You type your email and you press send – What happens next and is it secure?

Email has become part of our lives, and like anything that has reached the point of saturation; we take it for granted. Back when emails first started to be used with any frequency, there was far less trust in them. As with all technology, though, once it is adopted for general use, we stop asking about it. 

It’s a little bit like moving into a new house. You start off hearing all those little noises that houses make but soon you no longer hear the central heating coming on or the creaking of a floorboard. It’s the same with emails – they have become a sort of background noise. Sending emails to employees, clients, customers, family, friends, and just about everyone else in our lives has become so common that we never ask questions about the process itself.

So, what does actually happen when you send an email?

There is a danger in the complacency that comes with familiarity. To go back to the analogy of the noises in your house again, we had a problem with our water heating a few years ago, and the engineer asked why I hadn’t heard the pump grinding as it failed. As it was there every day, much like using email, I didn’t question what was going on.

Let’s take a moment to question the email process rather than taking it for granted.

Having written your message, you are ready to go. The email address you type in identifies the recipient and, unless it is one of the general info@ or help@ style addresses which go to a general pool, this is usually a name. Then comes the ‘@’ symbol (which was originally chosen as a good way to divide the address because it was so rarely used and would not be in the name of the recipient) and the domain name.

Up until this point, you are in total control of the message. It is on your local computer, and only you can see it. The information and any attachments are secure. So, you press send.

Your email is then sent to an email server, which decides what to do with it. Initially, this is yours. Let me ask a question at this point. How much do you know about your own email server? Could you tell me who runs it for you? If you can answer yes, then frankly, you are in the minority, or you possibly work in IT. For many businesses, their email system is set up by a third party, and very few of the employees know anything about it.Once it is on your server, something called the DNS (Domain Name System) is checked to see where the email should go to reach the person you wanted to send it to. It does this by looking at what is called an MX record. The MX record points to the email server for the domain you typed at the end of the email address. Essentially it says, ‘ah, thisdomain.com email addresses are probably handled by that server over there. Hey, do you want this email?’ The receiving server says ‘yes’, so it then starts to send your message. It is encrypted to send it but that is only for the transfer and the encryption is quite low level.