HINDUSTHAN INSTITUTE OF TECHNOLOGY

An Autonomous Institution
(Approved by AICTE, New Delhi, Affiliated to Anna University, Chennai, Accredited with “A” Grade by NAAC)
Coimbatore – 641 032

Department of Computer Science and Engineering

DNS

Unit V APPLICATION LAYER 9

DNS, E-Mail -SMTP, MIME, POP3, IMAP, FTP, HTTP, WWW, symmetric and asymmetric key
cryptography, Sharing of symmetric keys – Diffie-Hellman key Exchange, Public Key Infrastructure,
Public Key Authentication Protocols, Firewalls.
An application layer protocol defines how the application processes running on different systems,
pass the messages to each other.

o DNS stands for Domain Name System.

o DNS is a directory service that provides a mapping between the name of a host on the
network and its numerical address.
o DNS is required for the functioning of the internet.
o Each node in a tree has a domain name, and a full domain name is a sequence of symbols
specified by dots.
o DNS is a service that translates the domain name into IP addresses. This allows the users of
networks to utilize user-friendly names when looking for other hosts instead of remembering
the IP addresses.
o For example, suppose the FTP site at EduSoft had an IP address of 132.147.165.50, most
people would reach this site by specifying ftp.EduSoft.com. Therefore, the domain name is
more reliable than IP address.

DNS is a TCP/IP protocol used on different platforms. The domain name space is divided into three
different sections: generic domains, country domains, and inverse domain.

Generic Domains

o It defines the registered hosts according to their generic behavior.

o Each node in a tree defines the domain name, which is an index to the DNS database.
o It uses three-character labels, and these labels describe the organization type.

Label Description

aero Airlines and aerospace companies

biz Businesses or firms

com Commercial Organizations

coop Cooperative business Organizations

edu Educational institutions

gov Government institutions

info Information service providers

int International Organizations

mil Military groups

museum Museum & other nonprofit organizations

name Personal names

net Network Support centers

org Nonprofit Organizations

pro Professional individual Organizations

Country Domain
The format of country domain is same as a generic domain, but it uses two-character country
abbreviations (e.g., us for the United States) in place of three character organizational abbreviations.

Inverse Domain
The inverse domain is used for mapping an address to a name. When the server has received a
request from the client, and the server contains the files of only authorized clients. To determine
whether the client is on the authorized list or not, it sends a query to the DNS server and ask for
mapping an address to the name.
Working of DNS
o DNS is a client/server network communication protocol. DNS clients send requests to the.
server while DNS servers send responses to the client.
o Client requests contain a name which is converted into an IP address known as a forward
DNS lookups while requests containing an IP address which is converted into a name known
as reverse DNS lookups.
o DNS implements a distributed database to store the name of all the hosts available on the
internet.
o If a client like a web browser sends a request containing a hostname, then a piece of software
such as DNS resolver sends a request to the DNS server to obtain the IP address of a
hostname. If DNS server does not contain the IP address associated with a hostname, then it
forwards the request to another DNS server. If IP address has arrived at the resolver, which in
turn completes the request over the internet protocol.

Domain Name System (DNS) in Application Layer

DNS is a hostname for IP address translation service. DNS is a distributed database implemented in
a hierarchy of name servers. It is an application layer protocol for message exchange between clients
and servers.
Requirement: Every host is identified by the IP address but remembering numbers is very difficult for
the people also the IP addresses are not static therefore a mapping is required to change the domain
name to the IP address. So DNS is used to convert the domain name of the websites to their
numerical IP address.
Domain: There are various kinds of DOMAIN:
1. Generic domain: .com(commercial) .edu(educational) .mil(military) .org(non profit organization)
.net(similar to commercial) all these are generic domain.
2. Country domain .in (india) .us .uk
3. Inverse domain if we want to know what is the domain name of the website. Ip to domain name
mapping. So DNS can provide both the mapping for example to find the ip addresses of
geeksforgeeks.org then we have to type nslookup www.geeksforgeeks.org.
Organization of Domain:

It is very difficult to find out the ip address associated to a website because there are millions of
websites and with all those websites we should be able to generate the ip address immediately, there
should not be a lot of delay for that to happen organization of database is very important.
DNS record: Domain name, ip address what is the validity?? what is the time to live ?? and all the
information related to that domain name. These records are stored in tree like structure.
Namespace: Set of possible names, flat or hierarchical. The naming system maintains a collection of
bindings of names to values – given a name, a resolution mechanism returns the corresponding
value.
Name server: It is an implementation of the resolution mechanism. DNS (Domain Name System) =
Name service in Internet – Zone is an administrative unit, domain is a subtree.
Name to Address Resolution:

