What is the Simple Mail Transfer Protocol (SMTP)?
The Simple Mail Transfer Protocol (SMTP) is a technical standard for transmitting electronic mail (email) over a network. Like other networking protocols, SMTP allows computers and servers to exchange data regardless of their underlying hardware or software. Just as a standardized form of addressing an envelope allows the postal service to operate, SMTP standardizes how email travels from sender to recipient, making widespread email delivery possible.
SMTP is a mail delivery protocol, not a mail retrieval protocol. A postal service delivers mail to a mailbox, but the recipient still has to retrieve the mail from the mailbox. Similarly, SMTP delivers an email to an email provider’s mail server, but separate protocols are used to retrieve that email from the mail server so the recipient can read it.
How does SMTP work?
All networking protocols follow a predefined process for exchanging data. SMTP defines a process for exchanging data between an email client and a mail server. An email client is what a user interacts with: the computer or web application where they access and send emails. A mail server is a specialized computer for sending, receiving, and forwarding emails; users do not interact directly with mail servers.
Here is a summary of what passes between the email client and the mail server for an email to begin sending:
- SMTP connection opened: Since SMTP uses the Transmission Control Protocol (TCP) as its transport protocol, this first step begins with a TCP connection between client and server. Next, the client begins the email-sending process with a specialized “Hello” command (HELO or EHLO, described below).
- Email data transferred: The client sends the server a series of commands accompanied by the actual content of the email: the email header (including its destination and subject line), the email body, and any additional components.
- Mail Transfer Agent (MTA): The server runs a Mail Transfer Agent (MTA) program. The MTA checks the domain of the recipient’s email address, and if it differs from the sender’s, it queries the Domain Name System (DNS) to find the recipient’s IP address. This is like a post office looking up a mail recipient’s zip code.
- Connection closed: The client alerts the server when the data transmission is complete, and the server closes the connection. At this point, the server will not receive additional email data from the client unless the client opens a new SMTP connection.
Usually, this first email server is not the email’s final destination. After receiving the email from the client, the server repeats this SMTP connection process with another mail server. That second server does the same, until finally the email reaches the recipient’s inbox on a mail server controlled by the recipient’s email provider.
Compare this process to how a piece of mail travels from sender to recipient. A mail carrier does not take a letter directly from the sender to its recipient. Instead, the mail carrier brings the letter back to their post office. The post office ships the letter to another post office in another town, then another, until the letter reaches the recipient. Similarly, emails go from server to server via SMTP until they arrive at the recipient’s inbox.
What is an SMTP envelope?
The SMTP “envelope” is the information the email client sends the mail server about where the email comes from and where it is going. The SMTP envelope is distinct from the email header and body and not visible to the recipient.
What are SMTP commands?
SMTP commands are predefined text-based instructions that tell a client or server what to do and how to handle any accompanying data. The client can press buttons to get the server to accept data correctly.
HELO/EHLO
: These commands say “Hello” and start the SMTP connection between client and server. “HELO
” is the basic version of this command; “EHLO
” is for a specialized type of SMTP.MAIL FROM
: This tells the server who is sending the email. If Joe tried to email his friend Sue, a client might send “MAIL FROM:<[email protected]>.”RCPT TO
: This command is for listing the email’s recipients. A client can send this command multiple times if there are multiple recipients. In the example above, Sue’s email client would send “RCPT TO:<[email protected]>.”DATA
: This precedes the content of the email, like:
DATA
Date: Tue, 10 June 2021
From: Joe [email protected]
Subject: Eggs benedict casserole
To: Sue [email protected]
Hi Sue,
I will bring the eggs benedict casserole recipe on Friday.
-Joe
.
RSET
: This command resets the connection, removing all previously transferred information without closing the SMTP connection.RSET
is used if the client sends incorrect information.QUIT
: This ends the connection.
What is an SMTP server?
An SMTP server is a mail server that can send and receive emails using the SMTP protocol. Email clients connect directly with the email provider’s SMTP server to send an email. Several different software programs run on an SMTP server:
- Mail submission agent (MSA): The MSA receives emails from the email client.
- Mail transfer agent (MTA): The MTA transfers emails to the next server in the delivery chain. As described above, if necessary, it may query the DNS to find the recipient domain’s mail exchange (MX) DNS record.
- Mail delivery agent (MDA): The MDA receives emails from MTAs and stores them in the recipient’s email inbox.
What port does SMTP use?
In networking, a port is the virtual point where network data is received; think of it as the apartment number in the address of a piece of mail. Ports help computers sort networking data to the correct applications. Network security measures like firewalls can block unnecessary ports to prevent the sending and receiving malicious data.
Historically, SMTP only used port 25. Today, port 25 is still in use for SMTP, but it can also use ports 465, 587, and 2525.
- Port 25 is most used for connections between SMTP servers. Firewalls for end-user networks often block this port today since spammers try to abuse it to send large amounts of spam.
- Port 465 was once designated for use by SMTP with Secure Sockets Layer (SSL) encryption. However, SSL was replaced by Transport Layer Security (TLS), and modern email systems do not use this port. It only appears in legacy (outdated) systems.
- Port 587 is now the default port for email submission. SMTP communications via this port use TLS encryption.
- Port 2525 is not officially associated with SMTP, but some email services offer SMTP delivery over this port in case the above ports are blocked.
SMTP vs. IMAP and POP
The Internet Message Access Protocol (IMAP) and Post Office Protocol (POP) are used to deliver the email to its final destination. The email client has to retrieve the email from the final mail server in the chain to display the email to the user. The client uses IMAP or POP instead of SMTP for this purpose.
To understand the difference between SMTP and IMAP/POP, consider the difference between a plank of wood and a rope. A length of wood can push something forward but not pull it in. A rope can pull an item but cannot push it. Similarly, SMTP “pushes” email to a mail server, but IMAP and POP “pull” it the rest of the way to the user’s application.
What is Extended SMTP (ESMTP)?
Extended Simple Mail Transfer Protocol (ESMTP) is a version of the protocol that expands upon its original capabilities, enabling sending email attachments, using TLS, and other capabilities. Almost all email clients and email services use ESMTP, not basic SMTP.
ESMTP has some additional commands, including “EHLO
“, an “extended hello” message that enables ESMTP at the start of the connection.