Networking - SMTP (Simple Mail Transfer Protocol)

SMTP (Simple Mail Transfer Protocol) 

1. Definition

SMTP stands for Simple Mail Transfer Protocol. It is an application-layer protocol used to send emails from a client to a server or between mail servers over a TCP/IP network.

2. Purpose

The main function of SMTP is to transfer outgoing emails from the sender's email client to the recipient's mail server or forward messages between mail servers.

3. OSI Layer

SMTP operates at the Application Layer of the OSI model and relies on the TCP protocol at the Transport Layer.

4. Port Numbers

SMTP uses different ports based on encryption and usage:

  • Port 25 → Default SMTP port (server-to-server communication)

  • Port 587 → Recommended for sending emails securely via STARTTLS

  • Port 465 → For SMTPS (SMTP over SSL/TLS, deprecated but still used)

5. Architecture

SMTP works on a client-server model:

  • Mail User Agent (MUA) → The email client (e.g., Outlook, Gmail, Thunderbird).

  • Mail Transfer Agent (MTA) → The server responsible for sending and routing emails (e.g., Postfix, Sendmail).

  • Mail Delivery Agent (MDA) → The server that stores the email in the recipient's inbox.

6. How SMTP Works (Step-by-Step)

  1. The sender composes an email using an email client (MUA).

  2. The MUA connects to the SMTP server using port 587 or 465.

  3. The SMTP server verifies the sender and recipient.

  4. The SMTP server forwards the email to the recipient's mail server using SMTP (port 25).

  5. The recipient's mail server stores the email using POP3 or IMAP protocols.

  6. The recipient retrieves the email using their email client.

7. SMTP Commands (Key Commands)

SMTP uses text-based commands to communicate between client and server:

  • HELO → Introduces the client to the server

  • EHLO → Extended greeting with more features

  • MAIL FROM: → Specifies the sender’s email address

  • RCPT TO: → Specifies the recipient’s email address

  • DATA → Starts transferring the email content

  • RSET → Resets the current session

  • QUIT → Ends the session

8. SMTP Response Codes

SMTP servers respond with 3-digit status codes:

  • 2xx → Success (e.g., 250 OK)

  • 3xx → More information needed

  • 4xx → Temporary failure (e.g., server busy)

  • 5xx → Permanent failure (e.g., invalid email address)

9. Types of SMTP

  • Open Relay SMTP → Used for unrestricted mail forwarding (mostly blocked now for security reasons)

  • Authenticated SMTP → Requires username and password before sending emails

  • Secure SMTP (SMTPS) → Uses SSL/TLS encryption for secure transmission

10. Security in SMTP

SMTP itself is not secure by default since it sends data in plain text.
To improve security:

  • Use STARTTLS → Upgrades an insecure connection to an encrypted one

  • Use SMTPS (Port 465) → Encrypts the connection using SSL/TLS

  • Enable SPF, DKIM, and DMARC → Prevents email spoofing and phishing

11. SMTP vs POP3 vs IMAP

Feature SMTP POP3 IMAP
Function Sends emails Downloads emails Synchronizes emails
Direction Outgoing only Incoming only Incoming only
Default Port 25 / 587 / 465 110 143 / 993
Storage Doesn't store emails Downloads & deletes Keeps emails on server

12. Email Routing in SMTP

  • If the sender and recipient are on the same server, SMTP delivers directly.

  • If they are on different servers, SMTP uses the DNS MX (Mail Exchange) records to locate the recipient's mail server.

13. SMTP Session Flow Example

Client: EHLO example.com
Server: 250-Hello example.com
Client: MAIL FROM:<[email protected]>
Server: 250 OK
Client: RCPT TO:<[email protected]>
Server: 250 OK
Client: DATA
Server: 354 Start mail input
Client: [Message Body]
Client: .
Server: 250 Message accepted for delivery
Client: QUIT
Server: 221 Goodbye

14. Features of SMTP

  • Simple text-based protocol

  • Works reliably on TCP

  • Supports multiple recipients

  • Allows queuing of emails

  • Compatible with modern security enhancements

15. Advantages of SMTP

  • Widely supported and standardized

  • Efficient for bulk email delivery

  • Integrates with other protocols easily

  • Scalable for large organizations

16. Disadvantages of SMTP

  • No built-in encryption (requires SSL/TLS)

  • Vulnerable to spam and email spoofing

  • Relies on DNS for routing (prone to failures)

  • Can be blocked by firewalls if misconfigured

17. Examples of SMTP Servers

  • Google SMTP → smtp.gmail.com

  • Microsoft SMTP → smtp.office365.com

  • Yahoo SMTP → smtp.mail.yahoo.com

  • Custom SMTP → Postfix, Sendmail, Exim

18. Common SMTP Issues

  • Incorrect port configuration

  • Authentication errors

  • DNS MX record failures

  • IP blacklisting due to spam

  • Unsecured servers causing mail rejection

19. Real-World Uses of SMTP

  • Sending emails via Gmail, Outlook, or Yahoo

  • Email notifications in applications

  • Bulk email marketing campaigns

  • Automated alerts and system logs

  • IoT devices sending reports via email

20. Alternatives to SMTP

  • API-based email services → e.g., SendGrid, Amazon SES, Mailgun

  • HTTP-based email sending → Faster and more secure than SMTP in some cases

  • MAPI (Messaging API) → Used in Microsoft Exchange environments