E-mail (E-mail) is one of the oldest protocols on the Internet, but it is also the most widely used communication protocol today. For historical reasons, e-mail uses many different protocols and each protocol uses a different TCP port, which greatly increases the difficulty of setting up e-mail and is very unfriendly to users who do not know computer expertise. Today, we will introduce the relevant protocols and ports systematically, and try to clear the obstacles for novice users.

The essence of email is still email. To figure out how email works, we need to first sort out how the post office 🏣 works in our life. In the West or in our cities, every household has a mailbox. It’s a real box, usually with a key 🔑. Suppose Kevin wants to send a letter to Tony and he needs to drop it off at the nearest post office A. After the post office receives the letter, it will be delivered to Post Office B, which is near Tony’s home. Post Office B then sends a letter carrier to deliver the letter to Tonys home mailbox. Tony checks his mailbox when he gets home from work and finds a letter from Kevin. Drawn as a diagram, it looks like this.

1
2
3
[Kevin] ----> [Post Office A] ----> [Post Office B] -+
                                    |
[Tony] ----> [Tony Mailbox] <-------------+

If Kevin had not gone to the post office but dropped it at a nearby post box, the whole process would have looked like this.

1
2
3
[Kevin] ----> [Mailbox] <---- [Post Office A] --+
                                   |
[Tony] ----> [Mailbox] <---- [Post Office B] <-+

For the user, sending and receiving is an active act. Kevin needs to take the initiative to send letters, and Tony needs to take the initiative to check his mailbox. The post office generally only docks with the post office. In other words, post office A only needs to send the letter to post office B according to the address after receiving it (it may transit through several post offices in between), but it does not need to send the letter to Tony directly. If we consider Tony’s mailbox as part of post office B, then post office B does not need to deal with Tony directly, but just put the letter into Tony’s mailbox.

Email simply moves the above process to the Internet. Post office A and post office B become mail service providers like Gmail or Outlook, mailboxes or mailboxes become mail clients, and residential addresses become email addresses.

The whole process becomes something like this.

1
2
3
[Kevin] --> [Client] <----SMTP---- [Gmail] ----+
                                            | SMTP 
[Tony] --> [Client] <--IMAP/POP-- [Outlook] <-+

The technical term of the client here is Mail User Agent (MUA). There are various MUA software in the market, such as Microsoft Outlook, Apple Mail, Tencent Foxmail, Mozilla Thnuderbird and so on. Nowadays, the mainstream operating systems such as Windows/Macos/iOS/Android etc. have built-in MUA software.

MUA can only communicate with its own mail service provider. Sending mail uses SMTP protocol and receiving mail uses IMAP or POP protocol. The SMTP protocol is also used to transfer emails between service providers. Different protocols use different TCP ports.

protocol port description
SMTP 25 Simple Mail Transfer Protocol
POP 110 Post Office Protocol
IMAP 143 Internet Message Access Protocol

In the earliest days there was only SMTP protocol, the Simple Mail Transfer Protocol, which used port 25 of TCP. If Kevin wants to send an email to Tony, he needs to use a client on his computer. After the client connects to Gmail via SMTP and completes authentication, it receives the letter Kevin writes to Tony and then tries to send it to Tony’s service provider, Outlook.

How does Gmail find Tonys service provider? This requires the DNS protocol. An email address has two parts: a username and a domain name. Suppose the email addresses of Kevin and Tony are kevin@gmail.com and tony@outlook.com respectively. Where @ preceded by kevin and tony is the user name, followed by gmail.com and outlook.com is the domain name.

Gmail receives the letter from Kevin and finds that it is addressed to tony@outlook.com, so it looks up the mail server address of the outlook.com domain through the DNS system. This is done using what is called an MX record, which stands for Mail Exchange.

At the time of my writing, the mail server for outlook.com is.

1
outlook-com.olc.protection.outlook.com

The gmail.com’s are.

1
2
3
4
5
gmail-smtp-in.l.google.com
alt1.gmail-smtp-in.l.google.com
alt2.gmail-smtp-in.l.google.com
alt3.gmail-smtp-in.l.google.com
alt4.gmail-smtp-in.l.google.com

To ensure that emails are sent and received reliably, generally service providers set up multiple groups of servers, each with different weights. In the example above, we only checked one server. So Gmail will try to connect to port 25 of this server. When the connection is successful, it transfers Kevins letter to Outlook’s server.

