Main Hero

SMTP

SMTP, or Simple Mail Transfer Protocol, is the standard protocol used for sending and relaying email across networks. It defines how email messages are transmitted from a sender’s mail client or server to a receiving mail server. SMTP operates over TCP and is responsible for handling the outgoing flow of email, including submission, routing, and delivery between servers.

When an email is sent, the client connects to an SMTP server, which then communicates with other SMTP servers to deliver the message to the recipient’s mail system. The protocol uses a series of commands such as HELO or EHLO, MAIL FROM, RCPT TO, and DATA to structure the transaction. SMTP does not handle message retrieval, which is managed by protocols such as IMAP or POP3.

SMTP is a foundational component of email infrastructure. Without it, messages cannot be transmitted between systems. It works alongside authentication and security protocols to ensure reliable and trusted communication.

Advanced

SMTP supports both plaintext and encrypted communication. Modern implementations rely on extensions such as STARTTLS to upgrade connections to encrypted channels using TLS. Authentication mechanisms such as SMTP AUTH allow clients to verify identity before sending messages, which is critical for preventing unauthorised use of mail servers.

SMTP typically operates on ports 25, 587, and 465. Port 25 is used for server to server relay, while port 587 is commonly used for authenticated submission. Port 465 is associated with implicit TLS. Proper configuration of these ports, along with firewall and rate limiting controls, is essential for secure and efficient operation.

In production environments, SMTP must integrate with DNS, SPF, DKIM, and DMARC to ensure deliverability. Queue management, retry logic, and bounce handling are also key operational considerations. Misconfiguration can lead to open relay vulnerabilities, delivery delays, or blacklisting.

Relevance

  • Enables sending and routing of email across the internet
  • Forms the backbone of all email communication systems
  • Supports integration with authentication and security protocols
  • Essential for business communication and transactional systems

Applications

  • Sending emails from mail clients and applications
  • Relaying messages between mail servers
  • Supporting transactional and marketing email systems
  • Integrating with authentication and filtering layers

Metrics

  • Email delivery success and failure rates
  • Queue processing times and retry attempts
  • SMTP response codes and error rates
  • Throughput and connection performance

Issues

  • Open relay misconfiguration leading to abuse
  • Lack of encryption exposing sensitive data
  • Improper authentication causing rejection or spam filtering
  • High bounce rates due to delivery failures

Example

A web application sends transactional emails through an SMTP server configured on port 587 with authentication and TLS enabled. The server processes the message, connects to the recipient’s mail server, and delivers the email using SMTP commands. Proper configuration ensures the message is securely transmitted and accepted by the receiving system.