What is SMTP and How It Works?

In this post, I will go over what is SMTP, its features and how and why it is used. I will also be going over email servers, cloud-based SMTP service providers and email clients for Windows, Mac, Android and iOS.

Table of Contents

[hide]

Introduction

Simple Mail Transfer Protocol (SMTP), is based on a standard communication protocol, defined originally in 1980 with RFC 772, and is used to transfer email messages between email servers.

Over the years there have been multiple changes or enhancements to the SMTP protocol and each change was published under a new RFC. Below is a list of relevant RFCs.

RFC 780: Submitted 1980. Removed all FTP references. Allocated port 57 port both TCP and UDP.
RFC 788: Submitted November 1981.
RFC 1869: Submitted November 1995. Defined ESMTP for existing and future extension developments.
SMTP Extension for AUTH (RFC 2554).
Updated SMTP specifications (RFC 5321): Submitted October 2008.

SMTP is a part of the TCP/IP protocol suite, which is the set of protocols used for communicating over the internet. It works in conjunction with other email protocols, such as POP (Post Office Protocol) and IMAP (Internet Message Access Protocol), which are used for retrieving emails from a server. SMTP, on the other hand, is used to transfer emails from one server to another.

Common Ports Used with SMTP

SMTP commonly uses port 25 for server-to-server communications. Email clients on the other hand generally use ports 465 (RFC 8314) and 587 (RFC 6409).

Note: Although some email service providers use port 465, it should no longer be used.

There are two protocols POP and IMAP used by email clients for retrieving emails from SMTP servers. You will find more information on these protocols in a later section. The following ports are used by each of these services:

IMAP: 143 / 993
POP: 110 / 995

How Does SMTP Works?

SMTP uses a series of commands, using requests and responses to transfer email messages from the sender to the server and then from the server to the final recipient of the email.

Before sending the message to the recipient, the message is queued on the SMTP server and then a process running in the background monitoring the queue, picks up the message and sends it to the recipient’s server. The recipient’s email client, such as Gmail, Outlook or Thunderbird, communicates with their provider’s SMTP server and receives the message to read.

Email Sending Process

The process works in the manner listed below.

Connect to the sender’s SMTP server on port 25 (or other as configured by the admin).
(Optional) If authentication is set up, then provide login information.
Set the sender information using the MAIL FROM command.
Set recipient with the RCPT TO command. If multiple recipients need to be set then repeat the RCPT TO command for each of those email addresses.
Use the DATA command to set the Subject and other fields such as From and To.
Provider message body.
Submit the message to the sending queue.

Example of Sending and Actual Email Using Telnet Over SMTP

Shown below is an actual example this communication as done over a Telnet session.

user@slap:~$ telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 slap.localdomain ESMTP Postfix (Ubuntu)
EHLO slap.local
250-slap.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
MAIL FROM:<[email protected]>
250 2.1.0 Ok
RCPT TO:<[email protected]> NOTIFY=success,failure
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
Subject: Test email
This is a test message

.
250 2.0.0 Ok: queued as 34CD47995

In the example above, I have setup a local Postfix SMTP server which is listening on the default SMTP port 25. After connectin to it through telnet, I first issue the EHLO command.

Aft,er that I initiate sending the message with MAIL FROM command.

Recipient is set with the RCPT TO command.

After setting the recipient I use the DATA command to compose the actual message. First I set the Subject and press enter. Then I kept on entering the actual message content.

Finally the message sending process is terminated by entering the command sequence as shown in line 23.

Features of SMTP Protocol

SMTP includes several features that make email communication more efficient and effective. These features include:

Authentication and encryption: SMTP supports authentication and encryption methods to ensure that email messages are sent securely and can only be accessed by authorized users.
Email address verification and error handling: SMTP includes features for verifying email addresses and handling errors encountered during email message sending and retrieval.
Email forwarding and relaying: SMTP allows email messages to be forwarded to multiple recipients or relayed through multiple servers to reach their final destination. Although with the widespread existence of spam email, the feature to relay messages is slowly being phased out.
Filtering and routing based on specific criteria: Filtering of SMTP messages by IP address or email has also become an integral part of the email message workflow. Although there are other reasons, but mostly it is done to reduce spam or unwanted messages.
Message priority and delivery options: SMTP allows users to set message priorities and specify delivery options. This includes delayed delivery and return receipts.
MIME support for multimedia content: SMTP supports Multipurpose Internet Mail Extensions (MIME) standard, which allows multimedia content to be included in email messages. (RFC 2045 & 2046)

SMTP vs IMAP vs POP Protocols

SMTP protocol is used for sending email messages from one server to another, since it does not provide any features for retrieving or managing email messages there are two other protocols used for retrieving messages from a server. These are IMAP and POP.

Let’s review each one of these.

Internet Message Access Protocol (IMAP)

IMAP protocol is used for accessing email messages on a remote SMTP server. With IMAP, email messages are put on the server, and receiving email clients can connect to the server to access and manage these messages.

IMAP allows you to view and manage your email messages on an SMTP server. With the ability to manage the messages on the server, it is the preferred protocol to use when there is a need to access email from multiple devices.

IMAP RFC 3501

Post Office Protocol (POP)

POP is another protocol used for retrieving email messages from a remote server. When using POP protocol for message retrieval, the message is first downloaded from the server to the client and then it is deleted on the server. Thus POP protocol is used when there is a need for keeping messages in sync only with a single device.

Although POP protocol is not a great choice when one needs to sync messages across devices, it is fast and keeps the storage requirements of the SMTP server to a minimum.

