Skip to content
(+381) 60 3535 720
My account
BeoHosting
BeoHosting
My accountContact
(+381) 60 3535 720
 
Technical

What Is SMTP and How It Works

BeoHosting Team··9 min read read
What Is SMTP and How It Works

What is SMTP

SMTP (Simple Mail Transfer Protocol) is the standard protocol for sending electronic mail on the internet. When you send an email from Gmail, Outlook, or any email client, SMTP is the protocol that transports your email from your computer to the recipient's server. SMTP is the foundation of the entire email system and has been used since 1982.

Think of SMTP as the postal courier of the digital world. You write a letter (email), hand it to the courier (SMTP server), the courier takes it to the local post office (your mail server), from which the letter is sent to the recipient's post office (recipient SMTP server), and finally delivered to the recipient's mailbox (inbox).

How SMTP works - step by step

Sending an email via SMTP consists of several steps that take place in the background within seconds.

Step 1: Connecting to the SMTP server

Your email client (Outlook, Thunderbird, mobile app) establishes a connection with your SMTP server. This is usually your hosting provider's server or email service (e.g. smtp.gmail.com for Gmail, mail.yourdomain.com for BeoHosting).

Step 2: EHLO/HELO handshake

The client introduces itself to the server with the EHLO (Extended HELO) or older HELO command. The server replies with a list of supported capabilities - such as encryption, authentication, and maximum message size.

Step 3: Authentication

The server requires a username and password. This prevents unauthorized use of the server for sending spam. Modern servers support AUTH PLAIN, AUTH LOGIN, and AUTH CRAM-MD5 methods.

Step 4: Defining sender and recipient

The SMTP commands MAIL FROM and RCPT TO define who is sending and who is receiving the email. The server checks whether the sender is authorized to send from that address and whether the recipient address is valid.

Step 5: Content transfer

The DATA command initiates the transfer of the email content - headers (Subject, From, To, Date) and message body. The email ends with a single dot on a new line (.) which signals the end of the message.

Step 6: Delivery

Your SMTP server checks the MX record of the recipient's domain (DNS lookup), finds the appropriate mail server, and forwards the email. If the recipient is on a different server, the email may pass through several intermediate servers.

SMTP ports

SMTP uses different ports for different purposes. Choosing the right port is a common source of issues when configuring an email client.

Port 25 - Standard SMTP

  • The original SMTP port, used for communication between mail servers.
  • Most ISPs (internet providers) block port 25 for end users to prevent spam.
  • Not recommended for email client configuration.

Port 587 - Submission (recommended)

  • The standard port for sending email from an email client (submission).
  • Requires authentication and supports STARTTLS encryption.
  • This is the port you should use in 99% of cases.

Port 465 - SMTPS (SSL)

  • Uses implicit SSL/TLS from the start of the connection.
  • Was deprecated, but was re-standardized in RFC 8314 (2018).
  • An alternative to port 587 for clients that support implicit SSL.

Port 2525 - Alternative

  • An unofficial port used when other ports are blocked.
  • Often supports STARTTLS.
  • Used by some cloud providers that block standard ports.

TLS encryption and security

Without encryption, emails travel the internet like postcards - anyone who intercepts the data can read the content. TLS (Transport Layer Security) solves this problem.

STARTTLS

STARTTLS is a command that upgrades a plain (plaintext) connection to encrypted. The client first connects to port 587 without encryption, then sends STARTTLS, and the connection is upgraded to TLS. This is the most common encryption method for SMTP.

Implicit TLS

On port 465, TLS encryption is active from the start of the connection. There is no upgrade - the connection is encrypted from the first byte. This is slightly more secure because it eliminates the possibility of a downgrade attack.

Authentication and abuse protection

SMTP itself has no built-in sender identity verification mechanism. That is why additional systems were developed.

SPF (Sender Policy Framework)

SPF is a DNS record that defines which servers are allowed to send email on behalf of your domain. For example, an SPF record for a BeoHosting domain may look like: v=spf1 include:beohosting.com -all. This means only BeoHosting servers are allowed to send email from your domain.

DKIM (DomainKeys Identified Mail)

DKIM adds a digital signature to every email. The recipient can verify the signature using the public key published in your domain's DNS. This proves that the email really comes from your domain and was not modified in transit.

DMARC (Domain-based Message Authentication)

DMARC combines SPF and DKIM and defines a policy for handling emails that fail verification. You can set DMARC to reject, quarantine, or pass such emails, and to send reports about abuse attempts.

Common SMTP issues and fixes

An email that does not reach the recipient is a frustrating problem. The most common causes and fixes:

Email ends up in spam

  • Check that you have correct SPF, DKIM, and DMARC records.
  • Avoid spam trigger words in the subject (FREE, URGENT, CLICK HERE).
  • Use a professional email address on your domain instead of free services.

Connection timeout

  • Verify you are using the correct port (587 for submission).
  • Your ISP may block port 25 or 465 - try 587 or 2525.
  • Check firewall settings on your computer.

Authentication failed

  • Verify the username - it is usually the full email address (user@domain.com).
  • Reset the password in cPanel or the email admin panel.
  • Make sure you use the correct authentication type (usually AUTH LOGIN or AUTH PLAIN).

Conclusion

SMTP is the foundation of email communication on the internet. Understanding how it works helps you correctly configure email clients, troubleshoot delivery issues, and protect your domain from abuse. Use port 587 with STARTTLS encryption, set SPF, DKIM, and DMARC records for your domain, and always use authentication. At BeoHosting, all email accounts come with automatically configured SPF and DKIM records, so your emails are protected from day one.

BeoHosting Team

10+ years of experience — Web hosting and infrastructure specialists

  • Web Hosting
  • WordPress Hosting
  • VPS
  • Dedicated Serveri
  • Domeni
  • SSL
  • cPanel
  • LiteSpeed
  • Linux administracija
  • DNS

Last updated:

Related articles

What Is cPanel - A Guide with Examples

1. avgust 2025.

What Is HTTP/3 and How It Speeds Up Your Site

31. jul 2025.

How to Use FTP - FileZilla Beginner Guide

22. jul 2025.
Back to blogMore from category: Technical