The important thing to note is that historically e-mail protocols have defaulted to not be secure. So connections to servers to send and received have been in the clear and the e-mail itself also in the clear. What we mean by this is that nothing is encrypted and everything can easily be eavesdropped upon.
This is of course a little more tricky and is something you only need to worry about if you are sending e-mail from your own domain name. I would recommend you start by reading the articles on Scott Helme's blog by visiting email-security - Scott Helme. You can also read the following articles on Wikipedia:
There is also a good article on this at DKIM and SPF Email Authentication - ICDSoft.