SMTP (Simple Mail Transfer Protocol) is an Internet standard communication protocol used for sending and transmitting email messages between servers across networks. SMTP defines the rules and procedures for email transmission, serving as the backbone of the global email infrastructure.
How SMTP works
When a user sends an email, their email client connects to an SMTP server (also called a mail submission agent). The SMTP server processes the message and connects to the recipient's mail server using DNS MX record lookups to find the correct destination. The sending SMTP server establishes a connection with the receiving server and transfers the message using a series of text commands and responses. The receiving server stores the message for the recipient to access via protocols like IMAP or POP3.
Key SMTP characteristics
Port Usage: SMTP traditionally uses port 25 for server-to-server communication, port 587 for authenticated client-to-server submission, and port 465 for SMTPS (SMTP over SSL/TLS).
Authentication: SMTP servers verify the sender's identity to prevent spam and unauthorized use. Authentication protocols like DKIM, SPF, and DMARC work alongside SMTP to ensure emails come from legitimate, authorized sources.
Limitations: SMTP was designed for reliability rather than security. It transmits message headers in plain text, making email metadata potentially visible to intermediaries. The protocol also does not inherently verify sender identity, which is why supplementary authentication protocols are necessary.
Security Considerations: SMTP security gaps can be exploited by attackers to send spoofed emails, relay spam, or conduct phishing campaigns. Organizations should enforce SMTP authentication, require TLS encryption for SMTP connections, and implement email authentication standards.
Pangratis works at the API level with cloud email platforms to analyze email content and sender behavior beyond what SMTP-level filtering alone can detect, catching sophisticated threats that pass basic protocol checks.