Email

Which SMTP port should I use? Understanding ports 25, 465 & 587

Which SMTP port should you use — port 25, port 465, or port 587? Click to learn more about Mailgun's guide to understanding SMTP ports...

PUBLISHED ON

PUBLISHED ON

It's a common question that we receive here at Sinch Mailgun about SMTP port numbers. To ensure connectivity to our Simple Mail Transfer Protocol (SMTP) endpoint, Mailgun offers multiple SMTP port options, but which one should you use to send email messages? We’ll take take a historical look at each SMTP port and then we'll discuss today's methodology for outgoing mail usage. If you're not a history buff, go to "Today's Usage" for the most common SMTP ports.

What is SMTP

SMTP stands for Simple Mail Transfer Protocol – put simply, it’s the process by which emails are sent across the internet. Message data is sent out and the traffic is directed into ports. Once message data travels successfully through a port, other email authentications are used to validate the messages and either deliver them to the inbox, reject them, or direct them to the spam folder.

What is SMTPS?

SMTPS is more secure than SMTP in the same way that HTTPS is more secure than HTTP. In the earlier days of the internet www.http was the standard beginning to an email address. But it became easy for spammers and spoofers to intercept sensitive data. HTTPS = HTTP + SSL, or secure socket layer, which is an internet address’s extra layer of authentication. SMTPS is SMTP + TLS, or transport layer security, which uses encryption and authentication to further protect SMTP.

TLS uses a digital signature to verify the origin of traffic. In email we talk a lot about authentication to verify a senders identity with protocols like SPF or DKIM. Instead of verifying who sends a message, TLS verifies by where email traffic comes from. If the origin in the signature matches the actual origin, the data is allowed through. The default SMTP port for SMTPS is port 587, but more on that in a bit. Before we talk about default ports, we first have to know what an SMTP port is.

If you’re a sender with Sinch Mailgun you can use SMTPS by enabling TLS on your mail server. Learn more.

What is an SMTP port?

Ports are endpoints that individual servers use to connect to a network and retrieve data. Think of it like an old school switchboard with a technician plugging the incoming call into a jack to connect it to a specific phone. An SMTP port is  a port designed to direct email through a network to its recipient.

The most important SMTP ports are:

  • Port 25

  • Port 587

  • Port 465

The thing is, not all SMTP ports are equal. Choosing the wrong one could have negative consequences and reflect poorly on you as a sender.

How SMTP works

What different SMTP ports are there? Understanding ports 25, 465, 587

There are many ports to choose from, but only a few that you might want to use. Like with anything technical, where we started is not where we are now. When the SMTP protocol was first published in 1981 (the same year Lionel Richie’s Endless Love topped the charts – for perspective) it didn’t take long before the first port, port 25 was put into place to manage message traffic.

What about the rest of the ports?  How many other ports were launched over time and have they evolved? Many have, and some have even been depricated. When it comes to ports, there are many. Here’s our breakdown – or “port reduction” if you will. Sorry, we couldn’t resist.

Port 25: The standard port

The first port, port 25, was implemented as the primary message transmission channel to help mitigate against attacks like man-in-the-middle. It came out of a 1982 request from the University of Southernn California to the Internet Engineering Task Force (IETF) who are the overlords of all protocols that control movement across the internet.

Ironically, port 25 has since become favored by spammers because of its support for open relay.

SMTP port 25 continues to be used primarily for SMTP relaying. SMTP relaying is the transmission of email from email server to email server.

In most cases, modern SMTP email clients (Microsoft Outlook, Mail, Thunderbird, etc.) shouldn't use this port. It is traditionally blocked by residential ISPs and Cloud Hosting Providers, to curb the amount of spam that is relayed from compromised computers or servers. Unless you're specifically managing a mail server, you should have no traffic traversing this port on your computer or server.

Port 587: The default port

In December of 1998, after port 25 started to get spammy, R. Gellens and J. Klensin submitted RFC 2476 in support of adding a new specification for internet email communications. The RFC proposed a split of the traditional message submission and message relay concept.

The RFC defined that message submission should occur over port 587 to ensure new policy and security requirements don't interfere with the traditional relay traffic over message relay port 25.

Port 587 is the default mail submission port. When an email client or outgoing server is submitting an email to be routed by a proper mail server, it should always use SMTP port 587 as the default port.

This port, coupled with TLS encryption, will ensure that email is submitted securely and following the guidelines set out by the IETF.

All Mailgun Send customers should consider using port 587 as their default SMTP port unless you're explicitly blocked by your upstream network or hosting provider.

