The Dataprise Blog

An MSPs Deep Dive into Email Pt I: Mail Flow

Sep 24, 2020 BY Ben Birnstein

An MSPs Deep Dive into Email Pt I: Mail Flow

Like many computing technologies used in modern day, email has its roots back in the ‘70s. Over the years, it has been developed and enhanced in countless ways, with new usability features and security controls tacked on to keep up with developments in computing. 

The purpose of this article is to expose the mechanisms of mail flow in a way that translates to the MSP space, and to examine the considerations an MSP and its clients may have when planning and discussing a mail solution. Even when approaching a new environment, it is surprisingly easy to map out mail-flow if you know where to look and what to look for. However, it can often be difficult to understand this process due to the presence of several convergent technologies working in concert. Let’s take a closer look.


“Hopping” through the Sender’s Environment

Modern email operates using a “store and forward” technique which works exactly how it sounds. Messages “hop” around organization’s networks and the internet to reach their destination, getting manipulated, encrypted, filtered, and forwarded at various stages until they reach their destination. The first step is to navigate through the sender’s environment following the process described below.

Every message begins within a Mail User Agent (MUA), which is responsible for formatting, user-interface, and connecting the end-user to their mail server. The MUA forms the interface layer of common mail applications like Outlook and Gmail, controlling the user’s experience sending messages. 

Once the message is sent out of the MUA, it goes to the sender organization’s mail server. The mail server is simply a high-powered computer designed to host two critical server applications which are responsible for handling mail. The first is called the Mail Submission Agent (MSA) and is responsible for receiving email messages from the MUA. The second, known as the Mail Transfer Agent (MTA), locates the correct mail server to send the email to by identifying a specific type of Domain Name System (DNS) record called the MX Record. This record is stored online and belongs to the recipient. Once the MX Record is identified, the MTA releases the email to this intended recipient.


Leaving the Sender’s Environment

In addition to the MUA and mail server, most mail flows include a filtering gateway, which represents the first and/or final hop for any emails entering or leaving the local network. Organizations do not technically need filtering gateways for their email system to work, but they provide great value by scanning inbound messages for spam and malicious payloads which could damage the recipient, and by running incoming mail against sets of receive rules and policies to ensure compliance. Filtering gateways often take the form of third-party anti-spam software solutions (e.g., Barracuda Email Security Gateway, Sophos Email Appliance), or entirely cloud-hosted platforms (e.g., Mimecast, Microsoft Advanced Threat Protection). They are generally located on the receiving side, and securely relay mail from the sender’s MTA to the recipient. 

At this point, it is worth noting that the MTA is the “point of no return” in the email process. Even if filtered by an outgoing filtering gateway, the email is out of the hands of the sending environment and cannot be recalled or traced past this point by the sender. 

After being released from the final hop of the sender’s infrastructure, the message is relayed by Simple Mail Transfer Protocol (SMTP) to the recipient’s MTA then the recipient’s Mail Delivery Agent (MDA). The MDA then stores the message in the recipient’s mailbox for access. Once placed in the mailbox, the recipient can read the message from their own MUA and, if needed, respond, starting the cycle over again in reverse.


The Big Picture 

The simplified mail flow described above can, of course, differ from organization to organization, but the basic structure remains the same. Visually, the pathway looks something like this:

Mail Flow Image

Although email handling services can be hosted on a wide variety of on-premises and cloud-hosted server platforms, the communications between these servers and services operate on an agreed-upon structure to maintain compatibility and functionality.

By understanding the process by which emails pass across the internet, organizations can understand where they, as either the sender or the recipient, can and cannot control the mail flow. For example, filtering gateways represent a crucial barrier against unwanted and potentially harmful mail from reaching an organization’s employees. By maximizing their control over the email process and ensuring that they have the best possible controls in place, organizations stabilize their environment and minimize risk.

For more information on what mail hosting options are right for you, how you can optimize and secure mail flow, and other technology concerns, contact our Marketing Team today.

IT Fundamentals
Want the latest IT insights? SUBSCRIBE