Browse Definitions :
Definition

MIME (Multipurpose Internet Mail Extensions)

What is MIME (Multipurpose Internet Mail Extensions)?

MIME (Multipurpose Internet Mail Extensions) is an extension of the original Simple Mail Transport Protocol (SMTP) email protocol. It lets users exchange different kinds of data files, including audio, video, images and application programs, over email.

Unlike SMTP, MIME supports sending both ASCII text and non-ASCII data via email. For text in character sets other than ASCII, the MIME protocol is required.

Drawbacks of SMTP

SMTP, which emerged in 1981, is a standard protocol for delivering messages via email. However, the original SMTP protocol supported only 7-bit ASCII text communications that were both unauthenticated and unencrypted. With only 94 printable characters in ASCII, the system cannot deal with binary files or characters in non-English languages that use different writing systems, accented letters, etc.

Pure SMTP also does not accommodate sending video or audio data.

The default design of every SMTP server was an open mail relay that lets anyone send emails through it, not just those from or to known users. These limitations made SMTP communications vulnerable to email spoofing, spamming, worms and man-in-the-middle (MitM) attacks.

MIME was proposed as a solution to these limitations.

Origins of MIME

In 1991, Nathaniel Borenstein, then a technical staff member at Bellcore, proposed to the Internet Engineering Task Force (IETF) that SMTP be extended so web (and other internet) clients and servers could recognize and handle all kinds of data, not just Latin-based ASCII text, and to allow the encoding of binary files for transfer through SMTP.

As a result, new file types were added to "mail" as a supported Internet Protocol file type. MIME is not restricted to textual data and is also important for other communication protocols, even though it was originally designed only to address the shortcomings of email and SMTP.

New MIME data types are registered with the Internet Assigned Numbers Authority (IANA). IETF's RFC 6838 defines the procedures to notify and register media types for use in MIME.

email spoofing
MIME addresses the limitations of the SMPT email protocol that could lead to vulnerabilities like email spoofing.

Advantages of MIME

MIME has several advantages over SMTP.

  • Users can send different kinds of binary attachments via email.
  • Multiple attachments of different types can be included in the same email.
  • There are no limits on message length.
  • Multipart messages are supported.

MIME defines four subtypes for multipart messages, specifying the nature of these parts and their relationship to one another. In particular, the "multipart/alternative" subtype lets systems choose the best representation of the message: plain text or HTML.

How MIME works

Emails with MIME formatting may be transmitted via standard protocols like SMTP, Post Office Protocol (POP) or Internet Message Access Protocol (IMAP). The body of such messages may consist of multiple parts. The header may be specified in non-ASCII character sets MIME supports. IETF's RFC 2045 defines the various headers used to describe the structure of MIME messages.

Servers insert the MIME header at the beginning of an email transmission. Clients use the MIME header to select an appropriate player application for the data type indicated by the header. Some players are built into the web client or browser. For instance, all browsers come with GIF and JPEG image players and can handle HTML files. Other players may need to be downloaded.

At the sender's end, MIME transforms non-ASCII data to 7-bit Network Virtual Terminal (NVT) data. 7-bit ASCII can represent 128 characters. MIME then delivers this transformed data to the client SMTP. At the recipient's end, the message is transferred back to the original data, allowing them to see its contents, regardless of whether it contains text, audio, video or some other kind of data.

Standard email protocols like SMTP, POP or IMAP may transmit emails with MIME formatting.
Standard email protocols like SMTP, POP or IMAP may transmit emails with MIME formatting.

MIME header fields

A MIME header contains multiple subparts. These include:

MIME-Version

This header field indicates the message is MIME-formatted. Its value is typically "1.0."

Content-Type

This header describes the media type of the content within the message. It consists of a type and a subtype, both of which are strings. When concatenated with a slash (/) between them, the type and subtype comprise a MIME type.

  • Type: General category of the data type (e.g., video or text)
  • Subtype: Exact kind of data the MIME type represents.

MIME types are case-insensitive. An optional parameter can be added to the MIME type to provide additional details. So, if the parameter is "charset", it will specify the character set used for the data characters. If this parameter is not specified, MIME will use the default ASCII character set.

Using the type "multipart," MIME allows mail messages to have parts arranged in a tree structure to support:

  • simple text messages
  • text plus attachments
  • replies with original message attached
  • multiple alternatives in HTML
  • images, audio and video
  • applications

Content-Disposition

This header specifies the presentation style of email messages. The disposition may be:

  • Inline: Automatically displayed when the message is displayed
  • Attachment: Not displayed automatically but rather requires some user action (i.e. download)

RFC 2183 specifies the content-disposition header.

Content-Transfer-Encoding

This header indicates whether a binary-to-text encoding scheme has been used in addition to the original encoding specified in the content-type header.

This was last updated in October 2021

Continue Reading About MIME (Multipurpose Internet Mail Extensions)

SearchCompliance
  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity
  • Twofish

    Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.

  • walled garden

    On the internet, a walled garden is an environment that controls the user's access to network-based content and services.

  • potentially unwanted program (PUP)

    A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
  • hard disk drive (HDD)

    A computer hard disk drive (HDD) is a non-volatile data storage device.

  • Remote Direct Memory Access (RDMA)

    Remote Direct Memory Access (RDMA) is a technology that enables two networked computers to exchange data in main memory without ...

  • storage (computer storage)

    Data storage is the collective methods and technologies that capture and retain digital information on electromagnetic, optical ...

Close