The Simple Mail Transfer Protocol (SMTP) is a communication protocol that handles sending emails between servers, clients, and other email infrastructure. When an email client or another SMTP server attempts to deliver an email, it opens a connection with the receiving SMTP server on port 25 and initiates a conversation following SMTP commands and responses.
Key components in an SMTP transaction:
- SMTP client: The computer sending the email. This could be an email client like Outlook or a mail server sending messages to another mail server.
- SMTP server: The mail server receiving the incoming connection and email.
- Commands and responses: SMTP works by the client sending a command, and the server sending a response code and message back.
220 Response Overview
When an SMTP client first connects to a server, the server will present a 220 response code and greeting message. This 220 response indicates that:
- The SMTP server is actively listening for connections.
- It is ready to receive and process SMTP commands to handle emails.
A typical 220 server response looks like:
220 mail.example.com ESMTP Service Ready
The 220 response has three main parts:
- 220 status code – Indicates the server is ready for SMTP conversations.
- Server domain name – The FQDN of the SMTP server.
- Greeting message – Usually indicating the SMTP service is ready.
This 220 greeting is crucial for initiating the process of sending mail between the client and server. Once the client receives the 220, it knows it can proceed with SMTP commands to deliver emails.
Following the 220 Response
When the SMTP server sends a 220 response code, it transitions into a state waiting for SMTP commands from the connected client.
Common commands sent after a 220 greeting include:
- HELO – Identifies the sending server to the receiving server.
- EHLO – Identifies the sending server and requests extended SMTP features.
- STARTTLS – Encrypts the SMTP session if supported.
- AUTH – Sends SMTP authentication credentials.
- MAIL FROM – Indicates the sender address for a new email.
These commands allow the client to deliver emails within the SMTP conversation.
For example, a typical simplified SMTP session may look like:
S: 220 mail.example.com ESMTP Service Ready
C: HELO client.example.org
S: 250 Hello and welcome
C: MAIL FROM: [email protected]
S: 250 OK
C: RCPT TO: [email protected]
S: 250 Accepted
S: 354 Start message content
C: From: Sender <[email protected]>
C: To: Recipient <[email protected]>
C: Subject: Test Email
C: Hello, this is a test email message.
S: 250 Message received
S: 221 Bye
This shows the 220 greeting, followed by a HELO command, MAIL FROM to set the sender, RCPT TO to set the recipient, DATA to send the message content, QUIT to close the connection, and the 221 response when finished.
220 Response Scenarios
There are a few common scenarios that can happen around 220 status codes when connecting to SMTP servers:
- Valid 220 greeting returned
This is the normal operation described above. The client receives a 220, then proceeds to deliver mail.
- No response or connection timeouts
If the SMTP server is not reachable or has connectivity issues, the client may timeout waiting for the 220 greeting when trying to connect. Troubleshooting the server, network, or firewall rules may be required.
- “421” temporary error response
A 421 response instead of 220 indicates a temporary error. This could mean too many connections or a service overload. The client should retry later.
- “554” authentication required
Some servers will return 554 requiring a valid username and password over AUTH before allowing mail delivery. Clients must authenticate.
- “550” relay access denied
If the client isn’t permitted to relay mail through a server, it may get a 550 error denying relay access. This must be resolved by IP whitelisting or proper authentication.
So in summary, a 220 response means the server is ready and waiting for SMTP commands. Anything else indicates an issue needing resolution for successful mail delivery.
Troubleshooting 220 Issues
If you do not receive a 220 response when connecting to an SMTP server, there are some troubleshooting steps to try:
- Verify network/DNS – Ensure network connectivity and DNS resolution to reach the SMTP server.
- Check ports – Confirm VPNs, firewalls, security groups are not blocking access to port 25 for SMTP.
- Review server logs – Check event logs, mail logs on the SMTP server for clues if reachable.
- Test with Telnet – Manually connect to SMTP port 25 using Telnet to isolate issues.
- Check service status – If reachable, validate SMTP services are actually running on the target mail server.
- Review authentication – Try explicitly passing SMTP authentication if that functionality is enabled.
Addressing any network, firewall, service or authentication issues that appear can help get that initial 220 greeting from the SMTP server allowing emails to flow.
220 Code Common Questions
- Is 220 an error?
No, 220 indicates a normal and positive response that the SMTP service is up and awaiting connections. Any other code besides 220 means some type of error or issue exists.
