Some notes on how email works... or how to send emails using nslookup and telnet.
So you want to send nicolashubbard@hotmail.com an email. How is this done?
A mail client is used to compose the email - the memo header and body. I normally use use Outlook Express. It's configured to send SMTP to a local server "gateway" on port 25.
How does SMTP work? Here's the RFC.
How does the Simple Mail Transfer Protocol (SMTP) server know where to send the email?
Machines which are physically connected to the Internet each have a unique IP address. DNS is a distributed database of mappings between machine names and their IP addresses.
In order to communicate with a system, one machine must get the IP-address of the machine it wants to talk to from the DNS first. These are stored in the DNS in what are known as "A" records.
However, there are many named machines that are not always connected physically to the Internet. In order to get mail to these boxes, the DNS contains an "MX" record.
The "MX" record, instead a dotted IP-address, holds the name of the system which
does have an IP-address and knows how to get mail to the real destination system.
MX-records also have a number which is a "Precedence" number. They are tried in
order from the lowest, but
always skipping any MX-records which point to itself.
I can obtain the name of an SMTP server at hotmail.com by using nslookup:
| C:\>nslookup Default Server: cache-2.ns.demon.net Address: 158.152.1.43 > set domain=hotmail.com > hotmail.com Server: cache-2.ns.demon.net Address: 158.152.1.43 Non-authoritative answer: hotmail.com nameserver = ns1.hotmail.com hotmail.com nameserver = ns2.hotmail.com hotmail.com nameserver = ns3.hotmail.com hotmail.com nameserver = ns4.hotmail.com hotmail.com nameserver = ns1.jsnet.com hotmail.com MX preference = 10, mail exchanger = mc2.law13.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc3.law13.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc4.law13.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc5.law13.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc6.law13.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc7.law13.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc4.law5.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc5.law5.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc6.law5.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc7.law5.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc1.law5.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc2.law5.hotmail.com hotmail.com MX preference = 10, mail exchanger = mc1.law13.hotmail.com hotmail.com internet address = 64.4.43.7 hotmail.com internet address = 64.4.44.7 hotmail.com internet address = 64.4.45.7 hotmail.com internet address = 64.4.52.7 hotmail.com internet address = 64.4.53.7 hotmail.com internet address = 64.4.54.7 hotmail.com primary name server = ns1.hotmail.com responsible mail addr = dns.hotmail.com serial = 2001101802 refresh = 28800 (8 hours) retry = 3600 (1 hour) expire = 604800 (7 days) default TTL = 3600 (1 hour) hotmail.com nameserver = ns1.hotmail.com hotmail.com nameserver = ns2.hotmail.com hotmail.com nameserver = ns3.hotmail.com hotmail.com nameserver = ns4.hotmail.com hotmail.com nameserver = ns1.jsnet.com ns1.hotmail.com internet address = 216.200.206.140 ns2.hotmail.com internet address = 216.200.206.139 ns3.hotmail.com internet address = 209.185.130.68 ns4.hotmail.com internet address = 64.4.29.24 ns1.jsnet.com internet address = 209.1.113.3 mc2.law13.hotmail.com internet address = 64.4.49.71 mc3.law13.hotmail.com internet address = 64.4.49.135 mc4.law13.hotmail.com internet address = 64.4.49.199 mc5.law13.hotmail.com internet address = 64.4.50.7 mc6.law13.hotmail.com internet address = 64.4.50.71 mc7.law13.hotmail.com internet address = 65.54.232.7 mc4.law5.hotmail.com internet address = 64.4.56.135 mc5.law5.hotmail.com internet address = 64.4.56.199 mc6.law5.hotmail.com internet address = 64.4.55.7 mc7.law5.hotmail.com internet address = 64.4.42.7 mc1.law5.hotmail.com internet address = 64.4.55.71 mc2.law5.hotmail.com internet address = 64.4.55.135 mc1.law13.hotmail.com internet address = 64.4.49.7 > |
I can now think about sending an email to nicolashubbard@hotmail.com, doing it manually.
Here I'm using telnet to connect to mc1.law13.hotmail.com on port 25. I've turned on local echo. My typing is highlighted in green.
| 220-HotMail (NO UCE) ESMTP server ready at Sun, 28 Oct 2001 14:42:46 -0800 220 ESMTP spoken here helo fred 250 Requested mail action okay, completed mail from:<nick@anotherurl.com> 250 Requested mail action okay, completed rcpt to:<nicolashubbard@hotmail.com> 250 Requested mail action okay, completed data 354 Start mail input; end with <CRLF>.<CRLF> hello this is in the memo header in the body now! .. not the end . 250 Requested mail action okay, completed quit 220 bye |
Off I go to Hotmail and get the email:
in the body now! . not the end
It works! Hotmail doesn't let me see the memo header, and the sender email is <unknown>.
Driving this app, like anything that has an ancestry in the UNIX world, is terse. That's being polite.
If your pc is connected to the internet, you can use nslookup to find MX records.
Run nslookup in a command shell - or whatever Bill calls Dos boxes
these days.