POP RFC 1939

Note: The latest version of POP, POP3, can be used with or without an SMTP.

Sendmail and Other Opensource SMTP Servers

Sendmail released in 1983 with BSD is the most used mail transfer agent (MTA) and is still being used today. It is a very flexible SMTP server that is able to handle a wide range of SMTP configurations.

Sendmail is open-source software that is available on BSD and Linux based operating systems. Although there is a Windows version of Sendmail available, its use is not very common.

Over the years there are many more contenders in the SMTP space challenging Sendmail. Many of these newcomers provide easier ways to setup and maintain the sever software. In addition, they bring in improved security features and pluggable architectures making it easier to add or remove functionality.

Below is a list of the top SMTP server to replace Sendmail as an MTA.

Exim Internet Mailer: Exim is a popular MTA that is widely used MTA for BSD and Linux based operating systems. It is known for scalability and ease of configuration. The flexibility of setting it in various configurations is its strength. This is an open source server available under the GNU GPL license.
Microsoft Exchange Server: Microsoft Exchange Server is a popular mail server that includes an SMTP server as part of its functionality. It provides support for IMAP and POP protocols. Exchange is a commercial paid product.
OpenSMTPD: OpenSMTPD is another open-source MTA that is designed to be secure and easy to use. It has not been actively maintained as the last available release is from May 2020.
Postfix: Postfix is an open-source MTA that is the best alternative to Sendmail as it presents the option of easier configuration. It is known for its security and flexibility. Postfix is the standard MTA on Linux based distributions such as Ubuntu.
Qmail: Qmail is a secure and reliable MTA that is known for its robustness and security. It was developed by Dan Bernstein and is still used by some organizations today. For new installations, I would not recommend going with Qmail as there is not much actual development going on. Qmail is an open source server.
Zimbra: Zimbra is an open-source mail server and collaboration platform that includes an SMTP server as a core part of its functionality. Zimbra also comes in a paid version, which is preferred by many organizations looking to have someone provide implementation and support services.

SMTP Security

SMTP protocol originally was not designed with built in security features. However over time due to the importance of secure communications, there are multiple security measures added both at the server level as well as on the email clients.

SMTP supports several security features to protect email communication. Some of these features are:

Secure SMTP protocols
Email spoofing and spam prevention
Email Authentication
IP & domain blacklists
Client side encryption

Let’s look at these in a little more detail.

Secure SMTP Protocols

SMTP supports secure protocols such as SSL (Secure Sockets Layer) and TLS (Transport Layer Security), which provides end to end transport channel encryption to protect email messages from unwanted interception and tampering.

When an SMTP server is TLS enabled, all email messages sent or received are encrypted. For encryption to work both the server and client must support communication using TLS.

Email Spoofing and Spam Prevention

Another security measure that can be used with SMTP is Sender Policy Framework (SPF). SPF is a way for email administrators to specify which email servers are authorized to send emails on behalf of their domain. By using SPF, email spoofing and phishing attacks can be significantly reduced.

Email Authentication

DomainKeys Identified Mail (DKIM) is used to sign email messages with a digital signature, to help prevent email spoofing and phishing attacks. Using the DKIM signature recipient email server can verify the authenticity of the message to ensure that it is actually being sent by the sender’s email server.

Another way to authenticate email is by using the SMTP-AUTH command to ensure that only authorized users can send email messages.

IP & Domain Blocklists

Many organizations maintain blacklists of IP addresses and domain names, sending spam on a regular basis. These blacklists are used to block senders who have abused emails in the past. Learn more about email blacklists and why they are used.

You can view if an IP or domain name is on a blacklist using our email monitoring tool.

If your IP or domain is added to a blacklist then learn how to remove your IP address from a blacklist.

Client Side Email Encryption

Using client side email encryption with add-ons, such as those for GPG allows the sender of an email to add another layer of security. This is not an SMTP level feature but is available for many email clients.

Summary

As you saw there are many ways you can protect your server from becoming either a sender of spam or a receiver of spam messages. A server admin can configure their self hosted SMTP server with one or more of the features described above to strengthen SMTP server security.

Cloud Based SMTP API Services for Sending and Receiving Email

Managing your own email server requires a lot of resources. There is the cost of the infrastructure itself as well as the cost of an Administrator to manage such a server and keep it up to date against the latest email infrastructure threats.

Cloud based email infrastructure providers offer a relatively simple way to send marketing and transactional emails using their APIs. With the availability of advanced features such as email personalization, email tracking, analytics and integration with third-party services a full featured system can be built for specific business needs.

Listed below are the names of some SMTP API service providers:

Common SMTP Errors

Like any technology, SMTP can experience errors and issues that can impact email delivery. Some common SMTP errors include:

SMTP 421 Service Not Available

This error occurs when the SMTP server is not available or is overloaded.

SMTP 550 Mailbox unavailable

This error occurs when the recipient’s email address is invalid or does not exist.

SMTP 554 Message rejected

This error can be a bit vague. Although the exact cause is not always clear and may require investigation, it typically suggests something in the From or To headers filed is not suspicious.

Conclusion

People have been calling the death of email with the advent of instant messaging. That threat though never materialized as the traceability and longevity of an email message have made it a core component of many business infrastructures where transaction emails are sent.

SMTP is a critical component of the communication infrastructure at both corporate and personal levels. Security at the sever level and additional encryption with client level tools such as GPG emails provide a secure mechanism to exchange messages with no significant threat of message interception and tampering, within the bounds of the available technology.