Introduction
SMTP stands for Simple Mail Transfer Protocol. It is helpful for sending emails over the Internet. You may have heard of two mysterious numbers when sending emails: port 587 and port 465. What are they and which should you use? This article will explain the differences and help you make the right choice.
Port 465: Message submission over TLS protocol
Port 465, once designated for SMTPS (Simple Mail Transfer Protocol Secure) mail delivery, ensured secure client-server communication by encrypting email content. However, it has been deprecated by the Internet Engineering Task Force (IETF) and is now discouraged for use in modern email setups. Despite its deprecated status, certain older email systems may persist in employing Port 465 for SMTP with SSL/TLS encryption, where SSL encryption is initiated automatically before each SMTP-level communication.
Port 587: Message Submission
Port 587 serves as the default and widely recognized port for SMTP message submission. Port 587 stands out as the most secure SMTP option and is the favored choice of Internet Service Providers (ISPs) and Email Service Providers (ESPs). It collaborates seamlessly with email authentication mechanisms, ensuring that only authorized senders can dispatch emails through the server. This inherent security feature helps safeguard against spamming and various email-based threats.
It is strongly recommended to consistently utilize Port 587 when sending emails via SMTP. This choice enhances email security and significantly reduces the risk of unauthorized access and cyber threats.
Seven key differences between Port 465 and Port 587
|
Port 465 |
Port 587 |
|
|
Purpose |
Originally used for Secure SMTP (SMTPS) for secure email transmission. |
The default port for SMTP message submission is designed for clients to submit emails to an SMTP server. |
|
Security |
Offers SSL/TLS encryption from the start, providing a high level of security. |
Supports Transport Layer Security (TLS) via the STARTTLS command, allowing encryption to be added during communication. |
|
Port Type |
Previously categorized as a "well-known" port. |
Categorized as a "registered" port. |
|
Authentication |
Typically used with client certificates for authentication. |
Supports a variety of authentication methods, including username and password. |
|
Encryption Initiation |
Automatically starts SSL encryption before any SMTP-level communication. |
Encryption (TLS) is initiated through the STARTTLS command during the conversation. |
|
Compatibility |
Primarily used by older email clients and systems that implemented SMTPS. |
Widely compatible with modern email clients and servers. |
|
Industry Preference |
No longer favored or recommended due to its deprecated status. |
The preferred and recommended choice for secure email transmission, especially by Email Service Providers (ESPs) and ISPs. |
Conclusion:
In summary, both Port 465 and Port 587 were used for sending secure emails. But today, Port 465 is outdated and not recommended. Port 587 is the way to go because it's modern and secure. It uses TLS encryption and is trusted by email providers and security-conscious organizations. So, if you want to send emails securely nowadays, Port 587 is the better choice. Port 465 is not suitable for new email systems.
