The Simple Mail Transfer Protocol or SMTP is the Internet standard for sending and receiving emails. Email clients use SMTP to send messages to a mail server for delivery while email servers use it to forward messages to their recipients.
Outgoing emails are usually sent using port 587 or 465 while port 25 is used for relaying the message between mail servers.
Much of the email delivery depends on the reputation of the sender. Therefore, it’s important to follow common courtesy and best practices when operating a mail server. In this guide, we are going over a couple of things you need to consider before setting up an email server in the cloud.
Try UpCloud for free! Deploy a server in just 45 seconds
Preventing open SMTP relay misuse
SMTP port 25 is traditionally blocked by residential ISPs and cloud providers to prevent spam. This is to prevent open SMTP relays from being misused or set up for abuse.
Configuring up your own email server requires a due care to ensure security. A simple mistake in the setup can render the security settings ineffective, therefore most important part is to make sure the server does not become an open relay.
Conveniently MX Toolbox, an online network testing utility, provides an SMTP diagnostics tool with which you can easily test your configuration by just entering your mail server domain name such as mail.example.com.
Using secure SMTP connections
Secure mail submission usually takes place using a TLS encrypted connection to port 587 of a server that submits the mail onwards. Both the client and server need to support it for a secure connection to be established. Most of the popular modern email clients support TLS, so the burden of enabling secure email delivery falls on the mail server management.
It’s important to configure SMTP clients to require TLS for outgoing connections because the initial handshake takes place in plain text. A man-in-the-middle attack could otherwise make it appear that TLS is unavailable. This type of attack can be blocked by explicitly requiring TLS.
Utilising professional mailing services
Although the outbound SMTP port 25 is blocked, you can choose to use ports 465 and 587, or a non-standard port to send email through a relay. For example, you can configure your Mail Transfer Agent to use a mailing service e.g. MailChimp or Mailgun over port 587 to securely relay emails.
Alternatively, you might not want to run your own email server at all. Depending on your intended use for sending emails, you should consider utilising one of the aforementioned dedicated mailing services. Marketing campaigns and transactional emails are often best left for professionals to ensure reliable delivery.
Opening SMTP port 25
The outbound SMTP port 25 is closed by default on new accounts to prevent accidental open relays and misuse. The blocked port shows up on your server’s firewall at your UpCloud control panel but cannot be changed directly.
The port can be opened on request. If you would need port 25 opened, you can request the port block to be removed by contacting our support team.
You will be required to provide proof of identity or payment method for verification and explain your use case and why the outbound port 25 is needed. This is done to ensure responsible use of SMTP and build trust in our network for email delivery.
Please note that we may be forced to close the outbound SMTP port 25 again due to evidence of a compromised server or detection of spam.
Such a great article about sending smtp emails. This article is very informative for everyone. Thanks for Sharing.
do you have step by step article guide to install working email server?
Good, it’s help me full alot… maybe i need to install postfix + let’s encrypt
It is particularly important to cache network connections, library references, and API client objects in global scope. See Optimizing Networking for examples.
Let me know this…
to use Port 465 and 587 to send emails ( transactional )
Do, I need to contact the Support Team?
by default, those ports are Open or Closed?
My greetings to everyone!
Dear Sirs, support team!
I have impacted to this article whilst configuring the SENDING E-MAILS OUTSIDE.
Could you, please, satisfy my curiosity about – whether it is possible or not to send mail through 587 or 465 with a blocked port 25 (from your side).
This needs updating. As it’s almost impossible to get the port open for my use case. Really loved the idea of not having to use some third party mail and wanted a more secure email. So as upcloud is 100% uptime I thought lets setup my own mail server so that I have all the control. Just you need all this now:
Company website address:
Amount of email you will be sending daily:
Example email template:
Mail Server Application Details:
Antivirus & Threat Mitigation Steps:
Was asked that when I already said I send next to zero email with no plans for any mass mail. So not going to have an unsubscribe link or email template. It’s a linux server serving a linux user so not going to waste resources on Antivirus & Threat Mitigation.
You would think that having a secure server would be top of the list. So the fact I disabled passwords and use ssh keys for ssh, plus strong password with 2step for the web client would count for something.
New customer and also looking to get setup with a private company email server. Hope you have some more reasonable restrictions in place – like after some time or paid account this isn’t necessary….
If I put an e-mail address in “mail to:” in the DATA field and that address wasn’t added before the DATA field, will that e-mail address receive the e-mail?
Thanks for the clarification.
For smaller use cases this is really annoying. I just want a mail server I can use for my personal emails. I don’t have a company, I won’t be sending a lot of emails, I don’t have a template or an unsubscribe link… I can’t even figure out how to contact support for what I need.
Hi Matthew, thanks for the comment. Setting up a mail server for personal use is a perfectly valid use case, however, we would recommend using a mail relay to avoid delivery issues.