The host requests the DNS name server to resolve the domain name. And the name server returns
the IP address corresponding to that domain name to the host so that the host can future connect to
that IP address.
Hierarchy of Name Servers Root name servers: It is contacted by name servers that can not
resolve the name. It contacts authoritative name server if name mapping is not known. It then gets the
mapping and returns the IP address to the host.
Top level domain (TLD) server: It is responsible for com, org, edu etc and all top level country
domains like uk, fr, ca, in etc. They have info about authoritative domain servers and know the names
and IP addresses of each authoritative name server for the second-level domains.
Authoritative name servers are the organization’s DNS server, providing authoritative hostName to
IP mapping for organization servers. It can be maintained by an organization or service provider. In
order to reach cse.dtu.in we have to ask the root DNS server, then it will point out to the top level
domain server and then to authoritative domain name server which actually contains the IP address.
So the authoritative domain server will return the associative ip address.
Domain Name Server

The client machine sends a request to the local name server, which , if root does not find the address
in its database, sends a request to the root name server , which in turn, will route the query to an top-
level domain (TLD) or authoritative name server. The root name server can also contain some
hostName to IP address mappings. The Top-level domain (TLD) server always knows who the
authoritative name server is. So finally the IP address is returned to the local name server which in
turn returns the IP address to the host.

SMTP
 o SMTP stands for Simple Mail Transfer Protocol.

o SMTP is a set of communication guidelines that allow software to transmit an electronic mail
over the internet is called Simple Mail Transfer Protocol.

o It is a program used for sending messages to other computer users based on e-mail
addresses.

o It provides a mail exchange between users on the same or different computers, and it also
supports:

o It can send a single message to one or more recipients.

o Sending message can include text, voice, video or graphics.

o It can also send the messages on networks outside the internet.

o The main purpose of SMTP is used to set up communication rules between servers. The
servers have a way of identifying themselves and announcing what kind of communication
they are trying to perform. They also have a way of handling the errors such as incorrect
email address. For example, if the recipient address is wrong, then receiving server reply with
an error message of some kind.

Components of SMTP

o First, we will break the SMTP client and SMTP server into two components such as user
agent (UA) and mail transfer agent (MTA). The user agent (UA) prepares the message,
creates the envelope and then puts the message in the envelope. The mail transfer agent
(MTA) transfers this mail across the internet.
o SMTP allows a more complex system by adding a relaying system. Instead of just having one
MTA at sending side and one at receiving side, more MTAs can be added, acting either as a
client or server to relay the email.

o The relaying system without TCP/IP protocol can also be used to send the emails to users,
and this is achieved by the use of the mail gateway. The mail gateway is a relay MTA that can
be used to receive an email.
Working of SMTP

1. Composition of Mail: A user sends an e-mail by composing an electronic mail message

using a Mail User Agent (MUA). Mail User Agent is a program which is used to send and
receive mail. The message contains two parts: body and header. The body is the main part of
the message while the header includes information such as the sender and recipient address.
The header also includes descriptive information such as the subject of the message. In this
case, the message body is like a letter and header is like an envelope that contains the
recipient's address.

2. Submission of Mail: After composing an email, the mail client then submits the completed e-
mail to the SMTP server by using SMTP on TCP port 25.

3. Delivery of Mail: E-mail addresses contain two parts: username of the recipient and domain
name. For example, [email protected], where "vivek" is the username of the recipient and
"gmail.com" is the domain name.
If the domain name of the recipient's email address is different from the sender's domain
name, then MSA will send the mail to the Mail Transfer Agent (MTA). To relay the email, the
MTA will find the target domain. It checks the MX record from Domain Name System to obtain
the target domain. The MX record contains the domain name and IP address of the recipient's
domain. Once the record is located, MTA connects to the exchange server to relay the
message.

4. Receipt and Processing of Mail: Once the incoming message is received, the exchange
server delivers it to the incoming server (Mail Delivery Agent) which stores the e-mail where it
waits for the user to retrieve it.
 5. Access and Retrieval of Mail: The stored email in MDA can be retrieved by using MUA (Mail
User Agent). MUA can be accessed by using login and password.

Simple Mail Transfer Protocol (SMTP)

