ESMTP vs SMTP
Question
Which two statements are true when comparing ESMTP and SMTP? (Choose two.)
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E.CE.
SMTP (Simple Mail Transfer Protocol) and ESMTP (Extended Simple Mail Transfer Protocol) are both email protocols that are used to transfer email messages between mail servers. However, there are some differences between these two protocols. Let's look at each of the statements given in the question and determine which ones are true.
A. Only SMTP inspection is provided on the Cisco ASA firewall.
This statement is false. The Cisco ASA firewall provides both SMTP and ESMTP inspection. SMTP inspection is used to detect and prevent SMTP-related attacks such as buffer overflow, protocol normalization, and SMTP session hijacking. ESMTP inspection, on the other hand, provides additional protection against ESMTP-based attacks such as ESMTP command injection.
B. A mail sender identifies itself as only able to support SMTP by issuing an EHLO command to the mail server.
This statement is false. When a mail sender connects to a mail server, it identifies itself by issuing an EHLO command, regardless of whether it supports SMTP or ESMTP. The EHLO command is used by both SMTP and ESMTP to initiate a connection with a mail server and to identify the client to the server.
C. ESMTP mail servers will respond to an EHLO with a list of the additional extensions they support.
This statement is true. When an ESMTP mail server receives an EHLO command from a client, it responds with a list of the additional extensions that it supports. These extensions can include authentication mechanisms, encryption protocols, and other features that are not supported by standard SMTP.
D. SMTP commands must be in upper case, whereas ESMTP can be either lower or upper case.
This statement is false. Both SMTP and ESMTP commands can be in either upper or lower case. However, it is common practice to use uppercase for SMTP commands and lowercase for ESMTP commands.
E. ESMTP servers can identify the maximum email size they can receive by using the SIZE command.
This statement is true. ESMTP servers can use the SIZE command to specify the maximum email message size they can accept. This can help prevent denial-of-service attacks by limiting the size of incoming email messages.
Therefore, the two true statements are:
- ESMTP mail servers will respond to an EHLO with a list of the additional extensions they support.
- ESMTP servers can identify the maximum email size they can receive by using the SIZE command.
