SMTP is one of the oldest application-layer protocols. It is used to deal with email. Despite it is called “Simple Mail Transfer Protocol”, it is in fact really complicated. One of the things that may confuse you is the vast amount of ports you need to open if you want to host an email relay. In this article I will explain how SMTP works on network level, and what the difference between port 25 and 587 is.
History of email protocol
The Simple Mail Transfer Protocol was developed and adopted in 1980s. The first MTA is Sendmail, which was released in 1983. Original SMTP was vulnerable to spoofing, man-in-the-middle attacks and was limited to plain text. In 1998 over the half of the Mail Transfer Agents on the Internet were open relays, which allowed one to send unlimited emails and abuse the server.
In 1995, ESMTP, or Extended Simple Mail Transfer Protocol arrived. And a few years later the authentication became available for Internet mail.
How email works
Imagine that you send an email via Thunderbird. Thunderbird is a MUA — Mail User Agent, which is connects to the Mail Transfer Agent and sends the message to it. The mail relay might connect to other MTAs, if needed (all with the SMTP protocol). Then the final node will show the email to recipient. It may happen either using web mail client (in the browser), or via IMAP or POP3.
When to use port 587 and 25
When Mail User Agent connects to the Mail Transfer Agent, it uses port 587, the submission port. Like port 465, it is only used for sending email from SMTP client to server.
Port 25, on the other side, is used by mail relays to transfer email between them. So when Mail Exchange server receives a message, it can either send it to another mail server, or deliver it to the local mailbox, if this MTA is the final recipient.
Why some ISPs block port 25 and not 587
If you have ever wanted to host your own mail server, you might encounter the inability to use port 25. The reason for that is prevention of SPAM. Back in the day, people could just use several computers and send email directly from them. This led to enormous amount of spam messages. Of course port 25 block is not a silver bullet, but it still better than nothing.
Port 587 can be used for sending unsolicited bulk messages too, but with port 587, this problem should be controlled by the Email Service Provider, which is used by MUA.
The complexity of “Simple Mail Transfer Protocol” makes it hard to understand for new system administrators. In this article, you learned the difference between port 25 and 587, which both are used for mail submission. However, knowing this is not enough to understand how mail exchange works and there will be more articles about this topic.