Once nslookup is running, it prints the name of your pc's default name server and the IP address for that machine, then a > character as a prompt and awaits input:
| C:\>nslookup Default Server: cache-2.ns.demon.net Address: 158.152.1.43 > |
To persuade nslookup to look up only MX records, use the set command:
| > set type=mx > |
Now look up some real hosts and domains. Here I look at hotmail.com:
| > hotmail.com. Server: cache-2.ns.demon.net Address: 158.152.1.43 Non-authoritative answer: hotmail.com MX preference = 5, mail exchanger = mx4.hotmail.com hotmail.com MX preference = 5, mail exchanger = mx1.hotmail.com hotmail.com MX preference = 5, mail exchanger = mx2.hotmail.com hotmail.com MX preference = 5, mail exchanger = mx3.hotmail.com hotmail.com nameserver = ns4.hotmail.com hotmail.com nameserver = ns1.hotmail.com hotmail.com nameserver = ns2.hotmail.com hotmail.com nameserver = ns3.hotmail.com mx1.hotmail.com internet address = 65.54.252.99 mx1.hotmail.com internet address = 65.54.254.129 mx2.hotmail.com internet address = 65.54.252.230 mx2.hotmail.com internet address = 65.54.254.145 mx3.hotmail.com internet address = 65.54.254.140 mx3.hotmail.com internet address = 65.54.253.99 mx4.hotmail.com internet address = 65.54.253.230 mx4.hotmail.com internet address = 65.54.254.151 ns1.hotmail.com internet address = 216.200.206.140 ns2.hotmail.com internet address = 216.200.206.139 ns3.hotmail.com internet address = 209.185.130.68 ns4.hotmail.com internet address = 64.4.29.24 > |
Note the trailing dot that tells nslookup that the local, default domain should not be appended prior to the lookup. Isn't that so UNIX!
The first two lines again show the name and IP address of the local DNS server. Skipping 2 lines, the next four show that the domain hotmail.com has four MX records. Mail addressed to that domain is sent to the machine with the lowest preference (cost). If that machine is down (or not accepting mail), the message is sent to the machine with the next higher cost. The last lines show the IP addresses (A records) for those machines.
| > simplystoned.net. Server: cache-2.ns.demon.net Address: 158.152.1.43 Non-authoritative answer: simplystoned.net MX preference = 1800, mail exchanger = anotherurl.com net nameserver = H.GTLD-SERVERS.net net nameserver = I.GTLD-SERVERS.net net nameserver = J.GTLD-SERVERS.net net nameserver = K.GTLD-SERVERS.net net nameserver = L.GTLD-SERVERS.net net nameserver = M.GTLD-SERVERS.net net nameserver = A.GTLD-SERVERS.net net nameserver = B.GTLD-SERVERS.net net nameserver = C.GTLD-SERVERS.net net nameserver = D.GTLD-SERVERS.net net nameserver = E.GTLD-SERVERS.net net nameserver = F.GTLD-SERVERS.net net nameserver = G.GTLD-SERVERS.net A.GTLD-SERVERS.net internet address = 192.5.6.30 > > set type=mx > anotherurl.com. Server: cache-2.ns.demon.net Address: 158.152.1.43 Non-authoritative answer: anotherurl.com MX preference = 100, mail exchanger = relay-2.mail.demon.net anotherurl.com MX preference = 10, mail exchanger = mailgate.anotherurl.com anotherurl.com MX preference = 100, mail exchanger = relay-1.mail.demon.net anotherurl.com nameserver = ns0.demon.co.uk anotherurl.com nameserver = ns1.demon.co.uk anotherurl.com nameserver = ns2.demon.net mailgate.anotherurl.com internet address = 62.49.176.2 relay-1.mail.demon.net internet address = 194.217.242.51 relay-2.mail.demon.net internet address = 194.217.242.10 ns0.demon.co.uk internet address = 158.152.1.65 ns1.demon.co.uk internet address = 158.152.1.193 ns2.demon.net internet address = 209.246.126.109 > > set type=any > anotherurl.com. Server: cache-2.ns.demon.net Address: 158.152.1.43 Non-authoritative answer: anotherurl.com MX preference = 10, mail exchanger = mailgate.anotherurl.com anotherurl.com MX preference = 100, mail exchanger = relay-1.mail.demon.net anotherurl.com MX preference = 100, mail exchanger = relay-2.mail.demon.net anotherurl.com nameserver = ns1.demon.co.uk anotherurl.com nameserver = ns2.demon.net anotherurl.com nameserver = ns0.demon.co.uk anotherurl.com nameserver = ns1.demon.co.uk anotherurl.com nameserver = ns2.demon.net anotherurl.com nameserver = ns0.demon.co.uk mailgate.anotherurl.com internet address = 62.49.176.2 relay-1.mail.demon.net internet address = 194.217.242.51 relay-2.mail.demon.net internet address = 194.217.242.10 ns0.demon.co.uk internet address = 158.152.1.65 ns1.demon.co.uk internet address = 158.152.1.193 ns2.demon.net internet address = 209.246.126.109 > |