Internet Guide Logo

What is Email - Electronic Mail

bullet Introduction

Email stands for electronic mail, and is a messaging service found upon the Internet. Electronic mail has been likened to a regular postal letter, containing an address, routing information and content. Email uses a range of application layer protocols found within the Internet Protocol Suite (IMAP, POP3, SMTP) to route messages from mail servers to users. Email predates the Internet: the first messaging program is believed to be the SNDMSG program on the TENEX operating system. Ray Tomlinson is credited as being the inventor of email: Ray edited the SNDMSG program so that it could send messages, and was responsible for using the @ sign in email addresses.

Internet user require an email address to be able to send and receive email messages: the majority of Internet Service Providers provide a free email account to customers; additionally, there is a plethora of companies who provide free webmail accounts, such as: Gmail and Yahoo. Email is based upon the client-server model: where client programs send requests to mail servers to send and receive emails. Therefore, Internet users require an email client application to manage their email address/account: they can do this through a webmail client, accessed through a website, or by stand-alone client program, like Outlook Express.

Email has proved to be one of the Internet's most popular services, while it has been commended for improving global communications, it has also been criticised for its security (spam, phishing, viruses and malware).

bullet History

The history of email predates the Internet: the SNDMSG program, designed for the TENEX operating system, was the first program that used edited to send and receive email messages. Released in the early 1970s, SNDMSG allowed users to compose, address, and send electronic messages to the mailbox of other TENEX users. The first message sent on TENEX was sent in 1971, and the program was available by 1972. Ray Tomlinson edited SNDMSG so it could send and receive email messages, and is therefore credited as the inventor of email. While SNDMSG was the first email program, it was not the first digital messaging system: in the 1960s, MIT's CTSS computer system, and IBM's Administrative Terminal System, both featured messaging systems.

Ray Tomlinson worked on the ARPANET Network Control Program - forerunner to TCP/IP and the Internet - and his TENEX email program made a fairly seamless transition to the ARPANET computer network. Tomlinson used code from the CPYNET program to make SNDMSG the first ARPANET (network capable) email program. Email was a popular ARPANET service, and many Internet pioneers had a 'hand' in its development: Jon Postel, Barry Wessler, Marty Yonke, Larry Roberts, Steve Tepper, Bill Crosby, Steve Walker, Dave Farber, Dave Crocker, and John Vittal; all created email protocols or programs. Some early email applications that improved upon SNDMSG and READMAIL include: RD, NRD, WRD, MSG, MS, MH, MMDF and Sendmail.

The File Transfer Protocol (FTP) protocol was originally used to transport email messages, with FTP commands MLFL and MAIL created to facilitate the SNDMSG program. Some early specifications for email were written in the 1970s, that included: RFC 561, a specification for the FTP mail protocol, which was written by Abhay Bhushan, Ken Pogran, Ray Tomlinson and Jim White; and RFC 733, a specification for text messages, which was written by David H. Crocker, John J. Vittal, Kenneth T. Pogran and D. Austin Henderson, Jr.

Modern stand-alone protocols were developed for email in the 1980s, such as: IMAP, X400, POP, SMTP, and UUCP. The most important protocol created for email is SMTP: developed in the early 1980s and outlined in RFC 821 (1982) by Jonathan B. Postel. POP was the next 'core' protocol developed for email, outlined in RFC 918 (1984) by J. K. Reynolds. The 'holy trinity' of email protocols was finalised in 1986, when Mark Crispin developed IMAP; and updated its specification in RFC documents RFC 1064, RFC 2060 and RFC 3501. Email protocols that did not 'make the cut' and are now obsolete include Jon Postel's Mail Transfer Protocol (MTP).

Modern email systems still rely upon: SMTP, POP and IMAP.

bullet Format of an Email message

The message format for email has largely remained the same since Ray Tomlinson sent the first email in 1971; however, it has subtly evolved, and the specification for email messages has been outlined in the following RFC documents: RFC733, RFC822, RFC1342, RFC1521, RFC1522, RFC1590, RFC2045, RFC2046, RFC2047, RFC2048, RFC2049, RFC2822, RFC4021, and RFC5322. Important contributors to the format of email messages include: P. Resnick, G. Klyne, J. Palme, David H. Crocker, John J. Vittal, N. Borenstein, N. Freed, K. Moore, J. Postel, Kenneth T. Pogran and D. Austin Henderson, Jr.

The format of email messages is broken into two sections: 1) a header, 2) message body. (read more: header and body)

The header of an email message is more complex than the body: this is due to it containing the information needed to encode and route the email message. Instruction lines within the header section are referred to as header identifiers: the primary role of these identifiers is to provide routing commands for mail transfer agents (which play the online role of a postal service). Some of these identifiers are mandatory for an email message; which basically means the email message cannot be sent without them: the following identifiers are mandatory: From: and Date:. Alongside the mandatory header identifiers, there are a plethora of identifiers which deal with the cosmetic aspects of the email. Listed below, is the typical identifiers you will find in an email header:

The Cc: field is used to send a message to multiple additional addresses (Bcc: field hides the addresses from other recipients) and the Subject: field is used to describe what is included in the body of the message. Email headers sometimes contain two or more of the same identifiers, usually the "received" and "date" identifiers: which are added to the header by each mail transfer agent that handles the message.

The body section of an email message is far less complex: as it contains the content of the message. Originally, the body section of emails only supported plain text (7-bit ASCII), and some mail servers still only support plain text. The Multipurpose Internet Mail Extensions (MIME) was designed in the 1990s, and supported character sets other than ASCII - such as HTML. The drawback to MIME was an increase of professional 'looking' phishing attacks and decreased security.

bullet Anatomy of an Email address

The syntax format of email addresses has remained the same since the first email was sent: user @ computer. However, the computer section of email addresses has changed because email existed before the Domain Name System (DNS). DNS domain names are currently an essential component of modern email addresses. Historical email addresses relied on the ability of servers being able to connect directly to one another; DNS was developed, in part, to solve this unwieldy and clumsy design issue. As stated, the syntax of email addresses can be broken down into three components: 1. tom 2. @ 3.

The first component of the email address is the username (tom) which refers to the recipient's account name at a mail service; also referred to as the 'local' part of an email address. The username of an email address is locally unique but is not globally unique: the username (tom) can be used at an unlimited amount of mail servers:,, etc.

The second component of an email address is the @ sign - which is included in every email address - and means 'at' and connects the local part of the email address to the host of the email address. The use of @ symbol dates back to the first ever email message, which was designed by Ray Tomlinson.

The third component of an email address is the hostname ( - which is a domain name - that is associated with a mail server. Domain names are part of the Domain Name System (DNS): an Internet naming system that converts alphanumeric domain names into an IP address; so that users can easily find the address of an Internet resource. Domain names are connected to mail servers through the DNS MX record field. The domain name of an email address includes two (or more) sections: has a second level domain (example) and a top level domain (com). The second level domain can be registered through DNS registrars, which enables users to have a personalised email address rather than a universal one, such as:,,, etc. There are currently over 1000 top level domains, such as: com, org, net, uk, fr, gr, info, mil, gov and edu.

When sending an email message it is essential to spell the email address correctly; just as with a normal postal letter. If the email address is spelt incorrectly, then it will not be sent to the correct location. If an email message is sent to an address that does not exist: then the message will be returned with an "Address Unknown" error.

bullet Email: transfer, retrieval and storage

Email messages are transferred from one computer to another using software named a Mail Transfer Agent (MTA); also referred to as a Mail Relay. MTAs implement the Simple Mail Transfer Protocol (SMTP) and mail servers are the computers that use MTA software. MTAs are sometimes referred to as mail server programs; Sendmail and Microsoft Exchange Server are two examples of an MTA. SMTP sessions use commands like: DATA, EXPN, HELO, HELP, MAIL, NOOP, QUIT, RCPT, RSET and VRFY - beginning with HELO, transacting with MAIL and ending with QUIT. You can learn more about the SMTP protocol by reading Request for Comments documents RFC 5322 and RFC 5321.

