SnertSoft: We Serve Your Server

Barricade MX

«An SMTP Filtering Proxy»


Authentication. In the context of mail, SMTP AUTH (RFC 2554, 4954), is an extension that allows for assorted different mechanisms to be used to accept authentication creditials, ie. account name and password details. Most common are LOGIN and PLAIN (RFC 2595, 4616), which are insecure clear text mechanisms support by most MUA. Some others mechanisms include CRAM-MD5 (RFC 2195), DIGEST-MD5 (RFC 2831), KERBEROS_V5 (RFC 4752).
Domain Name Service is a distributed database that acts a phone book to the Internet. Typically used to map domain names and machine names into IP addresses, though many other related pieces of information can be found through the DNS. See RFC 1034, 1035.
DNS A or AAAA record
A domain name record used to map a domain name into an IPv4 or IPv6 address. This is the opposite to a PTR record discussed below. See RFC 1035, 3596.
DNS MX record
A mail exchange record that specifies where mail destined for a domain name should be sent. See RFC 1035 and 2821.
DNS PTR record
A domain name pointer record used to map an IP address into a domain name. This is the opposite to an A or AAAA record. See RFC 1035.
DNS TXT record
A domain name text record used to store arbitrary text or binary data. Used by many DNS blacklists for comments and for SPF tests. See RFC 1035.
Delivery Status Notification is more commonly referred to as a "bounce message" or Non-Delivery Report. It provides a summary as to why a messsage could not be delivered.
Enhanced Message-ID as Email Watermark.
Full Qualified Domain Name is typically a host name of a machine connected to the Internet that is three or more labels in length, such as A host name may also be a domain name, such as or, though such usage is frowned upon. While not strictly a FQDN, an IP-domain literal, which is an IP address between square brackets ([, ]), for example "[]" and can often be used in place of host name.
Hyper-Text Transfer Protocol is used for requesting web resources such as documents and images. See RFC 2616.
Internet Engineering Task Force is an open international community concerned with the evolution of the Internet architecture and the smooth operation; they review Internet Drafts and published RFC documents, which typically pertain to interoperability over the Internet.
Internet Protocol version 6, the successor to the original Internet Protocol version 4. See RFC 3516.
Message Disposition Notification is the term for the various flavours of "return receipts" defined by RFC 3798,
Mail Submission Agent is a special SMTP server that listens on port 587 and is the entry point for new mail into the mail system. It can typically validate and/or authenticate the origin of the mail as coming from a known user.
Mail Transfer Agent is an SMTP client/server that listens normally on port 25 and handles the routing and delivery of mail between remote locations. It makes up the backbone of the Internet mail system. When smtpf is installed, it is configured to listen on port 25. Any MTA that was previous configured to listen on port 25 of the same machine, has to be configured to listen on an unused port, such as port 26; ideally only on the localhost interface.
Mail User Agent is the end user's mail program that is used to compose, send, and read mail.
Multipurpose Internet Mail Extensions used to specify how mail attachments can encoded and transfered using mail messages. Also used for HTTP. There are many RFC documents pertaining to MIME. The initial set to start with are 2045, 2046, 2047, 2048, 2049, 2387, ...
Request For Comments: originally intended as published technical documents related to Internet operations that was intended to solicit feedback. Now RFC are more formal documents providing information, approved standards, protocols, experimental options, etc. New RFC documents start life as an Internet Draft to be discussed and are later voted on for approval, further review, or dropped by the IETF.
Proxy or Gateway
An intermediary server or application that accepts requests from clients, screening and/or caching them, before forward the requests to other proxy servers, origin servers, or services. Gateway is often used as a synonym for "proxy server".
Simple Mail Transfer Protocol. See RFC 821, 822, 1870, 1985, 2554, 2821, 2822, 2920, 3463, 3848, 4954. 5321. 5322. There are several other RFC documents for SMTP extensions not mentioned here.

Briefly, an SMTP session follows these states: connection, HELO/EHLO, AUTH, MAIL, RCPT, DATA, content, dot, QUIT. Each successful MAIL command during the SMTP session starts a new message transaction, which ends when either the final dot is sent or RSET is given. For each message, there can be more than one RCPT given.

Of the information obtained from each state, only the IP address of the SMTP client and each valid RCPT address specified can be relied upon. Even then, the connecting IP might be questionable, because it's possibly in a dynamic IP address pool, the reverse DNS of the IP is often poorly configured or non-existent, or the WhoIs information about IP and domain assignment might be restricted, due to privacy concerns (RFC 3912). As for the other states, the HELO, MAIL, and message content can be misrepresented or faked, and thus cannot be immediately trusted.

Most spam filtering techniques fall into two classes: those that act on the SMTP client's IP address and envelope information (pre-DATA) and those that act on the message content (post-DATA). This distinction is important, because once the DATA command is accepted by the receiving server, it is generally committed to reading the entire message until the SMTP client indicates it has finished. This, of course, consumes bandwidth and system resources, so several filtering techniques attempt to make a decision based on policy or behaviour before accepting DATA in order to avoid/reduce more expensive forms of filtering after.

Sender Policy Framework is an experimental protocol. See RFC 4408.
Global Top Level Domain such as .com, .net, and .org. In most cases Country Code Top Level Domain that have a secondary level classification, for example,, or can be lump together under TLD.
Time To Live is the life span for some piece of locally stored information before it expires and is retested or refetched. This value is typically expressed in seconds.
Uniform Resource Identifiers, Uniform Resource Locators, and Uniform Resource Names are used to specify how and where an object or resource can be found. See RFC 2396.

- TOP -