marketing:email:port

About

A smtp port is a port of the SMTP server where an smtp client would connect to try to:

send
or deliver

an email.

Summary

Service Name	Port	Protocol	Authentication Required	Type of delivery	Submission
smtp	25 or 2525	Plain with STARTTLS	No	Local
smtps	587 or 2587	Plain with STARTTLS	Yes	Remote / local	Yes
smtps	465	TLS (SSL)	Yes	Remote / local	Yes

Submission Port

submission ¹⁾ is a means for client (Mua) to connect to a SMTP server and send messages.

The submission ports (463, 587) are expected to be able to transmit email from clients.
while the other port (ie 25) is expected to receive email from a smtp server (mta)

Note that the process that accepts message submissions is called a Message Submission Agent (MSA)

Port

25

The port 25 is a port:

with plain connection (ie without TLS)
without authentication.

The localhost port 25 is used by Postfix or a similar mail server running on the local machine.

For remote clients, it denies relay and accepts only to receive email for the domain that it manages.
For local clients, it accepts to send email.

The port 25 is mostly blocked by your Internet Service Provider (ISP) ²⁾ if you are at home. One solution is to connect to the port 587 which is a service where you need to authenticate.

Advanced tip:: In the DNS ³⁾, in a WKS record if the protocol is tcp (6), and the 26th bit is set, an SMTP server should be listening on TCP port 25

465

The port 465

runs on a secure connection with TLS
should allow only authenticated users
can be used as Mail Transfer Agent (MTA) to deliver mail to another mailbox (as the users are known)
is mostly never blocked by a firewall (ISP or others)

As your users are authenticated, you should not score their email or any traffic activities otherwise you could block your own users.

587

The port 587 has the same properties than the port section25, except that it accepts only authenticated connections.

2525

The port 2525 is a backup port for the port 25 in case the other ports are blocked by a network provider or a firewall.

2587

The port 2587 is a backup port for the port 587 in case the other ports are blocked by a network provider or a firewall.

Configuration

Postfix

To open port 587, with postfix, the submission line should be uncommented and parameters should be overwritten.

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
submission inet n      -       n       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o syslog_name=postfix/submission
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=$mua_client_restrictions
  -o smtpd_helo_restrictions=$mua_helo_restrictions
  -o smtpd_sender_restrictions=$mua_sender_restrictions
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Specification

If you want to known more about the subject, there is also a whole specification. See RFC6409 - Message Submission for Mail

¹⁾

rfc6409

²⁾

https://www.spamhaus.org/faq/section/ISP%2520Spam%2520Issues#175

³⁾

https://datatracker.ietf.org/doc/html/rfc1035#section-25

Table of Contents

What are the SMTP Ports? (25, 465, 587)