How email works?

Techletter #42 | August 15, 2023

Email is one of the critical sources of communication even today. All businesses use email for their official communication. So, how does it work under the hood? How can somebody receive the email that you have written on your computer? In this tech letter, I have tried to include how an email works and what happens under the hood.

Email Flow

1. The sender composes an email using an email client, which could be a web-based service (like Gmail, or Outlook) or a standalone desktop or mobile application. They enter the recipient’s email address, subject, and the content of the email.

2. Once the sender clicks “send,” the email client communicates with the sender’s outgoing Simple Mail Transfer Protocol (SMTP) server. The communication starts first by opening a TCP connection to the SMTP server on port 25. Once the TCP connection is established, the email client and the SMTP server can begin exchanging commands and data.

SMTP is responsible for sending outgoing mail. The sender’s email client provides the server with the sender’s email address, the recipient’s email address, and the email content.

What do you mean by Email Clients?

Email Clients is a software application that can be web-based or standalone desktop apps that facilitate the user to send & receive emails. It can be more than that with features like search, drafts, schedule, etc. Gmail is one such example.

What is SMTP?

SMTP stands for Simple Mail Transfer Protocol. It ensures that emails are transferred reliably and efficiently from the sender’s email server to the recipient’s email server. It is a text-based protocol.

What is a TCP connection?

TCP(Transmission Control Protocol) is a connection-oriented protocol that is used to establish a reliable connection between two computers. It uses a three-way handshake to establish a connection.

A handshake is a process that two computers use to establish a connection and exchange information about their capabilities

The three steps of the handshake are:

1. The client sends a SYN packet to the server.

2. The server responds with a SYN-ACK packet.

3. The client sends an ACK packet to the server.

   To learn more about TCP Handshake: Ref1, Ref2

SMTP Server(Mail Transfer Agent)

Once the TCP connection is established to the SMTP server, then what does the SMTP server do?
Once the TCP connection is established to the SMTP server, the SMTP server will then process the commands sent by the email client. The SMTP server will respond to each command with a code, such as 250, 550, or 451.

• 250: This code indicates that the command was successful.

• 550: This code indicates that the command failed.

• 451: This code indicates that the command was temporarily unavailable.

The following are the commands that are typically sent by the email client to the SMTP server:

• HELO or EHLO: This command is used to identify the email client.

• MAIL FROM: This command is used to send the sender’s email address.

• RCPT TO: This command is used to send the recipient’s email address.

• DATA: This command is used to start the transmission of the message body.

• QUIT: This command is used to end the SMTP session.

Once the email client has sent the message body, the SMTP server will store the message in its queue and then deliver it to the recipient’s SMTP server.

The SMTP server is responsible for ensuring that the email is delivered to the correct recipient. It does this by checking the recipient's email address against its database. If the recipient’s email address is valid, the SMTP server will deliver the message to the recipient’s SMTP server. If the recipient’s email address is not valid, the SMTP server will return an error message to the email client. An SMTP server is a critical part of a mail system. Because it is responsible for delivering emails reliably & securely.

So how does the SMTP server check the recipient’s email address? The SMTP server checks the recipient mail address in its database by querying the Domain Name System (DNS). The DNS is a distributed database that maps domain names to IP addresses. When the SMTP server receives the recipient’s mail address, it will query the DNS to find the IP address of the recipient’s SMTP server.

The SMTP server uses a process called mail exchange (MX) records to query the DNS. The MX records are a part of the DNS that map domain names to SMTP servers. When the SMTP server receives the recipient mail address, it will query the DNS for the MX records for the domain name.

The MX records will return the IP addresses of the recipient’s SMTP servers. The SMTP server will then try to connect to one of the recipient’s SMTP servers. If it is unable to connect to one of the recipient’s SMTP servers, it will try to connect to another one. The SMTP server will continue to try to connect to the recipient’s SMTP servers until it is successful. Once the SMTP server is connected to the recipient’s SMTP server, it will send the email message. The recipient’s SMTP server will then deliver the email message to the recipient.

But, you may get another question, how the data is sent from a source email client to SMTP servers to the destination email client? The data is sent in packets over the internet. The packets are routed through different networks until they reach the recipient’s SMTP server. The recipient’s SMTP server then delivers the message to the recipient’s email client. The data is encrypted when it is sent. This ensures that the data is secure and cannot be intercepted by unauthorized parties.

Now, you may get a question, how the data is sent in packets? What format? How the packets are broken? The packets are broken into smaller chunks called segments by the sender’s SMTP server. The sender’s SMTP server will determine the maximum packet size that can be sent over the network and break the data into smaller chunks that are no larger than the maximum packet size.

The Segment has a header & data. The header is typically 20 bytes long. The data can be any length.

The header contains the following information:

• Source IP address

• Destination IP address

• Sequence number

• Acknowledgment number:

  The sequence number of the next packet that the sender expects to receive.

The segments are sent in the following order:

1. The sender’s SMTP server sends the first segment.

2. The recipient’s SMTP server acknowledges the first segment.

3. The sender’s SMTP server sends the second segment.

4. The recipient’s SMTP server acknowledges the second segment.

5. This continues until all of the segments have been sent and acknowledged.

If a segment is lost, the recipient’s SMTP server will not acknowledge it. The sender’s SMTP server will then resend the segment.

The segments are reassembled at the recipient’s SMTP server. The recipient’s SMTP server will reassemble the segments in the correct order and deliver the message to the recipient’s email client.

This was a simple explanation of how email works. Will definitely explore more in future articles. If you find this article as something useful, do share this article. And don’t forget to subscribe.