Email icons created by Freepik - Flaticon

Electronic mail - Introduction

Electronic mail, email, for obvious reasons related to global interoperability, complies with technical standards at the international level.
These standards are referred to as RFCs (Request For Comments) and issued by a total of five entities, as indicated on the official website, of which three are official bodies, and two are not, namely:

  1. Internet Engineering Task Force (IETF);
  2. Internet Research Task Force (IRTF);
  3. Internet Architecture Board (IAB); 
  4. Independent Submissions;
  5. Editorial.

The RFCs are numbered (e.g., RFC 5322 for message format).
A list of all RFCs is available on this web page.

Email address and domain name

You must have an email address and a mail server to send email messages. Therefore, it will be possible to have (even alternatively) the following:

  1. your own domain name with associated email accounts and your own email server;
  2. one’s own domain name and one or more email addresses linked to the domain name but managed by an email provider;
  3. one or more email addresses provided and managed by an email provider.

The choice of an email account

As stated in RFC 5322 (sect. 3.4.1), an email address consists of three parts namely:

  1. the username or “local-part”;
  2. the @ symbol;
  3. the domain name.

Therefore, the email address must be in the form: local-part "@" domain.

The username cannot be longer than 64 characters; it can contain uppercase characters, lowercase characters, numbers from 0 to 9, periods, and special characters.

The domain name cannot be longer than 255 octets (equivalent to 255 characters) and, according to RFC 1035 (sect. 3.1) is considered “case-insensitive” and that is, there is no distinction between uppercase and lowercase.

In particular, RFC 2821 (sec. 2.4) clarifies:

The local-part of a mailbox MUST BE treated as case sensitive.

Mailbox domains are not case sensitive.

Therefore, there is a difference between the upper and lower case in the username (case sensitive), while it is not the same for the domain name (case insensitive).

However, some mail servers allow users to “treat” the username in the same way with an upper and lower case, even if it is written all in upper or lower case.

In conclusion, when creating an email account, in order not to have to send and/or receive problems, avoid uppercase characters and choose only lowercase ones.

Own domain name and PEO account

Users included in hypothesis No. 1 can manage their mailboxes themselves (or through an IT technician) and then configure their email server.

Users included in hypothesis No. 2 above can manage their email accounts by configuring their domain name with a provider who allows this.

In both cases, these are operations for which specific technical-computer knowledge is required.

The choice of the email provider

Many users, however, fall into hypothesis No. 3 and, therefore, will have to choose an email provider to generate their email accounts.

In our opinion, the best email providers are as follows:

All of the above providers allow the creation of email accounts for personal use with free plans, guaranteeing high levels of security.

The feature of Skiff Mail is that it is a native Web3 solution.
In the contribution entitled "# Web3 is a reality and not the future: some privacy aspects", to which we refer, we summarily explained Web3 but specifically Skiff. Therefore, in the article just cited, there are more details about Skiff.

ProtonMail and Tutanota offer 1GB of space, while Skiff Mail 10GB.

Proton and Skiff offer suites that include, respectively:

  • ProtonMail, ProtonCalendar, ProtonDrive and ProtonVPN;
  • Skiff Mail, Skiff Pages, Skiff Drive.

ProtonMail and Skiff Mail are structured to operate in their environment; users cannot use email clients other than proprietary ones.
Only Proton provides ProtonBridge, which allows email accounts to be set up even on email clients external to their system.

In addition, Proton allows two-factor authentication (2FA), including via hardware, either with USB sticks (such as Yubico) or (for those with a MacBook with Touch Bar) with the macOS hardware system.

Choosing the email client

A key issue concerns the choice of email client, i.e., the program through which one can send and receive mail.

Our choice - for macOS users only - is MailMate, a paid email client; we discussed it in the contribution entitled "# MailMate: a powerful client email for MacOS Markdown integrated email composition".

For those who intend to opt for free and open-source solutions, in our opinion, the most appropriate choice is Thunderbird.

Message preparation

When drafting the message, paying attention to some crucial aspects is good.

First of all, we should point out that according to the RFC … the email address is not so-called “case sensitive,” and therefore, it can be written either in upper or lower case. This clarification seems appropriate because, very frequently, the question “uppercase or lowercase?” is asked.

Also, according to the "RFC 1855 entitled “Netiquette Guidelines, regarding email communication, users should observe some common rules. The document refers to the so-called “Netiquette,” which is a term created by merging the words “network” and “etiquette” or “internet” and “etiquette”.

