SMTP 协议研究

发布于:2023-01-08 ⋅ 阅读:(9148) ⋅ 点赞:(8)

文章目录

SMTP

SMTP—简单邮件传输协议,是用来发送邮件的,不是用来接受邮件的。从RFC发布历程中,SMTP 是个生命力顽强的协议;

  • 1981 RFC788 SMTP 正式发布 第一个版本
  • 1995 RFC1869 SMTP 扩展版本协议发布(ESMTP), 引入登陆认证机制,MIME支持多媒体,SSL/TLS 安全之类的

现代主流的SMTP 其实都是 ESMTP,这不重要啦,因为大家都一样,一个代称而已; SMTP 协议是一种问答式协议, 有点像问答题,问一句答一句; 所以SMTP 定义 一套类似 语文中 ”主谓宾" 语法;

指令 含义 示例
EHLO 客户端发起邮件申请,并查询服务端 支持的扩展列表 ehlo localhost
MAIL 设置邮件发件人 mail from:sender@email.comsender@email.com
RCPT 设置邮件收件人 rcpt to:receive@email.comreceive@email.com
DATA 发送邮件内容主体 注意编码 和 结束符号.

SMTP支持指定编码方式 例如 utf8, gbk 等,其中 B表示Base64 编码

=?GBK? B?ztLAtLjksldfjLiytQ=?=
=?UTF8? B?ztLAtLLiytQ=?=

抓包分析

  • TCP 建立连接 3次握手
    在这里插入图片描述
  • 客户端 ehlo ,服务端返回支持列表
    在这里插入图片描述
  • 客户端认证, 明文传输
    在这里插入图片描述
  • 构造邮件报文
    在这里插入图片描述

Telnet 交互式发送邮件

Telnet连接QQ邮件服务器,发送一封包含附件的邮件。 邮件内容如下:
在这里插入图片描述

  • Telnet 连接 QQ邮件服务器,QQ邮件服务器分企业邮件服务器(smtp.exmail.qq.com) 和普通邮件服务器(smtp.qq.com), 并开始ehlo 命令
$  telnet smtp.exmail.qq.com 25
Trying 157.148.36.163...
Connected to smtp-v6.exmail.qq.com.
Escape character is '^]'.
220 smtp.qq.com Esmtp QQ QMail Server
ehlo richard
250-smtp.qq.com
250-PIPELINING
250-SIZE 73400320
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN
250-MAILCOMPRESS
250 8BITMIME

链接上QQ邮件服务器之后, ehlo 可以随意设置, 然后QQ邮件服务器会返回 它支持的邮件扩展能力

  • 登陆认证QQ邮件服务器, 需要输入用户和密码, 对于企业邮箱用户和密码, 对于非企业邮箱用户 需要用户名和授权码; 编码是Base64
auth login
334 VXNlcm5hbWU6   // base64 反序列化  Username:
6L6T5YWl6Ieq5bex55qE55So5oi35ZCN
334 UGFzc3dvcmQ6  // base64 发序列化   Password:
6L6T5YWl6Ieq5bex55qE5a+G56CB
235 Authentication successful

输入正确后, QQ邮件服务器会返回 认证成功 的信息

  • 设置发送邮件的发件人,收件人和邮件信息
mail from:<sender@email.com>sender@email.com size=16384         //设置发件人
250 Ok
rcpt to:<receive@email.com>                                     //设置收件人
250 Ok
data                                                            //设置邮件内容, 最后以 . 结束  
354 End data with <CR><LF>.<CR><LF>
  • 设置邮件内容主题
From: sender@email.com     // 需要和mail 命令指定的一致
To:  receive@email.com     // 需要和rcpt 命令指定的一致
Subject: =?UTF8?B?5r+A5rS76LSm5Y+36YCa55+l6YKu5Lu25o+Q6YaS?= 
MIME-Version: 1.0
X-Business-Group:  YSZX-CN
Content-Type: multipart/mixed; 
   boundary="----=_Part_690a405a-d366-48f4-a760-48433c5237d5"

------=_Part_690a405a-d366-48f4-a760-48433c5237d5
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: base64

