What is SMTP, and How Does it Work? All You Need To Know

What is Smtp, and How Does it Work? All You Need To Know
Alexey Kachalov Alexey Kachalov 07 november 2024, 14:24 2012
For experts

The Simple Mail Transfer Protocol (SMTP) is akin to the operational standards of the postal service system. It is a set of established rules allowing you to send and receive emails reliably. Just like you would expect any letter you drop in your regular mailbox to reach the address printed on the envelope, SMTP ensures your message reaches the recipient's email address.

For this to happen, a flurry of activities begins the moment you click “send mail” on your device.

In this article, we discuss it all: what SMTP is, how it works, its history, and many other important aspects of the topic.

Come discover how your emails are sent!

What is SMTP (Simple Mail Transfer Protocol)?

Imagine you’re sending a letter to a friend. 

Obviously, you could easily pass the same message via a phone call or a social media channel. But, just walk with me for a second. 

For that letter to reach your friend, you would have to write it first, secure it in an envelope, and write your friend’s address on that envelope. You would also have to put a stamp on it before dropping it in a mailbox.

Next, the postal worker comes by your house, picks it up, and takes it to the post office. 

Normally, what goes on there isn’t your concern, but here’s a clue. 

Postal workers sort your letter alongside countless others based on the delivery address and transport it to a processing plant, where they are dispatched to different regions before being taken to delivery offices in those regions. Another postal worker then picks them up and dispatches them to the addressed homes or businesses, one of which is your friend’s.  

There are other “letter stuff” happening between all these stages, and you can find out how a letter travels if you’re into all that. 

Anyway, in a few days, your friend is giggling (or frowning) while reading your letter. 

But let’s assume for a moment that you wrote the wrong address on that letter or failed to put a stamp on it. Or even worse, the post workers missed one of the steps in their process. 

Do you think your friend would still get your letter? 

Only strict adherence to standard processing rules ensures letters and other packages are sent and delivered reliably. 

Computer networks have their own version of that set of rules, and it is called SMTP. It is a universal set of codes and standards that facilitates the sending and receiving of emails between different computer networks and servers over the Internet. 

You can think of it as the unique language spoken by mail carriers who empty the mailbox in front of your house and deliver it to your friend’s address. 

History of SMTP

It might be hard to imagine, but there was a time when computers were the size of entire rooms. People had to take turns using the same computer. 

At some point, same-computer users wanted to communicate with each other. So, in 1965, two MIT engineers, Noel Morris and Tom Van Vleck, developed a system that allowed them to leave messages for each other on the same computer. 

This went on for a while and then came a certain Ray Tomlinson in 1971. At the time, he was working on a little government-funded research project called ARPANET. This project later became the Internet, but at that time, Ray just managed to connect multiple computers on a single network. 

So now, instead of leaving messages on a single computer, users could send messages to users on other computers on the same network. This development marked the beginning of email communication as we know it. 

As email began to grow in popularity, it became clear that a standard was needed to facilitate communication across different computers and networks. 

This need led to the development of SMTP.

Recognizing the need for expanded communication capabilities, Jonathan Postel published RFC821 in August 1982, which defined the early version of the SMTP protocol. It quickly became the standard protocol for sending messages between different systems across the internet. 

David Crocker followed in Postel's footsteps by publishing RFC822, which defined the format for email messages.

Since then, the technical specifications of both RFCs have formed the basis of the modern email system, with some significant improvements along the way.

In 1955, SMTP was extended to ESMTP (Extended Simple Mail Transfer Protocol) to facilitate the use of any existing and future extensions to the original SMTP.

How does SMTP work?

SMTP-scheme

SMTP operates through several key steps when sending an email. Before we get into that, here’s some terminology you need to be familiar with:

  • Mail client: The mail client is a program that a person sending or receiving an email interacts with directly. Thunderbird, Gmail app and MS Outlook are perfect examples of that. In more technical terms, this type of software is also called a Mail User Agent (MUA)
  • SMTP server: This is a program for transferring emails from one computer to another. Quite often, a computer is solely allocated for this purpose, so the term may also refer to the entire system, software and hardware combined. Mail Transfer Agent (MTA) is yet another term for this type of software, though it reflects only part of its functionality. Popular examples include Postfix, Exim, and Microsoft Exchange.