“Netiquette” is considered by some to be a sub-set of “etiquette” or - more commonly - the etiquette to be observed in interpersonal relationships.

What to avoid

According to the aforementioned Netiquette, certain behaviors should be avoided, which - in summary - we outline below:

  • on the assumption that email is not secure unless encryption users should avoid including content other than the communication you intend to send in an email message;
  • do not exceed 4 lines for the signature;
  • do not send large files (the RFC refers to attachments not exceeding 50 kilobytes);
  • in the case of sending a message to multiple recipients who do not belong to a group, respect privacy and do not enter recipients in the To field;
  • do not write everything in capital letters because this gives the impression that you are shouting;
  • never send chain letters by email;
  • respect copyright on material you reproduce;
  • don’t edit the text if you forward or republish a received message;
  • don’t send heated messages (“flame”) even in case of provocation;
  • it is highly improper to reply to a message by including all of the previous ones: delete all irrelevant material;
  • don’t continue to include in cc recipients if messages have become a two-way conversation;
  • don’t send messages without a title in the subject line; it must be a title in the subject line that reflects the content of the message;
  • don’t send unsolicited email advertising (it is unwelcome and is prohibited in many contexts);
  • don’t assume that a message is valid; it is good to do some checking.

What to prefer

According to the aforementioned Netiquette, certain behaviors should be preferred, which - in summary - we outline below:

  • it is a good idea to check at least all email topics before responding to a message;
  • be sure to include a line or two at the end of the message with contact information;
  • be careful when addressing mail: know who you are sending the message to;
  • check all addresses before starting a long or personal conversation (it is a good idea to include the word “Long” in the subject header–more than 100 lines are considered “long”);
  • use symbols for emphasis (e.g., this is what I meant; use underscores for emphasis (e.g., War and Peace is my favorite book);
  • use smilies to indicate the tone of voice, but use them sparingly (e.g., :-) is an example of a smiley).

Aliases

In some circumstances, it is preferable to use an email alias, an email address associated with one’s personal or work address, which helps avoid disclosure. Messages will still be delivered to one’s personal or work address.

Nowadays, using an alias is almost necessary, especially when exchanging messages with unknown parties.

Users can also use an alias when one’s personal or business address is long. In this case, one can create a shorter alias to avoid writing one’s long personal or business address.

How is an alias obtained?

Users can obtain an alias from the email provider, as in the case of Apple, which for iCloud users offers the service [Hide My Email?]. Apple describes that service in the article What is Hide My Email?, and we quote it below:

Hide My Email lets you create unique, random email addresses to use with apps, websites, and more so your personal email can stay private. It’s built in to Sign in with Apple and iCloud+.

Hide My Email is a service that lets you keep your personal email address private whether you’re creating a new account with an app, signing up for a newsletter online, or sending an email to someone you don’t know well.

The SimpleLogin service is worth mentioning, which is free for Proton users. Through this service, you can generate aliases linked to your ProtonMail account. For users with a Proton “Premium subscription” plan, it will also be possible to create aliases for accounts outside ProtonMail.

Skiff Mail, on the other hand, allows the creation of aliases directly from the app. It is possible to add aliases that reference Ethereum domain names as best described in the previously mentioned article.

Cryptography.

We have already written a contribution on the point entitled “Privacy in email communication: we should use encryption by default” to which we refer.

Any communication is always confidential.

In any case, we should always encrypt email communications with private or confidential content.

Shrewdness in receiving messages.

What cautions in receiving email messages?

To reduce the risks of phishing or spam cyber-attacks, users should set their mail client so that the system doesn’t download images contained in the received email messages. ProtonMail has an ad hoc function that users can activate via the web browser. MailMate has the same features and allows users to check the links in the received email messages.

Also, from a cyber security perspective, it is advisable to not to click on any links in email messages. In this regard, we point out that many links in email messages are so-called “trackers” suitable for tracking the behavior of the recipient of the message.

Some email programs (MailMate, for example) allow the recipient to be informed about the nature of the links in the email message, who, therefore, can avoid clicking or activating those links.

On specific cybersecurity issues, we refer to the contribution “ENISA Threat Landscape 2022,” published on 3/11/2022 and available on ENISA’s institutional website.


If this resource was helpful, you could contribute by

Buy me a coffee

Or donate via

Liberapay


Follow us on Mastodon

Stay tuned!