CkRlYXIgS2VsbHkKCiAgICDov5nmmK/kuIDlsIHmv4DmtLvpgq7ku7bmj5DphpLvvIwg5aaC5p6c5rKh5pyJ5r+A5rS76K+354K55Ye75Lul5LiL6ZO+5o6lCiAgICAKICAgIGh0dHBzOi8vcmljaGFyZC5wdWIvCgoKQmVzdApSaWNoYXJkCg==

------=_Part_690a405a-d366-48f4-a760-48433c5237d5
Content-Type: application/octet-stream; name="=?UTF-8?B?5rWL6K+V6ZmE5Lu25paH5Lu2Lmh0bWw=?="
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="=?UTF-8?B?5rWL6K+V6ZmE5Lu25paH5Lu2Lmh0bWw=?="

CkRlYXIgS2VsbHkKCiAgICDov5nmmK/kuIDlsIHmv4DmtLvpgq7ku7bmj5DphpLvvIwg5aaC5p6c5rKh5pyJ5r+A5rS76K+354K55Ye75Lul5LiL6ZO+5o6lCiAgICAKICAgIGh0dHBzOi8vcmljaGFyZC5wdWIvCgoKQmVzdApSaWNoYXJkCg==
------=_Part_690a405a-d366-48f4-a760-48433c5237d5--
.
250 Ok: queued as

