View all posts

What’s the difference between ports 465 & 587?

It is a pretty common question that comes up when sending email, but to answer this question fully we need to know a little bit more.

SMTP

SMTP stands for Simple Mail Transfer Protocol, and it is the protocol used to send email over the internet. It was originally proposed in August 1982 through RFC 821.

Internet services and ports

There are two groups responsible for regulating certain technologies and assignments.

  1. The Internet Assigned Number Authority (IANA) regulates three aspects of the internet; domain names, numbers resources, and protocol assignments.
  2. The Internet Engineering Task Force (IETF) publishes standards that enhance the functionality of the internet. The IETF makes recommendations in the form of RFCs, or Requests for Comments.

In this article, we will mainly focus on the RFCs surrounding SMTP, ports 465 and 587.

History

Early in 1997, a proposal was published for a new standard for sending SMTP messages encrypted. In order to accommodate this, the port number 465 with the service description SMTPS was registered with the IANA. Despite this, since this was only registered via IANA and not submitted as an RFC to the IETF, it was never fully approved as an encrypted port for SMTP. Similarly, the IETF standardised STARTTLS on port 587 as an encryption protocol for SMTP submissions that same year.

The default port for message submission has always been 587. It is believed that the confusion between ports 465 and 587 dates back to 1997, when the standard for encrypted transit was being discussed. The protocol that was finally chosen was STARTTLS. Using the same port, a user can send plaintext or upgrade their connection to TLS. For this reason, this approach is preferred.

TLS vs STARTTLS

TLS is referred to as Implicit TLS. Implicit TLS means that the initial connection is established using an SSL or TLS certificate.

STARTTLS, by contrast, starts as a plaintext conversation and, if possible, upgrades it to TLS. Since one port can handle both plaintext and TLS, this is the preferred method.

Port 465

Port 465 is used for implicit TLS.

The connection must start with encrypted TLS. If this fails, the email sending process will fail.

Port 587

Port 587 uses STARTTLS.

If possible, the connection will auto-negotiate to encrypted TLS. If this fails, the email sending process will fail back to pain text and send as normal.

Which is best?

When you can, use port 587. If you can’t, then use port 465. If you have no other options, then use port 25.

Related Articles...

cpanel wordpress

WordPress Manager is now in your Client Area

We’re glad to announce that we’ve integrated WordPress management into your Client Area. You can now manage all of your WordPress sites without logging into a single WordPress admin panel, or hosting account for that matter! Simply... Read more
UCEPROTECT

UCEPROTECT Real-Time Blacklist (RBL)

QuickHostUK receives many questions about the reliability of UCEPROTECT. Here are some more details to help address any concerns as quickly as possible. Background Let’s start with the basics. Every internet-enabled device needs an IP... Read more

This website uses cookies

We use cookies for the analysis of our visitor data, to improve our website, and to give you a great website experience. For more information about the cookies we use, please see our cookie policy.