POP before SMTP
Encyclopedia
POP before SMTP or SMTP after POP is a method of authorization
used by mail server software which helps allow users the option to send e-mail from any location, as long as they can demonstrably also fetch their mail from the same place.
Technically, users are allowed to use SMTP from an IP address
as long as they have previously made a successful login
into the POP service at the same mail hosting provider, from the same IP address, within a predefined timeout period
.
The main advantage of this process is that it's generally transparent to the average user who will be connecting with an email client, which will almost always make a connection to fetch new mail before sending new mail. The disadvantages include a potentially complex setup for the mail hosting provider (requiring some sort of communication channel between the POP service and the SMTP service) and uncertainty as to how much time users will take to connect via SMTP (to send mail) after connecting to POP.
Those users not handled by this method need to resort to other authorization methods. Also, in cases where users come from externally controlled dial-up addresses (more specifically, all dynamically assigned IP addresses), the SMTP server must be careful about not giving too much leeway when allowing unauthorized connections, because of a possibility of race condition
s leaving an open mail relay
unintentionally exposed.
Authorization
Authorization is the function of specifying access rights to resources, which is related to information security and computer security in general and to access control in particular. More formally, "to authorize" is to define access policy...
used by mail server software which helps allow users the option to send e-mail from any location, as long as they can demonstrably also fetch their mail from the same place.
Technically, users are allowed to use SMTP from an IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
as long as they have previously made a successful login
Logging (computer security)
In computer security, a login or logon is the process by which individual access to a computer system is controlled by identifying and authentifying the user referring to credentials presented by the user.A user can log in to a system to obtain access and can then log out or log off In computer...
into the POP service at the same mail hosting provider, from the same IP address, within a predefined timeout period
Timeout (telecommunication)
In telecommunication and related engineering , the term timeout or time-out has several meanings, including...
.
The main advantage of this process is that it's generally transparent to the average user who will be connecting with an email client, which will almost always make a connection to fetch new mail before sending new mail. The disadvantages include a potentially complex setup for the mail hosting provider (requiring some sort of communication channel between the POP service and the SMTP service) and uncertainty as to how much time users will take to connect via SMTP (to send mail) after connecting to POP.
Those users not handled by this method need to resort to other authorization methods. Also, in cases where users come from externally controlled dial-up addresses (more specifically, all dynamically assigned IP addresses), the SMTP server must be careful about not giving too much leeway when allowing unauthorized connections, because of a possibility of race condition
Race condition
A race condition or race hazard is a flaw in an electronic system or process whereby the output or result of the process is unexpectedly and critically dependent on the sequence or timing of other events...
s leaving an open mail relay
Open mail relay
An open mail relay is an SMTP server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users...
unintentionally exposed.
See also
- SMTP AUTH specified in RFC 4954
- Mail submission protocol specified in RFC 6409