SMTP Protocol Explained
Ashwin HarishP
Red Teaming | Bug Hunter | Pentester | CTF Player | Researcher | IEEE Member | Full Stack Developer
Simple mail transfer protocol (SMTP) is used to transmit emails over an internet connection.
What Is SMTP?
Simple mail transfer protocol (SMTP) is an email protocol that enables the transmission of emails among user accounts over an internet connection. Simply put, SMTP is a set of rules that allows different email accounts and clients to streamline information exchange. This is a very commonly used email protocol, alongside internet message access protocol (IMAP) and post office protocol (POP)
SMTP is a dedicated protocol for sending emails. Most popular email clients–such as Microsoft Outlook, Google Gmail, Yahoo Mail, and Apple Mail–leverage SMTP to send (or ‘push’) emails from the sender to the receiver.
SMTP servers handle the transmission, receipt, and relaying of emails for other applications, known as clients,?within a network. Think of an SMTP server as a real-world post office and imagine that a letter needs to be sent from City 1 to City 2. The letter would first reach one of the local post offices in City 1. There, it would be processed and sent to the local post office in City 2. Finally, that ‘last-mile’ post office would be responsible for delivering the letter to its final destination.
SMTP servers carry out the same process; however, message transmission takes only a few minutes rather than a few days. On the other hand, SMTP ports serve as the communication endpoints for handling email data transfer over SMTP as it is transmitted between servers over a network. While outgoing emails are generally transmitted using port 465 or 587, messages between email servers are relayed using port 25.
How does SMTP work?
A user must first set up an SMTP server, after which email clients can be configured to connect with it. Once this is done, a user presses the ‘send’ button on an email and an SMTP connection is set up between the client and the server to allow for the email to be sent. The SMTP connection is built upon a?transmission control protocol (TCP)?connection.
Once the SMTP connection is active, commands transmitted by the client give instructions to the server and enable the transfer of information, such as the email addresses of the sender and the recipient and the contents of the email.
The MTA, which can stand for message transfer agent or mail transfer agent, is responsible for checking whether both email addresses are from a single email domain, such as gmail.com. If both addresses are from the same domain, the email is transmitted instantly. If not, a domain name system (DNS) is used by the server to identify the receiving domain, after which the email is transmitted to the right server.
SMTP, POP, and IMAP
Apart from SMTP, IMAP and POP are two common email protocols. However, SMTP is unique — it is used for ‘pushing’ (sending) emails between unknown email servers. On the other hand, POP and IMAP are used to ‘pull’ (receive) an email from the receiving party from their own server. As such, POP and IMAP are primarily used for transferring emails to verified servers and cannot be used for transmitting messages outside of the user’s networks.
The?post office protocol (POP)?is used to receive incoming emails. The latest version in use is POP3. This protocol’s operations mimic that of a real-world post office — POP3 will ‘pull and hold’ emails for clients until they are picked up.
Emails are typically downloaded and stored in the local system, making it ideal for users who use only one endpoint for their emails. POP is also used by enterprises to enable employees to check their emails offline.
Unlike SMTP, which serves as a message transfer protocol (email sender), POP serves as a message access protocol (email receiver). This means that SMTP is used twice — the first time when a connection is being established for transmitting data between the sender and the email server and the second time when data is being transferred, and a connection is being established with the recipient. Conversely, POP is used only once — for data transfer between the receiving party and their email server.
The?internet message access protocol (IMAP)?stores emails on a server that can be accessed and configured by users. Unlike POP, IMAP uses a?cloud server?to enable email authentication and categorization based on device type. IMAP is generally preferred over POP for its efficiency and convenience. IMAP, like POP, is a message access protocol (email receiver).
领英推荐
Uses of SMTP
SMTP is a popular protocol that plays a crucial role in email communications. Let’s look at the five key uses of SMTP.
1. Email transmission and delivery
SMTP is primarily used for transmitting emails between servers and clients. It is a popular protocol for both personal and work email accounts. Once an email is sent, it reaches an SMTP server, which applies a set of rules to figure out where the email needs to be transmitted next. Based on several factors, the email is delivered either to the receiver’s local email client or to their email server.
