Understanding SMTP ports 25, 465, 587, 2525 and choosing the right one
SMTP (Simple Mail Transfer Protocol) is a quick and easy way to get started with sending emails. As an industry-standard protocol, you simply provide your server name, port, username and password. Then, the SMTP server takes care of sending emails on your behalf—sounds good!
But when it comes to filling in that SMTP port field, what should you add and why? Is there a difference between ports 25, 465, 587 and 2525?
In this guide, we’ll cover what SMTP ports are, the common SMTP ports in use (or not in use anymore), which port you should use with MailerSend and why, and how to get started with SMTP.
Quick recap: What's SMTP?
SMTP stands for Simple Mail Transfer Protocol and is the standard protocol used to send emails. It’s the system used for email transmission between the mail client and the mail server, and all of the servers in between, ensuring that when you send an email, it reaches its destination in the recipient’s mail server.
Basically, SMTP handles the sending, routing, and delivery of email messages.
What about SMTPS?
SMTPS is Simple Mail Transfer Protocol Secure. It’s the same as SMTP but it uses encryption with SSL/TLS and authentication. SMTPS secures the connection so that emails can’t be easily intercepted or tampered with.
What are SMTP ports?
In computer networking, a port is a logical address that identifies a specific network service. When a computer program wants to communicate with a network service, it sends a message to the appropriate port on the destination computer.
The default port for SMTP servers is port 25, but many servers use other ports as well, such as 587, 465 or 2525. In the context of SMTP, ports are used to identify the service at the mailer server that is responsible for handling email messages.
When an SMTP server receives a message, it looks at the port number in order to determine how to handle the message. For example, if a message is sent to port 25, the server will know to process it as an incoming email message.
SMTP uses the TCP/IP protocol, which is the standard protocol for transmitting data over the internet. TCP/IP allows SMTP to communicate with other email systems and transfer email messages between them.
Which SMTP port should you use?
While the right SMTP port generally depends on your specific use case and circumstances, it is highly recommended that you use port 587 and only use 2525 if you have trouble sending with 587. Port 587 is the preferred port by ISPs and ESPs because:
1. It’s used in conjunction with email authentication protocols that help prevent unauthorized use and malicious attacks via the sending account.
2. It supports TLS encryption, which encrypts email messages while they are in transit, protecting email content from being intercepted.
3. Port 587 typically requires that the email client being used is configured with a username and password, so the server can authenticate the client before allowing it to send an email. This helps to ensure that only authorized users can send emails through the server, reducing the risk of spam and other email-based attacks.
4. The usage of port 587 is in compliance with Internet Engineering Task Force (IETF) standards and is recommended as the default mail submission port.
5. It’s widely supported by email servers and client software and is less likely to be blocked by ISPs and firewalls, making it more reliable.
What happens if you use the wrong SMTP port number?
If you do use the wrong SMTP port number when trying to send an email, it can be easily fixed. Just know that any emails sent with the incorrect port will go undelivered. It’s important to keep in mind that different ESPs will have different policies regarding the ports they use. Always check their documentation for the recommended SMTP port. Sending will fail because:
1. The port you’ve defined isn’t open.
2. The port isn’t used for SMTP.
3. The port expects encryption, but your client doesn’t use it.
The result will either be failure to establish a connection or connecting but then being unable to deliver the email, which will then result in a timeout, dropped connection or an error. It’s important to remember that attempting to use unencrypted SMTP on a secure-only port could expose your credentials, presenting a major security risk.
Most common SMTP ports
Now we’ve been through what SMTP ports are, let’s go through the 4 most common ports and their use cases.
Port 25
The OG of SMTP ports, port 25 appeared in the original SMTP proposal of 1982, making it the oldest port on the list. It’s commonly used for sending email via SMTP but is also sometimes used for other purposes, such as the remote management of network services.
Port 25 is the default SMTP port that is used to enable communication between the sending and receiving servers when delivering an email message to a recipient. Despite its pedigree, many ISPs (Internet Service Providers) and email providers have started to block incoming connections on port 25 as a security measure. This is due to the prevalence of spam and other types of email-based attacks. So, if you want to ensure your emails aren’t being blocked, you should use a different port to send with.
