What are the parts of an email? Many people and clients ask us this question and, in fact, that is a good one. To be didactic, we can divide an email in three parts: envelope, headers and body. These are specific terms that cause confusion and seem more complicated than they actually are.
But why should I know what are the parts of an email? In addition to the curiosity of those who are interested in the subject, there is another important key point. Understanding the parts of an email, or how an email is created, helps you better understand some types of fraud, such as email spoofing, email forgery and phishing. And understanding how frauds work helps you avoid them.
Comparing emails and postal letters
We like the famous comparison between an email and a postal letter.
Envelope: when you receive a letter, you receive an envelope, right? In the envelope there are two pieces of information: sender address and recipient address.
One main difference between emails and postal letters is that in emails the envelope information is used by mail servers only. It means that envelope information is usually hidden from me, from you, from the end user.
Header: such as when you open a letter, when you open an email there is a lot of other information in the header, such as date, author, subject and address. Note that, just as with letters, a sender address on the header may differ from the one registered on the envelope.
In letters, having different addresses on the envelope and the header may be harmless. It might just mean that the sender wants you to reply to a specific address mentioned on the header. But when it comes to emails that's not a good sign, as this is a tactic used by cybercriminals to impersonate other people or brands and try to scam you.
Body: to close the trio, the message of the letter, the content, corresponds to the body in the email. The message body can also be composed of different components, such as signatures or automatically generated text.
Email terms to know
The pattern that defines an email is known as Request for Comment (RFC). Basically, RFC5321 provides information about the envelope and the transmission protocol for an email while RFC5322 addresses the format.
To make it easier, take a look at this comparison below.
||Envelope Sender, Bounce Address, Return Path
||Header To, Header Recipient
||Header From, Header Sender
Having said that, now you can see how an email can be used maliciously. A phisher can easily fake the header from and the envelope sender to apply scams. In some cases, the fraud is so elaborate that it is difficult to recognize it.
If you are worried about scams, especially within your company, there are numerous email protection software on the market. They use different protection engines and protocols, such as sandbox and Domain-based Message Authentication Reporting & Conformance (DMARC). Just search and choose wisely. You can start by taking a look at our solutions.