Multipurpose Internet Mail Extensions

From Hill2dot0
(Redirected from MIME)
Jump to: navigation, search

Multipurpose Internet Mail Extensions is a formatting structure for describing the contents of a message (or other information structure) that contains multiple information types.

General Description

The Simple Mail Transfer Protocol (SMTP) is the protocol of choice for transporting email across the Internet. Originally, the information sent across the Internet was simple ASCII text. However, as the Internet matured, email became a vehicle for exchanging other information types as well.

We are used to receiving emails with attached pictures and various types of file. But the email system sends all of these across connections originally intended to carry simple ASCII text. To pull it off, the email has to be given a hierarchical structure where each portion of the email is preceded by an explicit indication of the type of information that follows. When the email is received, the receiving system can scan the email for these defined boundaries, read from them the type of information that follows, and then store or display the information appropriately (i.e, attachments, embedded images, etc.).

This hierarchical structure and the content information is defined by MIME, which now has application to a wide variety of vehicles (not just email). The types of content in various parts of a message body are indicated by use of the Content-type tag placed in the message. This tag identifies a type and a subtype for the mail message. Some of the possible MIME content types and subtypes include:

  • text: Indicates that the message part is text. Possible subtypes include plain (unstructured text), html (HTML formatted text), and enriched (conforms to the Rich Text Format formatting language).
  • image: Indicates that the message part contains a still-image picture. Possible subtypes include gif (Graphic Interchange Format, or GIF) and jpeg (Joint Photographic Experts Group, or JPEG).
  • audio: Indicates that the message part contains audio information. Possible subtypes include basic (refers to simple µ-law pulse code modulation), as well as x-wav (Microsoft's WAV format), and x-mpeg (Motion Picture Experts Guild, or MPEG).
  • video: Indicates that the message part contains video information. Possible subtypes include mpeg and quicktime (the Apple Quicktime video format).
  • application: Indicates that this message part is meant for applications that are associated with the email application, or mail-enabled applications. Possible subtypes include octet-stream (arbitrary binary data), msword (a document associated with Microsoft Word), and postscript (a document developed using Adobe’s PostScript format).

MIME is designed to be extensible, permitting the development of new Content-types and subtypes as the need arises. It is also intended to be backwards compatible with simple SMTP systems (although there are few of these remaining in existence). The presence of MIME format structure is indicated by the MIME-Version: tag inserted in the email message. The current version is 1.0.

MIME and the Multipart Content Type

The structure described above is fairly straightforward, but MIME gets its true power from the ability it has to structure a multipart email message. To do this, the special multipart Content-Type is used. Part of the multipart Content-Type includes the specification of a particular string of characters that must appear as the boundary between message parts. For example, is the string end-of-mlg-message-part is defined as the boundary, then any occurrence of --end-of-mlg-message-part on its own line, which means it is preceded and followed by a carrige return (CR) and line feed (LF) character, marks the boundary between two parts of the message. Each part can have its own Content-Type field, including another multipart content type with its own boundary definition.

The multipart Content-type has its own possible subtypes that help to differentiate different kinds of email message. These include (but are not limited to):

  • mixed: Used for sending files with different "Content-Type" headers either within the email or as attachments.
  • digest: Provides a simple way to send multiple text messages together.
  • alternative: Indicates that each part of the message is an alternative version of the same basic content. They will each differ by their specific Content-Type. The parts are placed in an order of how closely they align with the original so that systems can choose the "best" representation they are able to process. For example, the email might contain a plain-text version and HTML-version of the same message. The client system can then select which it is best capable of displaying.
  • related: Indicates that the message parts are pieces of a large communication. For example, this could be used to send a webpage complete with its embedded images.
  • report: A message type that contains data for a mail server to read.
  • signed: Used to attach a digital signature to a message.
  • encrypted: Used to send an encrypted message. It's a two-part format that includes control information needed to decrypt in the first part, and the encrypted message in the second part.
  • form-data: Used to convey values submitted via a form.

MIME and Security

The use of mail-enabled applications is the subject of some controversy by security-minded users. Traditionally, a computer virus cannot be sent via email and cause harm to a user unless the virus is sent as executable code to the user and the user runs the program. If the virus is an attachment, the user has the opportunity to scan the program before running it. But what happens when the virus is an attachment that may be automatically executed by a mail-enabled application? This situation is potentially worsened by the fact that MIME messages can contain external pointers to files that reside on other computers. Among the potentially dangerous mail-enabled applications that MIME can launch are FTP (both anonymous and nonanonymous) and SMTP-based email.

Relevant RFCs

The critical RFCs include:

  • RFC 1521 (1993) - Mechanisms for Specifying and Describing the Format of Internet Message Bodies
  • RFC 1426 (1993) - SMTP Service Extension for 8bit-MIMEtransport.
  • RFC 1847 (1995) - Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted
  • RFC 2045 (1996) – Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies
  • RFC 2046 (1996) – Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types
  • RFC 2047 (1996) – Multipurpose Internet Mail Extensions (MIME) Part Three: Message Header Extensions for Non-ASCII Text
  • RFC 2049 (1996) – Multipurpose Internet Mail Extensions (MIME) Part Five: Conformance Criteria and Examples
  • RFC 2077 (1997) - The Model Primary Content Type for Multipurpose Internet Mail Extensions
  • RFC 2183 (1997) - Communicating Presentation Information in Internet Messages: The Content-Disposition Header.
  • RFC 2231 (1997) - MIME Parameter Value and Encoded Word Extensions: Character Sets, Languages, and Continuations
  • RFC 2387 (1998) - The MIME Multipart/Related Content-type
  • RFC 3156 (2001) - MIME Security with OpenPGP
  • RFC 4288 (2005) – Media Type Specifications and Registration Procedures - obsoletes RFC 2048
  • RFC 4289 (2005) – Multipurpose Internet Mail Extensions (MIME) Part Four: Registration Procedures - obsoletes RFC 2048

See Also

References

PodSnacks

<mp3>http://podcast.hill-vt.com/podsnacks/2008q3/mime.mp3%7Cdownload</mp3> | Multipurpose Internet Mail Extensions (MIME)