Welcome back to Computer History Wednesdays! Today, we’re going to take a look at the fascinating and complex history of email. As a professional pen tester, I can attest to the fact that email remains one of the most significant targets for cybercriminals. From phishing attacks to malware distribution, email is a constant battleground for hackers and security professionals alike. But before we dive into the ways that email impacts cybersecurity, let’s start with a brief history lesson.

History

Phase One: The Early Days (1965-1980)

The origins of email can be traced back to the early days of computing, when the first attempts were made to create a network that would allow computers to communicate with one another. The precursor to the internet, known as ARPANET, was created in 1969 by the United States Department of Defense’s Advanced Research Projects Agency (ARPA). ARPANET was designed to allow researchers at different institutions to share resources and collaborate on projects.

At the time, however, there was no easy way for users to communicate with one another over the network. The first email system was developed by Ray Tomlinson in 1971, while he was working for Bolt, Beranek, and Newman (BBN), a company contracted by the Department of Defense to develop ARPANET.

Tomlinson’s innovation was to create a way for users to send messages to one another using the @ symbol to separate the username and the destination domain. This breakthrough laid the groundwork for email as we know it today.

The first email message ever sent was sent by Tomlinson himself in 1971. He sent it to a colleague who was sitting right next to him, and it simply read “QWERTYUIOP.” The message was meaningless, but it was the beginning of a new era of communication.

During this early period, email was primarily used by academics and researchers, who saw the potential of the technology for collaboration and information-sharing. In 1972, the first public demonstration of email was given at an International Conference on Computer Communication in Washington D.C. However, it would be several years before email became widely accessible to everyday users.

One of the challenges of the early email system was the lack of standardization. Different computer systems used different protocols for sending and receiving messages, which made it difficult for users to communicate across networks.

In 1977, a standard email protocol called the “Simple Mail Transfer Protocol” (SMTP) was introduced. SMTP allowed email to be sent and received across different networks and helped to standardize email communication.

During this period, email was still a relatively new and untested technology. As a result, there were few regulations or guidelines governing its use. This led to some interesting and unusual applications of email, including the creation of the first “spam” message.

In 1978, a marketer named Gary Thuerk sent an email promoting DEC machines to 400 users on ARPANET. This message is considered the first example of email spam, and it sparked a debate about the appropriate use of email that continues to this day.

Another interesting development during this early period was the creation of the first email emoticon. In 1979, Scott Fahlman, a computer scientist at Carnegie Mellon University, sent an email suggesting that users could use :-) to indicate that a message was meant to be humorous. This simple symbol has since become a ubiquitous part of online communication.

During this early period, email was primarily used by academics and researchers. In 1978, the first international email connection was established between the United States and the United Kingdom.

Phase Two: The Rise of the Internet (1980-1995)

The 1980s saw the emergence of the internet as we know it today, and email quickly became a cornerstone of online communication. In 1982, the Simple Mail Transfer Protocol (SMTP) was introduced, which standardized email communication and allowed messages to be sent across different networks.

During this period, email also became more accessible to everyday users. Services like CompuServe and AOL offered email as part of their online packages, and the first commercial email service, MCI Mail, was launched in 1983.

One of the key developments during this period was the creation of the Domain Name System (DNS) in 1984. DNS made it possible for users to access websites using domain names rather than numerical IP addresses, which made the internet more user-friendly and accessible.

The mid-1980s also saw the development of MIME (Multipurpose Internet Mail Extensions), which allowed email messages to include multimedia content such as images and videos. This innovation made email an even more versatile and powerful tool for communication.

Another interesting development during this period was the creation of the first email list-serv. In 1986, a computer science professor at McGill University named Alan Emtage created the first email list-serv, which allowed users to subscribe to and participate in group discussions via email.

By the early 1990s, email had become an essential tool for businesses and individuals alike. However, the lack of encryption and authentication made email vulnerable to interception and spoofing.

In response to these vulnerabilities, a new email protocol called “Pretty Good Privacy” (PGP) was developed in 1991. PGP provided end-to-end encryption for email messages and made it more difficult for attackers to intercept and read email messages.

During this period, email was also becoming a more global phenomenon. In 1993, the first email message was sent from Africa to Europe, marking the beginning of a new era of international communication.

The early 1990s also saw the creation of web-based email services like Hotmail and Yahoo Mail. These services allowed users to access their email from any computer with an internet connection, which made email even more convenient and accessible.

However, with the rise of web-based email came the rise of spam. Spam emails quickly became a major problem, clogging up inboxes and making it harder for legitimate messages to get through.