Port 465: The TLS port

The Internet Assigned Numbers Authority (IANA) has reassigned a new service to this port, and it should no longer be used for SMTP communications.

Because port 465 was once recognized by IANA as valid, there may be legacy systems that are only capable of using this connection method. Typically, you will use this port only if your application demands it. A quick Google search, and you'll find many consumer Inbox Service Providers' (ISPs) articles that suggest port 465 as the recommended setup. However, we do not recommend it, as it is not RFC compliant.

Interestingly, port 465 was never published as an official SMTP transmission or submission channel by the IETF. Instead, the Internet Assigned Numbers Authority (IANA), which maintains much of the core internet infrastructure, registered port 465 for SMTPS. The purpose was to establish a port for SMTP to operate using Secure Sockets Layer (SSL). SSL is commonly used for encrypting communications over the internet.

The port was assigned for about one year before it was revoked in support of securing SMTP communications using Transport Layer Security (TLS). The nail in the coffin was a new protocol command "STARTTLS," introduced in RFC 2487. This command allows SMTP servers to communicate over existing ports by advertising whether the destination server supports TLS encryption. If so, the sending server can upgrade the connection using the "STARTTLS" SMTP command.

Mailgun supports TLS connections, which you can verify by connecting and issuing an "ehlo" from a command line interface. The resultant "250 STARTTLS" confirms the endpoint accepts TLS connection requests.

You can test using the same command sequence on any SMTP server. Try Gmail or Yahoo, "telnet gmail-smtp-in.l.google.com 25" or "telnet mta7.am0.yahoodns.net 25".

Learn about our Deliverability Services

Deliverability Services

Looking to send a high volume of emails? Our email experts can supercharge your email performance. See how we've helped companies like Lyft, Shopify, Github increase their email delivery rates to an average of 97%.

Both ports 587 and 465 support TLS, port 465 is used for implicit TLS but port 587 which uses startTLS is preferred because message communications aren’t restricted by clients that don’t support encryption.

Port 2525: The alternative port

This port is not endorsed by the IETF nor IANA. Instead, Mailgun provides it as an alternate port, which mirrors port 587, in the event the above ports are blocked. Because 2525 is a non-traditional high port number, it is typically allowed on consumer ISPs and Cloud Hosting providers, like Google Compute Engine. If you’ve tried the above ports, but experience connectivity issues, try port 2525. This port also supports TLS encryption.

There are several SMTP ports but not all are created equal. The most frequently used is port 25 for SMTP relays, while port 587 is the default port for mail submission.

What SMTP port should you use?

When you start talking about protocols, you know the specifics are going to matter. SMTP is no different. Your port depends on what type of sender you are.

Most used ports:

Port

Use case­

Port

Port­ 25: The stan­dard port­

Us­e for non-­encrypted conn­ections. Stil­l thou­ght of as the stan­dard SMTP­ port­, most­ resi­dential ISPs­ and host­ing prov­iders bloc­k port­ 25 due to heav­y spam­ traf­fic.

Use case­

Port­ 465:­ The TLS port­

Us­e if your­ appl­ication or comp­any requ­ire. Port­ 465 is a port­ that­ carr­ies out mess­age subm­ission over­ Impl­icit TLS prot­ocol.

Port­ 587:­ The defa­ult port­

Us­e for your­ busi­ness or for secu­re conn­ections. Port­ 587 is the defa­ult SMTP­ port­, most­ busi­nesses use this­ port­.

Alternative ports:

Port

Use case­

Port

Port­ 80: The HTTP­ port­

Us­e as the defa­ult port­ for unen­crypted webp­ages. Port­ 80 is used­ to send­ and rece­ive web-­based comm­unications and HTML­ data­ and allo­ws HTML­ data­ to rema­in in plai­n text­, vs. Port­ 443 wher­e it woul­d be encr­ypted.

Use case­

Port­ 443:­ The SSL port­

Us­e to get to an HTTP­S addr­ess. When­ you send­ a mess­age, SMTP­ tran­smits mess­ages to a spec­ific addr­ess for proc­essing. Port­ 80 is use to open­ an HTTP­ addr­ess, port­ 443 is used­ for HTTP­S, or addr­esses that­ have­ SSL secu­rity. (The­ ‘s’ in HTTP­S)

Port­ 588:­ The seco­ndary emai­l port­

Us­e if you requ­ire TLS encr­yption. Both­ port­s 587 and 588 can be coup­led with­ TLS encr­yption for add data­ priv­acy and secu­rity.

