How to Check SMTP Server Settings and Troubleshoot Common Issues?

SMTP (Simple Mail Transfer Protocol) is the standard protocol for sending email messages between servers. Properly configured SMTP settings are critical for ensuring your email gets delivered reliably. In this article, we’ll cover how to check your SMTP server settings and troubleshoot some common issues that can arise.

How to Check SMTP Server Settings and Troubleshoot Common Issues?

How do I check SMTP?

To check your SMTP server settings, you’ll need to use an SMTP client or telnet to connect to your SMTP server and issue commands. Here are the basic steps:

  1. Connect to the SMTP server – Use the server hostname and port (usually 25, 465 for SSL, or 587 for TLS).
  2. Verify connectivity – Once connected, you should see a 220 response code indicating the server is ready.
  3. Issue SMTP commands – Send EHLO, MAIL FROM, RCPT TO, and other commands to test functionality.
  4. Check responses – Verify that the server responds with appropriate status codes (e.g. 250 for success).
  5. Test authentication – If authentication is required, send AUTH commands with valid credentials.
  6. Verify TLS/SSL – For secure connections, make sure the server supports STARTTLS or SSL.

Some useful SMTP commands to know:

  • EHLO – Extended HELO to identify client and request server capabilities
  • MAIL FROM – Specifies the email sender
  • RCPT TO – Specifies the email recipient(s)
  • DATA – Indicates you are ready to send the email content
  • RSET – Resets the current mail transaction
  • QUIT – Ends the SMTP session

Here’s an example SMTP session:

telnet mail.example.com 25

220 mail.example.com ESMTP Ready

EHLO mydomain.com

250-mail.example.com

250-SIZE 52428800

250-PIPELINING

250-AUTH PLAIN LOGIN 

250 HELP

MAIL FROM:<[email protected]>

250 OK

RCPT TO:<[email protected]>

250 OK

DATA

354 Go ahead

Subject: Test email

This is a test email.

250 OK id=1aB2c3D4e5F

QUIT

221 mail.example.com closing connection

Troubleshooting Common SMTP Issues

1. Connection Refused

If you get a “Connection refused” error when trying to connect to the SMTP server, it usually means one of the following:

  • The server hostname/IP address is incorrect
  • A firewall is blocking access to the SMTP port
  • The SMTP service is not running on the server

Double-check the hostname and port. If those are correct, work with the email administrator or hosting provider to check firewall settings and verify the SMTP service is running.

2. Authentication Failures

SMTP authentication errors (e.g. “535 Authentication failed”) typically mean the username and/or password is incorrect. Verify your credentials and make sure you are using the correct AUTH type (PLAIN, LOGIN, etc.) supported by the server.

If you’re using 2-factor authentication, you’ll likely need to use an app password instead of your regular email password.

3. TLS/SSL Errors

If you get a TLS/SSL related error (e.g. “No appropriate protocol” or “SSL handshake failed”):

  • Verify the server supports TLS or SSL on the port you are using
  • Make sure your SMTP client is configured to use the correct encryption method (SSL, TLS, or STARTTLS)
  • Check that the server’s SSL certificate is valid and trusted by your client

4. Relay Access Denied

A “Relay access denied”, “Access denied”, or similar error indicates the SMTP server is not allowing you to send to the specified recipient email address. This usually means:

  • Your email or IP address is not authorized to send email through that SMTP server
  • The recipient email address is invalid or not accepted by the server
  • You did not authenticate successfully

Work with the email administrator to check your account settings and permissions. Verify the recipient email addresses are valid.

5. Emails Not Received

If you are able to send emails through the SMTP server but they are not getting received, there are a few possibilities:

  • The emails are getting marked as spam by the recipient’s email provider
  • The recipient’s mailbox is full or inactive
  • There is an issue with DNS records (SPF, DKIM, etc.) for your sending domain
  • The SMTP server or your IP address has a poor sending reputation

Check your sent folder to confirm the emails were actually sent successfully. Look in spam folders on the recipient side. Work with the email administrator to check DNS records and IP reputation. You can use tools like mail-tester.com to test and diagnose delivery issues.

Other SMTP Tips and Best Practices

  • Use encryption – Always use SSL/TLS encryption for SMTP connections if supported by the server. Port 465 is typically used for SSL, while port 587 is used for STARTTLS.
  • Authenticate – Unauthenticated SMTP is a common vector for spam. Most modern SMTP servers require authentication to combat abuse.
  • Validate recipients – Check that recipient email addresses are valid before sending. Many servers will reject invalid recipients.
  • Set appropriate email headers – Make sure to set a relevant email subject and From address. Avoid using misleading or spammy subject lines.
  • Follow guidelines for sending bulk email – If you are sending bulk email campaigns, make sure to follow laws and best practices around opt-in consent, unsubscribe options, physical mailing address in footers, etc.

