04. Email Flowchart (SMTP & IMAP) - tandihansvin/EthicalHacking GitHub Wiki

In this post, I will explain what actually happens when we hit "send button" on email.

Before we start, here are the basic things that should be known:

1. SMTP
   SMTP stands for Simple Mail Transport Protocol. It is used when we want to deliver an email from email client to email server. SMTP uses port 25.
2. IMAP
   IMAP stands for Internet Mail Access Protocol. It is more like email management. IMAP allows you to check or access your email. Basically, email messages are stored on servers. Whenever you check your inbox, your email client contacts the server to connect you with your messages. When you read an email message using IMAP, you aren't actually downloading or storing it on your computer; instead, you are reading it off from the server. IMAP normally uses port 143.
3. DNS
   DNS stands for Domain Name System. The purpose of this system is to translate domain to IP and vice versa. In this case, it is used to find the mail server of the receiver.

Explanation:

1. Typically, an email consists of 2 part header and body. In header, it is a place to determine the receiver address and the body part contains the message. This data usually is made locally on the sender computer. Once it is finished, and "send" button is clicked. The sender computer will communicate with MTA (Mail Transfer Agent) via SMTP protocol.
2. The system will do DNS lookup, to find out the MTA of the receiver. It can be done by looking the MX record (stands for Mail Exchange record) of the receiver.
3. A response is given to the requested mail server with the IP address of the recipient’s mail server.

Next, there will be 2 possibilities happened.
4(a). If some error occur while sending the email. The mail server will put the email on queue and it will send it again and again (with a maximum sending number, or life time on the queue). Once, the server state that it cannot be sent, the mail server will send bounce back to the sender email via IMAP protocol.

4(b). If the receiver MTA can be found, what the next thing that will happen is communication between mail server. The sender mail server will send the email to receiver mail server via SMTP protocol.

5. Now, the message is transfered to receiver Mail Delivery Agent. The message will be stored in this server.
6. With IMAP protocol, the receiver can manipulate the emails on the server as in the local computer.

Thanks to @anakaiti for the idea.