Virtually everyone that uses the Internet nowadays has an electronic mail (you might also know it as email) address that can be used to send text messages and files to other addresses. It is simply one of the most important and most used systems on the Internet nowadays. This article dives into the infrastructure and protocols that support email.

The components

In the simplified email architecture, there are three types of machines in play:

• Mail User Agent (MUA): The computer program that a user directly interacts with, to access and manage their email. Examples of MUAs are Mozilla Thunderbird or web clients such as gmail.com.
• Mail Transfer Agent (MTA): The server that acts as an electronic post office for email. The MTA is used to (1) exchange emails between other MTA, and (2) exchange emails with MUAs. In reality, what we refer to as an MTA here is actually split up in different components. For instance, a mail submission agent (MSA) is the component that receives emails from MUAs, whereas the MTA is the sending component. For the sake of simplicity however, the system is referred to as an MTA.
• Domain Name System (DNS) server: A DNS server is not technically an email technology, but does play a vital role in the exchange of emails. Generally, a DNS server provides a service, namely the translation of hostnames (such as example.org) to IP addresses (such as 93.184.216.34). A second service (which is the one important for email) is the translation of a domain name (such as b.org) to the domain name of its associated MTA (such as smtp.b.org). In DNS terms, the translation between domain name and MTA is stored in a so called MX (or mail exchange) record.

From sending to delivery: an example

Now that we got the boring stuff out of the way, let’s take a look at a concrete example of how an email travels from a sender (Alice) to its recipient (Bob).

By Yzmo, CC BY-SA 3.0, Link

In the image above, Alice wants to send an email from her email address alice@a.org to bob@b.org. She uses her MUA - for instance Thunderbird - to write an email and then clicks on the send button in Thunderbird. The MUA uses the Simple Mail Transfer Protocol (SMTP) to transfer the email to Alice’s (or more specifically a.org’s) MTA, smtp.a.org.

SMTP is used by MTAs to communicate among each other. By default, an SMTP servers listens on TCP port 25 for incoming emails. For more information about SMTP, take a look at the Wikipedia page.

smtp.a.org is supposed to deliver the mail to Bob’s MTA, but at first does not know where to deliver the mail. That is why it first performs a DNS lookup for the MX (or mail exchange) record for b.org, which is smtp.b.org. Now knowing the server where to deliver the email, smtp.a.org sends the email to smtp.b.org, again using SMTP.

Note that 'smtp.b.org' does not necessarily verify that 'smtp.a.org' is allowed to send emails for alice@a.org. There exist mechanisms (such as DNS SPF records) that enable MTAs to perform this verification.

Now Alice’s email to Bob resides at Bob’s MTA. He can then use his own MUA to retrieve the email. In this case, the email is retrieved using the POP3 protocol, but the IMAP protocol is an alternative.

Post Office Protocol version 3 (POP3) and Internet Message Access Protocol (IMAP) are the two most prevalent protocols supported by MUAs and MTAs for managing emails. POP3 is the older one, and IMAP was developed as an improvement over POP3. Both POP3 and IMAP have an encrypted variant, POP3S and IMAPS. POP3 runs on TCP ports 110 and 995 for the unencrypted and encrypted variant, where IMAP runs on TCP ports 143 and 993 for the unencrypted and encrypted variant. Visit the POP3 and IMAP Wikipedia pages for more info.

Practical tips

When working on the challenges, you can set up a TCP connect with a POP3, IMAP or SMTP server using netcat (nc) from the command line

nc <hostname> <port>  

Then, you can interact using the commands defined by the protocol specifications (such as HELO and LOGIN).

Alternatively, you can use a MUA (such as evolution) to interact with those servers.

Summary

There are two types of machine in the email architecture: Mail User Agents (MUAs) and Mail Transport Agents (MTAs). The communication between MUA and MTA is done using either POP3 or IMAP, whereas MTA communicate among each other via the SMTP protocol. The path that an email takes from sender to recipient is

Sender MUA → Sender MTA → Recipient MTA → Recipient MUA