What is SMTP?
Also known as: Simple Mail Transfer Protocol
SMTP (Simple Mail Transfer Protocol) is the Internet standard for sending and relaying email between mail servers, defined in RFC 5321 and operating primarily on ports 25, 465, and 587.
SMTP, or Simple Mail Transfer Protocol, is the core protocol used to transfer email messages from a client to a server and between servers across the Internet. It was first defined in RFC 821 in 1982 and later superseded by RFC 2821 and then RFC 5321, which remains the current specification. SMTP is a text-based, client-server protocol that uses commands like HELO, MAIL FROM, RCPT TO, and DATA to initiate a session, identify the sender and recipient, and transmit the message body.
SMTP operates over TCP. Port 25 is the traditional default for server-to-server relay, but many ISPs block it to curb spam. Port 587 is the standard submission port for authenticated clients, as defined in RFC 6409. Port 465 was once registered for SMTP over SSL but is now deprecated; however, some services still use it for legacy compatibility. SMTP is a push protocol: it pushes mail out from the sender to the destination server. It does not handle mailbox retrieval, which is left to POP3 or IMAP.
In the wider email stack, SMTP works alongside DNS to locate the recipient's mail exchange (MX) server. When a message is sent, the client's mail user agent (MUA) submits it to a mail submission agent (MSA) on port 587. The MSA forwards it to a mail transfer agent (MTA), which uses SMTP to relay the message hop by hop until it reaches the destination MTA. The final delivery to the user's inbox is handled by a mail delivery agent (MDA). SMTP has no built-in encryption, so STARTTLS (RFC 3207) is commonly used to upgrade a plaintext connection to a secure one.
Key facts
- SMTP is defined in RFC 5321, replacing RFC 2821 and RFC 821.
- Default port 25 is for server-to-server relay; port 587 is for authenticated submission.
- Port 465 is deprecated for SMTP over SSL but still used by some providers.
- SMTP is a push protocol and does not handle email retrieval.
- STARTTLS (RFC 3207) encrypts SMTP connections on ports 25 and 587.
How it works in practice
Related terms
References
More in Email
BIMI
BIMI (Brand Indicators for Message Identification) is a DMARC-aligned standard that lets email senders publish a verified logo for display in supporting mail clients.
Bounce Message
A bounce message, or non-delivery report (NDR), is an automated email sent to the originator when delivery cannot be completed, including a status code and failure reason.
Catch-All Email
A catch-all email account receives all messages sent to invalid or nonexistent addresses at a domain, preventing bounce-backs but attracting spam.
DKIM
DKIM is an email authentication method that lets a domain claim responsibility for a message by attaching a cryptographic signature validated against a DNS public key.
DMARC
DMARC is an email authentication policy protocol that builds on SPF and DKIM to tell receiving mail servers how to handle messages that fail authentication checks.
DNSBL
A DNSBL is a real-time IP reputation database published via DNS, used by mail servers at SMTP time to reject or flag senders known for spam or abuse.
Greylisting
Greylisting is a spam-filtering technique that temporarily rejects email from unknown senders, forcing legitimate mail servers to retry delivery while filtering out spammers that do not retry.
IMAP
IMAP is an email protocol that lets clients access and manage messages stored on a mail server, keeping the server as the authoritative copy and synchronizing folder state across multiple devices.
Mailbox Quota
A mailbox quota is a storage limit placed on a user's email account. Once the total size of stored messages exceeds this limit, the server may reject new incoming emails or warn the user.
MDA
An MDA (Mail Delivery Agent) is a software component that transfers an email from a Mail Transfer Agent (MTA) into a recipient's local mailbox, typically on a mail server or a user's machine.