Email - Submission Port (587,25)


submission port are the port of the mail server where an email client would connect to try to send an email.


There is basically two well-known ports.


The port 25 is a submission port for a basic connection (ie without TLS) without authentication.

The localhost port 25 is used by Postfix or similar mail server running on the local machine.

  • For remote client, it denies relay and accepts only to receive email for the domain that it manages.
  • For local client, it accepts to send email.


The port 587

  • is considered a submission port for SSL (TLS). It is also what remote clients use to send mail out using your server.
  • should only allow authenticated connections



To open the port 587, with postfix, the submission line should be uncommented and parameters should be overwritten.

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
submission inet n      -       n       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o syslog_name=postfix/submission
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=$mua_client_restrictions
  -o smtpd_helo_restrictions=$mua_helo_restrictions
  -o smtpd_sender_restrictions=$mua_sender_restrictions
  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING


If you want to known more about the subject, there is also a whole specification. See RFC6409 - Message Submission for Mail

Powered by ComboStrap