NordVPN Promotion

Home / Blogs

Making Multi-Language Mail Work (Part 1)

Protect your privacy:  Get NordVPN  [ Deal: 73% off 2-year plans + 3 extra months ]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

Mail software consists of a large number of cooperating pieces, described in RFC 5598. A user composes a message with a Mail User Agent (MUA), which passes it to a Mail Submission Agent (MSA), which in turn usually passes it to a sequence of Mail Transfer Agents (MTAs), which eventually hand it to a Mail Delivery Agent (MDA) to place it in the user’s mail store. If the recipient user doesn’t read mail on the same computer with the mail store (as is usually the case these days) POP or IMAP transfers the mail to the recipient’s MUA.

EAI affects all of these pieces. In this article we’ll look at some parts that don’t directly interact with users, MSA, MTA, and MDA.

EAI Mail Submission

As I described in last year’s articles, EAI creates a new parallel mail stream that can handle mail with UTF-8 characters in the mailbox name and other places that traditional SMTP mail doesn’t. The MSA uses a new option code, SMTPUTF8, to tell MUAs that it can handle EAI mail. When an MUA submits a message that needs EAI features, it in turn uses the SMTPUTF8 option to say that this is an EAI message.

Since there will be parallel EAI and non-EAI mail streams for a long time, MSAs will have to support both, so for each submitted message, an MSA has to remember what kind of message it is, and a well-written MSA will try to verify whether an EAI message can actually be delivered. For example, if an EAI message is sent to an ASCII address, and the address happens to be handled by the same mail server as the MSA, it may be able to check whether that address is enabled for EAI mail, and if not immediately reject the message.

Since it is legal, albeit sloppy, to submit an ASCII message but set the UTFSMTP8 option, the MSA might check to see whether it’s really an ASCII message, what I’ve called Deep Message Inspection, and if so treat it as one. Or if the recipient can’t handle EAI, but the MSA happens to know that the submitting user also has an ASCII address and the message doesn’t have other characteristics that require EAI, it is allowed (not required) to rewrite the message using ASCII addresses and turn it into an ASCII message.

EAI Mail Transfer

MTAs will also need to manage two mail streams, for ASCII and EAI mail. If an MTA receives an EAI message for an ASCII-only recipient, it will typically reject or bounce it. (The experimental predecessor of EAI tried to invent a general purpose EAI to ASCII downgrade scheme, but it turned out to be flaky and unworkable.) It could also do Deep Message Inspection to check whether EAI messages are in fact ASCII messages, and handle them as such. As mail is relayed to other MTAs, it needs to check that a recipient MTA for an EAI message supports UTFSMTP8 and if not, to bounce the message back to the sender.

EAI Mail Delivery

Some mail systems may make a “flash cut” so that all of their mailboxes handle EAI. Others may let users upgrade individually, as they upgrade their user mail software to handle EAI. In the latter case, the MDA needs to remember who handles EAI and who doesn’t, so it can bounce EAI mail to non-EAI mailboxes. Alternatively, even if not all users have EAI software, a mail system can accept EAI mail to every mailbox, let the POP or IMAP server deal with the incompatibilities when the user tries to pick up the mail.

In our next installment, we’ll look at what happens when there’s EAI mail in an ASCII user’s mailbox.

By John Levine, Author, Consultant & Speaker

Filed Under

Comments

EAI Marcel Doe  –  Nov 20, 2012 12:31 PM

EAI means Email Address Internationalization? It might be worth mentioning as it seems to be the main topic of the article. I knew all the other acronyms that you do explain, but never heard of EAI.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

NordVPN Promotion