What is the SMTP protocol (port 25) and how is it structured?
SMTP is a mail transfer protocol. It was developed at the dawn of the Internet in 1982. In this article, we will look at what tasks the protocol solves, how it works, and what is its danger from the point of view of spam distribution.
What SMTP is used for
The protocol has two main tasks:
- Checking that the system settings are correct and granting ‘permission’ to send an email message for a specific device.
- Sending an outgoing message to a specified email address and confirming successful delivery. If the message cannot be delivered, the sender is notified accordingly.
SMTP and TCP/IP - understand the concepts
In theory, SMTP can work with almost any protocols of the so-called transport level, including TCP, UDP, and others. This protocol was originally assigned two port numbers:
- The first is port 25, through which mail is transmitted between mail servers.
- The second is port 587, through which mail is transferred from the mail client to the server.
In most cases, the SMTP protocol is used to transmit outgoing mail using TCP port 25. That is, we can say that the SMTP port is just TCP 25, although not always.
Other options are used very rarely, for example, when ISPs for some reason close access to port 25. They may do this, for example, to block spam mail. This is what we recommend for all users of IP addresses and servers.
How SMTP works
Let’s pretend that you have installed and configured your own SMTP server. Next, you plan to send an email. Sending works according to a certain algorithm:
- The sender’s address is specified, after which the user’s system connects, for example, to the SMTP mail client Gmail.
- The system transmits data to the server, including the sender’s and recipient’s email addresses, the subject of the email, and its content.
- Immediately after that, the system starts searching for the SMTP server of the recipient of the email message.
- If this server is not found or does not respond, the SMTP server tries several more communication attempts. If it fails, the system displays a sending error. The protocol will tell you why the email will not be delivered.
The main problems of SMTP - spam mailing
The SMTP protocol is very simple; it does not have any tools to protect user data from intruders. So, the addresses specified in the corresponding field are not checked.
The main problem of this protocol is the lack of protection from advertising mailings and spam. Port 25 is quite outdated and does not effectively block spam mailings at the sending stage. This increases the likelihood that the IP address from which the mailing is sent may end up in a spam listing, such as Spamhaus CSS or Spamhaus SBL.
Conclusions
Despite the fact that the SMTP protocol is basic and easy to use, it is also obsolete, as it does not provide the proper degree of data protection with the modern development of technology and the Internet. All those who use VPS are strongly advised to close port 25 (SMTP). This is the consensus opinion among all the major players in the market, including organizations that monitor spam emails such as Spamhaus Team, Barracuda, etc.