LESSON 4 SERVICES AND CONNECTIONS part III

4.1.2 E-Mail – POP and SMTP
The second most visible aspect of the Internet is probably e-mail. On your computer, you use
an e-mail client, which connects to a mail server. When you set up your e-mail account, you
are given a unique name in the form of user@domain. You are also asked to provide a
password to use to retrieve your e-mail.
The SMTP protocol, which is used to send e-mail, does not require a password. This may not
have been a fault when the protocol was designed, and the Internet was a small world
inhabited by like minded people, but now it has become a loophole which allows for
unauthorized use of mail servers and various other tricks, such as 'e-mail spoofing', in which
someone sends an e-mail that appears to come from another address. However, some mail
servers minimize this flaw by implementing an authentication step, in which you must prove
your identity before you can send an e-mail.
One important thing to remember is, despite being password protected, e-mail is not a way
to send secure information. Most POP clients and servers require that your password be
communicated – unencrypted – to your mail server. This doesn't mean than anyone who
receives an e-mail from you also receives your password; but it does mean that someone with

the right knowledge and tools can relatively easily 'sniff out' your password. (For ideas on
making your e-mail more secure, see Lesson 9: E-mail Security.)

 

4.1.2 电子邮件-POP和SMIP

因特网中第二大可见的部分是电子邮件。你的电脑使用一个电子邮件客户端连接邮件服务器。当你创建你的电子邮件账户时，

你会得到用户名@域名形式的用户名。同时你要设置一个密码取回邮件。

发送邮件中使用的SMTP协议不需要密码。当该协议被设计出来的时候这不是一个问题，当时的互联网很小，而且用户都是

理性的人。但是现在这成了一个漏洞，这个漏洞准许非法的网站服务器的运行以及其他的问题，譬如‘电子邮件戏弄’，即

一个人用一个地址给你发送邮件，但是显示的却是另一个地址。但是，一些网站正在采取一些验证措施来减少这些漏洞，所以

在发送电子邮件时你需要验证你的身份。

要记住的重要的一点是，尽管有密码保护，电子邮件都不是可以发送保密信息的方式。大多数的POP客户端和服务器需要你将密码

-非加密的-发送到你的邮件服务器上。这不是说任何收到你邮件的人都会得到你的密码，但是这却意味着有相关知识和工具的人

可以很容易的得到你的密码（想让你的电子邮件更加安全，学习第九节：电子邮件安全）。

 

4.1.3 IRC
IRC, or Internet relay chat, is where the unregulated nature of the Internet is most clearly
expressed. On IRC, anyone with anything to say gets a chance to say it.
You may be familiar with the chat rooms used by certain online services. IRC is just like a chat
room, only there are no rules, there are no standards, and – quite often – there are no
chaperones. You may find exactly what you are looking for on an IRC channel, or you just
may find something that you had rather you never knew existed.
All the rules that you've heard about chat rooms are applicable to IRC channels. Don't tell
anyone your real name. Don't give out your phone number, your address, or your bank
account numbers. But have fun!
Exercises:
Find and join three IRC channels which focus on security topics. How do you join in the public
conversation? What do you have to do to have a private conversation with a person?
It is possible to exchange files through IRC. How could you do this? Would you always want to
exchange files through IRC? Why or why not?

 

4.1.3 IRC

IRC，即互联网中继聊天，是因特网未经改变的自然最直接的体现方式。通过互联网中继聊天，任何人都有机会说想说的。

你可能对某个在线服务器的聊天室很熟悉。互联网中继聊天就像一个聊天室，不过没有规则，没有标准，也没有监管人。

在互联网聊天频道上你可能会找到你所要找到的信息，或者发现你根本不知道会存在的信息。

你在聊天室所听到的所有的规则对IRC频道都适用。别告诉任何人你的真实姓名。别给别人你的电话号码，地址和

银行账号。但是玩的开心。

练习：

找到并加入3个集中在安全话题的IRC频道。你如何融入到公共聊天中去的？在私人聊天的时候你怎么做？

可以通过IRC传送文件。你怎样做的？你想经常通过IRC传送文件吗？为什么？