OpenSSL 交互式发送邮件

  • openssl client 连接QQ邮件服务器
$ openssl s_client -crlf -connect smtp.exmail.qq.com:465 
CONNECTED(00000006)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert Secure Site CN CA G3
verify return:1
depth=0 C = CN, ST = Guangdong Province, L = Shenzhen, O = Tencent Technology (Shenzhen) Company Limited, CN = *.exmail.qq.com
verify return:1
---
Certificate chain
0 s:/C=CN/ST=Guangdong Province/L=Shenzhen/O=Tencent Technology (Shenzhen) Company Limited/CN=*.exmail.qq.com
  i:/C=US/O=DigiCert Inc/CN=DigiCert Secure Site CN CA G3
1 s:/C=US/O=DigiCert Inc/CN=DigiCert Secure Site CN CA G3
  i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGkjCCBXqgAwIBAgIQDN4dDwLfCSRGhwadJ39qlTANBgkqhkiG9w0BAQsFADBM
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSYwJAYDVQQDEx1E
aWdpQ2VydCBTZWN1cmUgU2l0ZSBDTiBDQSBHMzAeFw0yMjA1MjMwMDAwMDBaFw0y
MzA2MjMyMzU5NTlaMIGPMQswCQYDVQQGEwJDTjEbMBkGA1UECBMSR3Vhbmdkb25n
IFByb3ZpbmNlMREwDwYDVQQHEwhTaGVuemhlbjE2MDQGA1UEChMtVGVuY2VudCBU
ZWNobm9sb2d5IChTaGVuemhlbikgQ29tcGFueSBMaW1pdGVkMRgwFgYDVQQDDA8q
LmV4bWFpbC5xcS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI
I6N0HVFQgeWU4puuLPKgiNi45rH6ekxYbUuhYiG1nWtxQHL9MLVqGJps9t47yAj8
Z/HX6OljyJ4DDC0abZBfeIdoRogZr2bXajylhNUXSjY+O26x/JPkDHRHOoL3HlcZ
iF4/rHjgD0LYmLqeKx5B2yY3ocmynCRvXDLbQcWxYaK6+Kivs9NwRdBizcwYYMdI
Ak4v+0mB8vsuHsyLYSMUSMHU/fY3bzg0DW6U8aQs8Tb3+CEf1TbDYq1YpPrbhxhn
fRkJvaL9DWQupN4yN9G/SS+OZwSSWTQAOnfUcKxT/t8ynomvwP9dPzJ6wpFqs+/Y
LiMDq+WX2M1qILdMEahjAgMBAAGjggMqMIIDJjAfBgNVHSMEGDAWgBRE2chKM47T
Uo2nkpRhH5rIpbfsyzAdBgNVHQ4EFgQUawbhVhHGPcrykpwhSl+53F15z3MwKQYD
VR0RBCIwIIIPKi5leG1haWwucXEuY29tgg1leG1haWwucXEuY29tMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwRAYDVR0fBD0w
OzA5oDegNYYzaHR0cDovL2NybC5kaWdpY2VydC5jbi9EaWdpQ2VydFNlY3VyZVNp
dGVDTkNBRzMuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEW
G2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB4BggrBgEFBQcBAQRsMGowIwYI
KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMEMGCCsGAQUFBzAChjdo
dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jbi9EaWdpQ2VydFNlY3VyZVNpdGVDTkNB
RzMuY3J0MAkGA1UdEwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB1AOg+
0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABgO7pkfgAAAQDAEYwRAIg
CfNnXf5RLdhESNAadv7984f3l48XZhE1LK2s4lSXGMkCIGfprYGDg2hTgFqqliFi
JyBuqNfjEZQAgEbvdKOPtUYOAHYANc8ZG7+xbFe/D61MbULLu7YnICZR6j/hKu+o
A8M71kwAAAGA7umSLwAABAMARzBFAiEAi6UTFAdWnRswsaH4ru9X+XOBr+b4T86P
0cqzAfxSJLcCIGTM/lvK1lS7YeWD+529t+zpn10vGblH0HhaIUrCXzzgAHYAtz77
JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGA7umSLgAABAMARzBFAiEA
tGAQtdF6gnXaD96UmDx4ZT1pCtbKMBCtCbtpACaMbUsCIBrswNTNLGkxNA6jyvrF
2T+a2mCg9ZYy17RTLUGpIqXNMA0GCSqGSIb3DQEBCwUAA4IBAQCZrZtDZvJzoxx/
xnhD8O3db2NLFT6wqGLscnz0dBntYWPCYxZYJx9J9QjDQscYFuYcUB0CdzMcoelo
KiIq8fBgcC3VDnDaInnAmLSXwUUCCtcdYdSP5vXsxzPLuVcD+697xCyOwIVzG+KJ
ionszaHjt5mZf9N5CPrje3XzhG7Js3LXju3cvnoDvC86+YQEsp+gLSnYuv6hsqiz
3AdCfAxt9Nov4aasOtKKCy+ZPM0lxH4xTgCxVx5GkcY6fGCMIiBAE+HQFbrypxDJ
98lz0aNgGf7D0o0j1ZF2di39ynWN0iT8Bm+LcYRKyffcYFms5vEmKpHcG7+Rw+mR
9G5HgY2E
-----END CERTIFICATE-----
subject=/C=CN/ST=Guangdong Province/L=Shenzhen/O=Tencent Technology (Shenzhen) Company Limited/CN=*.exmail.qq.com
issuer=/C=US/O=DigiCert Inc/CN=DigiCert Secure Site CN CA G3
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 3618 bytes and written 289 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
   Protocol  : TLSv1.2
   Cipher    : ECDHE-RSA-AES128-GCM-SHA256
   Session-ID: 3AC1D8BE26892228A8AB4F98BD532B671A9D7563A703DF029C8AA650ED620892
   Session-ID-ctx: 
   Master-Key: BDE43DADEE9CB47631D38F33A005918A210057C8F1B85405285ED7406DCEBAB1F8D9456DBF848EEF3C7B0A5F60ED7608
   TLS session ticket lifetime hint: 1200 (seconds)
   TLS session ticket:
   0000 - c8 0b e5 63 d4 a4 32 15-f8 b8 67 21 69 3a 46 3a   ...c..2...g!i:F:
   0010 - b4 62 74 9e f2 15 17 fd-6f 87 ad 64 31 69 28 cd   .bt.....o..d1i(.
   0020 - a1 66 6d 53 c3 99 e0 1b-97 75 88 b8 91 bb 6a 05   .fmS.....u....j.
   0030 - 89 c5 36 53 4b da 54 f9-57 af 74 a3 6c 34 79 ef   ..6SK.T.W.t.l4y.
   0040 - a3 e5 28 6f 86 17 cf ab-b8 c1 3d c0 b0 e8 59 03   ..(o......=...Y.
   0050 - 63 f7 a7 f4 92 75 62 70-17 77 0e a7 15 82 8e b0   c....ubp.w......
   0060 - f2 26 d4 1b 89 60 54 bf-d9 1a 0f 4b 85 66 69 ac   .&...`T....K.fi.
   0070 - af cd 43 ef ed 4c a3 13-fe 6d 44 c9 ba 9e 45 d8   ..C..L...mD...E.
   0080 - 7e ec 03 b9 44 0f c2 ff-d2 50 e8 d7 9a 3e 41 93   ~...D....P...>A.
   0090 - ab 26 46 c8 75 7a b3 d8-64 ae 48 c7 76 db 5c 97   .&F.uz..d.H.v.\.
   00a0 - e3 55 0d 7a 7f 3f 1a e2-94 dc 7f ba d2 f1 65 15   .U.z.?........e.