 

The moment you click “send”, every email goes through the following steps:

Step 1. Connection establishment

The mail client initiates a connection with the SMTP server. To let your email client know which SMTP server to connect to, you must provide its domain name or IP address during the initial setup. This connection is usually done through port 25 (the default one), 587, or 465 (for secure connections). Domain names and IP addresses are used to locate a particular computer on the internet, while port numbers are a way to tell the remote computer which program should process the incoming data.

This step is like walking up to your mailbox: you need to know where exactly it’s located.

Step 2. Email submission

At this stage, your mail client transfers your email to the SMTP server using a series of commands.

The mail data transfer process involves the following commands:

  • HELO/EHLO Command: This represents a standard "hello" as in a normal human conversation. The mail client uses it to introduce itself to the SMTP server.
  • MAIL FROM Command: The MAIL FROM command is used to identify the sender's email address to the server.
  • RCPT TO Command: This command specifies the recipient's email address. If the sender intends to send the email to multiple recipients, multiple RCPT TO commands are used to specify the individual email addresses.
  • DATA Command: The sender's mail client uses this command to request permission to transfer email content from the server. The server responds by sending a 354 code, prompting the mail client to transfer the email content, including subject line, other headers, and body content. Once they are all sent, this command ends with a single period on a single line, marking the termination of the data transfer process.

It's like dropping that letter in your mailbox for the post carrier to collect it. But not so easy, huh?

Step 3. Processing and routing

Now, it's like your physical letter has arrived at the processing plant, where postal workers sort it and prepare it for dispatch to the post office closest to your friend. They verify both yours and your friend’s address along with other important details. 

Similarly, the SMTP server processes the email sent, verifies the sender and recipient addresses, and ensures the email content is not malformed. 

Next, it initiates a series of steps to transfer it to the recipient’s mail server. Sometimes, a physical letter has to go through several post offices before reaching the one closest to your friend. The procedure for each one will be similar. 

This step includes the following:

  • Routing: Routing is the overall process of structuring the email’s course or path to the recipient’s server. It’s like the postal service planning which post offices the letter has to go through before reaching your friend. 

A Mail Transfer Agent does this by checking if the recipient is on the same domain as the sender, just like checking if your friend is in the same area code as you. If that is the case, it sends the email directly into their mailbox, instead of another SMTP server. However, if the recipient's address is on a different domain, it determines the recipient's mail server via a DNS (Domain Name System) lookup.

  • Relaying: After an appropriate route is mapped, the email can be sent through the path. Relaying is the process of transferring the email from one server to another before it reaches the recipient. 

If the email cannot be delivered directly to the recipient's mail server, it is routed through intermediate MTAs that are closer to the recipient's mail server. Each MTA receives the email, processes it, and forwards it to the next MTA in the route. All these processes utilize the same SMTP session scenario discussed above.

See? Just like the regular postal services!

Step 4. Final delivery

Once the email reaches the recipient's server, it is stored in their mailbox (on the recipient's SMTP server) like a post carrier dumping your letters inside the mailbox. 

You still need to step out of the house to retrieve them. Similarly, the recipient's email client retrieves the email from the server using protocols like POP3 or IMAP, or via webmail interface. This will happen when the addressee has the time to check for new mail.

How is SMTP different from other email protocols?

Protocols involved in the email delivery process include SMTP, IMAP, and POP3

All these protocols combined define a set of rules governing how emails are sent, received, and stored.

As we've said earlier, SMTP serves as the basis of communication and information exchange between the SMTP server and email client when an outgoing email is being submitted. It is also used to transfer the email between different SMTP servers. However, its responsibilities end as soon as the email hits the recipient's server. The following protocols take it from there. 

  • Post Office Protocol Version 3 (POP3): POP3 is responsible for downloading the mail from the mail server to the recipient’s device. By default, POP3 also deletes messages from the remote server after downloading them to the client's local device. However, the modern version allows users to keep a copy of the messages on the server if users explicitly select that option. 

As such, POP3 is suited for downloading emails to a single device and managing them offline, but it lacks multi-device access and synchronization.

  • Internet Access Message Protocol (IMAP): On the other hand, IMAP is responsible for accessing emails that are stored on the mail server. While POP3 downloads and deletes emails from the server, IMAP keeps them on the server and allows recipients to view them on a local device with an internet connection. 

