Abstract:Provide guidance for the development of an inspection and sanitization software filter for use with email messages. Email servers implement multiple specifications in order to send and receive email, three of which are covered by this document. The Simple Mail Transfer Protocol (SMTP) is used to transmit email from a client to a server. The Internet Message Format (IMF) specifies the format of the email messages, both the headers and the body. The Multipurpose Internet Mail Extensions (MIME) extends IMF beyond plain text. This document introduces the syntax of these standards and then discusses the components that have data hiding, data attack, and data disclosure risks. It provides an analysis of these components and recommendations to mitigate their risks.