Port 465
Port 465 was an email submission port used for SMTPS (Simple Mail Transfer Protocol Secure). It offered secure client-server communication by encrypting the contents of emails. You may have noticed we’re using the past tense here. That’s because SMTPS was deprecated after STARTTLS (a command to change a connection to a secure one) was introduced.
Some email servers may still be using port 465 to support older mail clients that implemented SMTPS before, but it’s not recommended, as it’s not RFC-compliant. So, unless you need to maintain legacy email applications across a large enterprise, for example, you should not be using port 465 to send emails with SMTP.
Port 587
SMTP port 587 is known as the “submission” port, and is specifically intended for use by email clients that need to send messages to an SMTP server. Port 587 is the most secure SMTP port and the preferred port of ISPs and ESPs (Email Service Providers) for message submission, as it works hand in hand with email authentication to ensure that only authorized senders can send emails through the server. This makes using port 587 a secure way to send emails and prevent spamming and other types of email attacks.
Another key difference between port 587 and port 25 is that the latter is open to the public while port 587 is used for SMTP client connections and is not intended for public use. It also supports Transport Layer Security (TLS)—the successor to Secure Sockets Layer (SSL)—a security protocol that encrypts emails while they are in transit.
All of this considered, it is recommended that you always use port 587 to send emails with SMTP.
Port 2525
Port 2525 plays on the original SMTP port 25 by repeating it twice! If, for some reason, you are blocked from using port 587, port 2525 is a good alternative port as it also supports TLS. Although it can be a useful alternative, not all email servers will support connections to this port, so it may not always be possible to use it to send emails.
It’s also worth noting that while many ISPs and mail servers allow access to port 2525, it is actually not an official SMTP port, as it is not recognized by IETF or IANA.
Port 588
Port 588 isn’t an official SMTP port. It’s actually registered by IANA for another service (CAL), however, some email providers support it as an alternate port. Since it supports TLS encryption and works similarly to port 587, it can be useful as a fallback if other common ports are blocked. But this is all unofficial—the recommended port for sending is 587.
STARTTLS vs. Implicit TLS
It’s good to know the 2 main ways that encryption is applied when we’re talking about SMTP and email security. Here’s a quick breakdown comparing STARTTLS (used by port 587) and Implicit TLS (used by port 465).
STARTTLS | Implicit TLS |
The connection starts as plain text on a standard port, the client uses the STARTTLS command, and if both sides support it, the connection becomes encrypted. | The connection requires encryption right from the start, meaning that there is no chance of sending anything in plain text. |
Used for port 587 (and 25 for server-to-server connections). | Used for port 465. |
Flexible, works on existing plain text ports. | Less flexible, requires a dedicated port. |
Security depends on enforcement. | Stronger security guarantee as no plain text is ever sent. |
Standardized and widely recommended, the default for modern email clients. | Was deprecated but has since been re-registered for SMTPS. Is still used for legacy support and strict security. |
SMTP authentication
It was once possible for anyone to use open SMTP servers to send emails (you can probably guess what happened next). To prevent the inevitable abuse, SMTP authentication was introduced. It’s now required for the main SMTP ports (except port 25), and involves using a valid username and password (SMTP credentials) in order to send emails through the server. Here’s a quick run-through of how it works:
1. The client connects to the SMTP server.
2. The server communicates the supported authentication methods (see methods below).
3. The client provides the SMTP credentials.
4. If the authentication is successful—great, you can send emails. If not, the server will reject the request.
SMTP authentication methods
PLAIN | Sends the credentials encoded in Base64. | Must be combined with encryption; a safe method when used with STARTTLS or SMTPS. Very commonly used for SMTP clients. |
LOGIN | Sends the credentials encoded in Base64, but the server requests them separately. | Must be combined with encryption, often used in older clients. |
CRAM-MD5 | Sends the credentials as a challenge-response hash. | Less often used due to MD5 weaknesses, replaced by stronger, more modern methods. |
OAUTH2 | Uses tokens instead of passwords. | High level of security, the modern standard used by Gmail, Microsoft Outlook and cloud providers. |
What about IMAP and POP3?
If you think about SMTP as the mechanism that sends, routes and delivers the message, IMAP and POP3 are what make it possible to receive it.
POP3
Post Office Protocol 3 is one of the oldest mail protocols, and its job is to download messages from the server to the client and then remove them from the server. It’s more suitable for offline use where emails are accessed on a single device. The ports it uses are 110 (unencrypted) and 995 (secure, over SSL/TLS).