2. Email routing
SMTP is capable of routing emails through several networks and servers before they are delivered to their final inbox. This means that SMTP can be used to send emails to servers and clients located in different geographical locations. The email routing process can also use SMTP in conjunction with IMAP, POP, and other protocols with the aim of retrieving and managing emails effectively.
3. Email authentication
SMTP enables servers to authenticate sender identity and encrypt or decrypt emails accordingly to protect data privacy during transmission. By making it more difficult for bad actors to intercept and read emails, SMTP helps prevent spam and?phishing attacks.
Interestingly, SMTP was not always a torchbearer for email authentication. The original SMTP version, when it was introduced in 1981, used open relays. This meant that there was no process in place to authenticate users, and all emails were transmitted regardless of the address of the sender or receiver. This opened floodgates for mass spam mailing.
With time, new versions of SMTP were introduced, including SMTP-after-POP, extended SMTP (ESMTP), and SMTP-AUTH (also known as ASMTP). With these newer protocols, users needed a password or other authentication mechanisms to log into the SMTP server of an email service provider.
Gone were the days of zero SMTP authentication, where any unauthorized party could use an open server to send an email using a made-up email address. With new authentication processes in place, only verified users had access to sending emails via SMTP servers. This put in place a barrier to entry and prevented low-level bad actors from sending unsolicited or malicious messages. Today, emails sent from servers that do not use the SMTP-AUTH standard often bounce back to the sender with an ‘authentication failed’ error.
Most email applications automatically configure SMTP authentication when a user creates a new account. However, users setting up their own email accounts in a third-party client such as Microsoft Outlook or Mozilla Thunderbird must check their settings and make sure SMTP-AUTH is activated. Instructions for this can easily be found on the official support pages of the specific email application.?
4. Email security
With email being one of the most widely used modes of communication across the world, especially for enterprise communications,?email security?is vital. Enter SMTPS, a method for securing SMTP using transport layer security (TLS).
An email secured with SMTPS is resistant to attackers looking to modify its contents or reroute it to an unauthorized middleman before it is passed on to the intended receiver. SMTPS also thwarts attackers who would otherwise be able to exploit unencrypted emails by injecting malicious SMTP commands as the email is being transmitted between servers. One common target for such attacks is emails that feature forms, as such emails commonly contain built-in vulnerabilities.
The lack of SMTPS makes emails more susceptible to spamming using a vulnerable domain, the silent theft of sensitive data, or to phishing attacks. To enable SMTPS, a user needs to enable TLS on their email server. Once TLS is activated, the SMTP protocol is encrypted on the transport layer, and SMTP is ‘wrapped inside’ a TLS connection. This secures SMTP and transforms it into SMTPS.
5. Email marketing
Emails are an important medium for enterprises—whether online or offline—to communicate with their customers. It is essential for business owners to ensure that their emails are being sent securely and delivered reliably to the inboxes of their audience.
SMTP plays a critical role in email marketing campaigns across industry verticals. It is responsible for emails being transmitted to customers safely and without failure. In fact, high deliverability is a key reason for the use of SMTP in email marketing. Apart from this, leading SMTP-powered email marketing solutions offer a solid sender reputation, allowing marketers to enjoy high deliverability.
Advanced SMTP relay servers also provide users with the tools required to maintain a sending?IP address, which can help avoid the spam folders of recipients. Additionally, SMTP servers boost deliverability by supporting new account validation, domain name authentication, and email authentication protocols such as DKIM, DMARC, and SPF.
Log retention is another key feature of the SMTP servers favored by email marketers. These logs contain email campaign metrics such as open rate, CTR, and unsubscribe rate. SMTP email services preferred by marketers ideally retain logs for longer durations, allowing users to go back and check them in case of any issues. While many SMTP servers offer a 30-day retention period, some allow for unlimited log retention and give users the option to configure their retention policies.
Finally, SMTP solutions that are created for email marketing are built to be easily accessible by business owners, non-tech marketers, and tech-savvy developers alike. They simplify the email-sending process with a user-friendly interface, streamlined onboarding, and a responsive support team.