27 September 2016

STANAG-4285 & HMTP-66 (HF Mail Transport Protocol) example

Other than (H)BFTP and CFTP, e-mails can be sent over HF using the protocol HMTP (HF Mail Transport Protocol) defined in STANAG-5066 Annex F and  MIL 188-141B Appendix E.  The HMTP protocol is used by a mail client to submit a mail-object to a mail server using the allowed HF transport waveforms, or alternatively, it may be used as the protocol to transfer a mail object over the HF subnetwork from one mail server to another. The HMTP protocol is NOT used to send and receive Formal or High Grade Military Messages but rather for informal interpersonal e-mail only.

The transmission has been heard on 5054.0 KHz/USB at 0804 UTC on 26 September, the used HF waveform is STANAG-4285: ACF and frame structure are shown in fig. 1. The user/organization is still un-identified: likely I went on the signal after the ALE session, anyway no link-closure message followed the end of the S-4285 transmission so it could even be a BRASS/MRL circuit.

fig. 1 - ACF and frame structure of the head signal (STANAG-4285)
A 1776 bit period, often met in STANAG-5066, pops up after removal the STANAG-4285 overhead (fig. 2)
fig. 2 - 1776 bit period
The "payload" (email message) is visible in figure 3 once removed the STANAG-5066 headers:

fig. 3 - HMTP mail message
Back to HMTP, "two HF Mail Transfer Protocols have been proposed and both called HMTP. Both are variants of SMTP that reduce the number of link turnarounds thanks to the Pipelining Command. STANAG 5066 Annex F describes a protocol here denoted HMTP-66. The protocol specified in MIL-STD-188-141B Appendix E is here denoted HMTP-141
As said, thanks to Pipelining Command both the HMTP variants allow varying degrees of grouping of the commands and responses to reduce the number of link turnarounds but HMTP-66 goes a step further in respect to HTMP-141: it buffers all responses for all mail messages, sending them in a batch in response to a QUIT command just before ending the connection" (quoting from : E-MAIL STANDARDS FOR HF RADIO - Eric E. Johnson, Science Applications International Corp.). 
Comparison of email transport protocols is shown in figure 4.

fig. 4 - Mail Transfer Protocols comparison

Since the data link protocol used in this transmission is STANAG-5066 we expect HMTP-66 sequences, and this is pecisely what you get (fig. 5):

fig. 5
Note that the sequences in-air are "splitted" in PDUs so we see sequences in seven files that will be re-assembled at S-5066 receive peer.

User, as said above, is unid. From the HMTP-66 sequences in fig. 5 we can grab email addresses and the OS running in the server as well as the 5066 IP Addresses of the peers: destination and source (the sender)


No comments:

Post a Comment