 Difficulty Level : Easy
 Last Updated : 05 Nov, 2021
Email is emerging as one of the most valuable services on the internet today. Most internet systems
use SMTP as a method to transfer mail from one user to another. SMTP is a push protocol and is
used to send the mail whereas POP (post office protocol) or IMAP (internet message access protocol)
are used to retrieve those emails at the receiver’s side.
SMTP Fundamentals
SMTP is an application layer protocol. The client who wants to send the mail opens a TCP connection
to the SMTP server and then sends the mail across the connection. The SMTP server is an always-on
listening mode. As soon as it listens for a TCP connection from any client, the SMTP process initiates
a connection through port 25. After successfully establishing a TCP connection the client process
sends the mail instantly.
SMTP Protocol
The SMTP model is of two types:
1. End-to-end method
2. Store-and- forward method
The end-to-end model is used to communicate between different organizations whereas the store and
forward method is used within an organization. An SMTP client who wants to send the mail will
contact the destination’s host SMTP directly, in order to send the mail to the destination. The SMTP
server will keep the mail to itself until it is successfully copied to the receiver’s SMTP.
The client SMTP is the one that initiates the session so let us call it client- SMTP and the server
SMTP is the one that responds to the session request so let us call it receiver-SMTP. The client-
SMTP will start the session and the receiver-SMTP will respond to the request.
Model of SMTP system
In the SMTP model user deals with the user agent (UA), for example, Microsoft Outlook, Netscape,
Mozilla, etc. In order to exchange the mail using TCP, MTA is used. The user sending the mail
doesn’t have to deal with MTA as it is the responsibility of the system admin to set up a local MTA.
The MTA maintains a small queue of mails so that it can schedule repeat delivery of mails in case the
receiver is not available. The MTA delivers the mail to the mailboxes and the information can later be
downloaded by the user agents.

Both the SMTP-client and SMTP-server should have 2 components:

1. User-agent (UA)
2. Local MTA
Communication between sender and the receiver :
The sender’s user agent prepares the message and sends it to the MTA. The MTA’s responsibility is
to transfer the mail across the network to the receiver’s MTA. To send mails, a system must have a
client MTA, and to receive mails, a system must have a server MTA.
SENDING EMAIL:
Mail is sent by a series of request and response messages between the client and the server. The
message which is sent across consists of a header and a body. A null line is used to terminate the
mail header and everything after the null line is considered as the body of the message, which is a
sequence of ASCII characters. The message body contains the actual information read by the
receipt.
RECEIVING EMAIL:
The user agent at the server-side checks the mailboxes at a particular time of intervals. If any
information is received, it informs the user about the mail. When the user tries to read the mail it
displays a list of emails with a short description of each mail in the mailbox. By selecting any of the
mail users can view its contents on the terminal.
Some SMTP Commands:
 HELO – Identifies the client to the server, fully qualified domain name, only sent once per session
 MAIL – Initiate a message transfer, fully qualified domain of originator
 RCPT – Follows MAIL, identifies an addressee, typically the fully qualified name of the addressee,
and for multiple addressees use one RCPT for each addressee
 DATA – send data line by line
MIME represents Multi-Purpose Internet Mail Extensions. It is a development to the Internet email
protocol that enables its users to exchange several kinds of data files over the Internet, including
images, audio, and video.
The MIME is required if the text in character sets other than the American Standard Code for
Information Interchange (ASCII). Virtually, all human-written Internet email and a fairly large
proportion of automated email is transmitted via Simple Mail Transfer Protocol (SMTP) in MIME
format.
MIME was designed mainly for SMTP, but the content types defined by MIME standards are
important also in communication protocols outside of email, such as Hypertext Transfer Protocol
(HTTP).

