SMTP
SMTP (Simple Mail Transfer Protocol) is how mail servers exchange messages on the Internet. It separates the envelope (routing) from the message (headers + body).
Envelope vs message
- Envelope —
MAIL FROM:andRCPT TO:commands tell the receiving MTA who sent the message and who should receive it. Not shown to end users. - Message —
DATApayload includesFrom:,To:,Subject:, MIME parts, etc. Users see these headers, which can differ from envelope addresses (BCC, forwarding).
Common verbs (ESMTP)
| Command | Purpose |
|---|---|
EHLO | Extended hello — server advertises extensions. |
STARTTLS | Upgrade plain connection to TLS (RFC 3207). |
AUTH | Authenticate submission client (PLAIN, LOGIN, CRAM-MD5 — prefer TLS + SASL mechanisms your provider documents). |
MAIL FROM | Sets envelope sender (return path). |
RCPT TO | Adds envelope recipient (repeatable). |
DATA | Transmit headers + body; ends with <CRLF>.<CRLF>. |
QUIT | Close session politely. |
Reply codes
Three-digit codes: first digit = success (2), deferral (4), or failure (5); second digit refines category. Example: 250 OK, 550 mailbox unavailable, 421 service unavailable.
Ports
- 25 — server-to-server relay (often blocked on residential ISPs).
- 587 — message submission with STARTTLS (recommended for clients).
- 465 — implicit TLS submission (legacy but still common).
Authentication at the edge
SMTP alone does not cryptographically prove sender identity. SPF, DKIM, and DMARC are DNS-based mechanisms that receiving servers use to detect spoofing — see your DNS provider’s documentation.