How do SMTP relays work?

SMTP, or Simple Mail Transfer Protocol, is a standard protocol used for sending emails across the internet. An SMTP relay helps transfer emails from the sender’s server to the recipient’s server.

How do SMTP relays work?

How SMTP communication works

When you send an email, your mail client connects to your email service’s SMTP server. This outbound SMTP server sends the email to the recipient’s incoming mail server:

  1. Your mail client (Outlook, Thunderbird etc) connects to your outgoing SMTP server and submits the email.
  2. Your outgoing SMTP server routes the email to the incoming SMTP server for the recipient.
  3. The incoming SMTP server accepts and stores the email until the recipient downloads it using POP3 or IMAP.

So typically, the sending SMTP server communicates directly with the receiving SMTP server to transmit emails.

When are SMTP relays needed?

SMTP relays become necessary in cases where the sending mail server is unable to directly communicate with the destination mail server. Some scenarios include:

  • Firewall or proxy restrictions: Corporate firewall policies may block direct SMTP connections.
  • IP-based allowlisting: The recipient’s email service may only allow SMTP relay connections from specific trusted IP addresses.
  • Poor reputation of sending server’s IP: Some receiving SMTP servers automatically reject or throttle messages from servers with a history of sending spam/phishing emails.
  • Intermittent connectivity issues: Network outages or high-latency links can affect SMTP transactions between directly connected severs.

In these cases, configuring an intermediate relay server can help ensure reliable email delivery.

How do SMTP relay servers work?

An SMTP relay acts as a forwarding agent by accepting emails from the sending mail server and transmitting them to the eventual destination mail servers.

  1. The sending SMTP server routes an outgoing message to the relay server instead of communicating directly with the recipient’s server.
  2. The relay server establishes a connection with the destination SMTP server on behalf of the original sending server and delivers the message.
  3. The receiving SMTP server sees the relay server as the actual sender since all routing and IP details of the original sending server are stripped off.

Some key points about SMTP relays:

  • They can be configured on-premise or hosted with messaging service providers.
  • They operate transparently by spoofing the original sending server during communication with the destination servers.
  • They ensure reliable message delivery and protect infrastructure servers by masking their IP addresses.
  • Open relays pose security risks, so relay permissions should be restricted only to authorized senders.

Self-hosted SMTP relay servers

You can configure your own intermediate mail server to act as an SMTP relay for routing outbound emails from internal servers. This involves:

  • Setting up mail server software like Sendmail, Postfix, Microsoft Exchange Server etc.
  • Enabling SMTP transport and configuring relay functionality based on business needs.
  • Allowlisting internal IP addresses permitted to route mail via the relay.
  • Securely peered over VPN if hosted externally at a cloud provider or colocation facility.

Additionally, take measures to secure your self-hosted relay server:

  • Harden OS, software, ports against attacks.
  • Enable server authentications.
  • Configure IP allowlists instead of open relays.
  • Check identities of sending servers.
  • Set rate limits on external connections.
  • Monitor traffic and server performance indicators.

For high availability requirements, you can deploy relay servers in multiple regions and route emails automatically based on health status.

Third-party SMTP relay services

Instead of managing your own infrastructure, you can use specialized third-party SMTP relay services designed specifically for routing transactional or marketing emails at scale securely and reliably.

Features offered by some popular email relay service providers:

Amazon SES

  • Highly scalable cloud-based email platform.
  • Inbound/outbound email delivery with high availability.
  • Dedicated IPs with good sender reputation.
  • Strong email authentication mechanisms.
  • Security measures against spam/phishing.

SendGrid

  • Easy APIs and mail transfer agents libraries.
  • Flexible whitelabeling of return addresses and domain names.
  • Real-time analytics on email deliverability.
  • Granular segmentation and targeting of customer groups.
  • Scales to handle billions of monthly emails.

Mailgun

  • APIs, SMTP integration, and mail testing tool.
  • Link tracking, open & click analytics.
  • Email activity timeline helps debug issues.
  • Sender allowlisting and email authentication.
  • Free tier for testing and development.

Mailjet

  • Easy drag and drop email builder.
  • Flexible configuration of delivery rules.
  • Graphical real-time statistics on every email.
  • Managed contact lists with segmentation.
  • Ensures inbox deliverability.

Consider testing out a few providers using trial offers to pick the right service fitting your application scenarios.