MIME Header
There are five header fields represented in MIME which are as follows −
 MIME-version − It denotes the MIME version being used. The current version is 1.1. It is
defined as MIME-version: 1.1.
 Content-type − It defines the type and subtype of the data in the body of the message. The
content type and content subtype are divided by a slash. This field defines how the object in
the body is to be executed. The default value is plaintext in US ASCII.
The content-type field is represented as follows −
Context-type: <type/subtype; parameters>
 Content-transfer encoding − It defines how the object inside the body has been encoded to
US ASCII to create it acceptable for mail transfer. Thus, it determines the method used to
encode the message into 0s and 1s for transport.
The content transfer encoding field is represented as follows −
Content-transfer-encoding : <type>
 Content-Description − This field tells what the message is. It is the form of ASCII recipient
will know whether it is worth decoding and reading the message.
 Content-ID − This field identifies the contents. Its format is the same as the format of the
standard Message-Id header.
Multipurpose Internet Mail Extension (MIME) is a standard that was proposed by Bell
Communications in 1991 in order to expand the limited capabilities of email.
MIME is a kind of add-on or a supplementary protocol that allows non-ASCII data to be sent
through SMTP. It allows the users to exchange different kinds of data files on the Internet: audio,
video, images, application programs as well.
Why do we need MIME?
Limitations of Simple Mail Transfer Protocol (SMTP):
1. SMTP has a very simple structure
2. Its simplicity however comes with a price as it only sends messages in NVT 7-bit ASCII format.
3. It cannot be used for languages that do not support 7-bit ASCII format such as French,
German, Russian, Chinese and Japanese, etc. so it cannot be transmitted using SMTP. So, in
order to make SMTP more broad, we use MIME.
4. It cannot be used to send binary files or video or audio data.
Purpose and Functionality of MIME –
Growing demand for Email Messages as people also want to express themselves in terms of
Multimedia. So, MIME another email application is introduced as it is not restricted to textual data.
MIME transforms non-ASCII data at the sender side to NVT 7-bit data and delivers it to the client
SMTP. The message on the receiver side is transferred back to the original data. As well as we can
send video and audio data using MIME as it transfers them also in 7-bit ASCII data.
Features of MIME –
1. It is able to send multiple attachments with a single message.
2. Unlimited message length.
3. Binary attachments (executables, images, audio, or video files) may be divided if needed.
4. MIME provided support for varying content types and multi-part messages.
Working of MIME –
Suppose a user wants to send an email through a user agent and it is in a non-ASCII format so
there is a MIME protocol that converts it into 7-bit NVT ASCII format. The message is transferred
through the e-mail system to the other side in the 7-bit format now MIME protocol again converts it
back into non-ASCII code and now the user agent of the receiver side reads it and then information
is finally read by the receiver. MIME header is basically inserted at the beginning of any e-mail
transfer.
MIME with SMTP and POP –
SMTP transfers the mail being a message transfer agent from the sender’s side to the mailbox of
the receiver side and stores it and MIME header is added to the original header and provides
additional information. while POP being the message access agent organizes the mails from the
mail server to the receiver’s computer. POP allows the user agent to connect with the message
transfer agent.
MIME Header:
It is added to the original e-mail header section to define transformation. There are five headers that
we add to the original header:
1. MIME-Version – Defines the version of the MIME protocol. It must have the parameter Value
1.0, which indicates that message is formatted using MIME.
2. Content-Type – Type of data used in the body of the message. They are of different types like
text data (plain, HTML), audio content, or video content.
3. Content-Type Encoding – It defines the method used for encoding the message. Like 7-bit
encoding, 8-bit encoding, etc.
4. Content Id – It is used for uniquely identifying the message.
5. Content description – It defines whether the body is actually an image, video, or audio.
POP Protocol

The POP protocol stands for Post Office Protocol. As we know that SMTP is used as a message
transfer agent. When the message is sent, then SMPT is used to deliver the message from the client
to the server and then to the recipient server. But the message is sent from the recipient server to the
actual server with the help of the Message Access Agent. The Message Access Agent contains two
types of protocols, i.e., POP3 and IMAP.

How is mail transmitted?

Suppose sender wants to send the mail to receiver. First mail is transmitted to the sender's mail
server. Then, the mail is transmitted from the sender's mail server to the receiver's mail server over
the internet. On receiving the mail at the receiver's mail server, the mail is then sent to the user. The
whole process is done with the help of Email protocols. The transmission of mail from the sender to
the sender's mail server and then to the receiver's mail server is done with the help of the SMTP
protocol. At the receiver's mail server, the POP or IMAP protocol takes the data and transmits to the
actual user.

Since SMTP is a push protocol so it pushes the message from the client to the server. As we can
observe in the above figure that SMTP pushes the message from the client to the recipient's mail
server. The third stage of email communication requires a pull protocol, and POP is a pull protocol.
When the mail is transmitted from the recipient mail server to the client which means that the client is
pulling the mail from the server.

What is POP3?

The POP3 is a simple protocol and having very limited functionalities. In the case of the POP3
protocol, the POP3 client is installed on the recipient system while the POP3 server is installed on the
recipient's mail server.

56.4M

1.2K

OOPs Concepts in Java

History of POP3 protocol

The first version of post office protocol was first introduced in 1984 as RFC 918 by
the internet engineering task force. The developers developed a simple and effective email protocol
known as the POP3 protocol, which is used for retrieving the emails from the server. This provides the
facility for accessing the mails offline rather than accessing the mailbox offline.

In 1985, the post office protocol version 2 was introduced in RFC 937, but it was replaced with the
post office protocol version 3 in 1988 with the publication of RFC 1081. Then, POP3 was revised for
the next 10 years before it was published. Once it was refined completely, it got published on 1996.

Although the POP3 protocol has undergone various enhancements, the developers maintained a
basic principle that it follows a three-stage process at the time of mail retrieval between the client and
the server. They tried to make this protocol very simple, and this simplicity makes this protocol very
popular today.

Let's understand the working of the POP3 protocol.

To establish the connection between the POP3 server and the POP3 client, the POP3 server asks for
the user name to the POP3 client. If the username is found in the POP3 server, then it sends the ok
message. It then asks for the password from the POP3 client; then the POP3 client sends the
password to the POP3 server. If the password is matched, then the POP3 server sends the OK
message, and the connection gets established. After the establishment of a connection, the client can
see the list of mails on the POP3 mail server. In the list of mails, the user will get the email numbers
and sizes from the server. Out of this list, the user can start the retrieval of mail.