Email is built upon a client server model: the Mail Transfer Agent (MTA) receives mail from a Mail User Agent (MUA) (client program like Outlook Express), another Mail Transfer Agent (MTA), or a Mail Submission Agent (MSA) (outgoing mail server). How the mail is transported is specified by SMTP. The header section of an email message (received field) will list the MTAs that have handled the email message. Email addresses contain a domain name that is linked to a mail server - through the DNS MX record field - and this will dictate where an email message is sent and received.

Once the email has been transported and reaches the Message Delivery Agent (MDA) it then needs to be stored in a mailbox. There are many formats that can handle mailbox storage, perhaps the most simple and efficient is Maildir. Maildir operates by creating unique temporary files for each retrieved message. It will depend on the client or webmail, as to which storage format they will use; Maildir, for example, was designed for the qmail program, but is compatible with other clients. Not all storage formats create unique files for each e-mail; another option is to use a collective database format; mBox is one such example, storing messages in one single file. Why are there a variety of different techniques for storing messages? Unlike message transfer, the Internet Engineering Task Force (IETF) has not developed a standard mechanism for storage.

Email messages are typically retrieved by a Mail User Agent (MUA) using the Post Office Protocol (POP3) or the Internet Message Access Protocol (IMAP); although there are other protocols that fulfil this role.

A rough outline of the Email process, step by step:

  1. A sender composes an email message in a Mail User Agent (MUA).
  2. The Mail User Agent (MUA) then formats the message in an SMTP format.
  3. The email message is sent to a local MTA.
  4. The MTA reads the destination address using the domain address in the email address ''.
  5. The MTA will lookup the mail server address using the DNS MX record field of the domain name.
  6. The DNS system will give the MTA the 'mail exchange server' for the domain.
  7. The MTA will send the email onto the mail exchange server using SMTP.
  8. The email message will arrive at the Message Delivery Agent (MDA) that will store the message in the user's mailbox.
  9. The users Mail User Agent (MUA) will use POP or IMAP to retrieve the message from the mailbox.
bullet Webmail Accounts

Webmail, as the name would suggest, is an email service that is accessed through the World Wide Web. The World Wide Web was launched as an Internet service in 1991, whereas email was invented in the early 1970s. Therefore, webmail is a relatively new development for email; before webmail, most users accessed email through a stand-alone email client application (Mail User Agent (MUA)) like Eudora. Webmail uses the same email protocols as earlier email clients, the only difference is the way in which the email account is accessed.

There are a plethora of free email accounts available from webmail providers, such as: hotmail. While early webmail services were criticised for a lack of protection versus email bombs, spam and flooding, modern webmail services provide protection against these abuses. Professional webmail services provide additional features, alongside the obvious features, such as: attachments, blind carbon copy options, e-cards, encryption and decryption. Every type of webmail account should be able to receive e-zines and newsletters.

The drawback with free webmail accounts is that the user cannot pick a unique domain name: instead they are stuck with domain name of the service provider: such as However, user can pick an individual 'username' to suit their purposes. If a user wants an email address with a unique domain name - they can access the inbox with a client program - then they will have to purchase that domain name and host it with a company that provides support for email protocols.

bullet Security

Some issues which have effected the security of email are the following:

Bombing: To "bomb" or "bombing" an email account - usually referred to as "email bombing" - is the practice of sending a huge amount of email messages to the account so that it can no longer be accessed. Virtually every "paid" or "free" email account has a storage limit; in the past the storage limit of these accounts was much lower: typically 1-10mb, whereas in 2012 it can be 1-10gb. Therefore, in the past, it was relatively easy to bomb an email with emails - usually including large attachments - that would exceed the storage capacity of 1-10mb; forcing the account administrator to suspend the account. Email bombing is usually classified as a form of a "denial of service" attack, also referred to simple as a DoS attack. Email service providers do have more armory to protect against email bombing: specifically through the use of spam filters. There are numerous spam filter software application available, and virtually all commercial email service providers have incorporated a filter into their service. Email bombers typically uses the same automated software as email spammers use; however, the techniques used to email bomb are constantly being revised.

