Category: Security | Email
Author: Jaspreet Singh
Reading time: ~7 minutes
Introduction
Email remains the number one attack vector for businesses — yet it is also one of the most misunderstood areas of IT security.
Most vendors explain email security using:
Buzzwords
Product names
Complex diagrams
But very few explain what actually happens, in simple technical terms.
This post breaks down email security using abstraction — focusing on how things work, not what product to buy.
The Email System (Abstracted View)
At a high level, email consists of four layers:
Sender
Transport
Receiver
User interaction
Most security failures happen because one or more layers are trusted blindly.
Let’s look at each layer.
1️ Sender Layer – Identity Is Easy to Fake
From an abstract perspective, email does not prove identity by default.
Anyone can:
Spoof a sender address
Impersonate a domain
Look legitimate at first glance
This is why technologies like:
SPF
DKIM
DMARC
exist — not to secure email, but to reduce identity ambiguity.
Key idea:
Email identity is a claim, not a fact.
2 Transport Layer – Email Is Just Data in Motion
Email moves through multiple servers before reaching a mailbox.
Abstractly:
Messages are copied
Relayed
Temporarily stored
Logged
Security here is about:
Encryption in transit (TLS)
Reputation of relay servers
Filtering during transport
Key idea:
Email transport is opportunistic, not guaranteed secure.
3 Receiver Layer – Filtering Is Probabilistic
Spam filters, malware detection, and phishing protection are not deterministic.
They rely on:
Heuristics
Reputation scores
Pattern recognition
Machine learning
This means:
Some bad emails get through
Some good emails get blocked
Key idea:
Email filtering reduces risk, it never eliminates it.
4 User Layer – The Most Trusted, Least Predictable Component
No matter how good your technical controls are:
Users can still click
Credentials can still be entered
MFA fatigue attacks still work
From an abstract view:
The user is part of the system
Not an external factor
Key idea:
Email security fails where human trust meets digital deception.
Why “Perfect Email Security” Does Not Exist
Abstracting away vendors and tools, email security is about risk management, not prevention.
You are balancing:
Usability vs protection
False positives vs false negatives
Automation vs user awareness
Anyone selling “complete email protection” is selling a myth.
Practical Takeaways for IT Teams & MSPs
Instead of chasing tools, focus on principles:
✔ Reduce identity ambiguity
Proper SPF, DKIM, DMARC
Monitor domain impersonation
✔ Reduce attack surface
Disable legacy authentication
Enforce MFA everywhere
✔ Reduce blast radius
Conditional access
Limited session lifetimes
✔ Educate users with context
Explain why attacks work
Not just what to avoid
Why Technical Abstraction Matters
Abstraction allows you to:
Understand systems independent of vendors
Make better architectural decisions
Avoid tool-driven thinking
Once you understand how email works conceptually, every product becomes easier to evaluate.
Final Thoughts
Email is not broken — it’s just old.
Security comes from:
Understanding its limitations
Designing controls around human behavior
Accepting that no single layer is enough
If you understand email abstractly, you stop reacting to threats — and start engineering resilience.
Author Note
Written by Jaspreet Singh — Founder, Accelerate IT Services Inc
Real-world IT insights from MSP and enterprise environments.