Once the client retrieves all the emails from the server, all the emails from the server are deleted.
Therefore, we can say that the emails are restricted to a particular machine, so it would not be
possible to access the same mails on another machine. This situation can be overcome by
configuring the email settings to leave a copy of mail on the mail server.

Advantages of POP3 protocol

The following are the advantages of a POP3 protocol:

o It allows the users to read the email offline. It requires an internet connection only at the time
of downloading emails from the server. Once the mails are downloaded from the server, then
all the downloaded mails reside on our PC or hard disk of our computer, which can be
accessed without the internet. Therefore, we can say that the POP3 protocol does not require
permanent internet connectivity.

o It provides easy and fast access to the emails as they are already stored on our PC.

o There is no limit on the size of the email which we receive or send.

o It requires less server storage space as all the mails are stored on the local machine.

o There is maximum size on the mailbox, but it is limited by the size of the hard disk.

o It is a simple protocol so it is one of the most popular protocols used today.

o It is easy to configure and use.

Disadvantages of POP3 protocol

The following are the advantages of a POP3 protocol:

o If the emails are downloaded from the server, then all the mails are deleted from the server by
default. So, mails cannot be accessed from other machines unless they are configured to
leave a copy of the mail on the server.

o Transferring the mail folder from the local machine to another machine can be difficult.

o Since all the attachments are stored on your local machine, there is a high risk of a virus
attack if the virus scanner does not scan them. The virus attack can harm the computer.

o The email folder which is downloaded from the mail server can also become corrupted.

o The mails are stored on the local machine, so anyone who sits on your machine can access
the email folder.
o POP3 (Post Office Protocol 3) and IMAP (Internet Message Access Protocol) both are MAA
(Message accessing agent), both of these protocols are used to retrieve messages from the
mail server to the receivers system. Both of these protocols are accounted for spam and
virus filters. IMAP is more flexible and complex than POP3.

o Difference Between POP3 and IMAP :

Post Office Protocol (POP3) Internet Message Access Protocol (IMAP)

POP is a simple protocol that only allows

downloading messages from your Inbox to IMAP is much more advanced and allows the user to
your local computer. see all the folders on the mail server.

The POP server listens on port 110, and

the POP with SSL secure(POP3DS) server The IMAP server listens on port 143, and the IMAP
listens on port 995 with SSL secure(IMAPDS) server listens on port 993.

In POP3 the mail can only be accessed

from a single device at a time. Messages can be accessed across multiple devices

To read the mail it has to be downloaded The mail content can be read partially before
on the local system. downloading.

The user can not organize mails in the The user can organize the emails directly on the mail
mailbox of the mail server. server.

The user can not create, delete or rename The user can create, delete or rename an email on the
email on the mail server. mail server.

It is unidirectional i.e. all the changes made It is Bi-directional i.e. all the changes made on the
on a device do not affect the content server or device are made on the other side too.
present on the server.
It does not allow a user to sync emails. It allows a user to sync their emails.

It is fast. It is slower as compared to POP3.

A user can not search the content of mail A user can search the content of mail for a specific
before downloading it to the local system. string before downloading.

It has two modes: delete mode and keep

mode.
In delete mode, the mail is deleted from the
mailbox after retrieval. Multiple redundant copies of the message are kept at
In keep mode, the mail remains in the the mail server, in case of loss of message of a local
mailbox after retrieval. server, the mail can still be retrieved

Changes in the mail can be done using Changes made to the web interface or email software
local email software. stay in sync with the server.

The Message header can be viewed prior to

All the messages are downloaded at once. downloading.

IMAP Protocol

IMAP stands for Internet Message Access Protocol. It is an application layer protocol which is used
to receive the emails from the mail server. It is the most commonly used protocols like POP3 for
retrieving the emails.

It also follows the client/server model. On one side, we have an IMAP client, which is a process
running on a computer. On the other side, we have an IMAP server, which is also a process running
on another computer. Both computers are connected through a network.

The IMAP protocol resides on the TCP/IP transport layer which means that it implicitly uses the
reliability of the protocol. Once the TCP connection is established between the IMAP client and IMAP
server, the IMAP server listens to the port 143 by default, but this port number can also be changed.

By default, there are two ports used by IMAP:

o Port 143: It is a non-encrypted IMAP port.

 o Port 993: This port is used when IMAP client wants to connect through IMAP securely.

Why should we use IMAP instead of POP3 protocol?