To combat this, email providers began to implement spam filters and other anti-spam measures. However, the battle between spammers and email providers continues to this day.

Phase Three: The Rise of Webmail and Spam (1995-2005)

The mid-1990s saw the rise of web-based email services, which allowed users to access their email from any computer with an internet connection. Hotmail, launched in 1996, was one of the first web-based email services and quickly gained popularity due to its user-friendly interface and large storage capacity.

The rise of web-based email brought email to the masses, and by the early 2000s, email had become a fundamental part of daily life for many people around the world.

However, with the convenience of web-based email came new challenges. Spam emails, which had been a problem since the early days of email, became an even bigger issue as more people began to use email.

Spam emails, which are unsolicited and often contain malicious content, can clog up inboxes and make it harder for users to find legitimate messages. To combat this, email providers began to implement spam filters and other anti-spam measures.

One interesting development during this period was the introduction of the “unsubscribe” button in email newsletters. This feature allowed users to easily opt-out of receiving newsletters and other marketing emails, which helped to reduce the amount of unwanted email in users’ inboxes.

Another interesting development during this period was the introduction of mobile email. In 1999, BlackBerry launched its first email-enabled device, which allowed users to send and receive email on the go. This innovation paved the way for the widespread adoption of mobile email and helped to further cement email’s position as a fundamental tool for communication.

By the early 2000s, email had become a key target for cybercriminals. Phishing, a type of email scam in which attackers attempt to trick users into revealing sensitive information, became a major threat. In response, email providers began to implement stronger security measures, such as two-factor authentication and encryption, to protect users’ data.

Another major threat during this period was email viruses. In 2000, the “ILOVEYOU” virus spread rapidly through email, infecting millions of computers worldwide. The virus was spread via an email attachment that appeared to be a love letter, but in reality, was a malicious program that would delete files and steal passwords.

Despite these challenges, email continued to evolve and adapt to the changing technological landscape. By the mid-2000s, email had become a ubiquitous part of daily life for millions of people around the world.

Phase Four: The Era of Mobile and Social (2005-Present)

The mid-2000s saw the rise of mobile devices and social media, which transformed the way we use email. With the introduction of smartphones, users could access their email from anywhere, at any time, and social media platforms provided new ways to connect with others and share information.

One of the key developments during this period was the introduction of push email. This feature allowed emails to be delivered to users’ devices in real-time, eliminating the need to manually check for new messages.

Another important development was the introduction of social media integration. Email providers began to integrate social media platforms like Facebook and Twitter into their email services, allowing users to receive notifications and update their status directly from their email inbox.

In 2007, Apple launched the iPhone, which revolutionized the mobile industry and helped to further cement email’s position as a fundamental tool for communication. With the introduction of the iPhone, users could access their email, calendars, and contacts from a single device, making it easier than ever to stay connected.

Another interesting development during this period was the rise of email marketing. Email marketing, which involves sending promotional emails to customers, became an increasingly popular way for businesses to reach their target audience. However, email marketing also became a target for spammers and scammers, and email providers had to implement stronger anti-spam measures to protect users.

One of the challenges of the mobile era was the need for email to adapt to smaller screens and touch interfaces. Email providers began to design their services with mobile users in mind, creating responsive designs and touch-friendly interfaces that made it easier to read and respond to emails on smaller screens.

Another important development during this period was the rise of email encryption. In 2013, Edward Snowden’s revelations about government surveillance brought email encryption into the spotlight, and email providers began to implement stronger encryption measures to protect users’ privacy.

Despite the challenges and uncertainties of this era, email continues to be a fundamental tool for communication and collaboration. With the rise of new technologies and platforms, email has adapted and evolved to remain a critical component of our daily lives.

As we look to the future, it’s clear that email will continue to play a vital role in our personal and professional lives. With the ongoing threat of cybercrime and the need for stronger security measures, email providers will need to stay vigilant and continue to innovate to ensure the safety and privacy of their users’ data.

Alternative Mail Systems

While SMTP is the most widely used email protocol, there are alternative mail systems that use proprietary protocols developed by specific companies or organizations. These systems offer different features and capabilities that may not be available with standardized protocols.

One example of an alternative mail system is Lotus Notes, developed by IBM in the 1980s. Lotus Notes uses a proprietary protocol called Notes Mail to send and receive email messages. Notes Mail offers features such as document management, workflow automation, and team collaboration tools, making it a popular choice for businesses and organizations.

Another example of an alternative mail system is Novell GroupWise, developed by Novell in the 1990s. GroupWise uses a proprietary protocol called “Internet Message Access Protocol” (IMAP) to send and receive email messages. GroupWise offers features such as instant messaging, calendaring, and task management, making it a comprehensive solution for businesses and organizations.

