邮件传输协议外文翻译文献.docx

邮件传输协议外文翻译文献.docx

《邮件传输协议外文翻译文献.docx》由会员分享，可在线阅读，更多相关《邮件传输协议外文翻译文献.docx（13页珍藏版）》请在冰豆网上搜索。

邮件传输协议外文翻译文献

邮件传输协议外文翻译文献

（文档含中英文对照即英文原文和中文翻译）

外文:

SMTPServiceExtensionforAuthentication

ThisdocumentspecifiesanInternetstandardstrackprotocolfortheInternetcommunity,andrequestsdiscussionandsuggestionsforimprovements.Pleaserefertothecurrenteditionofthe"InternetOfficialProtocolStandards"（STD1）forthestandardizationstateandstatusofthisprotocol.Distributionofthismemoisunlimited.

Thereareusuallytwooperatingmodes:

SMTPtosendandreceiveSMTP.Specificway:

tosendSMTPmailinthereceiveduserrequesttodeterminewhetherthise-maillocalmail,ifsenttotheuser'smailboxdirectinvestment,ortochecktheremotemailserverdnsMXrecord,andtheestablishmentoftheremotereceivedatwo-waybetweentheSMTPtransmissionchannel,thenbythesendingSMTPcommandissuedbythereceivingSMTPtoreceive,andanswerthecounter-sidedelivery.Oncethetransmissionchannelisestablished,SMTPMAILcommandspecifyingthesendersendsthemessagesender.IftherecipientcanreceivemailSMTPOKresponseisreturned.SMTPRCPTcommandissuedforthesendertoconfirmwhetherthemessageisreceived.IftheSMTPrecipientreceives,itreturnsOKresponse;ifyoucannotreceive,thenrefusedtoacceptresponsetoissue（butdoesnotsuspendoperationoftheentiremessage）,thetwosideswillrepeatsomanytimes.Whentherecipientsreceiveallmessageswillreceiveaspecialsequence,iftherecipientofthemessagesuccessfullyprocessed,itreturnsOKresponse.

SMTPcommandsdefinethemailtransferorbyuser-definedsystemfunctions.ItscommandisEndofthestring.Inthecasewithparameters,thecommanditselfisandtheparametersseparately,ifnotdirectly,andwithparametersConnection.Mailboxsyntaxandreceivingsitesmustbeconsistentwiththeform.SMTPcommandsandresponsesarediscussedbelow.Sende-mailoperationsinvolvingdifferentdataobjects,theirmutualconnectionbydifferentparameters.ReplyPathparameteristheMAILcommand,theforwardpathistheRCPTcommandparameter,themessagedateistheDATAcommand.Theseargumentsordataobjectsmustfollowthecommand.Thismodelalsorequiresadifferentbuffertostoretheobjects,thatis,thereisapathbackbuffer,aforwardpathbuffer,thecontentsofamessagebuffer.Thecommandgeneratesitsownspecificbuffer,ortooneormoreofthecontentsofthebufferiscleared.

AnimportantfeatureofSMTPisitsabilitytotransmitmessagesintheRelay,TransferServiceprovidesinter-processcommunication（IPCE）,andthisenvironmentmayincludeanetwork,severalnetworksoranetworksubnet.Understandthatthetransmissionsystem（orIPCE）isnotaonetooneveryimportant.ProcessandotherprocessesmaybedirectlythroughthecommunicationsofknownIPCE.Mailisanapplicationorinter-processcommunication.MailcanbeconnectedindifferentIPCEtheprocessofinter-networkmaildelivery.Morespecifically,mailcanbeahostofdifferentnetworkrelaytransmission.

KnownastheSimpleMailTransferProtocolSMTP（SimpleMailTransferProtocol）,aimtoprovideefficientandreliablemessagetransfer.AnimportantfeatureofSMTPisitsabilitytotransmitmessagesintheRelay,thatthemessagecanbedifferentrelayhostsonthenetworktransmission.Workintwosituations:

First,e-mailtransmissionfromtheclienttotheserver;secondisfromoneservertoanotherserver.SMTPisarequest/responseprotocol,itlistenport25,forreceivingtheuser'sMailrequesttoestablishwiththeremoteMailserverSMTPconnection.

CopyrightNotice

Copyright（C）theInternetSociety（1999）.AllRightsReserved.

1.Introduction

ThisdocumentdefinesanSMTPserviceextension[ESMTP]wherebyanSMTPclientmayindicateanauthenticationmechanismtotheserver;performanauthenticationprotocolexchange,andoptionallynegotiatesecuritylayerforsubsequentprotocolinteractions.ThisextensionisaprofileoftheSimpleAuthenticationandSecurityLayer[SASL].

2.ConventionsUsedinthisDocument

Inexamples,"C:

"and"S:

"indicatelinessentbytheclientandserverrespectively.Thekeywords"MUST","MUSTNOT","SHOULD","SHOULDNOT",and"MAY"inthisdocumentaretobeinterpretedasdefinedin"KeywordsforuseinRFCstoIndicateRequirementLevels"[KEYWORDS].

3.TheAuthenticationserviceextension

（1）ThenameoftheSMTPserviceextensionis"Authentication"

（2）TheEHLOkeywordvalueassociatedwiththisextensionis"AUTH"

（3）TheAUTHEHLOkeywordcontainsasaparameteraspaceseparatedlistofthenamesofsupportedSASLmechanisms.