POP3 is becoming the most popular protocol for accessing the TCP/IP mailboxes. It implements the
offline mail access model, which means that the mails are retrieved from the mail server on the local
machine, and then deleted from the mail server. Nowadays, millions of users use the POP3
protocol to access the incoming mails. Due to the offline mail access model, it cannot be used as
much. The online model we would prefer in the ideal world. In the online model, we need to be
connected to the internet always. The biggest problem with the offline access using POP3 is that the
mails are permanently removed from the server, so multiple computers cannot access the mails. The
solution to this problem is to store the mails at the remote server rather than on the local server. The
POP3 also faces another issue, i.e., data security and safety. The solution to this problem is to use
the disconnected access model, which provides the benefits of both online and offline access. In the
disconnected access model, the user can retrieve the mail for local use as in the POP3 protocol, and
the user does not need to be connected to the internet continuously. However, the changes made to
the mailboxes are synchronized between the client and the server. The mail remains on the server so
different applications in the future can access it. When developers recognized these benefits, they
made some attempts to implement the disconnected access model. This is implemented by using the
POP3 commands that provide the option to leave the mails on the server. This works, but only to a
limited extent, for example, keeping track of which messages are new or old become an issue when
both are retrieved and left on the server. So, the POP3 lacks some features which are required for the
proper disconnected access model.

In the mid-1980s, the development began at Stanford University on a new protocol that would provide
a more capable way of accessing the user mailboxes. The result was the development of the
interactive mail access protocol, which was later renamed as Internet Message Access Protocol.

IMAP History and Standards

The first version of IMAP was formally documented as an internet standard was IMAP version 2, and
in RFC 1064, and was published in July 1988. It was updated in RFC 1176, August 1990, retaining
the same version. So they created a new document of version 3 known as IMAP3. In RFC 1203,
which was published in February 1991. However, IMAP3 was never accepted by the market place, so
people kept using IMAP2. The extension to the protocol was later created called IMAPbis, which
added support for Multipurpose Internet Mail Extensions (MIME) to IMAP. This was a very important
development due to the usefulness of MIME. Despite this, IMAPbis was never published as an RFC.
This may be due to the problems associated with the IMAP3. In December 1994, IMAP version 4, i.e.,
IMAP4 was published in two RFCs, i.e., RFC 1730 describing the main protocol and RFC 1731
describing the authentication mechanism for IMAP 4. IMAP 4 is the current version of IMAP, which is
widely used today. It continues to be refined, and its latest version is actually known as IMAP4rev1
and is defined in RFC 2060. It is most recently updated in RFC 3501.

IMAP Features

IMAP was designed for a specific purpose that provides a more flexible way of how the user accesses
the mailbox. It can operate in any of the three modes, i.e., online, offline, and disconnected mode. Out
of these, offline and disconnected modes are of interest to most users of the protocol.

The following are the features of an IMAP protocol:

o Access and retrieve mail from remote server: The user can access the mail from the remote
server while retaining the mails in the remote server.

o Set message flags: The message flag is set so that the user can keep track of which
message he has already seen.
 o Manage multiple mailboxes: The user can manage multiple mailboxes and transfer messages
from one mailbox to another. The user can organize them into various categories for those
who are working on various projects.

o Determine information prior to downloading: It decides whether to retrieve or not before

downloading the mail from the mail server.

o Downloads a portion of a message: It allows you to download the portion of a message, such
as one body part from the mime-multi part. This can be useful when there are large
multimedia files in a short-text element of a message.

o Organize mails on the server: In case of POP3, the user is not allowed to manage the mails
on the server. On the other hand, the users can organize the mails on the server according to
their requirements like they can create, delete or rename the mailbox on the server.

o Search: Users can search for the contents of the emails.

o Check email-header: Users can also check the email-header prior to downloading.

o Create hierarchy: Users can also create the folders to organize the mails in a hierarchy.

IMAP General Operation

1. The IMAP is a client-server protocol like POP3 and most other TCP/IP application protocols.
The IMAP4 protocol functions only when the IMAP4 must reside on the server where the user
mailboxes are located. In c the POP3 does not necessarily require the same physical server
that provides the SMTP services. Therefore, in the case of the IMAP protocol, the mailbox
must be accessible to both SMTP for incoming mails and IMAP for retrieval and modifications.

2. The IMAP uses the Transmission Control Protocol (TCP) for communication to ensure the
delivery of data and also received in the order.
 3. The IMAP4 listens on a well-known port, i.e., port number 143, for an incoming connection
request from the IMAP4 client.

Let's understand the IMAP protocol through a simple example.

The IMAP protocol synchronizes all the devices with the main server. Let's suppose we have three
devices desktop, mobile, and laptop as shown in the above figure. If all these devices are accessing
the same mailbox, then it will be synchronized with all the devices. Here, synchronization means that
when mail is opened by one device, then it will be marked as opened in all the other devices, if we
delete the mail, then the mail will also be deleted from all the other devices. So, we have
synchronization between all the devices. In IMAP, we can see all the folders like spam, inbox, sent,
etc. We can also create our own folder known as a custom folder that will be visible in all the other
devices.