Key takeaways

  • An SMTP relay acts as an intermediate forwarding server to route emails from sending servers to receiving servers.
  • Relays ensure reliable email delivery when sending servers can’t connect directly to destination servers.
  • Self-hosted relays provide control but need expertise to maintain security and availability.
  • Third-party relay services simplify setup and deliver high performance, availability, security and reporting.
  • Restrict relay usage only to authorized servers to prevent spammers from routing mail through open relays.

Conclusion

Configuring a robust SMTP relay solution is crucial for organizations to reliably deliver critical transactional and promotional emails to customers reliably. SMTP relays abstract infrastructure complexity and protect sending mail servers to focus on core business functions rather than email routing internals. Whether self-managed or cloud-hosted, properly securing SMTP relays is vital for preventing spammers from funneling unwanted emails via open relays.

Frequently Asked Questions

  1. What is an SMTP relay?
    An SMTP relay is an intermediary mail server that receives emails from sending servers and relays them to destination email servers and inboxes. 
  2. How does an SMTP relay work?
    The relay accepts SMTP connections from internal servers, spoofs sending server identity when connecting to external recipients’ servers while delivering emails quickly and securely on their behalf. 
  3. Why use an SMTP relay?
    Relays provide reliable SMTP delivery when the source server can’t directly connect to the destination SMTP server due to firewall blocks, allow listing restrictions, IP reputation issues etc. 
  4. Is an SMTP relay the same as an SMTP gateway?
    SMTP gateways focus more on security, spam filters and extra features, while relays specialize in forwarding emails reliably. But capabilities often overlap across the two. 
  5. Should SMTP relays be encrypted?
    Yes, relay connections are best encrypted using SSL/TLS certificates to prevent emails traveling in plain text over the public internet, avoiding snooping of sensitive data. 
  6. Can you whitelist an SMTP relay?
    Yes, recipient SMTP servers can whitelist relay server IP addresses to bypass any greylisting or allow only specific subnets to send emails via those relays. 
  7. What’s an open SMTP relay?
    An open relay is an improperly secured SMTP server which lets anyone route emails through it without restrictions. Spammers often exploit these to send spam and phishing emails. 
  8. How does an SMTP relay differ from regular email hosting?
    Full-fledged email hosting provides mailbox storage, POP/IMAP access besides SMTP delivery. A relay simply forwards emails and doesn’t usually store messages. 
  9. Does Office 365 need an SMTP relay?
    No, Office 365 has built-in support for routing emails directly without needing an external relay. Exceptions may apply in case custom-domain emails are incorrectly flagged as spam. 
  10. How do I choose an SMTP relay service?
    Consider ease of use, deliverability, reliability uptime, throughput, security protections, reputation, support responsiveness etc. when comparing relay providers. 
  11. Is Gmail SMTP relay reliable?
    Gmail SMTP is generally reliable for low to medium email volumes. But throttling and spam flagging issues can occur if sending high volumes transactional emails. 
  12. Can Send Grid be used as an SMTP relay?
    Yes, Send Grid is a popular cloud-based SMTP relay service that reliably delivers high volumes of emails for applications powered by AWS infrastructure. 
  13. Is Amazon SES an SMTP relay?
    Yes, Amazon SES can readily act as a cloud SMTP relay. It scales massively and integrates easily with other AWS services. 
  14. How do I configure Postfix as an SMTP relay?
    Edit Postfix’s /etc/postfix/main.cf file. Specify relay host = [server.com] to forward emails to central relay host for processing/delivery and permit authorized networks. Restart postfix. 
  15. What is typically the SMTP relay response time?
    Most relay services deliver emails in seconds or less. Integrated monitoring helps track near real-time mail latency metrics across providers.
  16. Can we have open SMTP relays?
    No, open relays pose significant risks as spammers exploit them to send millions of spam messages. Always restrict relay usage only to your authorized mail servers. 
  17. How does a backup MX relay work?
    A backup MX relay provides redundancy to continue delivering emails even when the primary MX record becomes unavailable. 
  18. Can you relay through Microsoft Exchange?
    Yes, Exchange Server can readily act as an internal SMTP relay by enabling SMTP connector from servers to relay mails out through the Exchange transport service. 
  19. Why use more than one SMTP relay?
    You can configure multiple relays on separate networks/providers for load balancing high email volumes and redundancy to failover seamlessly in case any single relay goes down.

Leave a Comment