A complete guide to SMTP ports

A complete guide to SMTP ports

Email communication relies on Simple Mail Transfer Protocol (SMTP), which uses specific ports to transmit messages securely across networks. In this article, we’ll dive into the different SMTP ports and explore which one is best for your use case.

What is an SMTP port?

An SMTP port is a communication endpoint that handles the transfer of information from one server to another through SMTP. These ports define how email communication is established and secured between mail servers and email clients. 

Let’s break this down a bit. Imagine you're sending a letter through the postal service. You drop it off at your local post office (aka the mail server, which is routed by a port). The post office then sorts the letter and sends it to a local processing center (sent to another mail server via a port). This center further sorts the letter and sends it to its final destination: your recipient's inbox. 

In this scenario, the specific routes and protocols used to transport the letter are like SMTP ports. The port determines how the letter is handled and forwarded, making sure it reaches its destination.

The 3 standard SMTP ports

So what port should you use for SMTP? There are three primary SMTP ports used in email communication, but only two of the ports are in use today. 

1. Port 25 (Original SMTP port)

Port 25 is the original SMTP port. It was historically used for unencrypted email transmission but is now largely deprecated due to security concerns. 

Security: Port 25 is not encrypted which means it is not secure and can be easily intercepted. 

Compatibility: Many email service providers actually block Port 25 to prevent spam from entering the inbox. 

Recommendation: Do not use Port 25. It is not secure or reliable. 

2. Port 465 (SMTP implicit TSL port)

Port 465 is a dedicated, secure SMTP port and uses implicit Transport Layer Security (TLS). Port 465 is less flexible than Port 587 and is used mainly within legacy systems. 

Security: Port 465 uses implicit TLS, which means the connection is encrypted from the very beginning.

Compatibility: Port 465 is not compatible with many email servers or clients and is typically only used within legacy systems. 

Recommendation: You may need to use Port 465 if you’re on an older email system. Check your system’s documentation for more information. If possible, use Port 587 instead. 

3. Port 587 (SMTP explicit TLS port)

Port 587 is the standard, recommended SMTP port. It supports explicit TLS encryption and is recommended for most modern email communications. Port 587 provides a secure transport method for sending emails. 

Security: Port 587 uses explicit TLS, which means the connection starts unencrypted and then switches to encryption after the initial handshake.  

Compatibility: It's more widely supported and compatible with email clients and servers than Port 465.  

Recommendation: Use Port 587 whenever possible. It should be your go-to SMTP port. 

What’s the difference between Port 465 and Port 587?

The main difference between Port 465 and Port 587 is the security. The former uses implicit TLS while the latter leverages explicit TLS. Both explicit and implicit TLS are cryptographic protocols used to secure internet communication. The main difference between the protocols is when the encryption begins. 

Implicit TLS vs. explicit TLS

With implicit TLS on Port 465, the connection is encrypted from the beginning. It’s often considered more secure as encryption is enforced from the start. 

With explicit TLS on Port 587, the initial connection is unencrypted. Once the connection is established, the client and server negotiate to start using TLS and encrypt the communication.

For more information on implicit and explicit TLS, check out this article, What is StartTLS?

Why explicit TLS is preferred

Even though implicit TLS is technically more secure, you trade security for flexibility. Explicit TLS allows for both encrypted and unencrypted connections, which means it is compatible with more servers and email clients. 

Due to its encryption from the very beginning, implicit TLS is less flexible and often unable to connect to as many systems. 

Additionally, implicit TLS is more susceptible to configuration errors, which lead to potential vulnerabilities.

Which Internet Protocol does SMTP use: TCP or UDP?

While there are a number of internet protocols, SMTP ports exclusively use Transmission Control Protocol (TCP). User Datagram Protocol (UDP), on the other hand, is better suited for video streaming, online gaming, and voice calls.

TCP is like sending a package with a tracking number. It ensures the package arrives safely, in the correct order, and without any missing components. It's reliable but it can be a bit slower than UDP. TCP is used for email, web browsing, and file transfers.

Choosing the right SMTP port

In most cases, port 587 is the preferred choice for secure email transmission. It offers a balance of security and compatibility. However, the SMTP port you select is dependent upon a number of factors, including:

• Email service provider: Consult your email service provider's documentation for specific port and security recommendations.

• Firewall settings: Double check that your firewall allows outgoing connections on the chosen port.

• Email client configuration: Configure your email client to use the correct port, server address, and authentication credentials.

For more information on everything SMTP, check out our guide, SMTP (Simple Mail Transfer Protocol): Servers and Sending Emails.