these services. What does incoming/outgoing mean for both SMTP and POP3?

I will keep this short as to not write a dissertation.

As the use of electronic mail increases, SMTP and POP3 are becoming more popular. RFC 821 and 822 are the basis that explain how and why this was created. SMTP uses a Message Transfer Agent (MTA), actually two, one on the receiver and another on the sender. MTA will queue or spool the messages/e-mail while the other MTA is not active and vice versa. SMTP uses TCP to communicate across networks. After the TCP connection is established, the MTAs use a similar ACK/SYN/FIN process. Relay MTAs make e-mail work on the Internet, just as TCP traffic depends on the backbone with relays.

POP3 works on the same principles as SMTP with some minor differences. RFC 2449 and 2595 explain POP3 in detail.

Differences: POP3 protocol allows for e-mail to remain on a server until the user is ready to receive it (commonly used by Internet Service Providers). The user downloads their e-mail from the ISP's mail server when they are connected, but the user does not need to be connected in order for mail to be sent to them by other network users. The server holds incoming mail until the user connects and requests his mail.

SMTP protocol handles e-mail delivery over the network. It handles routing, acceptance and delivery between mail servers. This protocol allows the mail server on the above-mentioned ISP setup to transfer e-mail from their server to another ISP's mailserver, where it is commonly held for delivery to the final destination -- the user who accesses the message through POP3.

If you are using the proxy service, it will provide a proxy between external and internal servers. Meaning substitute as a service and not open your network to penetration. It translates to inbound from external sources, out translates to outbound. These apply to the interface, not the service. Firewalls in general are configured by the interface, nothing less.

More on this topic

Best Web Links: Infrastructure and Network Security


This was last published in June 2002

Dig Deeper on Application firewall security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.