Email: How it works

DKIM - DomainKeys Identified Mail - An email authentication method designed to detect forged sender addresses in email.

DMARC - Domain-based Message Authentication, Reporting and Conformance - A DMARC policy allows a sender to indicate that their messages are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes.

SPF - Sender Policy Framework - an authentication method which ensures the sending mail server is authorized to originate mail from the email sender's domain. An SPF record identifies the mail servers and domains that are allowed to send email on behalf of your domain. Receiving servers check your SPF record to verify that incoming messages that appear to be from your organization are sent from servers allowed by you.

SSL - Secure Sockets Layer - An encryption technique for data that is transmitted across the web. SSL initiates an authentication process called a handshake between two communicating devices to ensure that both devices are really who they claim to be. SSL also digitally signs data in order to provide data integrity, verifying that the data is not tampered with before reaching its intended recipient. SSL was superseded by TLS but as they are so closely related, email encryption is often referred to as SSL/TLS.

STARTTLS - Start Transport Layer Security - STARTTLS is a protocol command that tells the email server that the other party (email server or client) wants to switch from an insecure plain text connection to a secure connection using TLS or SSL

TLS - Transport Layer Security - A end-to-end cryptographic protocol designed to provide communications security. SSL was superseded by TLS but as they are so closely related, email encryption is often referred to as SSL/TLS.

Messages encrypted with TLS are only encrypted between the sender's email client and recipient's client, they are not stored a encrypted files. There are methods of providing end to end encrtyption, using protocols such as Pretty Good Privacy (PGP) and S/MIME.

MDA - Mail Delivery Agent - A program that receives email from a Mail Transfer Agent (MTA); then sorts and delivers the email to the recipient's mailbox. The recipient accesses the email in their mailbox using a Mail User Agent (MUA).

MRA - Mail Retrieval agent - This is not an offical designation. A program that retrieves email from a remote mail server and works with an MDA to deliver mail to a local or remote email mailbox. Officially, MRAs are referred to as a type of MUA

MSA - Mail Submission Agent - A program that receives electronic mail messages from a mail user agent (MUA) and cooperates with a mail transfer agent (MTA) for delivery of the mail. Many programs integrate both MSA and MTA functions.

MTA - Mail Transfer Agent - A program that that transfers electronic mail messages from one computer to another using SMTP. An MTA routes a mail message towards its final destination by sending the message to another MTA.

MUA - Mail User Agent - A program used to access and manage a user's email. This are usually called email clients.

Mail servers use both an MTA and an MDA. They need them to receive emails and to store them for delivery to users. Collectively they are commonly called MxA, see Email Agent for ow they work together.

IMAP - Internet Message Access Protocol - A standard protocol used by email clients (MUAs) to receive email messages from an email server. The emails are kept on a server which means they can be accessed from anywhere.

POP - Post Office Protocol - an application-layer standard protocol used by email clients (MUAs) to retrieve email from an email server. POP works by contacting an email server and downloading all the new messages from it. Once they are downloaded into your email client, they are deleted from the email server.

SMTP - Simple Mail Transfer Protocol - A standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to an email server for relaying.

Alan has an email account with Yahoo and uses Outlook as his email client (MUA)

Alan composes an email to Ben, who has a Gmail account and also uses Outllook has his email client (MUA), then hits the Send button.

Outllok, using it's MSA (Mail Submission Agent) or MTA (Mail Transport Agent) to connect to Yahoo's email server using SMTP

Handshaking between Outlook and Yahoo begins. They agree on a protocol version to use, Yahoo uses SSL/TLS, and the encryption level.

Outlook and Yahoo exchange and verify session certificates, and the handshake is over.

The email is then sent using SMTP with SSL/TLS encryption on port 465

Yahoo's server delivers the email to Google's email servers via its MTA and their MDA puts the email in Ben's inbox.

Ben opens his copy of Outlook and receives the email using the IMAP protocol with SSL/TLS encryption on port 993.