Networking

SMTP

Simple Mail Transfer Protocol for sending email messages between mail servers and from clients to mail servers

Simple Mail Transfer Protocol (SMTP)

  • Primary function: Application layer protocol for sending email messages between mail servers and from email clients to mail servers
  • Port numbers: TCP port 25 (standard), TCP port 587 (submission), TCP port 465 (SMTPS - deprecated but still used)
  • Protocol type: Text-based, connection-oriented protocol using TCP for reliable delivery
  • Direction: SMTP only handles outbound mail transmission - receiving mail uses POP3 or IMAP

Core Operations

  • Mail submission: Email clients use SMTP to send messages to their mail server (typically port 587 with authentication)
  • Mail relay: Mail servers use SMTP to forward messages to destination mail servers (port 25)
  • Store-and-forward: If destination server unavailable, SMTP queues messages for later delivery attempts
  • Multiple recipient support: Single message can be delivered to multiple recipients efficiently

SMTP Communication Flow

  • Connection establishment: Client initiates TCP connection to server port 25/587
  • HELO/EHLO command: Client identifies itself to server (EHLO for Extended SMTP features)
  • MAIL FROM: Specifies sender’s email address
  • RCPT TO: Specifies recipient(s) - can be issued multiple times
  • DATA command: Begins message transmission (headers + body)
  • Message termination: Single period (.) on its own line ends message
  • QUIT: Closes connection gracefully

Security Considerations

Security Feature Port Description Use Case
Plain SMTP 25 No encryption, no authentication Server-to-server relay
SMTP with STARTTLS 587 Opportunistic encryption Client submission (preferred)
SMTPS 465 SSL/TLS from connection start Legacy secure submission
SMTP AUTH 587/465 Username/password authentication Prevents open relay abuse

Common SMTP Response Codes

  • 220: Service ready (connection accepted)
  • 250: Requested action completed successfully
  • 354: Start mail input (after DATA command)
  • 421: Service temporarily unavailable
  • 550: Mailbox unavailable (permanent failure)
  • 554: Transaction failed (often spam/policy rejection)

Vocabulary

  • Mail Transfer Agent (MTA): Server software that handles SMTP mail routing and delivery
  • Mail User Agent (MUA): Email client software (Outlook, Thunderbird, etc.)
  • Open relay: Misconfigured mail server that forwards mail for unauthorized users (major security risk)
  • Envelope: SMTP-level addressing information (separate from message headers visible to users)
  • Bounce message: Automated response when message delivery fails permanently

Notes

  • SMTP is send-only - don’t confuse with POP3 (port 110) or IMAP (port 143/993) which retrieve mail
  • Port 25 blocking: Many ISPs block outbound port 25 to prevent spam, forcing use of port 587 for client submission
  • Authentication required: Modern mail servers require SMTP AUTH on submission ports (587/465) to prevent abuse
  • Firewall considerations: Allow TCP 25 between mail servers, TCP 587 for authenticated client access
  • DNS dependency: SMTP relies heavily on MX records for mail routing - ensure proper DNS configuration
  • Store-and-forward delays: Messages may be queued for hours/days if destination server unavailable (typical retry: 4-5 days)
  • Plain text protocol: SMTP commands and responses are human-readable (useful for troubleshooting with telnet)
  • Size limitations: Most servers impose message size limits (typically 10-25MB including attachments)