E2EE works by encrypting the content of an email on the sender’s device and only decrypting it on the recipient’s device. This is typically done using public key cryptography, where the sender encrypts the email with the recipient’s public key, and the recipient decrypts it with their private key.