More features of e-mail

Last Update 2001-09-16


Some issues regarding ESMTP

ESMTP is Extended SMTP (Simple Mail Transfer Protocol). Here are some RFCs which are of interest for me.


MIME (Multipurpose Internet Mail Extensions) is a standard to send stuff other than 7Bit ASCII by e-mail.

Authentication and Encryption

RFC 2554 defines SMTP Service Extension for Authentication which is based on SASL as defined in RFC 2222.

sendmail 8.10 implements SMTP AUTH, sendmail 8.11 implements SMTP STARTTLS.

BTW: please don't use PLAIN as an authentication mechanism, unless a strong encryption layer, such as SSL or TLS, is active. Quoting RFC 2595

6. PLAIN SASL mechanism

   Clear-text passwords are simple, interoperate with almost all
   existing operating system authentication databases, and are useful
   for a smooth transition to a more secure password-based
   authentication mechanism.  The drawback is that they are unacceptable
   for use over an unencrypted network connection.

TLS can be used to authenticate clients and servers and to encrypt e-mail when ESMTP is used. RFC 2487 defines STARTTLS.

Security at the user level: encryption

[(links)] [Hints] [Avoiding UBE] [cf/README] [New]
Copyright © Claus Aßmann Please send comments to: <ca at>
Disclaimer: the information provided may be inaccurate or outdated or incomplete. Please contact me if you find an error.