Email is one of the oldest and most fundamental applications of the internet, and SMTP (Simple Mail Transfer Protocol) is the underlying engine that drives email sending. Understanding how SMTP works can not only help you troubleshoot email sending problems, but also help you better understand common phenomena such as bounce messages and spam filtering.
The three core protocols of an email system
Before delving into SMTP, let's understand the three protocols involved in email systems, each with its own function:
| protocol | Full name | effect | analogy |
|---|---|---|---|
| SMTP | Simple Mail Transfer Protocol | Responsible for sending and forwarding emails | Post office delivery trucks |
| POP3 | Post Office Agreement, Version 3 | Download emails from the server to your local machine. | Go to the post office to pick up the letter and take it home. |
| IMAP | Internet Email Access Protocol | Managing and reading emails on the server | Reading letters on the spot at the post office |
In simple terms: SMTP handles "sending emails," while POP3 and IMAP handle "receiving emails." This article focuses on how SMTP delivers emails from the sender to the recipient.
The complete journey of an email
Suppose Alice (alice@gmail.com) sends an email to Bob (bob@yahoo.com), this email will go through the following six stages:
Phase 1: Writing and Submission
Alice composes an email in the Gmail web browser or client and clicks "Send". The email is then submitted from the browser (or email client) to Gmail's mail sending server (usually smtp.gmail.com, port 587) via the SMTP protocol.
This step requires identity verification—Alice must first log into her Gmail account, and the server will confirm that she is authorized to send emails using the address alice@gmail.com.
Phase Two: DNS Query
When Gmail's sending server receives an email, it needs to know where to send it. It queries the DNS (Domain Name System) for the recipient's domain, yahoo.com, for its MX record (Mail Exchange Record).
The MX record will return the address of Yahoo's mail server, for example:
yahoo.com MX priority 1 mta5.am0.yahoodns.net yahoo.com MX priority 5 mta6.am0.yahoodns.net yahoo.com MX priority 5 mta7.am0.yahoodns.net
The server will first try the MX record with the highest priority (lowest number). If that server is unavailable, it will try the next one.
Phase 3: SMTP Handshake
Gmail's servers establish a TCP connection (usually using port 25) with Yahoo's mail servers, and then begin a standardized "dialogue." This is the core of the SMTP protocol—a series of commands and responses:
Connection established Yahoo: 220 mta5.am0.yahoodns.net ESMTP ready Gmail: EHLO mail.gmail.com Yahoo: 250-mta5.am0.yahoodns.net Hello Yahoo: 250-STARTTLS Yahoo: 250 OK Upgrade to encrypted connection Gmail: STARTTLS Yahoo: 220 Ready to start TLS Inform the sender and recipient Gmail: MAIL FROM:<alice@gmail.com> Yahoo: 250 OK Gmail: RCPT TO:<bob@yahoo.com> Yahoo: 250 OK Transmit email content Gmail: DATA Yahoo: 354 Start mail input Gmail: From: Alice <alice@gmail.com> Gmail: To: Bob <bob@yahoo.com> Gmail: Subject: Hello Bob! Gmail: Gmail: Hi Bob, how are you? Gmail: . Yahoo: 250 OK, message queued Disconnect Gmail: QUIT Yahoo: 221 Bye
The entire dialogue process is clear and orderly: first, a greeting (EHLO), then encryption (STARTTLS), then the envelope information (sender and recipient), and finally, the message content (DATA).
Phase Four: Recipient Processing
After Yahoo's mail server receives an email, it performs a series of checks:
- Verify if the recipient, bob@yahoo.com, exists. If it does not exist, return a bounce message (hard bounce).
- Authentication: Check SPF, DKIM, and DMARC records to verify the sender's identity.
- Spam filtering: Scans email content to determine if it is spam.
- Virus scan: Check attachments for malware.
After all checks were completed, the email was delivered to Bob's mailbox storage.
Phase 5: Email Storage
The emails are stored on Yahoo's mail servers, waiting for Bob to read them. They will be placed in the inbox, spam folder, or other folders according to filtering rules.
Phase Six: Recipient Reading
Bob opens his Yahoo Mail and retrieves the email content from the server using IMAP or POP3 . If using the web version, he reads the email directly in his browser via HTTP/HTTPS.
Detailed Explanation of Key SMTP Commands
| Order | meaning | illustrate |
|---|---|---|
EHLO | greet | Identify yourself to the other server and inquire about supported extensions. |
STARTTLS | Upgrade encryption | Upgrade plaintext connections to TLS encrypted connections to protect email content during transmission. |
MAIL FROM | sender | The sender's address of the declaration email (the sender's address on the envelope). |
RCPT TO | recipient | Specify the recipient addresses for the declaration email (multiple addresses are allowed). |
DATA | Email body | Begin transmitting the email header and body, ending with a period (.) on a separate line. |
QUIT | disconnect | End session, close connection |
Meaning of SMTP response codes
Each response from an SMTP server begins with a three-digit number, with different numbers representing different statuses:
| Response code | meaning | Example |
|---|---|---|
| 2xx | success | 250 OK — Command executed successfully |
| 3xx | Need more information | 354 Start mail input — Waiting for email content |
| 4xx | Temporary error (soft rollback) | 421 Service temporarily unavailable / 450 Email busy |
| 5xx | Permanent error (hard rollback) | 550 User does not exist / 553 Incorrect address format |
These response codes are extremely useful when troubleshooting email delivery problems. When you receive a bounce notification, the response code included can help you quickly pinpoint the cause.
SMTP port number
SMTP uses different ports to provide different functions:
- Port 25: The standard port for transmitting emails between servers. Many ISPs block this port to prevent spam.
- Port 587: The recommended port for user-submitted emails, supporting STARTTLS encryption and authentication.
- Port 465: An older port using implicit SSL/TLS encryption; some services are still using it.
If you are configuring an email client or SMTP service, it is recommended to use the combination of port 587 and STARTTLS .
Limitations and Modern Improvements of SMTP
SMTP was developed in 1982 (RFC 821), when the internet faced no security threats. Therefore, the original SMTP protocol had some inherent shortcomings:
- Unencrypted: The original SMTP transmitted data in plaintext, which was later resolved through the STARTTLS extension.
- No authentication: Anyone can claim to be any sender, and then cover it up with SPF, DKIM, or DMARC.
- No delivery confirmation: The sender cannot know for sure whether the email has reached the recipient's inbox.
Despite these limitations, SMTP remains the core protocol of global email systems. Through continuous addition of security extensions, it maintains backward compatibility while adapting to the security requirements of the modern internet.
Summarize
The journey of an email is far more complex than you might imagine: from the user clicking send, to DNS lookups, SMTP handshakes, authentication, spam filtering, and finally reaching the recipient's inbox—each step is supported by strict protocols and rules. Understanding these underlying mechanisms can help you better manage your email account, troubleshoot sending problems, and optimize email delivery rates.