Electronic mail, commonly shortened to “email,” is a communication method that uses electronic devices to deliver messages across computer networks. "Email" refers to both the delivery system and individual messages that are sent and received.

Email has existed in some form since the 1970s, when programmer Ray Tomlinson created a way to transmit messages between computer systems on the Advanced Research Projects Agency Network (ARPANET). Modern forms of email became available for widespread public use with the development of email client software (e.g. Outlook) and web browsers, the latter of which enables users to send and receive messages over the Internet using web-based email clients (e.g. Gmail).

Today, email is one of the most popular methods of digital communication. Its prevalence and security vulnerabilities also make it an appealing vehicle for cyber attacks like phishing, domain spoofing, and business email compromise (BEC).

Email messages are sent from software programs and web browsers, collectively referred to as email ‘clients.’ Individual messages are routed through multiple servers before they reach the recipient’s email server, similar to the way a traditional letter might travel through several post offices before it reaches its recipient’s mailbox.

Once an email message has been sent, it follows several steps to its final destination:

The sender’s mail server, also called a Mail Transfer Agent (MTA), initiates a Simple Mail Transfer Protocol (SMTP) connection.

The SMTP checks the email envelope data — the text that tells the server where to send a message — for the recipient’s email address, then uses the Domain Name System (DNS) to translate the domain name into an IP address.

The SMTP looks for a mail exchange (MX) server associated with the recipient’s domain name. If one exists, the email is forwarded to the recipient’s mail server.

The email is stored on the recipient’s mail server and may be accessed via the Post Office Protocol (POP)* or Internet Message Access Protocol (IMAP). These two protocols function slightly differently: POP downloads the email to the recipient’s device and deletes it from the mail server, while IMAP stores the email within the email client, allowing the recipient to access it from any connected device.

To continue the postal system analogy, imagine Alice writes a thank-you note to Bob. She hands the letter to the mail carrier (MTA), who brings it to the post office to be sorted. At the post office, a processing clerk (SMTP) verifies the address written on the envelope. If the address appears to be written correctly and corresponds to a location that can receive mail (MX server), another mail carrier delivers the letter to Bob’s mailbox. After picking up the mail, Bob might keep the note in his desk drawer, where he can only access it at that location (POP) or put it in his pocket to read at any location (IMAP).

*The current version of the POP protocol is named POP3.

What are the parts of an email?

An individual email is made up of three primary components: the SMTP envelope, the header, and the body.

SMTP envelope

The SMTP “envelope” is the data communicated between servers during the email delivery process. It consists of the sender’s email address and the recipient’s email address. This envelope data tells the mail server where to send the message, just as a mail carrier references the address on an envelope in order to deliver a letter to the correct location. During the email delivery process, this envelope is discarded and replaced every time the email is transferred to a different server.

Header

Like the SMTP envelope, the email header provides critical information about the sender and recipient. Most of the time, the header matches the information provided in the SMTP envelope, but this may not always be the case. For instance, a scammer may disguise the source of a message by using a legitimate email address in the header of an email. Because the recipient only sees the header and body of an email — not the envelope data — they may not know the message is malicious.

The header may also contain a number of optional fields that allow the recipient to reply to, forward, categorize, archive, or delete the email. Other header fields include the following: