David - Musings of an SRE

My Notes from dealing with Email & SMTP

Context I am currently working on a new simple email hosting product targeting solopreneurs and hobbyists and have been building out my own smtp server for this purpose.

These are just some of my notes.

Mail Headers

  1. When processing email coming into your smtp server, MAIL FROM, RCPT TO do not form the content of your incoming mail. Instead they are used by the receiving mail server just for the purpose of mail processing.

  2. An incoming e-mail is made up of 3 sections which are received by your mail server.

    1. MAIL FROM
    2. RCPT TO
    3. DATA
MAIL FROM: <[email protected]>
RCPT TO: <[email protected]>
DATA
From: "Marketing Team" <[email protected]>
To: "User" <[email protected]>
Subject: Monthly Newsletter

Hello, this is a test email.
.

  1. When we talk about email headers and body, these are things captured under the DATA section. The content of DATA is what makes up your email message.

  2. DATA is made up of 2 sections

    1. Header
      1. Header is everything before the first linebreak (eg. up to Subject in the above example)
    2. Body
      1. Everything else!

  3. When we store emails, we’re only interested in DATA. The receiving mail server’s role is just to prepend certain email headers prior to storage.

  4. The mail server needs to only do the following prior to storage:

    1. Prepend a new header Return-Path in the format of Return-Path: <email>

      1. The <email> consists of the e-mail address that was captured in the MAIL FROM section.
      2. MAIL FROM can be empty if its a bounced message, if that is the case, Return-Path should still be prepended with a blank <> as a value

    2. Prepend Received header to indicate the DateTime our mail server received the mail.

      1. The Received header should contain remote server of the sending mail server with a reverse lookup
      2. There can be multiple Received headers in the same email. But there is an order to it with the latest received mail server being at the top (in this case, our server needs to populate the first Received header)

    3. Prepend any other post-processing custom headers 2. eg. spf-check header Received-SPF 3. spam scores etc

  5. The Date header is an RFC requirement but its usually sent by the sender. If this Date is missing, your mail server needs to add it in accordance to the RFC5322 format (Fri, 21 Mar 2025 12:34:56 +0000)

  6. To header can be blank and it is not to be confused with being the same as RCPT TO. This can be blank because the mail may not have To but have Cc or Bcc records.

Summary

From the SMTP server perspective, we really only need to care about 3 things

  1. Is MAIL FROM a bounce? If it is, make sure Return-Path is correctly addressed
  2. Is my mail server the recipient in RCPT TO . If its not, its ok to drop it. There’s no need to handle mail to email addresses that you are not expecting to.
  3. We generally do not modify any existing headers in the Header but we may need to add/prepend new headers as necessary.