Message submission agent

Last updated August 25, 2023

A message submission agent (MSA), or mail submission agent, is a computer program or software agent that receives electronic mail messages from a mail user agent (MUA) and cooperates with a mail transfer agent (MTA) for delivery of the mail. It uses ESMTP, a variant of the Simple Mail Transfer Protocol (SMTP), as specified in RFC 6409.^[1]

Many MTAs perform the function of an MSA as well, but there are also programs that are specially designed as MSAs without full MTA functionality.^[2] Historically, in Internet mail, both MTA and MSA functions use port number 25, but the official port for MSAs is 587.^[1] The MTA accepts a user's incoming mail, while the MSA accepts a user's outgoing mail.

The computer running an MSA is also known as the outgoing mail server. SMTP-transfer-model.svg — The computer running an **MSA** is also known as the *outgoing mail server*.

Benefits

Separation of the MTA and MSA functions produces several benefits.

One benefit is that an MSA, since it is interacting directly with the author's MUA, can correct minor errors in a message format (such as a missing Date, Message-ID , To fields, or an address with a missing domain name) and/or immediately report an error to the author so that it can be corrected before it is sent to any of the recipients. An MTA accepting a message from another site cannot reliably make those kinds of corrections, and any error reports generated by such an MTA will reach the author (if at all) only after the message has already been sent.

One more benefit is that with a dedicated port number, 587, it is always possible for users to connect to their domain to submit new mail. To combat spam (including spam being sent unwittingly by a victim of a botnet) many ISPs and institutional networks restrict the ability to connect to remote MTAs on port 25. The accessibility of an MSA on port 587^[3] enables nomadic users (for example, those working on a laptop) to continue to send mail via their preferred submission servers even from within others' networks. Using a specific submission server is a requirement when sender policies or signing practices are enforced.

Another benefit is that separating the MTA and MSA functions makes it easier for an MTA to deny relaying, that is to refuse any mail that is not addressed to a recipient at a domain that is served locally. This is a strategy used by ISPs to prevent the sending of spam from virus-infected client computers. By contrast, an MSA must generally accept mail for any recipient on the Internet, though it only accepts such mail from authors who are authorized to use that MSA and who have established their identity to the MSA via authentication. In times when both mail submission and acceptance of incoming mail were usually accomplished using the same protocol and the same server, the ability to send mail to arbitrary destinations without authentication allowed spammers to use MTAs as a means of distributing spam (since a single message transaction can request that an MTA relay a message to a large number of recipients), and also made it more difficult to trace a message to its origin.

Moreover, MSAs and MTAs can have different policies for filtering of spam. Most MSAs require authentication in the form of a username and password provided by the author. Any messages received by such an MSA are therefore traceable to an author who has a direct relationship with the MSA, and who can be held accountable for his actions. This allows the MSA to have either no spam filtering, or more permissive spam filtering than an MTA that exists for the purpose of accepting incoming email from other domains. It is difficult to establish trust in mail sent between arbitrary domains, because there is generally no direct relationship between those domains via which trust, or even identity, can be established. In the absence of such trust, an MTA must generally rely on heuristics and third-party reputation services to distinguish spam from legitimate traffic, and both of these mechanisms have a history of being error-prone.^[4]^[5] The separation of MSA and MTA therefore avoids the use of unreliable spam recognition mechanisms during mail submission, and increases the probability for legitimate mail to be delivered successfully.

Protocol

Configuration

While recent email clients use port 587 by default, older ones still propose port 25. Users have to change the port number manually in the latter case. It is also possible that the MUA may automatically discover which server provides the MSA for a given domain, looking up the SRV records for that domain. Domain example.com can publish its record like so:^[6]

  _submission._tcp.example.com.     SRV 0 1 587 mail.example.com.

Mandatory authentication

RFC 6409 requires that clients are authorized and authenticated to use the mail submission service, e.g., as described in SMTP-AUTH (ESMTPA), or by other means such as RADIUS, public key certificates, or (the mostly obsolete) POP before SMTP.

Policy enforcement

The MSA must check that the submitted mail is syntactically valid and conforms to the relevant site policies. RFC 6409 contains some optional features:

Enforce submission rights guarantees that the envelope sender address is valid and authorized with the used authentication. This in essence complies with the SPF model specified in RFC 7208.
May add sender permits to add a Sender address header field if the envelope sender address does not match any author address in the "From" header field. This roughly complies with the Sender ID model specified in RFC 4406 – ignoring the tricky case of Resent-From header fields not covered in RFC 6409.

Related Research Articles

Electronic mail is a method of transmitting and receiving messages using electronic devices. It was conceived in the late–20th century as the digital version of, or counterpart to, mail. Email is a ubiquitous and very widely used communication medium; in current use, an email address is often treated as a basic and necessary part of many processes in business, commerce, government, education, entertainment, and other spheres of daily life in most countries.

Within the Internet email system, a message transfer agent (MTA), or mail transfer agent, or mail relay is software that transfers electronic mail messages from one computer to another using the Simple Mail Transfer Protocol. In some contexts the alternative names mail server, mail exchanger, and MX host can be used to describe an MTA.

The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per RFC 8314. For retrieving messages, IMAP is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync.

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

A mail exchanger record specifies the mail server responsible for accepting email messages on behalf of a domain name. It is a resource record in the Domain Name System (DNS). It is possible to configure several MX records, typically pointing to an array of mail servers for load balancing and redundancy.

An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineering Task Force (IETF) in the 1980s, and updated by RFC 5322 and 6854. The term email address in this article refers to just the addr-spec in Section 3.4 of RFC 5322. The RFC defines address more broadly as either a mailbox or group. A mailbox value can be either a name-addr, which contains a display-name and addr-spec, or the more common addr-spec alone.

