Home » Cybersecurity » Endpoint » Secure SMTPs Port – Which are Secure SSL Email Ports (25,465,587 & 2525)

Secure SMTPs Port – Which are Secure SSL Email Ports (25,465,587 & 2525)

by Editor on July 4, 2022

When configuring an email client application or an email server to send to relay emails, many questions come to one’s mind, such as which SMTPs should be used, what is the purpose of each of these ports, which are standard ports, which ports allow secure communication and many more.

Sponsorships Available

In this article, we will cover everything that is to know about SMTP ports and protocols.

What is an SMTP port?

Simple Mail Transfer Protocol (SMTPs), in simple words, is the protocol that facilitates email delivery across the internet. A port is a computer utility that allows separate computers to connect to a service and complete the network connection.

So the Simple Mail Transfer Protocol (SMTP) port will allow two or more mail servers to communicate with each other to send and receive emails. SMTP has become the global standard for email delivery, and it is used by applications such as Outlook client or Mozilla thunderbird. These email clients run on the user’s computer and upload emails to mail servers.

The mail servers then further relay or forward those emails to the recipient. In today’s world, where the port number of devices connected to the internet has increased drastically, it is not feasible for humans to remember the IP address of each of those devices. Due to this, email delivery also requires the use of the domain name system (DNS).

Why is your SMTP port important?

The importance of the SMTP port can be summed by stating the fact that if a user wants to send an email via Gmail etc., they must know both the IP address and port SMTP number of the Gmail SMTP Server. However, multiple SMTP ports can be used as per the different implementations of the email server.

Different use-cases for different ports

SMTP Email communication has two major stages. These two stages are:

Email Submission

In this process, a user submits the email to be sent to the outgoing email server via an email client such as Microsoft Outlook etc. A user might need to gain a better understanding of this process while adding the email sending functionality on a WordPress website or setting up an email client.

Email Relaying

In this process, the outgoing email server forwards the submitted email to the recipient email server. This process occurs after the email is submitted in the previous process. Email Relaying is an important part of the email transmission process. However, it is not the concern of an end-user.

What is an SMTP server?

An SMTP server is a computer server that is responsible for powering the SMTP protocol; this is the same protocol that email clients use to send, receive and relay messages or emails.

Part of the responsibilities of the SMTP server includes verifying whether the sender is allowed to send messages via SMTP. If the sender is permitted, but the message is not delivered, then the SMTP must send back the email to the MAIL FROM address, notifying the sender that the email failed to deliver.

One of the leading SMTP servers includes PowerMTA, allowing users to send bulk and high-volume emails with the latest authentication specifications.

Which SMTP port to use?

The standard SMTP ports for email transmissions are 25, 465, 587 and 2525. However, the modern era of email technology only mostly features SMTP port 587 or 2525 usage. Let’s take a look at the use of each SMTP port individually.

Port 25

Port 25 was the original standard used for SMTP; it was decided by the Internet Assigned Numbers Authority (IANA), which still recognizes port 25 as the standard and the default port for SMTP.

Port 25 is still the primary port being used for SMTP relaying, however, modern SMTP clients should configure and use port 25 for SMTP relaying as it is usually blocked by many Internet Service Providers (ISPs) and cloud hosting providers.

Why is port 25 normally blocked and how to check this?

In most cases, SMTP port 25 should not be used by email clients as it is traditionally blocked by Internet and Cloud Service providers. The reason for blocking this port is that it is most commonly used by compromised computers or servers to generate spam emails. And as spam scoring is a real security risk when it comes to the reputation of SMTP servers, generally port 25 is blocked.

If a user wants to check if their ISP has blocked the use of SMTP port 25, open the command prompt or terminal (based on if you’re using a Windows machine or a MAC / Linux machine) and enter the following command:

telnet ExampleMailServer.com 25

If the port is blocked, the output of the command will be:

Otherwise, if the port is not blocked the output will be:

When to use port 25

As discussed earlier, port 25 is the default port for relaying SMTP emails, however, it is mostly blocked by ISPs and cloud hosting providers. There are a few exceptional cases where the use of SMTP port 25 is required. One of the more prominent use cases is when an email client has to receive out of band or asynchronous bounces.

A bounce is when an email is not delivered to the receipt due to any error. Here the SMTP server of the receipt accepts the incoming email but for any reason, the message bounces after being received by the mail server.

In such cases, the sender is sent a notification email in the form of an out of band bounce asynchronous to the MAIL FROM email address contained in the original message. These bounce messages will be relayed over port 25. Another example of using SMTP port 25 is when Feedback Loops (FBL) are received.

Port 465

The Internet Assigned Numbers Authority (IANA) has originally assigned port 465 to be used for an encrypted version of SMTP, called SMTPs; it was proposed to use TLS / SSL similar to HTTPS. However, this port has been reassigned by the IANA and is no longer used as an accepted standard for SMTP connections.

