global email forensics | expert witness | smtp

Mail Server Roles

by

Rob Walton
in

Any information system used for email purposes can have different sub-functions (roles) within it, depending on its exact role within a particular information system.  Internet standard RFC 5598 provides a clear definition of these roles.

https://www.rfc-editor.org/rfc/rfc5598.pdf

For example:

  • ADMD: ADministrative Management Domains -> This independence of administrative decision-making defines boundaries that distinguish different portions of the Internet Mail service.
  • MUA: Mail User Agent -> The client software any individual uses to send email.
  • MSA: Mail Submission Agent -> The Mail Server software that receives a message after the user sends it in the MUA. The sending user’s MUA connects directly to the MSA and submits the message into the SMTP process.
  • MTA: Mail Transfer Agent -> The Mail Server software that passes the message along to other servers (MTAs) in the series of hops between sender and receiver. There can be multiple MTAs involved in the transfer of each email message. An MTA is both an SMTP client and server.
  • MX: Mail Exchanger -> The system identified as a responsible receiver for mail sent to a given hostname or domain. This system is most often designated in a DNS record with the “MX” record type. Each destination host or domain can have multiple MXes for redundancy and load balancing purposes. The MX serves as a last step using SMTP connection.
  • MHS: The purpose of the Message Handling System (MHS) is to exchange an email message object among participants
  • MDA: Mail Delivery Agent -> The Mail Server software that provides mail messages to a user after successful authentication.

A conceptual diagram representing this relationship is shown below.

Mail Server Roles

The delivery steps between the various stages described here are immutably logged in the message header of any SMTP message as clear event types.  This information allows a clear picture of all the various stages involved in the email delivery.

These sub-roles (apart from MUA) are all roles that can typically be performed by a Mail Server – and do not alter the fact that a Mail Server will reside in a particular information system, and merely describe the sub-role it may be performing within any information system. 

An information system can be defined as an ADMD in terms of the RFC5598.

These are common examples of ADMDs:

  • Enterprise Service Providers: These ADMDs operate the internal data and/or the mail services within an organization.
  • Internet Service Providers (ISP): These ADMDs operate the underlying data communication services, which are used by one or more Relay and User. ISPs are not responsible for performing email functions, but they can provide an environment in which those functions can be performed.
  • Mail Service Providers: These ADMDs operate email services, such as for consumers or client companies.

An example of an “Enterprise Service Provider” ADMD would be an information system operated by a company or business.

It is the MTA role that we are mainly interested in when examining email delivery questions.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *