Mail

E-mail is

Forgeable
Not private 

There are many different ways to manage e-mail, depending on what mail service you buy, and on your personal preferences. This note assumes you have already made some choices and want to get what you have chosen wokring on a Mac.

How E-Mail Works

You compose and view mail in a mail client program, or Mail User Agent (MUA). When you send mail, it is sent through a chain of Mail Transfer Agents (MTAs) to the recipient's MUA.

Sender's MUA -> SMTP -> MTAs -> Recipient's MUA

Your Mail Setup

Your mail setup depends on two choices: what kind of mail address you have, and how you read and send mail on your Mac.

Your Mail Address

Suppose your mail address is melvin@fooch.com. This name contains an account name, melvin, and a domain name, fooch.com. The domain part after the @ sign identifies your mail service provider; it may be

It costs money to provide a mail address, so you are paying for it somehow.

How you Read and Send Your Mail on Your Mac

You have a choice of mail clients to read and send mail with on your Mac:

Web Mail

If you are using gmail.com, or any provider that supports web mail, you can use a web browser like Safari, Firefox, or Chrome to read your mail on your Mac.

Using Mail.app

Apple provides a mail client application that runs on your Mac, called Mail. Sometimes it is referred to as Mail.app to make it clear that we are talking about the MacOS program. Mail.app can store your mail in local folders on your computer's file system, and search a large archive of old mail. You can configure Mail.app to view and fetch your mail from multiple mail providers, including Gmail. Mail.app has a junk mail detector built into it, that detects some spam and moves it to a Junk folder. Other mail client applications like Thunderbird work similarly.

Apple has a nice introductory article on its Mail.app. Among other topics, it covers adding accounts; rich versus plain formatting; stationery; sending and viewing photos; mail folders, filing and coloring; viewing mail; and checking every n minutes.

If you don't want PDFs to be displayed inline, do the following in Terminal:

defaults write com.apple.mail DisableInlineAttachmentViewing -bool true

Mail Client Considerations

Recommendation

I recommend getting a gmail.com account, provided by Google. Even if you have some other address, you should get a gmail account as a secondary.

How I Handle Mail

My e-mail handling practices might not meet your needs. I use Mail.app on my Mac, and the Mail application on an iPhone when I am traveling.

  1. My main mail address is hosted at the mail provider that hosts my personal domain. I pay a separate ISP for Web and e-mail connectivity.
  2. Mail comes to the ISP and is filtered there by complex filters I built and maintain myself.
  3. I fetch mail messages from multiple accounts to my Mac using Mail.app and delete it from the servers.

My page How I Filter Spam describes how I filter spam at my mail provider account. When I read my mail on my Mac, I can save interesting mail in local folders on my Mac, and search them later. Selected non-bulk small mail is copied to a mail provider mailbox that I can read with my iPhone or a web browser.

Reading Mail From Multiple Accounts

You may set up several different mail addresses, for different purposes. Using webmail, you would go to a web page for each account. If you prefer to copy the mail off the mail server, then each mail account has a "home" computer where its mail resides. You can "peek" at the mail on an account, and copy its mail to a non-home computer without deleting the server copy. Using a local mail client on your Mac, you can pull all the mail from different accounts into one view. Some offices use Microsoft Exchange for their mail server, and Macs work better with Exchange than they used to. Many work situations require that you read mail only from "inside" their network, and provide a Virtual Private Network (VPN) solution that lets a remote computer connect to the network over a cryptographically secured tunnel.

What About iCloud?

What it can do for you: Back To My Mac, Find My iPhone, contact syncing, optional mail address. What it costs: 5GB free for Mac/iPhone owners, can buy more.

Privacy and Security Issues

E-mail Is Not Private

E-mail flows across the Internet unencrypted. A bad guy can read all your mail. This has actually happened.

Do not send credit card numbers in e-mail -- or passwords, Social Security Numbers, and other data you don't want public. (The idea of encrypting the mail somehow has been discussed for over 30 years, but it's still not usable except by experts.) If a mail message is stored on disk on any computer (for example at a mail provider), a bad guy could get into it and read it. Law enforcement can compel a mail provider or network operator to let them read your mail. Even if you think you have deleted a message, plenty of news stories show that old e-mail can come back. So basically, don't put anything in an e-mail that you wouldn't post on your front door.

Use SSL anyway

If you have a choice, use encryption between your computer and the mail provider. Even though mail is not private, setting this attribute is usually easy and protects your mail from casual snoopers.

E-Mail Can Be Forged

A bad guy can create a mail message that appears to come from someone else, like a bank. There is no way to prevent this and detecting whether a message is forged requires intelligence and skill. This is another good reason to never click on links in an e-mail message.

You can turn off inline previewing of attachments such as PDFs and images by:

   defaults write com.apple.mail DisableInlineAttachmentViewing -bool yes

How To Read Mail Headers

Sometimes you want to check if a mail message is forged. You can spot many forgeries by examining the detailed mail header lines. View the raw mail (⌘ ⌥ U in Mail.app) (View Full Headers in various webmail programs).

Most of the headers, like the From:, To:, and CC: are completely under the control of the sender. If you get mail claiming to be From: george.washington@whitehouse.gov, this sender name may have been made up. Some of the headers were created when the message was delivered to your mail client, and these can be believed.

Look at the Received: entries (each one may be multiple lines). The most recent one is at the top, and so they read in reverse time order. You can trust the top Received header, which was created by your mail service provider. You may be able to trust the one before that, if it was also created by the mail provider. Reading downwards, you will eventually find a header created by your mail provider describing a message it received from an untrusted source. The rest of the headers cannot be trusted.

Example. I got a mail message that included these header lines:

    Received: (qmail 58489 invoked from network); 25 May 2010 01:05:22 -0000
    Received: from mailwash15.pair.com (66.39.2.15)
      by niwun.pair.com with SMTP; 25 May 2010 01:05:22 -0000
    Received: from localhost (localhost [127.0.0.1])
	    by mailwash15.pair.com (Postfix) with SMTP id 3F7BF82813
	    for <example@multicians.org>; Mon, 24 May 2010 21:05:22 -0400 (EDT)
    Received: from nrec.org (ns.nrec.org [207.74.238.21])
	    by mailwash15.pair.com (Postfix) with ESMTP id ED61B82811
	    for <example@multicians.org>; Mon, 24 May 2010 21:05:21 -0400 (EDT)

You need to know the pattern of headers for your mail provider's internal network. Sometimes, the first few headers are not interesting: they show how your mail host's machines work together. In the example above, the first three Received headers are not interesting, but the fourth one, created by my mail provider (pair.com), indicates that it got a message from an outside host (nrec.org). In general you cannot trust any headers after this "last hop" header: they can be forged by spammers. What you can trust in the last hop header is the Internet Protocol (IP) address that your mail provider got the message from.

In this example, "207.74.238.21" is the key unforgeable piece of data in the headers above. It is the actual IP address that sent the mail to my ISP. The mail server at that location claimed to be "nrec.org" (the first "from" in the header) and my mail host looked up the IP and found the domain name "ns.nrec.org" (the name inside the parentheses).

You may wish to look up data for some domains. I have a program that takes an IP address and attempts to look up where it is located, in a "geolocation" database. It says that 207.74.238.21 is located in "US/Traverse City MI" (which is correct). My filtering software adds a header to the mail if it can find a geographic location, and I display this field in Mail.app.

Home | FAQ © 2010-2017, Tom Van Vleck updated 2017-02-10 11:24