Lessons & Learnings

from real life experiences and examples

Network Protocols - Part III


SMTP stands for Simple Mail Transfer Protocol, a protocol that helps us send emails between two or more clients.This is one of the most common work that we do everyday on network. Ever wondered how some text that you write on a browser session gets delivered to someone else’s mailbox. Its actually quite simple. As the name says it works just like a mail delivery system works in a post office or a courier service.Lets us find out this journey from real world to world wide web.

From Mail:

  1. You compose a letter.
  2. Drop it in a Postbox.
  3. Postman picks up the mail.
  4. Sends it to Post office to get sealed.
  5. (optional) Letter is send to destination Post office.
  6. Postman picks up and delivers it to the address mentioned on mail.
    Simple isn’t it!! One important thing to note above is step 5 is optional depending on how far you want to send the letter.If you want to send a letter which is beyond your local post office the letter the has to be received by the destination region post office.This is how a mail deliver system works in real life.

To E-Mail:

Img_src: [https://en.wikipedia.org/wiki/File:SMTP-transfer-model.svg]

  1. User sends an email with Mail User Agent(MUA).It can be your favorite email client like outlook, gmail etc.
  2. The MUA then submits that email to mail server or SMTP server which is also referred to as Mail Submission Agent (MSA).Default SMTP port is 25, but it can also use 587.
  3. The MSA then delivers the mail to Mail Transfer Agent (MTA).Both MSA and MTA often reside in the same SMTP server and run as different agent instances.
  4. The Mail transfer Agent sends that email to the Mail Exchanger(MX)which then sends recipient SMTP server details to MTA and it connects to the exchange server as a client.
  5. Once the MX server accepts the mail it sends it to Main Delivery Agent(MDA) which is usually the recipients mail server.
  6. The mail then finally gets delivered to the recipient’s mailbox.

One key thing to note here is every domain records their own MX servers which decides which SMTP server an email has to be sent to. For example: if you are sending email from emailid@example.com to emailid@gmail.com where example.com is your private domain, then you need someone to introduce you to gmail.com before the mail is received by gmail’s SMTP server. This handshaking is done by MX servers of every domain and that is how we can send email from one domain id to another.We will do some cool exercises later in this chapter and see this practically.


NTP or Network Time Protocol is another very useful protocol that is used in networks to update time and date in machines. It is necessary that all machines communicating in a network should be updated with the correct time and date. There are various services especially the ones that involve a client to server communication depends on time on the machines.Some common use cases are:

Mail Delivery: For instance if the time between your mail client and mail server out of sync then the mail delivery system will have errors.Just imagine some email arrived five minutes before it was sent, and there even was a reply two minutes before the message was sent.
Authentication: In windows there is a service name Windows Time which is used to synchronize time in all windows servers in the domain. This is very critical especially when machines are in a windows domain and are using kerberos authentication to login (domain\username). This kind of system fails to authenticate a user if the machine time has a drift of more than 10 minutes than the server.
In Linux ntpd can be used as a service to keep the Linux servers in sync with all other network servers.
Logging: Another important use case of ntp is while logging any activity on the network correct time and date should always be maintained on the servers so that we get correct system logs.

You can setup a local NTP server in your network which sync time with ntp servers on the Internet and keeps itself updated. Other machines on the network can then point to the local ntp server and keep themselves in sync.This setup is very useful when you are on network which prevents Internet access on your client machines or dev machines.We will see how to setup NTP in our exercises later.


File Transfer Protocol as the name says is used for transferring actual data in the form of files between machines.Default FTP port is 21.Like SMTP and NTP , FTP also works on a client and server model. A FTP server is setup and files are kept in it so that others can connect using their FTP client and copy those files. Typical use cases of FTP are when you have to share some data like files, images, softwares, etc within your teammates. Instead of send a copy of file to each of them, you can keep those files within a shared directory on your FTP server and ask whoever wants then to copy from there.This makes file sharing much more easier.
Note: Some Security Tips: Accessing the FTP server can be made more secure using secure FTP or SFTP which is usually ssh based and much more secure.FTP was never build to be a secure protocol. It is very important to keep in mind that you should not open up FTP port on your private server to public Internet. This might cause unknown users to compromise your server and in turn sniff into your network. If at all you want to setup a public FTP server its always recommended to setup a secure FTP server with proper user authentication.


