Unlike most Internet network protocols, which often only have a single port number associated to them (e.g. DNS = 53, HTTP = 80, SSH = 22, etc.), SMTP (Simple Mail Transfer Protocol) has several ports assigned to it.
From the RFC standards SMTP has 3 ports assigned to it. Ports 25, 587 and 465. Some SMTP/Email Service providers use alternative SMTP ports to often overcome the problem when your ISP (Internet Service Provider) blocks, filters or redirects SMTP traffic on the common ports when you are outside of their network, typically to combat the spammers trying to use their email servers as an open relay.
Port 25
Port 25 was assigned to SMTP when it was first introduced in 1982 (RFC 821) and is still widely used today for email delivery. The SMTP standard has been revised many times and the current RFC that supports the Extended SMTP protocol is RFC 5321. Port 25 is used by servers to relay a message from server to server until the final destination. The process of relaying messages from server to server is called Mail Transferring which uses a Mail Transfer Agent (MTA).
It's worth pointing out that not just servers use port 25, but client applications also use port 25 for email sending (also known as submitting).
Port 587
Accordingly to the original SMTP standards port 25 was designed for servers to relaying messages between each other and client software should in fact use port 587 to submit the message a mail server. Port 587 was therefore used as a Mail Submission Agent (MSA)
However in reality these days both ports support the MSA process. It’s possible for client software to send (submit) an email on either port and then the servers will continue to relay the message using port 25 as the MTA.
Port 465
Port 465 is like Port 587 as in its another port for submitting an email (MSA), however this port supports SSL (Secure Socket Layer) encryption. But some servers support encryption on the above ports as well. Indeed If a server is setup correctly it’s possible to negotiate TLS (Transport Layer Security) on any port using the STARTTLS command. Note that initial conversation to that server and message header isn’t encrypted. The encryption only starts after TLS has been started and negotiated. This is different with SSL because the entire session from the initial opening of the socket is encrypted.
Some client applications can and will try an SSL connection on any specified port (I.e. 25, 587 and 465) however applications such as Microsoft Outlook will only do a true SSL connection to the SMTP server on 465. All other ports it’s a TLS connection if possible.
Alternative SMTP ports.
To help prevent spammers and malware propagate junk unsolicited messages a lot of ISP’s lock down their own SMTP servers for their own users to send emails and often only inside their network. This works great until you pop into the local coffee shop and use their Wi-Fi and they’re on a different network to you home/work ISP and you suddenly get the 550 Relay Denied message. This is because the SMTP port has been locked down by your ISP. Some ISP’s go one step further and block, filter or redirect traffic which can cause you all sorts of headaches.
For this reason SMTP Service Providers often provide alternative ports for SMTP, such as 2525, 8025 and 10025.
 |
