Brian1
asked on
Email coming from port 25, or going to port 25?
I was looking at the packets hitting my server and was wondering.....
When an email is sent from Server1 to MyServer, are the packets always sent from Server1:25 to a random port on MyServer...or sent from a random port on Server1 to MyServer:25
It seems like it happens both ways. But if my server is listening on port 25 for SMTP, then why can it accept SMTP on a different port?
The same question goes for MyServer sending out emails. Why does it sometimes send from port 25, and other times send TO port 25?
Thanks,
B
When an email is sent from Server1 to MyServer, are the packets always sent from Server1:25 to a random port on MyServer...or sent from a random port on Server1 to MyServer:25
It seems like it happens both ways. But if my server is listening on port 25 for SMTP, then why can it accept SMTP on a different port?
The same question goes for MyServer sending out emails. Why does it sometimes send from port 25, and other times send TO port 25?
Thanks,
B
Hi, I'm not sure by what you mean in your questioon but here are the standard ports and protocols for e-mail:
Port 25 - SMTP (Simple Mail Transfer Protocol) - Sends the mail out
Port 110 - POP3 (Post Office Protocol, Version 3) - Receives the mail
Port 25 - SMTP (Simple Mail Transfer Protocol) - Sends the mail out
Port 110 - POP3 (Post Office Protocol, Version 3) - Receives the mail
ASKER
Let me try to clarify.
On my firewall I allow traffic coming in from port 25 to my email server.....and traffic connecting to port 25 on my email server. A list of packets will look like this:
SOURCE IP PROTOCOL DESTINATION IP
Otherserver.com:25 TCP MyServer.com:3010
Otherserver.com:25 TCP MyServer.com:3010
Otherserver.com:25 TCP MyServer.com:3010
Otherserver.com:25 TCP MyServer.com:3010
Otherserver.com:25 TCP MyServer.com:3010
And then there is also packets like this:
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
*Note that the ports 1287 and 3010 are just random ports I made up*
The question is, when an external server wants to initiate an email connection to my server why does it sometimes connect to port 25 on MyServer.com, and sometimes it connects to a random port on MyServer.com, but uses port 25 on it's system?
On my firewall I allow traffic coming in from port 25 to my email server.....and traffic connecting to port 25 on my email server. A list of packets will look like this:
SOURCE IP PROTOCOL DESTINATION IP
Otherserver.com:25 TCP MyServer.com:3010
Otherserver.com:25 TCP MyServer.com:3010
Otherserver.com:25 TCP MyServer.com:3010
Otherserver.com:25 TCP MyServer.com:3010
Otherserver.com:25 TCP MyServer.com:3010
And then there is also packets like this:
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
Otherserver.com:1287 TCP MyServer.com:25
*Note that the ports 1287 and 3010 are just random ports I made up*
The question is, when an external server wants to initiate an email connection to my server why does it sometimes connect to port 25 on MyServer.com, and sometimes it connects to a random port on MyServer.com, but uses port 25 on it's system?
here is the answer to your question
The email-client connects to port 25 on the server side. The client-port can be any.
That is because the server has a socalled LISTENER (the daemon or the service), that listens on that specific port for incoming requests - noone lese will be forwarded to that listener, only requests with port 25 in the destination field of the TCP/IP header
If the server will listen to another port, that has to be told by the the server-company... but standard is 25 for SMTP
regards
Holger
The email-client connects to port 25 on the server side. The client-port can be any.
That is because the server has a socalled LISTENER (the daemon or the service), that listens on that specific port for incoming requests - noone lese will be forwarded to that listener, only requests with port 25 in the destination field of the TCP/IP header
If the server will listen to another port, that has to be told by the the server-company... but standard is 25 for SMTP
regards
Holger
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The 25 port is the SMTP (Simple Mail Transfer Protocol). This port is used for SENDING e-mails. Your computer might or not accept a connection to this port considering either it's a smtp server or not. When you try to send an e-mail, your clients are connecting to a smtp server (on port 25). when your are downloading your e-mails from the server to the clients, then a pop3 server is used (port 110).
Now, if you are running an internal smtp server only you could actually use any port you want, both for smtp and pop3. The clients computers most be properly configured with this custom ports numbers however. But if you are running a public smtp server, changing the well-known ports number would be the same as running a public WebServer on another port than the standard 80. Can you imagine what would happen?
This was a simple explanation as I didn't focus on explaning what happens "behind the scenes"
Cheers.
Now, if you are running an internal smtp server only you could actually use any port you want, both for smtp and pop3. The clients computers most be properly configured with this custom ports numbers however. But if you are running a public smtp server, changing the well-known ports number would be the same as running a public WebServer on another port than the standard 80. Can you imagine what would happen?
This was a simple explanation as I didn't focus on explaning what happens "behind the scenes"
Cheers.
ASKER
Thanks holger that clears it up! :)
So the computer that initiates an email connection always connects TO port 25.
So the computer that initiates an email connection always connects TO port 25.
yes, but like raphael states: port 25 is only for the SMTP-protocol (sending messages)... if you check messages on the server you use POP3-protocol (port 110)...
... and to mix your brain: if a server wants to use another port, it may do so - but all people have to know, where to connect (as the 25/110 is a standard)
... and to mix your brain: if a server wants to use another port, it may do so - but all people have to know, where to connect (as the 25/110 is a standard)
The ports are not always sent over port 25 (i.e. - a service provider may block port 25, so SMTP would maybe use port 26). Also it should happen both ways as the port is bi-directional.
They do this to stop spammers from sending out emails, most these days connect to the SMTP server for the domain that the email is being sent to. By blocking out going SMTP, apart from the ISP email server, they can then run a virus filter on ALL out going emails, so stopping there users from spreading worms.
Email service providers just need to provide a SMTP server on a DIFFERENT port, this will let there customers still connect to there SMTP server, while allowing the ISP to block emails sent my worms.
Here is a good description of how port 25 is used by SMTP from grc.com:
http://www.grc.com/port_25.htm