Home Page

Firewalls

Email & Spam

Security Terminology

Security Topics

VPN & Cryptography

Wireless

 

Email Security and Spam Terminology

Zero Day Window

BATV

Bayesian Algorithm

Content and Connection control

Directory Harvesting Attacks

Email Encryption

Email Archiving

File attachments

Image scanning

Email Load balancing

Port forwarding and MX records

Reputation filters

Encrypted attachments

Grey Listing

Email Monitoring

Internal Email Security

Open Relay

Outbound email filtering

Per user quarantine area

Reverse DNS lookup & SPF

RFC Compliant emails

SMTP IMAP4 or POP3

Spoofed email

Stopping spam for Networks guide

Email Throttling

What is Spam

Which Spam filter

Whitelists and Blacklists

 

Security Products Guide

Which Anti-Virus Software?

Which Firewall?

Which Spam Filter?

Which Internet Security Suite?

 

What is Guide

What is a Firewall?

What is a Virus?

What is Spam?

 

Essential Security Guides

Securing Windows XP Guide

Securing Windows Vista Guide

A Guide to Wireless Security

 

Other

Top 8 Internet Security Tips

Why both, Firewall and Anti Virus?

Free or purchased security - Which one?

 

 

 

 

SMTP IMAP4 or POP3 Guide

 

SMTP (Simple Mail Transfer Protocol)

SMTP (Simple mail transfer protocol) is used to send e-mail messages between e-mail servers, as well as email clients and servers. The SMTP protocol is a TCP based connection running over port 25.

Email servers and gateway appliances use SMTP to send and receive email. Clients only use SMTP for sending email to a mail server. Clients receive email using POP3 or IMAP to access their email accounts.

 

POP3 and IMAP4

All emails are kept on an email server. Email is downloaded and retrieved using services such as IMAP and POP3. POP3 is the most commonly used protocol of the two. To analyse which service is better for you, you would need to look into the way both services handle email messages.

 

POP3 (Post Office Protocol Version 3)

POP3 sits on the application layer protocol and used by email clients to retrieve email from an email server. Most web based mail systems such as Yahoo and MSN provide POP3 as an additional service to deliver email to end users email clients. You can configure your client such as Outlook, Mozilla, Thunderbird, Eudora to download your emails on your local client using your Yahoo or MSN account. GMail (Google email) actually allows you to use SSL encryption via POP3, though your emails are downloaded securely and also give you an option to leave a copy of the emails on their server.

With POP3 the end user’s client software downloads the email, and so is taken off the server and stored on the local client computer; however you do get the option to leave a copy of the email on the server, or delete the email when it has been downloaded. So using POP3, emails are held on a remote server until a client retrieves the email, which they are then stored locally on the users hard drive.

Advantages using POP3

Advantages of using POP3 are having local access to emails, means users have the ability to view and edit their emails even if they are offline. Also space is only limited by your hard drive, which usually means much more space depending on how much space you have on your hard drive. Email clients offer more functionality than web based clients.

Disadvantages using POP3

The disadvantage to POP3 is, because email is downloaded locally means you will not have access to those emails on a different computer and only one user can access a mailbox at a time. You can not access you emails, and have your colleagues access the same emails at the same time. Also POP3 is slower than IMAP4, since it has to download email messages before you can view them. The other problem is if you download emails using POP3 and use the option to save a copy on the server then you would have two copies of the same email, and when your tidying up you would need to delete emails from the local hard drive and then delete the same emails on the server as well.

 

IMAP4 (Internet Message Access Protocol)

IMAP is another application layer protocol used for the retrieval of email, and has similar attributes to POP3, but has been enhanced in some aspects, overcoming some issues with POP3. With IMAP the email client is constantly connected to the email server, and does not download or make local copies of the email messages to the local client’s computer. Emails are left on the server, unless deleted by the account holder. IMAP was designed to overcome some of the problems with POP3. Using IMAP enables a user just to download the headings of an email, so they can decide which ones they want to download completely. A synchronisation occurs between the client and server and only displays message header information for emails that are on the server for that particular user.

 

IMAP4 Advantages

The advantage here with IMAP4 is you can access your emails from anywhere, since all email messages are stored on the server. IMAP is generally faster than POP3 as you’re just viewing emails on a server and unlike POP3 you’re not physically downloading it unless the user chooses to. Also with IMAP multiple users can connect to a single mailbox, this you can not do with POP3.

Because only the headings are downloaded initially, users can quickly select which emails they want to download in full, and delete the unwanted emails such as spam by just viewing the headers. This provides ease and faster access, especially for mobile users with limited bandwidth.

Email is kept on a central server, and users have the ability to organise emails while on the server. IMAPS biggest advantage is having multiple users accessing a single mailbox, and provides better search capabilities when looking for emails.

Another advantage of IMAP is an email does not need to be deleted multiple times, which can be a problem in POP3. In POP3 if a copy of an email is left on the remote server as well as being downloaded, then a user would have two copies of an email, though the need to delete an email twice, locally and remotely.

 

IMAP4 disadvantages

IMAP's major problem is, it is not widely supported, and is better for large business networks. IMAP is also a complicated protocol, and needs to be setup carefully. If a server was flooded by emails, and many users were accessing their emails at the same time as well as searching for emails, this can have a performance affect on the server, though affecting user response time.

IMAP requires an internet connection, since users would require to connect to the server every time they want to access their email messages. Another downside is the limit of storage space on a server. Also synchronisation may delay especially for users with thousands of email messages.

 

IMAP or POP3

Depending on how users access email, will determine which is better. Users working from only a single machine and use webmail to access their new emails, then POP3 is a fine solution. However user’s who share mailboxes, or access their emails from different machines, then IMAP is the preferred method.

 

In a Nutshell

In a nutshell IMAP relies on an always on connection, and POP3 is more like a dialup connection. As well as multiple users accessing the same mailbox with IMAP, the same mailbox can be viewed on multiple machines at the same time.

POP3 downloads all emails to a local machine/hard drive. POP3 is suitable for users who work from a single computer since email is downloaded to that computer. With POP3 storage is limited only by the size of your hard drive, giving you generally much more email space.

IMAP downloads message summaries/header information and does not download the complete message until the end user specifies this. Since IMAP works from a server you can use it from multiple machines, and multiple users can access the same mailbox simultaneously. IMAP is limited by space on the central remote server, or by quotas set on the server.

 

Ports used for each protocol

POP3 uses port 110 and 995 for a secure connection.

IMAP uses port 143 and 993 for a secure connection.

SMTP uses port 25 and 465 for s secure connection.

 

Spam firewalls with SMTP, IMAP, and POP3

Most spam firewalls just deal with and secure the SMTP protocol. Servers send and receive SMTP email, and these would be scanned by a spam firewall on the gateway. However some spam firewalls gives the ability to secure POP3 and IMAP4 when external users need these services to access their email.

SMTP firewalls are transparent to end user’s; there are no configuration changes to clients. Clients are still receiving and sending email messages to the email server; Microsoft Exchange or Dominos for example. The Exchange / Dominos server however would require configuring to route messages to the proxy based firewall when sending e-mail and also configured to allow emails from the proxy based firewall.

Further Reading

Wikipedia's guide to IMAP4 SMTP POP3