Email coming from port 25, or going to port 25?

I was looking at the packets hitting my server and was wondering.....

When an email is sent from Server1 to MyServer, are the packets always sent from Server1:25 to a random port on MyServer...or sent from a random port on Server1 to MyServer:25

It seems like it happens both ways.  But if my server is listening on port 25 for SMTP, then why can it accept SMTP on a different port?

The same question goes for MyServer sending out emails.  Why does it sometimes send from port 25, and other times send TO port 25?

Thanks,

B
LVL 1
Brian1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

improveyourpcCommented:
Brian1,

The ports are not always sent over port 25 (i.e. - a service provider may block port 25, so SMTP would maybe use port 26). Also it should happen both ways as the port is bi-directional.

They do this to stop spammers from sending out emails, most these days connect to the SMTP server for the domain that the email is being sent to. By blocking out going SMTP, apart from the ISP email server, they can then run a virus filter on ALL out going emails, so stopping there users from spreading worms.
Email service providers just need to provide a SMTP server on a DIFFERENT port, this will let there customers still connect to there SMTP server, while allowing the ISP to block emails sent my worms.

Here is a good description of how port 25 is used by SMTP from grc.com:

http://www.grc.com/port_25.htm
0
fadiramadaCommented:
Hi, I'm not sure by what you mean in your questioon but here are the standard ports and protocols for e-mail:

Port 25 - SMTP (Simple Mail Transfer Protocol) - Sends the mail out
Port 110 - POP3 (Post Office Protocol, Version 3) - Receives the mail
0
Brian1Author Commented:
Let me try to clarify.

On my firewall I allow traffic coming in from port 25 to my email server.....and traffic connecting to port 25 on my email server.  A list of packets will look like this:

SOURCE IP              PROTOCOL     DESTINATION IP

Otherserver.com:25       TCP              MyServer.com:3010
Otherserver.com:25       TCP              MyServer.com:3010
Otherserver.com:25       TCP              MyServer.com:3010
Otherserver.com:25       TCP              MyServer.com:3010
Otherserver.com:25       TCP              MyServer.com:3010


And then there is also packets like this:

Otherserver.com:1287       TCP              MyServer.com:25
Otherserver.com:1287       TCP              MyServer.com:25
Otherserver.com:1287       TCP              MyServer.com:25
Otherserver.com:1287       TCP              MyServer.com:25
Otherserver.com:1287       TCP              MyServer.com:25
Otherserver.com:1287       TCP              MyServer.com:25

*Note that the ports 1287 and 3010 are just random ports I made up*

The question is, when an external server wants to initiate an email connection to my server why does it sometimes connect to port 25 on MyServer.com, and sometimes it connects to a random port on MyServer.com, but uses port 25 on it's system?





0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

holger12345Commented:
here is the answer to your question

The email-client connects to port 25 on the server side. The client-port can be any.
That is because the server has a socalled LISTENER (the daemon or the service), that listens on that specific port for incoming requests - noone lese will be forwarded to that listener, only requests with port 25 in the destination field of the TCP/IP header

If the server will listen to another port, that has to be told by the the server-company... but standard is 25 for SMTP

regards
Holger
0
holger12345Commented:
Sorry.. didn't read the whole thing:

If you have a server that connects to another server, sometimes there will be connects to your server (on your port 25) and sometimes your server will connect to the other server (on the other side port 25).

As TCP/IP is a two-way connection, i assume the following:

>>SOURCE IP              PROTOCOL     DESTINATION IP
>>Otherserver.com:25       TCP              MyServer.com:3010
... means: you have connectet to the other, but now he is sending a packet to the initiator of the connection (YOU)

>>SOURCE IP              PROTOCOL     DESTINATION IP
>>Otherserver.com:1287       TCP              MyServer.com:25
... means: the other has initiated a connection to you and is sending traffic to you

Holger
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rafael_accCommented:
The 25 port is the SMTP (Simple Mail Transfer Protocol). This port is used for SENDING e-mails. Your computer might or not accept a connection to this port considering either it's a smtp server or not. When you try to send an e-mail, your clients are connecting to a smtp server (on port 25). when your are downloading your e-mails from the server to the clients, then a pop3 server is used (port 110).

Now, if you are running an internal smtp server only you could actually use any port you want, both for smtp and pop3. The clients computers most be properly configured with this custom ports numbers however. But if you are running a public smtp server, changing the well-known ports number would be the same as running a public WebServer on another port than the standard 80. Can you imagine what would happen?

This was a simple explanation as I didn't focus on explaning what happens "behind the scenes"

Cheers.
0
Brian1Author Commented:
Thanks holger that clears it up!  :)

So the computer that initiates an email connection always connects TO port 25.
0
holger12345Commented:
yes, but like raphael states: port 25 is only for the SMTP-protocol (sending messages)... if you check messages on the server you use POP3-protocol (port 110)...

... and to mix your brain: if a server wants to use another port, it may do so - but all people have to know, where to connect (as the 25/110 is a standard)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.