Key Takeaways

  • Checking SMTP involves connecting to the server, issuing commands, and verifying the responses
  • Common SMTP issues include connection problems, authentication failures, encryption errors, and relay access issues
  • Use SMTP encryption and authentication whenever possible
  • Validate recipient addresses and use appropriate email headers
  • Follow bulk email guidelines if sending email campaigns

Conclusion

Checking and troubleshooting SMTP server settings is an important skill for anyone managing email systems. By understanding the core SMTP commands and response codes, most common error scenarios, and general best practices, you’ll be well-equipped to diagnose and resolve email delivery issues. Always use security controls like encryption and authentication, set appropriate email headers, and follow opt-in and anti-spam guidelines when sending email campaigns.

FAQS

Q. What is SMTP and what is it used for?
A. SMTP stands for Simple Mail Transfer Protocol. It is the standard protocol used for sending email messages between servers on the internet.

Q. What are the default SMTP ports?
A. The default SMTP ports are 25 for plaintext, 465 for implicit SSL/TLS encrypted connections, and 587 for STARTTLS encrypted connections.

Q. How do I check SMTP server settings?
A. You can check SMTP server settings by using telnet or an SMTP client to connect to the server and issue SMTP commands. Check the server responses to verify settings.

Q. What are some common SMTP commands?
A. Common SMTP commands include EHLO (identify client and request capabilities), MAIL FROM (set sender), RCPT TO (set recipient), DATA (send email content), RSET (reset transaction), and QUIT (end session).

Q. What is the difference between SMTP ports 25, 465, and 587?
A. Port 25 is used for unencrypted SMTP, but is commonly blocked by ISPs. Port 465 is used for implicit SSL/TLS connections. Port 587 is used for STARTTLS encrypted connections and is the recommended standard.

Q. How do I test an SMTP server without sending an email?
A. You can test an SMTP server by connecting to it with telnet or openssl and issuing SMTP commands like EHLO, MAIL FROM, RCPT TO, etc. This allows you to verify connectivity and settings without actually sending an email.

Q. What is the difference between SMTP AUTH PLAIN and LOGIN?
A. PLAIN and LOGIN are two different methods for authenticating to an SMTP server. PLAIN sends the username and password together in one Base64 encoded string. LOGIN sends them separately in response to prompts. PLAIN is more secure when used over an encrypted connection.

Q. What does the SMTP response code 220 mean?
A. The 220 response code means the SMTP server is ready and accepting commands. It is the expected response after connecting to the server.

Q. What does the SMTP response code 250 mean?
A. The 250 response code is a generic “OK” response indicating the server accepted the previous command. You will see it after successful MAIL FROM, RCPT TO, and other commands.

Q. What does “Relay access denied” mean in SMTP?
A. “Relay access denied” means the SMTP server will not accept the email message because it believes you are not authorized to send to the specified recipient domain. This usually happens when you haven’t authenticated, or the server thinks you’re trying to send spam.

Q. What are SPF, DKIM and DMARC used for in relation to SMTP?
A. SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting and Conformance) are all DNS records used to combat email spoofing and improve deliverability. They allow receiving servers to verify the authenticity of email claiming to be from a particular domain.

Q. How can I enable SMTP authentication?
A. The exact steps depend on your email server, but generally you will need to configure your SMTP server software (e.g. Postfix, Sendmail, Exchange) to require authentication and specify which authentication methods to allow. Consult your email server documentation for specifics.

Q. What is the maximum attachment size allowed by SMTP servers?
A. The maximum attachment size varies by server and is set by the email administrator. Common limits range from 10MB to 50MB. You can usually find the limit by checking the SMTP server’s EHLO response for a “SIZE” parameter.

Q. Can I use SMTP to send to any email address?
A. Not necessarily. Each SMTP server is configured to allow sending (relaying) only to specific recipient domains, usually only domains that the server is responsible for. Trying to send to other domains will result in a “Relay access denied” error unless the server allows open relay (very uncommon).

Q. What happens if the SMTP recipient address is invalid?
A. If the recipient address is invalid, the SMTP server will reject the RCPT TO command with an error response code, usually 550 (e.g. “550 5.1.1 unknown or illegal user”). The specific wording of the error varies by server.

Q. How can I check if my SMTP server supports STARTTLS encryption?
A. Connect to your SMTP server and issue the EHLO command. If the server supports STARTTLS, it will include “STARTTLS” in the list of capabilities in its response.

Q. What programming languages have SMTP client libraries?
A. Most programming languages have SMTP client libraries or built-in SMTP support, including Python (smtplib), Java (JavaMail), PHP (built-in mail() function), Node.js (Node mailer), Ruby (Net::SMTP), and C# (System.Net.Mail).

Q. What are the main laws regulating commercial email?
A. The main laws regulating commercial email are the CAN-SPAM Act (US), CASL (Canada), GDPR (EU), and various other anti-spam laws around the world. These laws set requirements around getting consent, providing unsubscribe options, including physical mailing addresses, and accurately identifying the sender.

Leave a Comment