   Start Time: 1661145639
   Timeout   : 7200 (sec)
   Verify return code: 0 (ok)
---
220 smtp.qq.com Esmtp QQ QMail Server
  • 查看QQ邮件服务器扩展
ehlo richard

250-smtp.qq.com
250-PIPELINING
250-SIZE 73400320
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN
250-MAILCOMPRESS
250 8BITMIME
  • QQ邮件服务器认证
auth login
334 VXNlcm5hbWU6   // base64 反序列化  Username:
6L6T5YWl6Ieq5bex55qE55So5oi35ZCN
334 UGFzc3dvcmQ6  // base64 发序列化   Password:
6L6T5YWl6Ieq5bex55qE5a+G56CB
235 Authentication successful
  • 设置发件人和收件人
mail from:<sender@email.com>sender@email.com
250 Ok
rcpt to:<receive@email.com>
250 Ok
  • 发送邮件内容
data 
354 End data with <CR><LF>.<CR><LF>
From: sender@email.com
To:  receive@email.com
Subject: =?UTF8?B?5r+A5rS76LSm5Y+36YCa55+l6YKu5Lu25o+Q6YaS?= 
MIME-Version: 1.0
X-Business-Group:  YSZX-CN
Content-Type: multipart/mixed; 
   boundary="----=_Part_690a405a-d366-48f4-a760-48433c5237d5"

------=_Part_690a405a-d366-48f4-a760-48433c5237d5
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: base64

CkRlYXIgS2VsbHkKCiAgICDov5nmmK/kuIDlsIHmv4DmtLvpgq7ku7bmj5DphpLvvIwg5aaC5p6c5rKh5pyJ5r+A5rS76K+354K55Ye75Lul5LiL6ZO+5o6lCiAgICAKICAgIGh0dHBzOi8vcmljaGFyZC5wdWIvCgoKQmVzdApSaWNoYXJkCg==

------=_Part_690a405a-d366-48f4-a760-48433c5237d5
Content-Type: application/octet-stream; name="=?UTF-8?B?5rWL6K+V6ZmE5Lu25paH5Lu2Lmh0bWw=?="
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="=?UTF-8?B?5rWL6K+V6ZmE5Lu25paH5Lu2Lmh0bWw=?="

CkRlYXIgS2VsbHkKCiAgICDov5nmmK/kuIDlsIHmv4DmtLvpgq7ku7bmj5DphpLvvIwg5aaC5p6c5rKh5pyJ5r+A5rS76K+354K55Ye75Lul5LiL6ZO+5o6lCiAgICAKICAgIGh0dHBzOi8vcmljaGFyZC5wdWIvCgoKQmVzdApSaWNoPart_690a405a-d366-48f4-a760-48433c5237d5--
.

在这里插入图片描述
在这里插入图片描述
TLS TCP 3次握手建立连接
在这里插入图片描述
TLS 建立加密链接,握手协议, Client Hello, ServerHello, CA , DH…
在这里插入图片描述
发送加密数据

参考

OpenSSl Connect
SMTP MIME
SMTP Wiki

本文含有隐藏内容,请 开通VIP 后查看

网站公告

今日签到

点亮在社区的每一天
去签到

热门文章

最新发布