E-Mail – POP and SMTP
The second most visible aspect of the Internet is probably e-mail. On your computer, you use
an e-mail client, which connects to a mail server. When you set up your e-mail account, you
are given a unique name in the form of user@domain. You are also asked to provide a
password to use to retrieve your e-mail.
The SMTP protocol, which is used to send e-mail, does not require a password. This may not
have been a fault when the protocol was designed, and the Internet was a small world
inhabited by like minded people, but now it has become a loophole which allows for
unauthorized use of mail servers and various other tricks, such as 'e-mail spoofing', in which
someone sends an e-mail that appears to come from another address. However, some mail
servers minimize this flaw by implementing an authentication step, in which you must prove
your identity before you can send an e-mail.
One important thing to remember is, despite being password protected, e-mail is not a way
to send secure information. Most POP clients and servers require that your password be
communicated – unencrypted – to your mail server. This doesn't mean than anyone who
receives an e-mail from you also receives your password; but it does mean that someone with
the right knowledge and tools can relatively easily 'sniff out' your password.