It sometimes happens that sending an email results in failure to send or not receive. of the message. Really understanding which of the two cases we are facing is not easy precisely, because in both cases it is difficult to establish whether we are faced with a failure to send or a failure to receive and requires investigations at a technical level not always possible by the 'final user.
Whose fault is it then? The sender or the recipient?
It should be noted that sending an e-mail and receiving it involves a series of absolutely non-trivial “behind the scenes” operations that indisputably determine the success or failure of sending and receiving.
Although sending an email is within everyone's reach, it is also true that there are thousands of mail servers, each with its own software and each with its own configuration, which at times may not communicate with each other due to technical problems and incorrect configuration.
Let's assume a real scenario
When a user with email email@example.com for example try to send an email to firstname.lastname@example.org, here's what happens behind the scenes:
- Tizio's mail client connects to the mailserver delegated to manage the mail for the tizio.it domain, for example mail.tizio.it
- In turn, a request is made to the authoritarian mail server that is listening on port 25 and asked to send an email to the recipient email@example.com. This request is made following a syntax for the SMTP protocol which briefly describes, sender (MAIL FROM), recipient (RCPT TO), subject (SUBJECT) and the body of the mail (DATA).
- Once the transmission of the e-mail from the mail client to the mail server is finished, the mail server (which is nothing more than a server program that listens on port 25, used for receiving and delivering e-mails) makes a query to the DNS trying to obtain the MX (Mail eXchanger) record for the domain in question.
- For example, the DNS for the caio.it domain will reply that the authoritative mail server for the caio.it domain will be mail.caio.it
- The mailserver mail.tizio.it will then connect to port 25 of the mail.caio.it mailserver by establishing a TCP connection and will forward the mail that it had in the queue sent to it by the mail client (outlook or thunderbird for example) of the 'user firstname.lastname@example.org
- At this point the mailserver of the recipient mail.caio.it will have in the queue the mail destined for a user of his domain (email@example.com) and will have to somehow deliver it in a file inside a folder on the server, normally in Maildir format or Mailbox.
- At that point the recipient will connect through his mail client to an incoming pop3 or imap mail server which is used to receive the message previously delivered by the mail server.
This is what happens in a normal regime, that is without specific antivirus and antispam checks.
Up to now, to make this mechanism work, you need the following requirements:
- 2 fully functional mail servers, one for the sender and one for the recipient
- The host and IP information on the mail servers are published in the DNS entries (called zones) of the domains in question.
- Making a DNS query implies having a working DNS server with the correct information published, especially the MX record
Advanced configurations with sender and content controls.
In an advanced configuration, you also have to deal with additional controls, such as:
Greylisting : refuses to accept the sender's email for a few minutes. In the case of a real mailserver and not a spammer, it will be postponed. In the case of spam bots it is often not postponed so you start making a selection of good mail and bad mail. This results in a delay of about 10 to 15 minutes (but even more) of the first message from a new sender for the new month.
DNSBL : occurs if a sender's IP is published in worldwide Spammer lists through UDP requests (similar to those used for DNS queries). If present, the message is rejected and the sender mailserver will return it to the sender, specifying the reason for the delivery refusal.
SPF : is an email validation system designed to detect email spoofing attempts. The system offers administrators of an e-mail domain a mechanism that allows them to define the hosts authorized to send messages from that domain, allowing the recipient to check their validity. The list of hosts authorized to send emails for a given domain is published in the Domain Name System (DNS) for that domain, in the form of specially formatted TXT records. Phishing, and sometimes even spam, use fake sender addresses, so posting and verifying SPF records can be considered in part an anti-spam technique.
DKIM : DomainKeys Identified Mail (DKIM) is an email authentication method designed to prevent spoofing. It allows the recipient of an email to verify the origin of the message, in order to ascertain the authenticity of the sender. DKIM is used to combat phishing and email spam.
In technical terms, DKIM allows a domain to associate its name with an email by affixing a digital signature. Verification is done using the signer's public key published in the domain's DNS. The signature ensures that the email message (including attachments) has not been modified since the signature was placed. Usually, DKIM signatures are not visible to users as they are affixed or verified by service providers (SPs). For this reason, DKIM differs from end-to-end encryption, which does not involve third-party interactions.
Antispam / Antivirus : based on the content, keywords and attachments, the message will be scored. Exceeded a certain score (usually 5) the message will be tagged as SPAM and will be delivered either in the SPAM folder or in normal mail with the subject of the message changed to something like [SPAM] Subject of the message , or *** SPAM *** Subject of the message.
In this case, for the message to be received from the recipient's address, the sender must make sure your mailserver ip is not listed as a source of SPAM in the DNSBL, must have the foresight to follow standard rules for writing an email such as writing the subject, inserting a text in the body of the message, avoiding sending files that are almost always prohibited such as executables (.exe,. com, .pif, .bat, etc ..).
A concept should also be put on paper: when the email does not arrive or is not received, the fault can be ours as it can be the interlocutor.
If our supplier or customer sends us an email from an address listed in DNSBL, it is his fault that he does not send respecting the rules, and not ours that we automatically reject the message because it is SPAM.
Also it must be said that the mail it is not a real-time communication tool, delivery is not guaranteed and that any use other than that for which it was designed is an incorrect use.
Each error message it returns has an identification code as well as a description of the problem.
By reading this information, we can know without a doubt whether the problem is us or the other interlocutor.
It would be enough to have the desire and take the trouble to read these errors to avoid groping in the dark avoiding inappropriate communications to the company helpdesk.