Current best practice for e-mail ports?
Hello:
I have been using the configuration below for years. That covers the communication between Thunderbird and my sendmail server. It works perfectly.
Additionally, I have left post 25 open to receive e-mails from servers. That is 99.9999% of the traffic. However, in a new VPS that I am configuring now, the latest version of sendmail refuses to listen on port 25. My current sendmail configuration file (sendmail.mc) is not working anymore.
I am very confused. I keep on reading "use port such and such", and "port 25 should not be used."
How is the whole world supposed to send me e-mail, then? If I stop listening to port 25, will I be getting tons of people complaining that they cannot send me e-mail?
Bottom line: what port(s) is used these days for server-to-server interchanges?
TIA!
الحل المُختار
The ports typically used for POP are TCP ports 110 and 995, and for IMAP are TCP ports 143 and 993, for insecure and secure sessions respectively.
POP incoming Port: 110 (non-encrypted port) Connection Security: 'STARTTLS' or in some cases you need to select 'None'
Port: 995 Connection Security: SSL/TLS Secure connection
IMAP
incoming
Port: 143 (non-encrypted port)
Connection Security: 'STARTTLS' or in some cases you need to select 'None'
Port: 993 Connection Security: SSL/TLS Secure connection
SMTP
outgoing
Port: 25 – non-encrypted port
Connection Security: 'None'
This is unsecured, information is sent as clear text / ASCII. It is not sent over SSL.
SMTP port 25 continues to be used primarily for SMTP relaying. SMTP relaying is the transmission of email from email server to email server.
In most cases, modern SMTP email clients (Microsoft Outlook, Mail, Thunderbird, etc.) shouldn't use this port. It is traditionally blocked by residential ISPs and Cloud Hosting Providers, to curb the amount of spam that is relayed from compromised computers or servers. Unless you're specifically managing a mail server, you should have no traffic traversing this port on your computer or server.
Port: 587 Connection Security: 'STARTTLS' or in some cases you need to select 'None' Port 587 coupled with TLS encryption, will ensure that email is submitted securely The StartTLS method always starts a connection in unencrypted mode on a port configured for plain text. Only after the StartTLS command has been fully executed, then the protocol negotiates the encryption with client.
Port: 465 Connection Security: SSL/TLS Secure connection.
Note: Username on most servers is the full email address and 'Authentication Method: Normal Password'
Read this answer in context 👍 1All Replies (3)
الحل المُختار
The ports typically used for POP are TCP ports 110 and 995, and for IMAP are TCP ports 143 and 993, for insecure and secure sessions respectively.
POP incoming Port: 110 (non-encrypted port) Connection Security: 'STARTTLS' or in some cases you need to select 'None'
Port: 995 Connection Security: SSL/TLS Secure connection
IMAP
incoming
Port: 143 (non-encrypted port)
Connection Security: 'STARTTLS' or in some cases you need to select 'None'
Port: 993 Connection Security: SSL/TLS Secure connection
SMTP
outgoing
Port: 25 – non-encrypted port
Connection Security: 'None'
This is unsecured, information is sent as clear text / ASCII. It is not sent over SSL.
SMTP port 25 continues to be used primarily for SMTP relaying. SMTP relaying is the transmission of email from email server to email server.
In most cases, modern SMTP email clients (Microsoft Outlook, Mail, Thunderbird, etc.) shouldn't use this port. It is traditionally blocked by residential ISPs and Cloud Hosting Providers, to curb the amount of spam that is relayed from compromised computers or servers. Unless you're specifically managing a mail server, you should have no traffic traversing this port on your computer or server.
Port: 587 Connection Security: 'STARTTLS' or in some cases you need to select 'None' Port 587 coupled with TLS encryption, will ensure that email is submitted securely The StartTLS method always starts a connection in unencrypted mode on a port configured for plain text. Only after the StartTLS command has been fully executed, then the protocol negotiates the encryption with client.
Port: 465 Connection Security: SSL/TLS Secure connection.
Note: Username on most servers is the full email address and 'Authentication Method: Normal Password'
Thanks for that useful info, Toad-Hall. You da man!
As it is often the case, the root of that problem turned out to be quite simple: My VPS provider was blocking port 25 and I was placing the blame on ole' good sendmail.
Thanks!
-Ramon F. Herrera JFK Numbers
Modified