As such, IMAP is suited for accessing and managing emails from multiple devices with consistent and synchronized email status across all devices.

Additionally, IMAP allows you to manage folders, delete messages, and search for messages efficiently. You can set or remove flags and selectively fetch email attributes. By default, all messages stay on the server until you delete them.

IMAP and POP3 differ from SMTP in that they both are message access protocols, while SMTP is a message transfer protocol. This means that while SMTP handles outgoing emails and sends messages, IMAP and POP3 handle and retrieve incoming messages from the server.

Security Considerations

The original SMTP relay protocol is solely focused on reliably transmitting messages across servers. Although it does this brilliantly, the protocol lacks inherent security features. The core SMTP specification has no encryption support, and all data transfers between servers are done in plain text. 

It’s just like sending a postcard — anyone who cares to know can read your messages.

As a result, unencrypted SMTP has the following vulnerabilities: 

  • Hijacking: Malicious actors can intercept and alter your emails. 
  • Phishing and Spamming: The absence of security measures allows any entity with ill intentions to send deceptive emails.
  • Malware Attacks: These deceptive emails may contain harmful malware capable of spoiling devices and servers. 

Therefore, there is a need for a more secure version of SMTP. 

Enter SMTPS, a method for securing SMTP using Transport Layer Security (TLS). Unlike SMTP, SMTPS encrypts all email content. The protocol uses TLS (an updated version of its predecessor, Secure Sockets Layer, or SSL) to secure the SMTP connections between the two parties during email transfer. 

Here’s how TLS and SSL protocols keep your emails safe: 

  • Data Encryption: Your data is no longer transmitted as plain text. Instead, TLS converts them to a bunch of cryptic code that only the recipient’s server can interpret.
  • Authentication: Before anyone can transfer the email, TLS confirms both identities to establish trust between the email servers. 
  • Integrity: TLS/SSL ensures that the email’s content is not altered during the transmission. 

As a result of these security measures, SSL/TLS protocol maintains confidentiality by protecting your email content from “digital eavesdroppers”, guaranteeing the identity of communicating parties, and ensuring the integrity of messages.

Advantages and Disadvantages of SMTP

smtp-pros-cons

Advantages

  1. Bulk email sending: SMTP is capable of sending a large number of emails, which is essential for businesses running large-scale email marketing campaigns.
  2. Wide area coverage: SMTP facilitates reliable, global email delivery across diverse networks, reaching recipients regardless of their location.
  3. Low email sending cost: Both individuals and businesses can send emails inexpensively using SMTP.
  4. Reliable delivery: The protocol provides a clear and dependable mechanism that ensures messages reach their intended recipients accurately and consistently.
  5. Interoperability: As a long-established standard, SMTP is universally supported by many types of software. This recognition ensures smooth communication regardless of the device, software, or implementation used.


Disadvantages

  1. Security limitations: SMTP only establishes rules for sending and receiving emails between servers. Its initial design does not protect users against fake and malicious emails, making it vulnerable to attacks. To enhance security, SMTP is backed by additional methods such as encryption (TLS), authentication (SPF, DKIM, DMARC), and spam filtering. 
  2. Firewall Blocking on Port 25: SMTP's default port 25 has a history of being often abused by hackers, therefore providers have long started to block them at firewalls. This can hinder email delivery and cause connectivity issues. To avoid this, other ports, such as 587 and 465, are commonly used.
  3. Message length restrictions: SMTP servers sometimes reject emails that exceed a specific size, preventing the delivery of large messages. Breaking down attachments or using cloud links can help avoid this. For your own server, you can adjust your SMTP settings to allow files bigger than the limit specified in the server settings.
  4. Potential processing delays: SMTP involves several back-and-forth processes between servers, as mentioned above. This can delay email delivery and prevent the message from being sent altogether, if not configured the right way.

What Is An SMTP Email Service?

An SMTP Email Service Provider, or ESP, is a specialized service provider that helps individuals and businesses send emails to intended recipients using SMTP.

Here's a simple analogy to help you visualize it.

Amazon, DHL, or FedEx are similar to SMTP email services because they are all organizations that help entities deliver letters or other packages safely, quickly, and efficiently, regardless of their location.

The SMTP server is like the post office itself, where all sent packages are dropped for sorting before they're dispatched to the addresses printed on them. Both Amazon, DHL, and FedEx have their separate post offices, just like an SMTP email service maintains its own highly scalable server infrastructure.

