Introduction
This page was started because I was trying to install my own copy of Ringlink. Everything worked as expected apart from the email section of the utility.
Email is something we all use without really thinking about it, it just works. In order to get Ringlink to send emails, I had to learn about the protocols and software used. It tuned out to be a bit more complicated than I thought.
DKIM, DMARC, IMAP, MDA, MSA, MTA, MUA, POP, SMTP, SPF, SSL, STARTTLS, TCP, TLS... I thoroughly confused myself with it all. This page was written to put my thoughts in order and help me understand how email actually works.
Acronyms
What the acronyms mean:
Authentication
DKIM - DomainKeys Identified Mail - An email authentication method designed to detect forged sender addresses in email.
DMARC - Domain-based Message Authentication, Reporting and Conformance - A DMARC policy allows a sender to indicate that their messages are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes.
SPF - Sender Policy Framework - an authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain. An SPF record identifies the mail servers and domains that are allowed to send email on behalf of your domain. Receiving servers check your SPF record to verify that incoming messages that appear to be from your organization are sent from servers allowed by you.
Encryption
SSL - Secure Sockets Layer - An encryption technique for data that is transmitted across the web. SSL initiates an authentication process called a handshake between two communicating devices to ensure that both devices are really who they claim to be. SSL also digitally signs data in order to provide data integrity, verifying that the data is not tampered with before reaching its intended recipient. SSL was superseded by TLS but as they are so closely related, email encryption is often referred to as SSL/TLS.
STARTTLS - Start Transport Layer Security - STARTTLS is a protocol command that tells the email server that the other party (email server or client) wants to switch from an insecure plain text connection to a secure connection using TLS or SSL
TLS - Transport Layer Security - A end-to-end cryptographic protocol designed to provide communications security. SSL was superseded by TLS but as they are so closely related, email encryption is often referred to as SSL/TLS.
Messages encrypted with TLS are only encrypted between the sender's email client and recipient's client, they are not stored a encrypted files. There are methods of providing end to end encrtyption, using protocols such as Pretty Good Privacy (PGP) and S/MIME.
Software Components
MDA - Mail Delivery Agent - A program that receives email from a Mail Transfer Agent (MTA); then sorts and delivers the email to the recipient's mailbox. The recipient accesses the email in their mailbox using a Mail User Agent (MUA).
MRA - Mail Retrieval agent - This is not an offical designation. A program that retrieves email from a remote mail server and works with an MDA to deliver mail to a local or remote email mailbox. Officially, MRAs are referred to as a type of MUA
MSA - Mail Submission Agent - A program that receives electronic mail messages from a mail user agent (MUA) and cooperates with a mail transfer agent (MTA) for delivery of the mail. Many programs integrate both MSA and MTA functions.
MTA - Mail Transfer Agent - A program that that transfers electronic mail messages from one computer to another using SMTP. An MTA routes a mail message towards its final destination by sending the message to another MTA.
MUA - Mail User Agent - A program used to access and manage a user's email. This are usually called email clients.
Mail servers use both an MTA and an MDA. They need them to receive emails and to store them for delivery to users. Collectively they are commonly called MxA, see Email Agent for ow they work together.
Transport
IMAP - Internet Message Access Protocol - A standard protocol used by email clients (MUAs) to receive email messages from an email server. The emails are kept on a server which means they can be accessed from anywhere.
POP - Post Office Protocol - an application-layer standard protocol used by email clients (MUAs) to retrieve email from an email server. POP works by contacting an email server and downloading all the new messages from it. Once they are downloaded into your email client, they are deleted from the email server.
SMTP - Simple Mail Transfer Protocol - A standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to an email server for relaying.
Putting it all Together
This is how I understand it all works.
Alan has an email account with Yahoo and uses Outlook as his email client (MUA)
Alan composes an email to Ben, who has a Gmail account and also uses Outllook has his email client (MUA), then hits the Send button.
Outllok, using it's MSA (Mail Submission Agent) or MTA (Mail Transport Agent) to connect to Yahoo's email server using SMTP
Handshaking between Outlook and Yahoo begins. They agree on a protocol version to use, Yahoo uses SSL/TLS, and the encryption level.
Outlook and Yahoo exchange and verify session certificates, and the handshake is over.
The email is then sent using SMTP with SSL/TLS encryption on port 465
Yahoo's server delivers the email to Google's email servers via its MTA and their MDA puts the email in Ben's inbox.
Ben opens his copy of Outlook and receives the email using the IMAP protocol with SSL/TLS encryption on port 993.
Most of this is hidden from the users, we are usually just interested in sending and receiving emails, not how it works. Clues about what is happening can be found in the email headers. To access these in Outlook, double click on an email to open it in a new Window. Click on File in the top menu then on Properties.
Among other information,the email header is displayed:
Email header information
Among other things, the header will show the DKIM, DMARC and SPF authentication results, the TLS version used and encryption level such as TLS_AES_128_GCM_SHA, which is and Advanced Encryption Standard with 128bit key, as well as more mundane items of the times the email was sent and received.
Sources and Resources
25, 2525, 465, 587, and Other Numbers: All About SMTP Ports (Mailtrap)
DMARC Overview (DMARC)
Email (Wikipedia)
Email Agent (Wikipedia) - An explanation of how MxAs work together.
Email encryption (Wikipedia)
Everything you need to know about mail servers (MonoVM)
How Do SSL Certificates Work in Emails? (Mailmodo)
How does email work (Oxilor)
How does email work? (Namecheap)
How Does Email Work? A Dummies Guide (Medium)
How Email Really Works (Oasis)
SSL, TLS, and STARTTLS (Fastmail)
TLS Basics (Internet Society)
Transport Layer Security (TLS) (High Performance Browser Networking)
What is SSL/TLS: An In-Depth Guide (SSL)
What is StartTLS? Paubox
What Is STARTTLS and How Does It Work? Unione
Understanding Email (Medium)