Email Study Guide

📖 Core Concepts Email – digital messages sent over a computer network using a store‑and‑forward model; sender and receiver need not be online simultaneously. Address format – <local-part>@<domain> (e.g., [email protected]). Key protocols SMTP (Simple Mail Transfer Protocol) – moves messages between servers. POP3 (Post Office Protocol v3) – downloads messages to a client, often deleting them from the server. IMAP (Internet Message Access Protocol) – lets multiple clients manage the same mailbox without deleting mail. Roles MUA (Mail User Agent) – client software that composes, reads, and manages mail. MTA (Mail Transfer Agent) – forwards mail between servers, adding a Received trace line at each hop. MDA (Mail Delivery Agent) – places mail into the final mailbox and creates bounce messages on failure. Message structure – Envelope (SMTP routing info) + Content (Header + Body). Headers – structured fields (From, To, Cc, Bcc, Subject, Date, Message-ID, etc.). Required: From and Date. Content‑Transfer Encodings – quoted‑printable (mostly 7‑bit text) and base64 (binary data). Security basics – authentication fields (DKIM‑Signature, Authentication‑Results), optional STARTTLS/TLS encryption, end‑to‑end options (PGP, S/MIME). --- 📌 Must Remember SMTP submission uses a dedicated port (usually 587) and the submission profile of SMTP. DNS MX lookup: the sender’s MSA queries DNS for the recipient domain’s MX records to locate the destination MTA. Queue & retry – servers may retry delivery for up to 5 days before a permanent failure notice. Required header fields: From (sender address) and Date (time written). Attachment size limit in practice ≈ 25 MB (not a technical limit). Bcc never appears in the received message’s visible header; it is removed before delivery. Backscatter spam occurs when forged sender addresses cause bounce messages to be sent to innocent parties. Web bugs are tiny external images used to detect when a message is opened; many clients now block external content by default. --- 🔄 Key Processes Message Composition – MUA builds header + body, encodes attachments (base64/quoted‑printable). Submission – MUA → local Mail Submission Agent (MSA) via SMTP submission. Domain Resolution – MSA queries DNS for MX records of recipient domain. Transfer – MSA forwards to recipient’s Mail Transfer Agent (MTA); each intermediate MTA adds a Received: header. Delivery – Final MTA passes message to Mail Delivery Agent (MDA), which stores it in the mailbox (Maildir/mbox). Retrieval – Recipient’s MUA contacts the mailbox via POP3 (download) or IMAP (sync). Authentication – Receiving MTA may check DKIM, SPF, and record results in Authentication-Results:. Encryption (optional) – STARTTLS/TLS secures the hop between client and server. End‑to‑end (PGP, S/MIME, S/MIME over TLS) encrypts the message body and attachments. --- 🔍 Key Comparisons POP3 vs IMAP POP3: downloads & often deletes mail → good for single‑device use. IMAP: keeps mail on server, syncs across devices → ideal for multi‑device access. Plain Text vs HTML Body Plain Text: smaller, universally readable, no web‑bug privacy risk. HTML: richer formatting, inline images/links, larger size, potential privacy issues. quoted‑printable vs base64 quoted‑printable: efficient for mostly ASCII text with occasional high‑bit characters. base64: encodes any binary data; expands size by 33 %. SMTP vs Submission Profile SMTP (port 25): server‑to‑server relay. Submission (port 587): client‑to‑server, enforces authentication and may require TLS. --- ⚠️ Common Misunderstandings “Email is encrypted by default.” – Most email travels unencrypted; TLS only protects a single hop. “Bcc hides the address from every server.” – Bcc is removed from the message header, but the original sender’s server still knows it. “SMTP guarantees delivery.” – SMTP provides best‑effort forwarding; delivery can fail, be delayed, or be rejected. “UTF‑8 headers are universally supported.” – UTF‑8 is standardized but many systems still require ASCII‑only headers. “Reading a Delivery Status Notification means the recipient read the mail.” – DSNs confirm only that the server accepted the message, not that the user opened it. --- 🧠 Mental Models / Intuition Postal Analogy – Envelope (SMTP routing) + Letter (Header + Body). Each post office (MTA) stamps a Received: line, just like a mail carrier leaves a tracking note. Layered Security – Think of TLS as a secure envelope for the hop, while PGP/S/MIME is a sealed box that only the intended recipient can open. Queue = Mailroom – When the destination mailroom is busy, the message sits in a queue and is retried for up to five days, similar to holding undelivered packages. --- 🚩 Exceptions & Edge Cases 8BITMIME / BINARY extensions – Allow 8‑bit data without encoding, but many MTAs still lack support, forcing fallback to base64. Backscatter – Bounce messages generated for forged senders can flood innocent addresses. Web‑bug tracking – Some providers pre‑cache images, neutralizing the tracking attempt. Non‑delivery reports – ISPs may disable them to prevent address harvesting. --- 📍 When to Use Which Choose POP3 when you need local storage, have limited server quota, and use a single device. Choose IMAP for accessing the same mailbox from multiple devices (phone, laptop, web). Prefer plain‑text for compatibility and privacy; use HTML only when formatting is essential. Select quoted‑printable for mostly ASCII text with occasional special characters; base64 for any binary attachment (images, PDFs, executables). Use STARTTLS for encrypting the client‑server link when end‑to‑end encryption isn’t required. Deploy PGP or S/MIME when confidentiality of the message content must be guaranteed end‑to‑end. --- 👀 Patterns to Recognize Multiple Received: headers → message passed through several MTAs; long chain may indicate delay. Large base64 block → attached file (common vector for malware). From: address ≠ Return-Path: → possible spoofing attempt. Missing mandatory Date: header → malformed message, may be rejected or flagged. DKIM‑Signature: present → message likely passed domain’s integrity check; absence doesn’t guarantee spoofing. --- 🗂️ Exam Traps “SMTP guarantees that the recipient read the email.” – Only confirms server‑side receipt, not user read. “Bcc is invisible to all mail servers.” – It is stripped from the delivered header but is known to the originating server. “All email clients block HTML by default.” – Many modern clients render HTML unless the user disables it. “UTF‑8 addresses work everywhere.” – Compatibility issues persist; many systems still require ASCII. “A delivery receipt is the same as a read receipt.” – Delivery receipt confirms server delivery; read receipt requires the client to send a separate notification (often optional). ---