What is Port 25?
by Colin Cohen | Published on October 20, 2023
Port 25 is dedicated to the Simple Mail Transfer Protocol (SMTP) and is primarily used for sending and receiving messages between mail servers in a process called relaying.
Sending Emails from Server to Server
When message transfer agents (MTAs) such as email servers relay mail to each other, they do so using SMTP over port 25. This allows an organization to send large volumes of mail without getting blocked as spam.
What Apps Depend on SMTP Port 25?
All the leading MTAs (Mail Transfer Agents) depend on port 25 for relaying mail between them. This includes mail applications such as:
Sendmail
Exim
Postfix
What is Port 25 Used For?
You use port 25 for SMTP. Port 25 is considered the default port for SMTP transmissions, but you can also use port 587. Security limitations with port 25 will often mean that port port 587 (and it's encryption benefits) are a safer, modern option for sending email.
Simple Mail Transfer Protocol Explained
SMTP entails a mail sender delivering a set of messages to the mail receiver over port 25 or port 587 to facilitate the transmission of an email. The receiver acknowledges each message before the sender transmits the next. The set of messages includes the following:
The sender identifies itself and initiates a mail transaction by transmitting a MAIL command.
The sender identifies the receiver of the mail by transmitting an RCPT command.
The sender transmits a DATA command and then sends the contents of the mail message.
The sender indicates the end of the transaction by sending a “.” by itself.
Port 25 is Used For Email Communications
At one time, port 25 was used for all email communications. But because of the advent of spam and other issues, and the port’s inability to handle them, many ISPs and hosting providers have blocked this port. So, if you try to send an email from a client application such as Outlook over this port, you will likely receive an error.
Today, you will likely only use port 25 for relaying email from one mail server to another and port 587 for standard email.
Is SMTP Port 25 or 587?
Both port 25 and 587 are dedicated to SMTP. The difference between the two ports is that port 587 uses encryption, authentication, and can provide tamper-proofing through digital signatures, while transmissions over port 25 are in plain text without authentication or tamper-proofing capabilities.
This is why you would most often use port 587 when transmitting a mail message through an email client.
Security Vulnerabilities of SMTP Port 25
There are many potential security vulnerabilities tied to using port 25, such as spam, address spoofing, and denial of service attacks.
1. Spam Can Come Through Port 25
The term “spam” originated with people sending bulk mail over port 25. This happened because there is no authentication on this port to prevent it. So many organizations will only allow mail servers to use port 25 for relaying mail to other mail servers, while using port 587 for standard email.
2. Port 25 Doesn’t Detect Spoofing
Email spoofing, which is closely tied to spam, presents a significant concern. This is when someone hides the identity of an email's origin (often for spamming or phishing.) Because of the lack of authentication on port 25, using this port provides little protection against spoofing. But the same is not true of port 587.
3. Blocking Email Relay Abuse Over Port 25
Spammers and other malicious actors have been known to abuse open email relaying services over port 25. But you can block open relay by requiring authentication when one email server wants to relay mail to another.
In Windows, you can do this by disabling anonymous access to your SMTP server in IIS Manager.
4. SMTP Port 25 and Denial of Service Attacks
Attackers sometimes use port 25 to conduct distributed denial-of-service (DDoS) attacks against web servers. You can use several methods to prevent this (apart from completely blocking access to port 25), such as employing email filtering services and enabling greylisting in your email server.
Is Port 25 Safe to Use?
With all those security vulnerabilities, is port 2 even safe to use? While you would not want to use port 25 for standard email processing, it is safe to use for mail relaying. Keep in mind that this is only if you've configured your email server properly and have taken precautions against DDoS attacks.
Is SMTP a TCP or UDP protocol?
SMTP can use either TCP or UDP as a transport protocol. But, in practice, you will typically use TCP (Transmission Control Protocol).
Why Is Email Sent with Transmission Control?
SMTP most often uses TCP to send email because it is a more reliable protocol. With TCP, you don’t have to worry about mail data getting lost, damaged, delivered out of order, or duplicated during transmissions.
Port Conflicts with SMTP Port 25
Only one mail server can listen on port 25 at any given time. If you are experiencing a conflict on that port that is preventing your mail server from starting, run the following command from your terminal:
netstat -aon
The output of this command will indicate the process bound to port 25, which you will need to stop before you can properly start your email server.
Key Takeaways About Port 25
Because of various vulnerabilities, you will not likely use SMTP over port 25 for processing standard email sent from a client to a server. However, it's still possible to use it safely to relay mail between servers.. as long as you properly configure your servers.
This Network+ online training has additional information about SMTP port 25, as well as other common ports and protocols you'll need to know as a network administrator.