Port­ 2525­: The alte­rnate port­

Us­e as an alte­rnate if port­ 587 is bloc­ked. Mail­gun prov­ides an alte­rnate in port­ 2525­ for situ­ations when­ stan­dard port­s are bloc­ked. Most­ ESPs­ supp­ort port­ 2525­.

Why is it important to use the right SMTP port?

Using the right port helps ensure delivery and supports your sender reputation. But watch out, some ports have evolved to have a bad reputation of their own – and using these ports could keep you out of the inbox.

SMTP ports and email security

Different ports are associated with different security measures, so choosing the right one is key to ensure you’re protecting your email communications.

Some ports transmit encrypted messages, while other ports remain open for all types of traffic. The port you use may be determined by the security standards of your organization or by the sensitive contents of the messages you send.

SMTP ports and email deliverability

Choosing the right SMTP port also helps ensure you have strong deliverability. SMTP is the most used protocol by mail servers to communicate, but that doesn’t mean they’re interchangeable. Some ISPs may block certain ports, like port 25 to defend against spam, and default to another port, like port 587 that supports encryption.

Adding authentication protocols like SMTP AUTH can help improve your message delivery, but deliverability is a multi-ingredient pie. Everything from your message content to your authentication can impact your sender reputation and overall deliverability rate.

In order to determine which port is the best for you, let’s cover the most popular ports and the traffic they transmit.

What are POP and IMAP protocols?

POP (Post Office Protocol, with the latest version being POP3) and IMAP (Internet Message Access Protocol) are two of the very first protocols developed on the consumer internet that allowed for email clients - like Outlook, Thunderbird and others - to retrieve mail from a mail server.

The ports typically used for POP are TCP ports 110 and 995, and for IMAP are TCP ports 143 and 993, for insecure and secure sessions respectively. They were each good at doing different things, like reflecting the state of an email back to the server (whether it was read, flagged, or marked as junk), or for preserving a copy of the message on a local machine for easy offline access.  The latest version of POP, POP3, can be used with or without SMTP.

This does not affect which port you can use with Mailgun Send. Mailgun doesn’t host mailboxes, so these aren’t protocols we support.

Using SMTP with Mailgun

SMTP has been around for years, and many folks ask us whether they should use SMTP or Mailgun's API endpoint. Deciding whether you should use an email API or SMTP to send your emails might not be an easy choice.

We certainly recognize there is some level of vendor lock-in associated with building around an API. However, SMTP is extremely "chatty" and may lead to less performant mail submission to Mailgun.

For example, consider the typical TLS mail conversation between my computer and Mailgun's SMTP endpoint:

As you can see, the above communication is quite cumbersome with lots of back and forth between sender and receiver. We open a connection to the SMTP server, issue the EHLO command, authenticate, set the MAIL FROM, set the RCPT TO, DATA command, send the data, period to close, and finally receive confirmation the message was queued.

Compare this with an HTTPs payload:

Here, we initiate a connection, pass the HTTP POST payload and receive a 200 OK from the API endpoint. We don't have to issue a sequence of commands and wait for a response from the server after each command.

To learn more, check out our Documentation for more info, or contact us and we can answer any questions you may have about SMTP ports or our email services.

Sign Up

It's easy to get started. And it's free.

See what you can accomplish with the world’s best email delivery platform.

Related readings

What is SMTP and how does it work?

SMTP, though a pillar of email delivery, often gets lost in the jumble of tech terms and acronyms. But if you're ready to send impactful emails, this is one of those acronyms that...

Read more

Everything you need to know about sending email with APIs

Are you creating an e-commerce web page that needs to send transactional emails to customers? A developer building a web application that needs to send messages to email...

Read more

Email tags explained: Gaining useful insights from segmentation

Companies often use the same sending domains or IP addresses to send various types of messages. While this is a really convenient way to send messages, it can be hard to...

Read more

Popular posts

Email inbox.

Build Laravel 10 email authentication with Mailgun and Digital Ocean

When it was first released, Laravel version 5.7 added a new capability to verify user’s emails. If you’ve ever run php artisan make:auth within a Laravel app you’ll know the...

Read more

Mailgun statistics.

Sending email using the Mailgun PHP API

It’s been a while since the Mailgun PHP SDK came around, and we’ve seen lots of changes: new functionalities, new integrations built on top, new API endpoints…yet the core of PHP...

Read more

Statistics on deliverability.

Here’s everything you need to know about DNS blocklists

The word “blocklist” can almost seem like something out of a movie – a little dramatic, silly, and a little unreal. Unfortunately, in the real world, blocklists are definitely something you...

Read more

See what you can accomplish with the world's best email delivery platform. It's easy to get started.Let's get sending
CTA icon