1. Sending email with telnet and SMTP.

The highlighted text below are the steps for sending email using gmail SMTP server.Here we are trying to send email from kamalim@thoughtworks.com to kamalika.mj@gmail.com

Connect to the SMTP server using Telnet on port 25:

[root@vm1 ~]# telnet aspmx.l.google.com 25   
Connected to aspmx.l.google.com.   
Escape character is '^]'.    
220 mx.google.com ESMTP gu1si19389627pbd.210 - gsmtp 

Once connected it will give output as above.Now Say Hello to it:

Helo aspmx.l.google.com  
250 mx.google.com at your service  

Enter the sender’s email id.Note in case of gmail SMTP the email id should within <> as below.But may or may not be the case with other SMTP servers.

mail from: <kamalim@thoughtworks.com>   
250 2.1.0 OK gu1si19389627pbd.210 - gsmtp 

Enter recipient email id :

rcpt to: <kamalika.mj@gmail.com>    
250 2.1.5 OK gu1si19389627pbd.210 - gsmtp  

Once you get OK enter the word Data to start start entering email data:

354  Go ahead gu1si19389627pbd.210 - gsmtp

Now start composing your email:

Subject: test email    
hello testing    

To end you email body put “.” and then hit Enter to send the email.You will see output as below which will tel you email is received or not.

250 2.0.0 Ok: queued as 36F5E4B8203C4    
250 2.6.0 message received  

Type Quit and Enter to end the telnet session.

221 2.0.0 aspmx.l.google.com says goodbye    

2. Testing MX record.

Using nslookup and dig we can find out details of MX records and SMTP servers of our domain as below:

$ nslookup  
> set q=MX  
> thoughtworks.com  


Non-authoritative answer:
thoughtworks.com    mail exchanger = 1 ASPMX.L.GOOGLE.com.
thoughtworks.com    mail exchanger = 10 ALT3.ASPMX.L.GOOGLE.com.
thoughtworks.com    mail exchanger = 10 ALT4.ASPMX.L.GOOGLE.com.
thoughtworks.com    mail exchanger = 5 ALT1.ASPMX.L.GOOGLE.com.
thoughtworks.com    mail exchanger = 5 ALT2.ASPMX.L.GOOGLE.com.

> gmail.com


Non-authoritative answer:
gmail.com   mail exchanger = 40 alt4.gmail-smtp-in.l.google.com.
gmail.com   mail exchanger = 10 alt1.gmail-smtp-in.l.google.com.
gmail.com   mail exchanger = 20 alt2.gmail-smtp-in.l.google.com.
gmail.com   mail exchanger = 5 gmail-smtp-in.l.google.com.
gmail.com   mail exchanger = 30 alt3.gmail-smtp-in.l.google.com.

3. Configuring and testing NTP services

Ideally you should have a NTP server in you network that syncs regularly with INTERNET time servers. All other machines on the network can then point to this box for their time syncs. Assuming you have an ntp server (public or private) here is how you can configure your machines to point to it.

In Linux

1. Install ntp:

[root@vm1 ~]# yum install ntpd (RedHat/centos/fedora)  
[root@vm1 ~]# apt-get install ntpd (ubuntu)

2. Configure upstream ntp servers:

[root@vm1 ~]# vi /etc/ntp.conf

You should see configuration as below.This tells us the pool of ntp servers that we can point to:

# Use public servers from the pool.ntp.org project.   
# Please consider joining the pool (http://www.pool.ntp.org/join.html).  
server 0.centos.pool.ntp.org iburst   
server 1.centos.pool.ntp.org iburst    
server 2.centos.pool.ntp.org iburst    
server 3.centos.pool.ntp.org iburst

If you have an local ntp server in your network you can add it to this pool.

3. Start ntp service:

[root@vm1 ~]# service ntpd start

4. Sync time with ntp server manually (Alternative Solution):

[root@vm1 ~]# service ntpd stop     
Shutting down ntpd:                                        [  OK  ]    
[root@vm1 ~]#
[root@vm1 ~]# ntpdate pool.ntp.org  
14 Jul 18:48:31 ntpdate[20918]: rate limit response
from server.  
14 Jul 21:10:56 ntpdate[20918]: step time server offset 8544.457418 sec  


In windows its always recommended to register the client machines to a windows domain and apply group policy in your windows Domain Controller to update every client with the ntp server in the domain.So that all machines in the domain remain in sync.
In windows 2012 this service is called “Windows Time”.In earlier versions it was called W32Time.