Encryption: Is the process of converting plain text into scrambled cipher text. Most free webmail services and some free email clients provide encryption. When sending an email without encryption, it is possible for someone to intercept the data packets and read the data within the message. Therefore, encryption is a vital option for ensuring a confidential message can only be read by the intended recipient. However, due to a number of reasons, the uptake of email encryption by users and companies is fairly low. It must be stated however, that privacy is still a considerable problem when it comes to email; the majority of email messages are still not encrypted (2012). The reason why email is insecure is that email messages have to be passed through numerous mail transfer agents (like postal sorting offices): this makes it possible to intercept the message. Likewise, backup copies of email messages can remain on mail servers for months, which is again a security issue if the message is not encrypted. There are many email encryption protocols and systems available; however, many of these encryption systems require both sender and receiver to exchange their identities, such as: Digital ID and Public Key Certificate. Once the sender and receiver have done this, it makes the exchange of encrypted email messages a simple process. However, the complexity and time-consuming nature of this process is probably why email encryption is not extensively used. Phil Zimmerman created the original email encryption program: Pretty Good Privacy.

Jamming: Jamming is a response to ECHELON, a communication interception network, which is operated by AUSCANZUKUS, which includes: Australia, Canada, New Zealand, United Kingdom and United States. An investigation of ECHELON was undertaken by the European Union in 2001. It concluded that the network intercepted and scanned the contents of communication for keywords and phrases. The communication technologies it intercepted were as follows: Telephone calls, Fax, E-mail and a Proposal to monitor sites such as facebook and twitter. A further antagonisation for jammers was the introduction of the Regulation of Investigatory Powers Act in 2000. The act allows UK intelligence agencies to intercept and read the contents of emails sent by suspected criminals. The role of jamming is to introduce sensitive words into harmless email messages: which will then force authorities to monitor an account and basically to waste their time. The function of jamming is two fold: either as an annoyance, or to intentionally divert the time and effort of intelligence agencies. There is also a theory that once an email account has tripped the monitor - and has been noted as harmless - then the account will be free of any further monitoring.

Mule Account: A mule email account is an account which is used for purposes not related to an individual's social/personal life, and will be registered with details not applicable to that individual. The purposes of a mule account are as follows: 1. To register for forums and other membership only sites. Leaving the individual's real account free of spam and not compromising the privacy of the individual (contact details, name etc); 2. To commit some form of cyber crime or dubious online practice. Most security commentators would agree that mule accounts - on the whole - are a harmless practice aimed at withholding personal details and providing anonymity. There is no governmental pressure which would force individuals to register genuine details on an email account. Although there is no research to indicate how many mule accounts have been created, many experts in the field would suggest that a large proportion of webmail accounts are registered with the sole purpose of functioning as a mule account. In comparison, an e-mail account tied to an e-mail client - such as Outlook Express - is less likely to function as a mule. The future of mule accounts will mostly likely depend upon the public opinion of Web anonymity. Whilst spam is currently viewed as a nuisance to most users - and email fraud is commonplace - the current solution appears to be to educate users against the perils of email rather than to introduce draconian measures against it.

Password: It is generally recommended that the password of an email account be changed on a regular basis: once a month, or once a week for those with a little paranoia. When choosing the syntax for a password, it's important you do not do the following: Pick a password about something personal to you (birthday etc); Use a word: hackers can use dictionaries to match a password to an account. It's recommended, when picking a password, to pick a jumbled up sequence of letters and numbers; the letters being a mix of lower and upper case characters. The longer the password the better; most webmail services require a password which is 6-8 characters in length, although it is probably wise to select one which is longer. An example of a password could be something such as: aBB71kPo57nb9. Basically, a long password, which has no discernible meaning is much harder to crack than one which is short and does; especially if it has a personal meaning to the user. Of course, short passwords which do have a meaning, are much easier to remember. There are password storage programs, such as Roboform, which store and input passwords into login forms - ideal for difficult to remember passwords.