If Tony opens his client sometime later, the MUA will use POP or IMAP protocol to connect to Outlook’s server and check if there are new emails. There are two problems with doing this. One is that downloading all emails may consume time and traffic, because emails may contain attached contents such as pictures. Second, deleting server-side emails may cause content loss (of course, many service providers can now set up to prevent MUA from deleting copies of emails on the server). In view of this, IMAP protocol has been designed to solve these two problems of POP. With IMAP protocol, you can directly view the sender, subject and other information of emails, instead of downloading the complete email content. Nowadays, the mainstream service providers generally support both POP and IMAP protocols.

POP protocol uses port 110 and IMAP protocol uses port 143.

Well, so far we have covered three ports: SMTP uses port 25, POP uses port 110, and IMAP uses port 143. All of these ports use plaintext to transmit data. This means that the communication is not encrypted and anyone with an ulterior motive can listen to or even tamper with the content of your incoming and outgoing emails! The Internet was designed in its early days by a group of people who “thought there were no bad guys in the world”.

With the development of the Internet, there are more and more bad guys. People had to start thinking about the security of e-mail. The SSL protocol, Secure Sockets Layer, was designed to encrypt TCP communications. TLS has gone through four versions, 1.0/1.1/1.2/1.3.

However, the problem was that the original ports 25/110/143 were using plaintext communication and could not be directly replaced by SSL/TLS encrypted communication, otherwise the existing clients would have problems. So three ports were reassigned, 465/995/993, through which the client could communicate with the server, and the content had to be encrypted using SSL/TLS.

Port 443 was also assigned to port 80 of the HTTP protocol, along with many other ports. It was immediately clear that there was a problem with this approach, as there were only 1024 well-known ports, and this approach was quickly exhausted. So everyone said that the previously assigned ports were no longer counted and were withdrawn. Each protocol negotiated the use of an encryption protocol on its own plaintext ports, which is called the STARTTLS protocol. What do you mean by renegotiation? Take SMTP for example, the sender first assumes that the receiver is using plaintext communication, so it connects directly to the other side on port 25

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
S: <Listening on TCP port 25>
C: <Establishing a TCP connection>
S: 220 mail.imc.org SMTP service ready
C: EHLO mail.ietf.org
S: 250-mail.imc.org offers a warm hug of welcome
S: 250 STARTTLS
C: STARTTLS
S: 220 Go ahead
C: <starts TLS negotiation>
C & S: <negotiate a TLS session>
C & S: <check result of negotiation>
C: <continues by sending an SMTP command>
. . .

Here, after sender C sends EHLO command, receiver S returns 250 STARTTLS, indicating that TLS encryption is supported. So C sends STARTTLS to indicate that TLS negotiation will be done next. When the negotiation is completed, the email data is transmitted using the encrypted channel.

The advantage of using STARTTLS is that it can support both plaintext and encrypted communication on one port. In terms of security, it is not fundamentally different from the dedicated TLS port approach described earlier.

Another special case here is SMTP protocol, which was first used to exchange emails between service providers. When users send emails, MUA also uses SMTP to submit emails, also on port 25. Because many people use ISP’s IP address to send spam in the early days, many ISPs will disable port 25. This prevented the user’s MUA from communicating properly with the server. For this reason, port 587 was introduced for communication between MUA and server. Of course, this port also supports STARTTLS encryption.

However, by the time people decided to promote STARTTLS, a large number of service providers and client software already supported sending and receiving mail using the previous SSL/TLS port. You couldn’t ask all software to update to the new standard. Over time, it was realized that the port issue was not the main conflict, and that the most important thing was to promote TLS encryption. So in 2018 RFC8314 was passed to allow communication using both STARTTLS and TLS. Any protocol that is encrypted is a good protocol.

So, by now we have the following table.

protocol SSL/TLS port STARTTLS port
SMTP 465 587
POP 995 110
IMAP 993 143

Nowadays, the mainstream email service providers basically no longer allow the use of clear-text ports for communication. When setting up an email client, you must specify what protocol the server is using. Generally, IMAP protocol uses port 993, and you need to check SSL or TLS encryption. Some service providers also support POP protocol, which uses port 995 and needs to check SSL or TLS encryption. For SMTP protocol, some use port 465 (such as Google) and need to set SSL or TLS encryption; some use port 587 (such as Microsoft) and need to set STARTTLS encryption.