The general principle of using ETRN is in a scenario where there is a primary mail server that may have questionable reliability in terms of connectivity and availability.
<p>It is recommended that a domain name has at least 2 MX records, and the secondary record can simply be a backup mail server. The advantage of this is that even if your primary email server is offline, mail can be securely connected from any internet host that attempts delivery, and this deferred email can be collected later. The secondary backup server in this scenario will be configured to collect all email for the domain name, but will not permanently queue it. For example, it will not attempt immediate forward delivery. In the meantime, the primary server is configured to dequeue the backup server.
The ETRN command is the command what paths do social engineers follow? used to remove the queue. When a de-queue command is verified and processed by the backup server, the backup server will send messages for that domain to a specified host, the primary server. With respect to the primary server, it observes new messages coming from the Internet as it normally does.
ETRN and Security
1. TLS and SSL support
The server supports TLS v1.0 via the closing the sale one commitment at a time STARTTLS command (via the regular plaintext SMTP protocol on port 25) and also accepts connections via SMTP over SSL via port 465. Using either of these methods will ensure secure transmission of the ETRN request and authentication.
2. User authentication
The server requires a valid username and password to be sent to the server. A before accepting any requests using PLAIN or CRAMMD5 as the authentication sault data protocol. It is recommended to use CRAMMD5 if the server. A being configured supports it. It is important to note that a secure connection must be established via. A SSL or STARTLS for authentication to proceed. Almost all modern email server software has a TLS handshake. A field that can be filled with the username and password.
3. DNS and target host security
The server will be configured to only send mail destined for a domain to. A specific hostname (either the hostname or your primary mail server). This is hard-configured on the server to prevent potential. A attacks on public DNS information from accidentally causing your email to be redirected to a 3rd party host.
