Does sending e-mail via TCP port 587 instead of 25 would allow for a better deliverability

Got a great question this afternoon wondering whether sending e-mail via TCP port 587 instead of 25 would allow for a better deliverability. Does it make a difference? Does the SMTP bounce message "Proper Authentication Required) have something to do with this?

If your talking about bulk mail delivery, port 587 it’s not used for that. It’s used normally for personal one to one email.

ISP’s used to allow you to use port 25 on their mail server or mail servers that are not hosted on their network until the virus and spam issue exploded a few years back. So today, some Internet service providers have blocked access to SMTP port 25 for sending mail OUTSIDE of their network to curb viruses and spam when they try to send email from your computer at home. This means you can use their mail server (their email accounts) to send email, but if you 0wn3d (owned) your own domain and mail server outside of their control, you can’t send email to it on normal port 25. You have to use port 587 which is authenticated (hopefully since you set it up) to send email to it and then that server will deliver it to the receiptant via port 25.

Another example of using it is some hotels and other free Wi-Fi (Starbucks) also hijack (sniff/watch) port 25 connections leaving their network so they can check for spam or other virus laden issues. When those issues happen it’s their network that ends up in trouble. If you don’t like them reading your email, using port 587 to your mail server. They are of the same mind set that port 25 is to open and un-authenticated to send email on from their network,

See, it’s understood today that email clients (Outlook) or computers
shouldn’t be sending email in port 25. A mail server sends email on
that port. We are in essence saying mail servers will send email
on port 25 to each other, but when submitting a message to your mail
server for delivery to someone else or to a system not on the same network, use port 587.

out this article as well which explains the use of it.

Use TCP Port 587 For Mail Submission,1759,1838667,00.asp


Dennis Dayman

More posts by

Oracle | Eloqua

Don’t Just Send, Deliver!

Follow Dennis Dayman


9 Responses to “Does sending e-mail via TCP port 587 instead of 25 would allow for a better deliverability”

  1. Suresh Ramasubramanian
    June 5, 2008 at 11:29 am #

    Y'know, Dennis .. I used to have an idea way back when, about providing a separate MTA, on a different IP from our regular MXs, and allow inbound bulk mail from trusted / whitelisted senders from that IP, which would be restricted to specific sender IPs by router ACLs.

    Then, after I (very quickly) realized that

    1. Its too much work to replicate mailserver architecture like that

    2. Senders are a small, small part of total mail traffic, bot spam has them licked ..

    3. It'd turn out "too expensive"

    I dropped that idea. Pity. Anyway it seems like something that might work if backed with a paid whitelist targeted at high value transactional mail, like goodmail ..

  2. Brandon
    June 6, 2008 at 9:05 am #

    This could be an interesting approach Suresh… You could even limit the time frame in which they can send so it is off peak. I wonder how many ISPs/Email Service Providers would be interested in doing that.

  3. Brandon James
    June 6, 2008 at 9:08 am #

    Dennis – As for the original post I think it would be interesting to test this but I do believe you would still have to go through their anti-spam filtering. Regardless of port or method most systems will still monitor and provide the same anti-spam mechanisms on a system wide scale. Not to mention it could turn out to be very slow.

  4. Jeff
    June 6, 2008 at 7:56 pm #

    One word: UUCP.

  5. Upcoming Phones
    September 26, 2008 at 5:13 pm #

    Regarding deliverability, Direct send emails cannot be used when your Internet Service Provider blocks port 25 connections, or MX record lookup is unavailable. This is a typical situation for corporate users located behind a corporate firewall.

  6. Tarzan
    April 7, 2009 at 7:34 am #

    Hi, just wondering if port 587 supports some sort of encryption while establishing a handshake connection to it and while using it to send email. Port 465 is SMTP over a SSL connection, so I would like to know what are the benefits of using 587 instead of using 465? If 587 does not provide SSL as 465 does, it should be better recommend using 465 and Not 587.

  7. scuba19
    August 31, 2009 at 3:16 pm #

    Adding to Tarzan's comment.

    I thought that TCP 465 is SMTP over SSL and TCP 587 is SMTP with authentication required.

    Can someone confirm this meaning , if I used TCP 465 , SMTP will be encrypted but their is no authentication so a virus can be pushed through that port encrypted ????

  8. Dennis Dayman
    August 31, 2009 at 3:40 pm #

    you can use SSL over 587 as well. I do…

  9. James Pitkin
    September 5, 2010 at 6:18 pm #

    Regardless of whether you're trying to send mail on port 25 or 587, when you're using a new Internet connection (such as a Wifi hotspot, hotel room, airport, etc.) it's helpful to understand whether that Internet provider is blocking either of those TCP ports.

    You can try

    This site provides a way to test whether there is any blocking of TCP in the OUTBOUND direction.

    This link will test both ports:,587

    (bear in mind the test uses a browser, and most browsers have built in blocks to those ports. You can bypass it via configuring Firefox to allow traffic on those ports so you can run the test. The Firebind FAQ explains how.)