Another example of an alternative email system is Microsoft Exchange Server. Exchange Server is a mail server and calendaring software developed by Microsoft. It uses a proprietary protocol called “MAPI” (Messaging Application Programming Interface) to send and receive email messages.

Alternative mail systems are often designed to be highly customizable and to offer advanced features that are not available with standardized protocols like SMTP. For example, Notes Mail allows users to create and manage databases, while GroupWise offers integrated instant messaging and video conferencing.

However, alternative mail systems may also have drawbacks. One major challenge is that they are not standardized, which can make it difficult for users to communicate with those who are using different email systems. Additionally, alternative mail systems may be more vulnerable to security threats because they are not subject to the same scrutiny and testing as standardized protocols.

Despite these challenges, alternative mail systems remain an important part of the email landscape, particularly for large organizations and businesses with specific needs or requirements. For example, some businesses may require advanced document management or team collaboration features that are not available with standardized protocols.

As email technology continues to evolve, it will be interesting to see how alternative mail systems continue to adapt and innovate. One potential area of growth is in the use of artificial intelligence (AI) and machine learning to improve email filtering and classification. AI-powered email systems could help to reduce the amount of spam and unwanted messages that users receive, making email even more useful and efficient as a communication tool.

Cybersecurity

Email is a constant target for cybercriminals, who use a variety of tactics to exploit vulnerabilities in email systems and trick users into giving up sensitive information. Here are some of the most common email-related cybersecurity threats:

  1. Phishing: Phishing is a type of social engineering attack in which an attacker sends a fake email that appears to be from a trusted source, such as a bank or social media platform. The email typically contains a link or attachment that, when clicked or opened, installs malware on the victim’s device or redirects them to a fake website designed to steal their login credentials.

  2. Spear Phishing: Spear phishing is a targeted form of phishing in which the attacker gathers personal information about the victim and uses it to craft a highly personalized and convincing email. These emails are often sent to employees of a particular company or organization, with the goal of gaining access to sensitive information or systems.

  3. Business Email Compromise (BEC): BEC is a type of email scam in which the attacker impersonates a high-level executive or other trusted individual within a company. The attacker will send an email requesting that funds be transferred to a third-party account, typically under the guise of a legitimate business transaction. BEC attacks can be difficult to detect, as they often appear to be coming from a trusted source.

  4. Malware Distribution: Malware can be distributed via email attachments or links, often disguised as legitimate files or websites. Once the victim clicks the link or downloads the attachment, the malware can infect their device and allow the attacker to take control.

  5. Email Spoofing: Email spoofing involves sending an email that appears to come from a different sender than the actual sender. This tactic is often used in phishing attacks or to gain unauthorized access to a network.

To protect against these threats, it’s important to implement strong email security measures. This includes using multi-factor authentication, keeping software up to date, and using encryption to protect sensitive information.

Trivia

  1. The first spam email was sent in 1978 and advertised a new computer system.
  2. The first email attachment was sent in 1992 and was a photo of a band called Les Horribles Cernettes.
  3. Hotmail, one of the first web-based email services, was originally called “HoTMaiL” with capital letters to emphasize its HTML formatting capabilities.
  4. The term “spam” to refer to unwanted email comes from a Monty Python skit in which a group of Vikings sing a song about spam, drowning out all other conversation.
  5. The longest email address on record is 345 characters long and belongs to a woman in Germany.
  6. In 2009, President Obama became the first sitting U.S. president to use email while in office.
  7. The first email sent from space was sent by astronaut Tim Kopra in 2016, who used a special email system called the NASA email system.
  8. The “Reply All” button, which allows users to reply to an email and include all recipients in the response, was introduced in 1997.
  9. In 2004, Google launched Gmail, which offered users 1GB of storage space, compared to the 4MB offered by Hotmail at the time.
  10. The world’s first email marketing campaign was sent in 1978 by a marketer named Gary Thuerk, who sent an email promoting DEC machines to 400 users on ARPANET.

Conclusion

Email has come a long way since Ray Tomlinson sent the first message in 1971. Today, it remains a vital tool for communication in both personal and professional settings. However, the rise of cybercrime has made email a constant target for attackers, and it’s more important than ever to implement strong email security measures.

Despite the ongoing threats, email continues to evolve and adapt to the changing technological landscape. As we look to the future, it’s clear that email will remain a critical component of our daily lives, and we must remain vigilant in protecting ourselves and our information.

I hope you’ve enjoyed this journey through the history of email and learned something new along the way. As always, stay safe and keep exploring the fascinating world of computer history.