An SMTP email service provider plays a crucial role for various businesses by reliably delivering email in large volumes. More importantly, it can scale accordingly to meet their growing needs. This ensures that businesses can reach their customers effectively and efficiently regardless of the volume of emails being sent. 

Examples of the best SMTP Servers

The following are some examples of the best SMTP servers offered by top ESPs:

  1. UniOne: UniOne's SMTP server is a marketing and transactional email-focused solution that focuses on high deliverability. Capable of handling 60 million emails per hour, the solution is built for businesses seeking automation at scale and reliable transactional email services.
  2. Brevo: Formerly Sendinblue, Brevo offers an SMTP server as a part of its all-in-one sales and digital marketing CRM suite. The marketing-oriented platform is focused on helping users with complex marketing requirements.
  3. Sendgrid: SendGrid's email server encompasses a cloud-based proprietary MTA, SMTP relay services, and RESTful APIs for standardized email sending. It is a developer-friendly solution for multi-channel campaigns.
  4. Amazon SES: The Amazon Simple Email Service provides an interface for automating transactional messages, delivering marketing emails globally, and generally sending emails from within any application.
  5. Mailgun: Mailgun is an SMTP server designed mainly for developers. The service provider offers powerful APIs for sending, receiving, and tracking emails.

Other popular options include Mailchimp Transactional Email (formerly Mandrill), SMTP2GO, Postmark, Mailjet, Moosend, and Mailtrap.

How to send an email with SMTP? How to set up an SMTP server?

You can send emails with different categories of SMTP servers. These include public mail service SMTP servers (e.g., Gmail or Yahoo Mail), corporate SMTP servers (e.g., Microsoft 365 or Zoho), or commercial SMTP email servers (offered by ESPs like UniOne or Mailjet). While the latter option usually offers some extra benefits and features beyond the standard SMTP functionality, the initial setup process is basically the same for any variant.

Reliable SMTP server providers offer installation instructions that guide you through configuring the server settings for your existing infrastructure. Following these instructions helps you establish a connection with the SMTP server in just a few minutes.

  1. Specify the server address: Otherwise known as the SMTP host name, the server address is a name that helps your software identify the appropriate server to submit emails to. For instance, Gmail’s SMTP address is smtp.gmail.com, while UniOne provides smtp.us1.unione.io and smtp.eu1.unione.io.
  2. Configure SMTP ports: SMTP ports are endpoints through which emails are transmitted from one server to another. Common options include ports 25, 587, 465, and 2525, chosen based on encryption compatibility.
  3. Specify username: This allows the server to identify you as the authorized user to send an email. With SMTP service providers like Gmail, the login is usually the same as your email address. For an ESP, you'll have to choose a specific user ID according to the documentation.
  4. Set a password: Corporate email services like Google Workspace mandate the creation of a specialized, unique password. Also, you may need to use a special API key when using specialized SMTP relay servers like UniOne. This layer of security helps keep your email safe.
  5. Extra parameters: You may also need to specify some additional parameters, such as character encoding. 

Sending An Email With SMTP

  1. Access your SMTP server's dashboard: Log into the server's control panel using the username and password you set up earlier to start setting up the correspondence.
  2. Enter SMTP details: After logging in, you need to locate the SMTP settings, which are usually under account settings or email management. Here, you may look up the server address, port number, username, and password you’ll need to specify in your email client or other software.
  3. Compose your email: Draft your message, including the recipient's email address, the message subject line, the content body, and the sender's name and email address you wish to reflect on the recipient's side.
  4. Send a test email: To ensure that your SMTP settings are correctly configured, it is advisable to send a test email. Most providers include this feature for quality assurance.
  5. Send your email: If the test email is successful, you can proceed with sending the actual email so that the configured SMTP relay provider relays the message to the intended address.
  6. Handle feedback: You should get some feedback depending on the server you use. The SMTP server will notify you if it accepts the email for delivery by returning a result code during email submission. ESPs like UniOne also provide notifications on other events, such as actual email delivery, open or click.

Common SMTP server providers and settings

The table below contains some of the most common mailbox services, their URLs, and corresponding public SMTP server names.

