Security wasn't built into the internet from the start. Its network systems were only augmented with security protocols several years later, meaning that individual email servers can operate (and frequently do) without them.
That's why email security has historically been pretty poor, with widespread phishing and spam networks. But things are improving, according to a recently-released report.
Computer scientists at the University of Illinois have found that email security is significantly better than it was two years ago, but still has major issues.
A big reason for the improvement is that companies like Google are now using security protocols on mail by default.
"I work under the assumption that any email I send without special care has an Internet-wide distribution list," said Michael Bailey, one of the authors of the report, published in the Proceedings of the 2015 ACM Conference on Internet Measurement Conference.
He added: "If you want to send a secure email, you must either trust every computer and network your email traverses, or make sure that the email contents are encrypted before it ever leaves your computer."