IMAP
Internet Message Access Protocol is similar to POP3, albeit more modern and advanced. The protocol is used to access and manage emails on a server and is designed to synchronize messages across multiple devices. This means that emails stay on the server unless you choose to delete them. The ports used for IMAP are 143 (unsecured) and 993 (secure, over SSL/TLS).
SMTP ports that MailerSend uses
In order to provide the most secure and efficient transactional email experience, MailerSend uses SMTP ports 587 and 2525. That means when you're using your MailerSend SMTP credentials, if the plugin or app requires you to enter an SMTP port, you should always enter 587 or 2525 as an alternative when 587 isn't possible.
Setting up SMTP with MailerSend
It’s easy to get started with SMTP in MailerSend. Best practices for SMTP ports are used in the default settings and MailerSend takes care of your email deliverability. Here’s how to get started.
1. Start at the Dashboard
Log in or sign up for a MailerSend account if you don’t already have one and head to the dashboard.
2. Visit your sending domains
Under Email, navigate to Domains. If you’re a new user, you will need to verify a sending domain. Once done, click Manage next to the domain in the list.
3. Create an SMTP user
On the Domain settings page, scroll down until you see the SMTP section. Click Generate new user, enter a name and click Save user. Your SMTP credentials will be generated.
4. Copy your SMTP settings
Your SMTP settings will be automatically generated, including the server name, port, username and password. Click on each field to automatically copy it to the clipboard!
For the password field, you will need to toggle the visibility of the password by clicking on the eye icon. Once done, you can hover over the password field and copy it to the clipboard.
5. Use the SMTP settings
Now it’s time to configure the SMTP settings into your app or email client. You can also use your SMTP credentials for configuring legacy systems or when using preferred frameworks or modules. Here, we’ll use the MailerSend WordPress SMTP integration.
Install the plugin by searching for MailerSend – Official SMTP Integration. Activate it and then go to MailerSend SMTP in the WordPress sidebar navigation. Enter your SMTP credentials from MailerSend under SMTP username and password and then click Save.
The port is set to 587 by default, so you won’t have to enter it here. You can proceed to enter customized sender details and send a test email. And that’s it!
Common SMTP issues and troubleshooting
1. You can’t connect to the SMTP server
First, check that you’ve configured your SMTP settings and port correctly. If everything looks good, the issue could be that there is a firewall blocking the port or the ISP is blocking the port, especially if port 25 is being used.
There’s a simple way to test whether the port is being blocked, by using Telnet or Netcat to try connecting to the server:
telnet smtp.example.com 587nc -vz smtp.example.com 587If the port is blocked, the connection will fail with Connection refused or timeout. The best solution is to switch to a recommended port (587) if you aren’t already using it. Or you can use a third-party SMTP service.
2. Your connection times out
If you’re receiving a connection timeout error, or the connection hangs, the issue could be caused by a firewall, blocked port (see above), network issues, or an unreachable server (like if the server is down).
To troubleshoot, check your network and firewall settings, check if the port is blocked by the ISP, and verify that the server address is correct.
3. You’re receiving an authentication error
An authentication error usually indicates that you’re using the wrong SMTP credentials, so the first step is to verify them. If your credentials are correct, the issue could be caused by an authentication mismatch or a lack of TLS. Check these and make sure you’re using an up-to-date version of TLS/SSL.
4. You’re getting TLS/SSL errors
These could be caused by outdated protocol versions, using the wrong port for the encryption type, or certificate validation failures, for example, an expired server certificate. Use OpenSSL to check your port and encryption settings. It will give you the server certificate details, success status, and the TLS version.
openssl s_client -connect smtp.example.com:587 -starttls smtpFor implicit TLS:
openssl s_client -connect smtp.example.com:465On Linux/Mac, you can use GnuTLS:
gnutls-cli -p 587 smtp.example.com
Choose your SMTP ports wisely
If you want to follow best practices, ensure ultimate email security, and more reliable email delivery, port 587 is your best friend (with port 2525 on standby in case you really need it). Just remember, we’re making things easy for you here at MailerSend—you’ll only ever need to use port 587 or 2525.
Ready for better transactional email?
Sign up to MailerSend's SMTP service and get 3,000 emails per month free.