（4）AnewSMTPverb"AUTH"isdefined

（5）Anoptionalparameterusingthekeyword"AUTH"isaddedtotheMAILFROMcommand,andextendsthemaximumlinelengthoftheMAILFROMcommandby500characters.

（6）Thisextensionisappropriateforthesubmissionprotocol[SUBMIT].

4.TheAUTHcommandAUTHmechanism[initial-response]

Arguments:

AstringidentifiesaSASLauthenticationmechanism.Anoptionalbase64-encodedresponse

Restrictions:

AfteranAUTHcommandhassuccessfullycompleted,nomoreAUTHcommandsmaybeissuedinthesamesession.AfterasuccessfulAUTHcommandcompletes,aserverMUSTrejectanyfurtherAUTHcommandswitha503reply.TheAUTHcommandisnotpermittedduringamailtransaction.

Discussion:

TheAUTHcommandindicatesanauthenticationmechanismtotheserver.Iftheserversupportstherequestedauthenticationmechanism,itperformsanauthenticationprotocolexchangetoauthenticateandidentifytheuser.Optionally,italsonegotiatesasecuritylayerforsubsequentprotocolinteractions.Iftherequestedauthenticationmechanismisnotsupported,theserverrejectstheAUTHcommandwitha504reply.

Theauthenticationprotocolexchangeconsistsofaseriesofserverchallengesandclientanswersthatarespecifictotheauthenticationmechanism.Aserverchallenge,otherwiseknownasareadyresponse,isa334replywiththetextpartcontainingaBASE64encodedstring.TheclientanswerconsistsofalinecontainingaBASE64encodedstring.Iftheclientwishestocancelanauthenticationexchange,itissuesalinewithasingle"*".Iftheserverreceivessuchananswer,itMUSTrejecttheAUTHcommandbysendinga501reply.

Theoptionalinitial-responseargumenttotheAUTHcommandisusedtosavearoundtripwhenusingauthenticationmechanismsthataredefinedtosendnodataintheinitialchallenge.

Whentheinitial-responseargumentisusedwithsuchamechanism,theinitialemptychallengeisnotsenttotheclientandtheserverusesthedataintheinitial-responseargumentasifitweresentinresponsetotheemptychallenge.Unlikeazero-lengthclientanswertoa334reply,azero-lengthinitialresponseissentasasingleequalssign（"="）.Iftheclientusesaninitial-responseargumenttotheAUTHcommandwithamechanismthatsendsdataintheinitialchallenge,theserverrejectstheAUTHcommandwitha535reply.

IftheservercannotBASE64decodetheargument,itrejectstheAUTHcommandwitha501reply.Iftheserverrejectstheauthenticationdata,itSHOULDrejecttheAUTHcommandwitha535replyunlessamorespecificerrorcode,suchasonelistedinsection6,isappropriate.Shouldtheclientsuccessfullycompletetheauthenticationexchange,theSMTPserverissuesa235reply.

Theservicenamespecifiedbythisprotocol'sprofileofSASLis"SMTP".

IfasecuritylayerisnegotiatedthroughtheSASLauthenticationexchange,ittakeseffectimmediatelyfollowingtheCRLFthatconcludestheauthenticationexchangefortheclient,andtheCRLFofthesuccessreplyfortheserver.Uponasecuritylayer'stakingeffect,theSMTPprotocolisresettotheinitialstate（thestateinSMTPafteraserverissuesa220servicereadygreeting）.TheserverMUSTdiscardanyknowledgeobtainedfromtheclient,suchastheargumenttotheEHLOcommand,whichwasnotobtainedfromtheSASLnegotiationitself.TheclientMUSTdiscardanyknowledgeobtainedfromtheserver,suchasthelistofSMTPserviceextensions,whichwasnotobtainedfromtheSASLnegotiationitself（withtheexceptionthataclientMAYcomparethelistofadvertisedSASLmechanismsbeforeandafterauthenticationinordertodetectanactivedown-negotiationattack）.TheclientSHOULDsendanEHLOcommandasthefirstcommandafterasuccessfulSASLnegotiationwhichresultsintheenablingofasecuritylayer.

Theserverisnotrequiredtosupportanyparticularauthenticationmechanism,norareauthenticationmechanismsrequiredtosupportanysecuritylayers.IfanAUTHcommandfails,theclientmaytryanotherauthenticationmechanismbyissuinganotherAUTHcommand.

IfanAUTHcommandfails,theserverMUSTbehavethesameasiftheclienthadnotissuedtheAUTHcommand.

TheBASE64stringmayingeneralbearbitrarilylong.ClientsandserversMUSTbeabletosupportchallengesandresponsesthatareaslongasaregeneratedbytheauthenticationmechanismstheysupport,independentofanylinelengthlimitationstheclientorservermayhaveinotherpartsofitsprotocolimplementation.

Examples:

S:

220ESMTPserverready

C:

EHLO

S:

250-

S:

250-AUTHCRAM-MD5DIGEST-MD5

C:

AUTHFOOBAR

S:

504unrecognizedauthenticationtypes.

C:

AUTHCRAM-MD5

S:

235Authenticationsuccessful.

5.TheAUTHparametertotheMAILFROMcommand

AUTH=addr-spec

Arguments:

Anaddr-speccontainingtheidentitywhichsubmittedthemessagetothedeliverysystem,orthetwocharactersequence"<>",indicatingsuchanidentityisunknownorinsufficientlyauthenticated.

Discussion:

TheoptionalAUTHparametertotheMAILFROMcommandallowscooperatingagentsinatrustedenvironmenttoc