| This paper does the research for the POP3 protocol security strategy, and then discusses how to achieve data encryption on the POP3 protocol in the process of data transmission.In the theoretical part, it first explains the basic content of the POP3 protocol. That includes the lifecycle of a POP3 session, the three states of a POP3 session, and the explanations of POP3 commands. Then, it lists the existing security-related features of the POP3 protocol. That includes authentication, digital signature, and digital encryption. Then, it explains the entire process of how to receive an e-mail by using POP3. That includes how to receive an e-mail with Telnet. Then, it discusses some commonly used encryption algorithm, including the MD5 algorithm, DES algorithm, the Triple DES algorithm, and then AES algorithm. Then, it discusses RSA algorithm. Then, it discusses commonly used POP3 protocol transmission solution: SSL and IPSec. Finally, it introduces a POP3 mail encryption idea. That indicates that the encryption of the entire mail transmission process can be achieved by adding three security commands.In the program part, it first describes how to achieve POP3 mail server program, and the realization of the POP3 mail server referred to an online open source program which is called LumiSoft Mail Server. LumiSoft Mail Server itself supports SMTP/POP3 protocols. Its original functions are retained and security improvements are made at the same time to make it support the security commands. The improved LumiSoft Mail Server can support mail encryption and SPOP mail client. Then, it describes how to achieve POP3 mail client. POP3 mail client is based on the RFC1939, and the main function is to receive mails. The security commands are added to POP3 mail client at the same time. Finally, it analyzes the code of POP3 mail server and POP3 mail client.In the test part, it first prepares the text environment. Then, it performs a security test to prove the security difference by comparing the results between POP3 mail client and SPOP mail client. Finally, it performs a performance test to prove the performance does not lose with the improvement in security.In the last conclusion part, it first discusses three encryption algorithms (DES, Triple DES, AES) choice conditions. Then, it discusses explains SPOP servers can support POP3 clients and SPOP clients can be supported by POP3 servers. Also, the support is transparent without any configurations. Finally, it introduces some questions about how to further improve POP3 security, and also introduces the proposed solutions. |
PDF Full Text Request