This content originally appeared on Level Up Coding - Medium and was authored by David E Lares S
SMTP health, sending operations, and components
Email as a communication mechanism has been around for almost 40 years, and it is still considered as a key component for companies and particulars for almost everything today. The email is important as an identity document, a passport, or even a credit card. Taking care of it is crucial.
Before going further, we need to make sure, that all of this is possible because of the internet, that famous network between devices that can make possible sharing data with everybody. And also, the elements involved in the internet, such as IP addresses, DNS services, VPS, SSL way more.
All these pieces fill a certain functionality, that makes everything comes to life. In this opportunity, I’m gonna make a high-level overview of email technologies, what’s involved in it, and of course, how are complimented for the good of a healthy environment and reputation.
We need to start talking about DNS, for a bit, and this is because performs a translation between domains and IP addresses, this makes things easy for us, instead of memorizing IP addresses, can easily remember domain names. It is not quite good explained, you can make an analogy of a DNS server as a phonebook that will map names and IP addresses.
Disclaimer: there are a lot of terms that are directly involved in email operations that require a deep understanding. I will just mention it briefly for this lecture, making sure that makes not justice for all of it.
The email sending operation
Have you ever asked yourself, how your email client can send or receive emails?
This is an intense process but can be split into very small and general steps. And for that, we need to talk about the sender and the recipient.
Let’s image you have your Gmail or Outlook client open, this software is configured for receiving and sending actions. In order to send an email, we are going to use the SMTP protocol (Simple Message Transfer Protocol), so:
- Here, the sender composes and sends an email (via SMTP protocol). The SMTP here acts as a post office that evaluates if everything is fine
- Once is good, it gets redirected to a DNS server (that address book) that will resolve the sender’s IP address.
- The DNS sends the message again to the MTA server (Mail agent transfer) that selects the appropriate recipient inbox to address the message to.
- The information is sent to the inbox.
Then, it comes to the recipient's side of the operation.
At this point, between the MTA and the Inbox, there are some protocols that work for in/out communication to the client. These are the POP and the IMAP protocol.
Other components involved are a common VPS and SSL, the first is a private server where a server will be bound to an IP address for proper handling (additional software needed here) and most recommended, an SSL connection where all the traffic sent and received will be encrypted (quite good for securing traffic).
If you are a developer, maybe you can do a little research for self-host your own email server, popular tools like Cpanel Mail Servers, Webmin, or if you are an AWS fan, you can implement an AWS mail server. It’s up to you, in almost every case, you will need to provision your server with an OS, perform a full DNS management, set email creation, SSL certs, MX records, and more advanced things like DNSSec, SPF, DKIM, and DMARC records (that will speak later).
For VPS options, any well-known cloud computing provider can be a good fit for it, maybe a DigitalOcean small droplet, or an AWS’s instance
We are all set. Let’s warm-up
This warm-up concept is all about creating and generating an accepted amount of traffic for improving our reputation list. The email starts with an uncertain state, so many times, your message will be placed in the spam inbox without actually being an intended spam message.
This is also evaluated by ISPs like Google for identity verification. If your reputation is good, so the sending priority will be.
The evaluation is very simple, it will depend on your mail lists, content, and many other factors, so, for good health you will need to pay attention to your recipient engagement, subject lines, and generate valuable content to avoid spam problems
Avoiding SPAM
Spam problems can be solved and prevented easily, if you are using solutions like Gmail or Outlook, there’s a big chance to not present this kind of behavior, Google’s IP is flawless, but, for corporate accounts, this can be challenging at the beginning, so, make sure that.
- Avoid unhealthy email server, simply by collecting emails without having an internet presence or buying mailing lists
- In terms of DNS, you should have SPF and DKIM records set, this makes your server more secure
- The email body is important, the content key, you should avoid spam words.
- Gain a good IP reputation
An advanced DNS setup
In order to improve your email health, you can apply more rules to email servers. These new types of records are required for almost all cloud providers today for better working and improving security.
Let’s start with the SPF or the Sender policy framework, this particular feature lets you identify which domains are allowed to use your server domain(s) to send from. So, if anybody compromises your email creds and tries to send an email with your email account it won’t be sent.
In other words, when sending an email you will type the ‘To’ and ‘From’ header information, right? If the email contains spam content, the recipient will think that you are sending a legitimately bad intended email
The SPF will help you identify the allowed IP that can send an email with your specific domain.
Here’s an example:
TXT Record: @ (at host), and for the TXT Value add the available IP’s to send. The TTL can be set for 1 hour
Moving on, to the DKIM or Domain Key identifier
This key is a signature that identifies your domain server. That’s it.
So, when you send an email, the recipient will check your signature and verify that the message was originated from that domain.
Here’s an example:
TXT Record: for host add the proper identifier, and for the TXT Value you will have a long text generated, the TTL will be also set to 1 hour
And lastly, the DMARC or the Domain Message Authentication Reporting and Conformance (sounds scary, but does not, really!)
This record is a reporting service for the SPF and DKIM focused on deploying, its only objective is to report that both records are well configured.
The example follows a predefined template that shapes an action, for the DNS record will look like this.
TXT Record: for host you will have a _dmarc prefix with optional additional information, a TXT Value with a particular template and a TTL for 1 hour
The DMARC Template looks like this:
v=DMARC; p=none; fo=1; rua=mailto:dmarc@davidlares.com; ruf=mailto:dmarc@davidlares.com
It can seem complicated, but here’s an explanation:
- v=DMARC is the version
- p=none state that there’s no action required
- fo=1 I’m pretty sure that is for reporting control flag
- The rua is the email where you want to receive aggregate reports
- the ruf is the email for sending forensic reports.
There’s a lot more to cover, I’m just explaining the very basics. My intention for this post was to share an overview of how important is to have a healthy and well-configured email setup. A lot of your business goes back and forth from your simple email account.
Keep it simple, keep it practical, keep it secured.
Happy writing :)
SMTP health, sending operations and components was originally published in Level Up Coding on Medium, where people are continuing the conversation by highlighting and responding to this story.
This content originally appeared on Level Up Coding - Medium and was authored by David E Lares S
David E Lares S | Sciencx (2021-02-26T04:05:02+00:00) SMTP health, sending operations and components. Retrieved from https://www.scien.cx/2021/02/26/smtp-health-sending-operations-and-components/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.