Advantages
The advantages of IMAP are as follows −
 It allows us to create our email messages from anywhere, via as many different devices as
you want.
 It can only download a message when we click on it. As a result, we do not have to wait for all
of our new messages to download from the server before we can read them.
 The attachments are not automatically downloaded with IMAP. As a result, you’re able to
check your messages a lot more quickly and have greater control over which attachments are
opened.
 IMAP can be used offline, just like the Post Office Protocol (POP).
 It includes the ability to delete messages, search for keywords in the body of emails, create
and manage multiple mailboxes or folders, and view the headings for easy visual scans of
emails.

Email Messaging
For email messaging, every domain has email server computer set-up. These email servers run
protocol software that enables electronic communication. There are two main email protocols, POP
and SMTP.
POP is concerned with the retrieval of an email message stored on a server computer, whereas
SMTP is actually responsible for transmitting an email to the user.
Internet Message Access Protocol (IMAP) is an application layer protocol that operates as a
contract for receiving emails from the mail server. It was designed by Mark Crispin in 1986 as a
remote access mailbox protocol, the current version of IMAP is IMAP4. It is used as the most
commonly used protocol for retrieving emails. This term is also known as Internet mail access
protocol, Interactive mail access protocol, and Interim mail access protocol.
Features of IMAP :
 It is capable of managing multiple mailboxes and organizing them into various categories.
 Provides adding of message flags to keep track of which messages are being seen.
 It is capable of deciding whether to retrieve email from a mail server before downloading.
 It makes it easy to download media when multiple files are attached.
Working of IMAP :
IMAP follows Client-server Architecture and is the most commonly used email protocol. It is a
combination of client and server process running on other computers that are connected through a
network. This protocol resides over the TCP/IP protocol for communication. Once the
communication is set up the server listens on port 143 by default which is non-encrypted. For the
secure encrypted communication port, 993 is used.
Architecture of IMAP :

Advantages:
 It offers synchronization across all the maintained sessions by the user.
 It provides security over POP3 protocol as the email only exists on the IMAP server.
 Users have remote access to all the contents.
 It offers easy migration between the devices as it is synchronized by a centralized server.
 There is no need to physically allocate any storage to save contents.

Disadvantages:
 IMAP is complex to maintain.
 Emails of the user are only available when there is an internet connection.
 It is slower to load messages.
 Some emails don’t support IMAP which makes it difficult to manage.
 Many browser-based solutions are unavailable due to not support of IMAP.

World Wide Web (WWW)

The World Wide Web is abbreviated as WWW and is commonly known as the web. The WWW was
initiated by CERN (European library for Nuclear Research) in 1989.
History:
It is a project created, by Timothy Berner Lee in 1989, for researchers to work together effectively at
CERN. is an organization, named the World Wide Web Consortium (W3C), which was developed for
further development of the web. This organization is directed by Tim Berner’s Lee, aka the father of
the web.
System Architecture:
From the user’s point of view, the web consists of a vast, worldwide connection of documents or web
pages. Each page may contain links to other pages anywhere in the world. The pages can be
retrieved and viewed by using browsers of which internet explorer, Netscape Navigator, Google
Chrome, etc are the popular ones. The browser fetches the page requested interprets the text and
formatting commands on it, and displays the page, properly formatted, on the screen.
The basic model of how the web works are shown in the figure below. Here the browser is displaying
a web page on the client machine. When the user clicks on a line of text that is linked to a page on the
abd.com server, the browser follows the hyperlink by sending a message to the abd.com server
asking it for the page.

Here the browser displays a web page on the client machine when the user clicks on a line of text that
is linked to a page on abd.com, the browser follows the hyperlink by sending a message to the
abd.com server asking for the page.
Working of WWW:
The World Wide Web is based on several different technologies: Web browsers, Hypertext Markup
Language (HTML) and Hypertext Transfer Protocol (HTTP).
A Web browser is used to access web pages. Web browsers can be defined as programs which
display text, data, pictures, animation and video on the Internet. Hyperlinked resources on the World
Wide Web can be accessed using software interfaces provided by Web browsers. Initially, Web
browsers were used only for surfing the Web but now they have become more universal. Web
browsers can be used for several tasks including conducting searches, mailing, transferring files, and
much more. Some of the commonly used browsers are Internet Explorer, Opera Mini, and Google
Chrome.
Features of WWW:
 HyperText Information System
 Cross-Platform
 Distributed
 Open Standards and Open Source
 Uses Web Browsers to provide a single interface for many services
 Dynamic, Interactive and Evolving.
 “Web 2.0”

Components of the Web: There are 3 components of the web:

1. Uniform Resource Locator (URL): serves as a system for resources on the web.
2. HyperText Transfer Protocol (HTTP): specifies communication of browser and server.
3. Hyper Text Markup Language (HTML): defines the structure, organisation and content of a
webpage.

