How does your email work?
Email has been around for decades, in fact, it predates publicly accessible internet by about 30 years. As I mentioned in my article, “What is a Website?”, the internet was developed by the U.S. Department of Defense as a way to share research between defense contractors. One of the major points of functionality for effective digital communication was the ability to send comments and recommendations without altering research data. Thus, email was born and its usefulness has followed lockstep with the evolution of the internet.
These days everyone has an email address or two (or in my case, 7), but very few people really understand how email works.
The 2 parts of your email address
Every email address has 3 distinctive parts, the user name, the domain to which the user belongs, and the “@” symbol. The user and domain name are fairly obvious, but the “@” symbol separates the first and second parts of the address. The man who devised most of our modern email system, Ray Tomlinson, chose the “@” symbol because they weren’t part of the permitted username schemes and it didn’t carry any potentially conflicting connotations the way other symbols do.
The development of DNS eventually allowed the “@” symbol to help developers move messages, and other data, across different machines.
How is an email sent and received?
To really get the gist of how email travels, you first need to understand a little about DNS and how data gets to where it is going. Basically, a series of data protocols take steps to convert a domain name into the IP Address that your website is housed on. Before your email is sent, you first need to identify it as an email. “Mailto:” is appended to the email address you are trying to reach, which sends your email data to an SMTP server (Simple Mail Transfer Protocol). The SMTP server goes through all of the same DNS paths as when you are calling a website, except when your data finally arrives at its location it is handed to a Mail Transfer Agent (MTA).
Think of the SMTP as a sending post office, which tracks the destination of your package and then designates what path it should take and sends the package on its way. The MTA is the post office in your hometown. It receives the package, looks at the name on the envelope, and sends the message to the correct place of storage. Once it’s in the user’s box, it can be opened at will by the user’s mail client, the program a user uses to access their mail.
How does DNS manage and secure email?
There are a few different ways that DNS will interact with your mail MX records, SPF, and DMARC/DKIM. Each of these DNS settings represents different email functions for sending/receiving email and securing your email.
MX records are the most important factor in delivering your email. In simple terms, MX records work with SMTP and MTA to identify which servers are accepting email and where to forward your email data. If the MX records are not formatted and set up correctly, mail delivery will fail.
An MX record consists of two parts, the domain name, and the priority. The domain is straightforward; it gives your mail server a home, so it might be mail.yourdomain.com. The priority number dictates the priority of the server, so if you have two domains with the same priority, the system randomly chooses one. If you have 2 domains set to priority “1” and “5”, then as long as the first domain is not busy, the mail will always route through the priority 1 domain. This sort of system allows your email direction to remain balanced and keeps one mail domain from becoming overwhelmed with traffic.
Sender Policy Framework, of SPF, is a set of TXT records on your DNS that tell which servers are allowed to send email from your domain. This effectively blocks spammers from being able to hijack your mail servers to send spam on their behalf. This is a great layer of protection for your email, but there are a few things it doesn’t do such as validating the “from” header or report travel information.
DomainKeys Identified Mail, or DKIM, is a set of TXT records on your DNS that acts as a means of authenticating the message being sent. A DKIM key is attached to your email, and it tells the receiver’s email client that the message was not altered during transit. Once the key is received it is compared against the key attached to the email vs the one housed in your DNS, if the pair is validated then the message is considered safe and valid. The only question DKIM addresses is
“has this email been altered” that is the only thing it can do.
SPF and DKIM are great at what they do, but for the best security possible you need the ability to validate the from the header, track the email’s send path, block illegal forwarding, and validating email authentication. That’s where Domain-based Message Authentication Reporting and Conformance, or DMARC, comes into play. DMARC is an email validation system that steps up security measures to prevent your email from being “spoofed” by hackers who use spoofing for phishing scams and other cybercrimes.
DMARC instructs your mail server how to use SPF and DKIM records so that when these records fail your server will not only track the failure but tell the server how to handle those failures. So if a server receives an altered DKIM key, not only will the server fail the authentication, but it will also block the message from being received. Not only does this result in immediate action to prevent your email address from being spoofed, but it will send your domain a record of the failure so that you can get valuable information about the person who tried to abuse your email system.
If you combine SPF, DKIM, and DMARC TXT records your email system should be fairly secure and ready for use.
What are POP and IMAP?
When it comes to setting up email on a third-party email client, like Outlook or Thunderbird, there are two acronyms you will see: POP and IMAP. These two acronyms represent the two email protocols that are in use.
What is POP?
POP stands for Post Office Protocol, and its job is just to “pop” into your email server, grab what it needs, and then “pop” out. It doesn’t require you to maintain an open connection between your mail client and your mail server. By setting up POP protocols, you can direct your mail client to collect email from several different boxes and drop the mail into one box.
The biggest drawback to the POP protocol is that it is unidirectional. This means that the POP protocol will allow you to collect your mail, but it leaves a copy on your server. Today, it’s pretty common to access your email from multiple clients, such as from your desktop or a mobile phone. Using a POP protocol means that you have to sift, sort, and manage each piece of mail multiple times. Also, if you aren’t managing the data on your server, then the space your space uses for email grows out of control without proper management.
What is IMAP?
IMAP stands for Internet Message Access Protocol, and its job is the full management of your email server. As opposed to POP protocols, IMAP is bidirectional. This means that IMAP will open two-way communication between your mail client and your mail server so that you can retrieve, sort, and delete your server at the client level while the server responds in kind.
This means that if you delete your email from your mail client, then the mail is deleted from your mail server and all of your other mail clients. So you need only manage each message one time.
Another really cool function of IMAP is that it can retrieve mail from POP servers. Of course, IMAP exchanges with POP servers are still unidirectional, but this flexibility can come in really handy when you are dealing with mail servers that don’t give you an option between protocols.
What is a mail client?
So now that you know how email is sent, how it is secured, and the different mail protocols for handling your mail server, it’s time to discuss mail clients. There are two types of mail clients, or MTA’s, client-based and web-based clients.
A client-based MTA is an application you can run on your computer or mobile device that will retrieve and store your emails. Microsoft’s Outlook Express, Mozilla’s Thunderbird, and Window’s mail are just a few examples of client-based MTAs. You can set your client-based MTA upon just about any device, but you have to set your application up carefully in order to have a deliverable email. This complication is why most ISPs allow you to use their SMPT server and a client-based MTA to send and receive an email. This is the most common way that people set their email system up.
Another common choice for setting up an email system is to use a web-based client service like G-Suite, or Outlook 360. These services allow you to set up an email server on a cloud-based platform and access your email through their customer portal. The advantages of web-based clients are that you need only set up and manage your email from one place, but you can access your webserver from anywhere with web access. This is really convenient and highly efficient, but the downside is that there are usually costs associated with using the service. For Gmail’s G-suite, you can get one user email box for around 6 dollars a month per user, and if you subscribe to Office 365, you’re good for about 5 email addresses. This means you will more than likely need a monthly budget for hiring a web-based email provider.
From start to finish, that’s how email works. The important thing to know is that when you need to make decisions regarding setting up an email delivery system, the difference between POP and IMAP is really important. IMAP allows you total control over your web server, where POP only allows one-way communication. You also need to make sure that your email server is set up for DMARC, by creating TXT records that tell your email server how to secure and authenticate communication packages.
Hopefully, the information I have given you here will help you to better understand how to set-up and manage your DNS and mail-client to make your life easier.