How Email Works: From DNS MX Records to Secure Delivery

1. Introduction

Although instant messaging tools are popular, enterprises still rely on email systems for communication. Operations personnel need to understand the principles, components, and workflow of email.

2. Relationship Between Mail Server and DNS

Early internet email was sent directly between hosts with fixed IP addresses. As personal computers became common and were not always online, a dedicated mail server was required to receive and manage mail for a domain. The server’s address is discovered via DNS MX records, where a lower numeric value indicates higher priority.

When multiple MX records exist, the server with the smallest value is preferred; others serve as backups or load‑balancing.

3. Mail Transfer Components

Key agents involved in email handling:

MUA (Mail User Agent) : Sends mail and provides the user interface for composing and reading messages.

MTA (Mail Transfer Agent) : Transfers mail between servers (commonly the smtpd service).

MDA (Mail Delivery Agent) : Stores received mail in the appropriate user mailbox.

MRA (Mail Retrieval Agent) : Retrieves mail from the mailbox using protocols such as POP3 or IMAP4.

4. Email Sending Process

①用户eric想发送邮件给wqp，通过终端登录到mail.pangxie.com服务器上，编写一篇邮件，以发件人为[email protected]，收信人为[email protected]发送邮件

②mail.windchaser.com主机调用smtp程序准备向外发送邮件

③smtp看到是通过域名发送邮件，smtp会调用DNS客户端

④DNS客户端会向DNS服务器查询smtp所需求的域名信息

⑤DNS服务器通过查询MX记录查找到域名所指向的邮件服务器信息。

⑥DNS服务器将所查询到的信息返回给DNS客户端

⑦smtp收到DNS对方MX信息之后，开始和对方邮件服务器通过TCP三次握手，最终和邮件服务器里的smtpd服务建立联系后，将邮件传递给mail.windchaser.com服务器主机。

#小贴士：smtpd是邮件服务器的守护进程，监听在TCP的25号端口

⑧当smtpd收到mail.pangxie.com主机发来的邮件，如果是本地用户的邮件，它将会继续⑨，否则它会将它再继续传递出去(这个就是开放式中继)

⑨当smtpd接收下来邮件之后，发现此邮件目标正是本地用户，它会调用MUA，将此邮件存放到邮筒(MailBox)里去。此邮筒的路径一般为 /var/spool/mail 下以此用户的名字命名的文件

⑩wqp用户使用终端登录到mail.windchaser.com服务器上，通过mail命令查收邮件

⑪查收的邮件会自动移至用户家目录一个叫mbox的文件夹。

5. Open Relay (Open Relay Proxy)

An open relay forwards mail to another domain when the local server cannot deliver directly. While convenient, it can be abused for spam.

6. Desktop Client (MUA) Sending Mail

Typical desktop MUAs (e.g., Outlook, Foxmail) let users compose mail, specify the outbound SMTP server, and send messages through the local SMTP service.

①用户在电脑中打开MUA程序。代表程序有Outlook、Foxmail。

②当用户编写好邮件之后，在发送邮件之前注明了为我们提供向外发送邮件功能的邮件服务器地址，开始调用本地的smtp程序。

③本地smtp根据用户所提供的邮件服务器地址通过smtp协议开始和邮件服务器(mail.windchaser.com)建立连接，将邮件发送给本地域邮件服务器。

④邮件服务器收到此邮件后，开始检查邮件的目标地址是否是本地域用户。如果是则执行第④步，如果不是执行第⑤步。

⑤通过MDA分析邮件表头等信息，最终将邮件投递到公共的邮筒里(MailBox)。

⑥通过查询DNS，解析目标邮件服务器对应的MX记录，最后将邮件投递出去。

7. Receiving Mail via MUA (POP3, IMAP4)

After the local MDA stores mail in the mailbox, a POP3 or IMAP4 service allows the user to retrieve it using credentials.

①本地电脑调用MUA程序。

②wqp用户将自己的账号和密码，通过pop3协议去连接POP3服务。

③POP3服务通过验证用户身份，验证通过之后，调用MRA程序，使用用户的账号信息提交给MailBox。

④MailBox根据MRA程序请求，取出用户的邮件，最终将邮件返回给用户。

8. Webmail (Browser‑Based Mail)

Webmail requires a web server and CGI scripts to act as a front‑end, allowing users to send and receive mail through a browser without a dedicated MUA client.

9. Authentication for Sending Mail

SMTP alone does not authenticate users; SASL (Simple Authentication Security Layer) is used to verify credentials before allowing relay.

①用户向服务器请求发送邮件，并将用户账号密码提供给邮件服务器

②邮件服务器调用SASL程序

③SASL作为认证框架，调用具体的认证机制（如plain、login、mysql、ldap）进行验证

④认证不通过，邮件服务器拒绝转发此邮件

⑤认证通过，邮件服务器根据DNS解析的MX记录将邮件投递到目标邮件服务器。

10. Encryption of Mail Transmission

SMTP, POP3, and IMAP4 transmit data in clear text. To protect confidential mail, TLS/SSL (e.g., POP3S, IMAPS) is used for POP/IMAP, while S/MIME or GPG provides end‑to‑end encryption for SMTP.

11. Spam and Virus Filtering

Because SMTP lacks built‑in filtering, external tools such as SpamAssassin (spam) and ClamAV (virus) are invoked via a caller program (e.g., MailScanner, mmedefang, amavisd‑new) before mail is delivered.

①eric用户向邮件服务器(mail.pangxie.com)请求发送邮件

②邮件服务器通过查询DNS的MX记录将邮件发往mail.windchaser.com

③mail.windchaser.com收到邮件后先调用caller程序

④caller调用反病毒程序进行病毒检测

⑤caller调用反垃圾邮件程序进行垃圾邮件检测

⑥检测通过后，mail.windchaser.com将邮件存入用户的邮筒。

12. Summary

Key points:

Mail transfer requires MUA, MTA, MDA, and MRA.

Additional components such as DNS, web servers, POP3/IMAP4, SASL, and caller programs extend SMTP’s basic functionality.

The article illustrated the complete flow of an email from [email protected] to [email protected].