SMTP provider

URL

SMTP server name

AOL

aol.com

smtp.aol.com

AT&T

att.net

smtp.mail.att.net

Comcast

comcast.net

smtp.comcast.net

iCloud

icloud.com/mail

smtp.mail.me.com

Gmail

gmail.com

smtp.gmail.com

Outlook

outlook.com

smtp-mail.outlook.com

Yahoo!

mail.yahoo.com

smtp.mail.yahoo.com

What is SMTP and email authentication? 

SMTP authentication (SMTP auth) refers to the techniques and security measures to ensure that only authorized users can access the server.

Remember the SMTP process we described earlier, where the mail client connects to the SMTP server?

That's where SMTP authentication comes into play.

Think of it as a security checkpoint: every time a mail client tries to send an email through the SMTP relay server, the server requests the email client's username and password through a supported authentication mechanism before it allows that connection. This prevents spam and email spoofing. More importantly, it ensures that unauthorized or malicious actors don't take charge of your email-sending infrastructure.

The current SMTP authentication options include:

  1. PLAIN
  • SMTP relay server requests the mail client to send its username and password in one single request as a single base64-encoded string. Although implementing PLAIN is straightforward, it isn't as secure as more sophisticated mechanisms. As such, it is important to use it with TLS encryption.
  1. LOGIN
  • Slightly different from PLAIN, LOGIN requests credentials in 2 separate steps. Although simple, credentials are still base64-encoded, so TLS encryption is advised.
  1. CRAM-MD5
  • CRAM stands for challenge-response authentication mechanism. Compared to the simpler mechanisms described above, CRAM-MD5 is more secure.

The term “email authentication” relates to ways for the receiving party to make sure the email is indeed sent by the domain it claims to be from.

  1. SPF (Sender Policy Framework)
  • SPF uses DNS records to determine which IP addresses are authorized to send emails from a particular domain, helping prevent spoofing.
  1. DKIM (Domain Keys Identified Mail)
  • DKIM is an authentication mechanism that digitally signs email messages using cryptography to make sure they are not altered in transit.
  1. DMARC (Domain-based Message Authentication, Reporting, and Conformance)
  • This protocol sets policies for either accepting or rejecting messages that fail SPF or DKIM checks.

What is an SMTP relay service? 

Otherwise known as an SMTP relay provider or gateway service, an SMTP relay service acts as an intermediary, ensuring that your email messages are routed correctly and reach their intended recipients. With this setup, when you send an email, your email message first goes to your local SMTP server, which then forwards it to the SMTP relay service. This SMTP relay service handles the complex task of routing and delivering the email, even if it needs to travel across multiple networks or servers to reach a different domain.

Conclusion

Since its launch in early 1980s, SMTP has maintained its importance for modern email communications as a standard protocol for transferring emails across the internet. It facilitates smooth information exchange for both personal and business purposes.

Based on these roles, it is safe to say SMTP is the backbone of email communication.

Therefore, it is important to understand how SMTP functions in order to manage your email operations more effectively. Whether you're involved in email marketing campaigns, bulk promotional emails, or transactional email management, knowing how emails are routed, processed, and delivered will help you resolve email-sending issues, enhance security, and optimize the performance of your email campaigns.

Frequently Asked Questions (FAQs)

What is SMTP Relay?

Otherwise known as a mail relay or email relay, SMTP relay is a protocol for transmitting messages and emails across domains and servers from a sender to a designated recipient.

Is SMTP Relay Secure?

The default SMTP email relay service is only focused on reliably dispatching an email to the appropriate server or domain. Its security depends on the protocol's configuration and the security features used to protect the connection.

What is an Open SMTP Relay?

An open SMTP relay is an SMTP server lacking proper configuration and authentication mechanisms, which allows even unauthorized users to send emails through it.

Related Articles
Blog
For beginners
What is CRM-ESP Integration and How Can It Help My Business?
Anyone familiar with email marketing knows so many acronyms associated with the sector: SEO, CPC, KP
Alexey Kachalov
27 october 2022, 09:239 min
Blog
For beginners
The Difference Between Marketing Email and Transactional Email
Take a look at the difference between marketing email and transactional email.
Denys Romanov
31 december 2021, 14:055 min
Blog
For beginners
Top 7 customer support platforms for SMB in 2024
At UniOne, friendly, accessible, and user-centric customer support is one of the top priorities. We
Vitalii Piddubnyi
27 june 2024, 14:339 min