Various anti-spam techniques are used to prevent email spam.

Sender Policy Framework (SPF) is an email authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain. This authentication only applies to the email sender listed in the "envelope from" field during the initial SMTP connection. If the email is bounced, a message is sent to this address, and for downstream transmission it typically appears in the "Return-Path" header. To authenticate the email address which is actually visible to recipients on the "To:" line, other technologies such as DMARC must be used. Forgery of this address is known as email spoofing, and is often used in phishing and email spam.

Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again after a delay, and if sufficient time has elapsed, the email will be accepted.

A bounce message or just "bounce" is an automated message from an email system, informing the sender of a previous message that the message has not been delivered. The original message is said to have "bounced".

Sender ID is an historic anti-spoofing proposal from the former MARID IETF working group that tried to join Sender Policy Framework (SPF) and Caller ID. Sender ID is defined primarily in Experimental RFC 4406, but there are additional parts in RFC 4405, RFC 4407 and RFC 4408.

Email authentication, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the domain ownership of any message transfer agents (MTA) who participated in transferring and possibly modifying a message.

The Sender Rewriting Scheme (SRS) is a scheme for bypassing the Sender Policy Framework's (SPF) methods of preventing forged sender addresses. Forging a sender address is also known as email spoofing.

Sieve is a programming language that can be used for email filtering. It owes its creation to the CMU Cyrus Project, creators of Cyrus IMAP server.

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email, a technique often used in phishing and email spam.

Email forwarding generically refers to the operation of re-sending a previously delivered email to an email address to one or more different email addresses.

Backscatter is incorrectly automated bounce messages sent by mail servers, typically as a side effect of incoming spam.

An e-mail agent is a program that is part of the e-mail infrastructure, from composition by sender, to transfer across the network, to viewing by recipient. The best-known are message user agents and message transfer agents, but finer divisions exist.

SMTP Authentication, often abbreviated SMTP AUTH, is an extension of the Simple Mail Transfer Protocol (SMTP) whereby a client may log in using any authentication mechanism supported by the server. It is mainly used by submission servers, where authentication is mandatory.

A mailbox provider, mail service provider or, somewhat improperly, email service provider is a provider of email hosting. It implements email servers to send, receive, accept, and store email for other organizations or end users, on their behalf.

References

Klensin, J. (April 2001). Simple Mail Transfer Protocol. IETF. doi: 10.17487/RFC2821 . RFC 2821 . Retrieved November 14, 2013.
"SMTP is not secure". Kasoft Central. Retrieved 2008-06-14.

1 2 Gellens, R.; Klensin, J. (November 2011). "Submission Identification". Message Submission for Mail. IETF. sec. 3.1. doi: 10.17487/RFC6409 . STD 72. RFC 6409 . Retrieved November 14, 2013.
↑ Costales, Bryan; Assmann, Claus; Jansen, George; Shapiro, Gregory Neil (2007-10-26). sendmail: Build and Administer sendmail. "O'Reilly Media, Inc.". ISBN 978-0-596-55534-4.
↑ C. Hutzler; D. Crocker; P. Resnick; E. Allman; T. Finch (November 2007). Email Submission Operations: Access and Accountability Requirements. IETF. doi: 10.17487/RFC5068 . RFC 5068 . Retrieved 13 February 2013. Access Providers MUST NOT block users from accessing the external Internet using the SUBMISSION port 587.
↑ Amir Herzberg (19 May 2009). "DNS-based email sender authentication mechanisms: A critical review". Computers & Security. 28 (8): 731–742. doi:10.1016/j.cose.2009.05.002.
↑ Jeremy Blosser and David Josephsen (November 2004). "Scalable Centralized Bayesian Spam Mitigation with Bogofilter". Proceedings of LISA '04: Eighteenth Systems Administration Conference. USENIX . Retrieved 24 June 2010.
↑ Cyrus Daboo (March 2011). "Email Submission". Use of SRV Records for Locating Email Submission/Access Services. IETF. sec. 3.1. doi: 10.17487/RFC6186 . RFC 6186 . Retrieved 17 April 2013.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[rfc6409-1] 1 2 Gellens, R.; Klensin, J. (November 2011). "Submission Identification". Message Submission for Mail. IETF. sec. 3.1. doi: 10.17487/RFC6409 . STD 72. RFC 6409 . Retrieved November 14, 2013.

[2] Costales, Bryan; Assmann, Claus; Jansen, George; Shapiro, Gregory Neil (2007-10-26). sendmail: Build and Administer sendmail. "O'Reilly Media, Inc.". ISBN 978-0-596-55534-4.

[3] C. Hutzler; D. Crocker; P. Resnick; E. Allman; T. Finch (November 2007). Email Submission Operations: Access and Accountability Requirements. IETF. doi: 10.17487/RFC5068 . RFC 5068 . Retrieved 13 February 2013. Access Providers MUST NOT block users from accessing the external Internet using the SUBMISSION port 587.

[4] Amir Herzberg (19 May 2009). "DNS-based email sender authentication mechanisms: A critical review". Computers & Security. 28 (8): 731–742. doi:10.1016/j.cose.2009.05.002.

[5] Jeremy Blosser and David Josephsen (November 2004). "Scalable Centralized Bayesian Spam Mitigation with Bogofilter". Proceedings of LISA '04: Eighteenth Systems Administration Conference. USENIX . Retrieved 24 June 2010.

[6] Cyrus Daboo (March 2011). "Email Submission". Use of SRV Records for Locating Email Submission/Access Services. IETF. sec. 3.1. doi: 10.17487/RFC6186 . RFC 6186 . Retrieved 17 April 2013.

[1]

[2]

[3]

[4]

[5]

[6]