Introduction of Firewall
A firewall is a network security device, either hardware or software-based, which monitors all
incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or
drops that specific traffic.
Accept : allow the traffic
Reject : block the traffic but reply with an “unreachable error”
Drop : block the traffic with no reply
A firewall establishes a barrier between secured internal networks and outside untrusted network,
such as the Internet.

History and Need for Firewall

Before Firewalls, network security was performed by Access Control Lists (ACLs) residing on
routers. ACLs are rules that determine whether network access should be granted or denied to
specific IP address.
But ACLs cannot determine the nature of the packet it is blocking. Also, ACL alone does not have
the capacity to keep threats out of the network. Hence, the Firewall was introduced.
Connectivity to the Internet is no longer optional for organizations. However, accessing the Internet
provides benefits to the organization; it also enables the outside world to interact with the internal
network of the organization. This creates a threat to the organization. In order to secure the internal
network from unauthorized traffic, we need a Firewall.
How Firewall Works
Firewall match the network traffic against the rule set defined in its table. Once the rule is matched,
associate action is applied to the network traffic. For example, Rules are defined as any employee
from HR department cannot access the data from code server and at the same time another rule is
defined like system administrator can access the data from both HR and technical department.
Rules can be defined on the firewall based on the necessity and security policies of the
organization.
From the perspective of a server, network traffic can be either outgoing or incoming. Firewall
maintains a distinct set of rules for both the cases. Mostly the outgoing traffic, originated from the
server itself, allowed to pass. Still, setting a rule on outgoing traffic is always better in order to
achieve more security and prevent unwanted communication.
Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of these three
major Transport Layer protocols- TCP, UDP or ICMP. All these types have a source address and
destination address. Also, TCP and UDP have port numbers. ICMP uses type code instead of port
number which identifies purpose of that packet.
Default policy: It is very difficult to explicitly cover every possible rule on the firewall. For this
reason, the firewall must always have a default policy. Default policy only consists of action (accept,
reject or drop).
Suppose no rule is defined about SSH connection to the server on the firewall. So, it will follow the
default policy. If default policy on the firewall is set to accept, then any computer outside of your
office can establish an SSH connection to the server. Therefore, setting default policy as drop (or
reject) is always a good practice.
Generation of Firewall
Firewalls can be categorized based on its generation.
1. First Generation- Packet Filtering Firewall : Packet filtering firewall is used to control
network access by monitoring outgoing and incoming packet and allowing them to pass or stop
based on source and destination IP address, protocols and ports. It analyses traffic at the
transport protocol layer (but mainly uses first 3 layers).
Packet firewalls treat each packet in isolation. They have no ability to tell whether a packet is
part of an existing stream of traffic. Only It can allow or deny the packets based on unique
packet headers.
Packet filtering firewall maintains a filtering table which decides whether the packet will be
forwarded or discarded. From the given filtering table, the packets will be Filtered according to
following rules:

1. Incoming packets from network 192.168.21.0 are blocked.

2. Incoming packets destined for internal TELNET server (port 23) are blocked.
3. Incoming packets destined for host 192.168.21.3 are blocked.
4. All well-known services to the network 192.168.21.0 are allowed.
2. Second Generation- Stateful Inspection Firewall : Stateful firewalls (performs Stateful
Packet Inspection) are able to determine the connection state of packet, unlike Packet filtering
firewall, which makes it more efficient. It keeps track of the state of networks connection
travelling across it, such as TCP streams. So the filtering decisions would not only be based on
defined rules, but also on packet’s history in the state table.
3. Third Generation- Application Layer Firewall : Application layer firewall can inspect and filter
the packets on any OSI layer, up to the application layer. It has the ability to block specific
content, also recognize when certain application and protocols (like HTTP, FTP) are being
misused.
In other words, Application layer firewalls are hosts that run proxy servers. A proxy firewall
prevents the direct connection between either side of the firewall, each packet has to pass
through the proxy. It can allow or block the traffic based on predefined rules.
Note: Application layer firewalls can also be used as Network Address Translator(NAT).
4. Next Generation Firewalls (NGFW) : Next Generation Firewalls are being deployed these
days to stop modern security breaches like advance malware attacks and application-layer
attacks. NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH
inspection and many functionalities to protect the network from these modern threats.
Types of Firewall
Firewalls are generally of two types: Host-based and Network-based.
1. Host- based Firewalls : Host-based firewall is installed on each network node which controls
each incoming and outgoing packet. It is a software application or suite of applications, comes
as a part of the operating system. Host-based firewalls are needed because network firewalls
cannot provide protection inside a trusted network. Host firewall protects each host from attacks
and unauthorized access.
2. Network-based Firewalls : Network firewall function on network level. In other words, these
firewalls filter all incoming and outgoing traffic across the network. It protects the internal
network by filtering the traffic using rules defined on the firewall. A Network firewall might have
two or more network interface cards (NICs). A network-based firewall is usually a dedicated
system with proprietary software installed.