SMTP
// Definition
Simple Mail Transfer Protocol — the standard protocol for sending email between servers. In a testing context, SMTP is the delivery layer beneath features like email verification, password reset, and notifications. Test concerns include: whether emails are actually sent (a stub or real SMTP endpoint must be in the test environment), correct recipient address, subject, body, and link content, and that sensitive tokens in email links are single-use and expire. Tools like Mailhog or Mailtrap provide a local SMTP server that captures outbound email without delivering it.
// Related terms
Email Verification
The process of confirming that a user controls the email address they registered with, typically by sending a one-time link or code that must be clicked or entered before account features are unlocked. Security test cases include: link expiry (unclicked links should expire quickly), single-use enforcement (links must be invalidated after first use), account enumeration through timing differences, and whether unverified accounts can access protected resources. Re-verification flows when a user changes their email address are also in scope.
Push Notification
A message delivered from a server to a client device or browser without the client polling — using APNs (iOS), FCM (Android/web), or the Web Push API. Testing concerns include: notification delivery when the app is in the foreground vs. background vs. closed, correct payload content, deep-link routing when the user taps the notification, handling of denied or revoked permissions, and notification grouping or badge-count accuracy. Also test what happens when the device is offline and comes back online.