Nevertheless, because this port was once recognized by the IANA there might be few legacy systems that still use port 465 for SMTP connections. Needless to say if up to date systems are being used then port 465 should not be used for SMTP.

Port 587

Nowadays in most modem email servers, the default port used for SMTP communication is port 587, this is also the default mail submission port. For example, if a user sends an email using Outlook, the email will be submitted via port 587.

TLS / SSL encryption can also be combined with port 587 to provide a secure and reliable way of transmitting emails.

Port 2525

Port 2525 is not an official SMTP port, nor is it endorsed by IANA or IETF, however it is a commonly used alternative for port 587. This alternative approach is used when the standard SMTP ports are blocked, for example in Google Compute Engines.

If any connectivity issues are faced while configuring port 587, it would be a good option to try port 2525 instead. Like with port 587, port 2525 can also be configured with TLS / SSL encryption for secure and reliable email transfer.

When to use which port?

We have discussed in detail where and when each port can be used, but just to summarize and recap how it is important to know and choose the correct SMTP port.

For configuring email submissions or sending emails via any email client, port 587 should be the first choice. This is the default email submission port and can be used with SSL / TLS.

If for any reason the port 587 is unavailable, port 2525 is the common alternative accepted by many email servers and clients. Again, this port can be configured to use SSL / TLS.

Port 465 has been deprecated and should no longer be used if given the option. Always try to use port 587 or 2525 before using port 465.

Lastly, port 25 is commonly used for SMTP relays and is mostly blocked by ISPs and cloud hosting providers. It should only be used for exceptional cases like out of band bounces or Feedback loops.

What are POP and IMAP?

Post Office Protocol (POP) and Internet Message Access Protocol (IMAP) are some of the first protocols used for email communication. These were used before SMTP had come into play.

POP uses ports 110 (insecure) and 995 (secure) whereas IMAP uses ports 143 (insecure) and 993 (secure) for email transfers. The latest versions of these protocols can be used in combination with or independently of SMTP.

IMAP

IMAP is essentially responsible for managing and retrieving email messages from an incoming mail server. This protocol only deals with receiving emails so IMAP can not be used to send emails. For cases where an email client is only expected to receive emails and no response is expected to be sent, IMAP can be used.

Examples of IMAP and SMTP

Let’s consider the following example where IMAP and SMTP are working together to transmit an email:

A user drafts an email on his email client (for eg Gmail or Outlook) and presses the send button. The email client will use the SMTP protocol to send the email from the sender’s email address to the respective mail server.
The sender’s mail server will then use SMTP again to send the email to the recipient’s email server.
If the email transfer between the two servers is successful (i.e. a 250 OK response code is received), the recipient’s email client will fetch all the pending emails from the mail server to the recipient’s email inbox using IMAP.

POP

Similar to IMAP, POP is also a protocol for receiving emails. The communication for IMAP and POP happen in the same way, but with only one difference. If an email client uses IMAP to retrieve emails from the recipient’s mail server, a copy of those emails is kept with the mail server and can be synchronized across multiple email clients.

In the case of POP, when one email client retrieves emails from the recipient’s mail server, the emails are deleted from the server, and the only copy of the email resides in the user’s inbox.

Ways to find your SMTP ports

Sometimes it becomes necessary to know what ports your SMTP server is using, this can come in handy when performing any troubleshooting or configuring your email clients for a specific email server.

Below you can find ways to figure out which SMTP server and ports your email client is using across various devices.

Discuss your concerns today

Apple Mail – in Mac desktop

If you are using the default email client in a MAC called the Apple mail, follow the steps below:

Click on the “Mail” icon in the MAC toolbar.
Select “Preferences” from the drop-down menu.
In the left-hand sidebar, choose the account you want the information for.
Select “Account Information”
Locate the field for “Incoming Mail Server”. This will be the IMAP server your email client is using.
Next, locate the field for “Outgoing Mail Server”. You might need to click on the dropdown menu and select the “Edit SMTP server list” to view your SMTP server name. Along with the server, you would find the SMTP port.

Outlook for Mac

If you are using Microsoft Outlook in a MAC, follow the steps below:

Click on the “Outlook” icon in the MAC toolbar.
Select “Preferences” and then click “Accounts”.
In the left-hand sidebar, choose the account you want the information for.
Locate the field for “Incoming Server” and “Incoming Server”. The text box will contain the SMTP server name along with the port number.

Outlook for PC

If you are using Microsoft Outlook on a Windows machine, follow the steps below:

Click on the “Outlook” icon on the desktop.
Click the “File” button on the top.
Navigate to “Account Settings”.
On the “Email” tab, select the account you want the information for.
Find the “Server information” section. Below this, you can see the incoming mail server (IMAP) and the outgoing mail server (SMTP).
To find the ports used in each server click the More Setting > Advanced.