Phishing: Phishing is an attempt to create an electronic document which attempts to mimic/masquerade an official/trusted source: most commonly banks and commercial companies. As you may have assumed, the term phishing is a play on the word fishing: as in to "bait" a person for information. The purpose of phishing is to steal the: username, password or payment/personal details of a user of any electronic service; a phishing attempt will usually ask for one of the aforementioned details due to an "internal company error" etc. While phishing can be incorporated into any electronic communication, it is widely attempted via electronics mail. Due to the ease of harvesting email addresses via the World Wide Web, using email to "phish" is a logical step for those who attempt it. Email was originally a text only messaging technology, and phishing was/is less sophisticated via this route. However, via MIME protocols, email can support HTML; HTML emails are far more sophisticated, featuring images and hyerplinks, and can be "mocked" up to look exactly like an email from an official/trusted source. Phishing is a serious online security issue; reports have suggested that millions of users are effected each year, with a financial loss of million of pounds per year in the United Kingdom via banking fraud.

Spam: Refers to unsolicited email messages, which are sent without the recipients permission; usually due to the spammer harvesting the account from a website. Most webmail services now include a spam filter, which detects spam based upon: Header Analyser, Server Blocker, Text Pattern Analyser, Anti-Spam Lists, Language Filtering and Blacklist / Whitelist entries. Most email providers automatically activate spam protection for every email account, and generally do not recommend deactivating a spam filter under any circumstance. The one problem with spam filters, is they can block automated email messages which the user wishes to receive: such as when they sign up for an account on a discussion forum, or have signed up for a newsletter. Due to these emails being automated, they often appear as spam to spam filters. It should be noted that spam filters do not provide 100% spam protection, but, should, on the whole, block the majority of spam if they are kept up to date and installed correctly by the user/email provider. Spammers - the sophisticated ones - are always updating their techniques to circumvent the spam filters, so, there is always the risk a spam filter will not be effective for every type of spam.

Spoofing: Spoofing is when an email message is made to appear as if it came from address it did not. The header information of an email will usually contain the email address and IP address of the sender. The spoof email message - created by a spoofer - will doctor this data to make it appear as if it came from an email address and IP address it did not originate from. Spoofing has become more prevalent as Internet usage has increased, and especially as commerce has increased on the Internet. It's very common for spoofers to create email message purporting to be from a bank, asking for user login details, due to some sort of security error. Alongside the email header being spoofed, these email usually look to be genuine, with the correct logo and branding. Spoofing is possible due to a lack of sender authentication in the mail transfer protocol: SMTP. While steps have been taken to remedy this loophole, they are not always implemented (such as a Sender Policy Framework). There are a number of third party software applications - which are easy to download for free - which allows people to spoof.

Virus: Email began as a text-only messaging service; as such, it did not previously pose a serious security risk in terms of: viruses, trojan horses, malware and others nasties. However, the email format was expanded - via MIME - to include additional features such as imbedded HTML and attachment files. This expansion of the email format - whilst intended to offer users a more expansive service - had the knock on effect of posing a far more serious security risk. Imbedded activeX components in the body of email messages, hyperlinks imbedded in the body of email messages, and, of course, file attachments, could pose as harmless, but, in fact, be a virus etc. It would be fair to say that in the 1990s the majority of virus infections were the result of infected attachments in emails. Thus, email providers had a huge headache, and the solution was to imbed an anti-virus scanner into their service. Present day, every webmail service worth its salt - likewise for anti-virus applications - will scan every email for viruses. It's not uncommon for email providers to employ experts like McAfee and Symantec to provide their anti-virus protection. Is this to say it's impossible to receive a virus via email? no, but there is certainly more protection than in the 1990s, when it was common place.

bullet Frequently Asked Questions

How big can email attachments be?