- Does 220 mean connected?
Yes, 220 signals that the TCP connection has been established and SMTP commands can now be issued to deliver emails. The next steps would include HELO, MAIL FROM, RCPT TO, etc.
- Can I Telnet to SMTP port 25?
Yes, you can open a Telnet session manually to an SMTP server on TCP port 25 to troubleshoot issues receiving a 220. This helps isolate network issues versus application problems.
- What’s the difference between 220 and 250?
220 signals the SMTP service ready, while 250 is returned after specific SMTP commands, indicating an action such as HELO or MAIL FROM was accepted OK. 220 is the initial greeting at connect, 250 confirms subsequent commands succeed.
- 220 response codes indicate an SMTP server is actively listening and ready to receive SMTP traffic for sending emails.
- Following a 220, the client proceeds with SMTP commands like HELO, MAIL FROM, RCPT TO to deliver mail.
- No response, 421 temp error, 554 auth required, and 550 relay denied are common 220 issues needing troubleshooting.
- You can manually connect with Telnet SMTP 25 to isolate network versus service problems.
- 220 greets the initial connection, 250 confirms commands work OK during the SMTP conversation.
The 220 response code plays a foundational role in the SMTP protocol, signaling a server is online and prepared for clients to initiate SMTP conversations that transmit emails. As the first step enabling successful mail delivery, ensuring this 220 ready code is returned requires verifying networks, firewalls, services and authentication are properly configured to support SMTP client connections.
Understanding and troubleshooting 220 greeting issues is an important skill for email administrators and those managing mail servers to have under their belt. When 207 isn’t coming back on connect, it’s time to break out the toolkit and diagnose where things are going wrong. Getting a solid 220 puts you well on the path for reliable email delivery.
Frequently Asked Questions
- What port does SMTP use?
SMTP commonly uses TCP port 25 for plain text connections. For encrypted connections, SMTP can also use port 465 (SMTP with SSL) or port 587 (submission port).
- What is the difference between 220 and 221 in SMTP?
220 signals the SMTP service is ready to receive connections, while 221 indicates the server is closing the connection, typically after a quit command at the end of message delivery.
- What does 220 mean in FTP?
In the File Transfer Protocol (FTP), 220 has a similar meaning, indicating the FTP server instance is listening and ready for user connections to transfer files. The 220 response confirms the FTP service is active.
- What error is returned if SMTP authentication fails?
If the SMTP authentication fails during the AUTH step, the server typically returns a 535 error response indicating the credentials were not accepted.
- When would I receive a 554 error instead of 220 in SMTP?
A 554 response means the server requires authentication in order to send or relay messages. The client must issue an AUTH command and valid credentials before the server will transition beyond the 554 error to accept SMTP delivery commands.
- What does EHLO stand for in SMTP?
EHLO stands for Extended Hello. The EHLO command replaces HELO in newer SMTP implementations, allowing clients to request extended SMTP features and capabilities beyond the base protocol.
- Can you tell if an email server is SMTP based on the 220 response?
Yes, a valid 220 response ending with ESMTP, SMTP, or SMTPS indicates the listening server is likely an SMTP-based email server ready to handle message delivery via SMTP conversation.
- What error indicates an SMTP mail server does not allow relay?
A 550 “Relay access denied” error response signals that the client is not permitted to relay mail through that SMTP server, typically due to lack of proper authentication or whitelisting.
- When troubleshooting 220 issues, what TCP port should allow connections?
For SMTP 220 troubleshooting, TCP port 25 should be open in firewalls and security groups between the client and SMTP server to allow the initial TCP handshake and 220 greeting.
- Where are SMTP 220greeting errors typically logged?
220 error messages are generally logged in the mail system logs of an SMTP server such as the maillog or syslog files on Linux, or the Windows event viewer Application or System logs on Windows servers.
- How long should my SMTP banner be when customizing the 220 response?
It’s recommended to keep your custom SMTP banner under 64 total characters in the 220 greeting for best interoperability with older SMTP clients.
- What is the difference between SMTPS and ESMTP?
SMTPS refers to SMTP over SSL encrypted connections, while ESMTP represents support for Extended SMTP commands enabling features beyond the base protocol specification. Servers can support encryption, extensions, or both.
- What RFC defines the SMTP protocol including 220 codes?
The core SMTP protocol including 220 ready status code is defined in RFC 5321 published by the Internet Engineering Task Force (IETF).
- Can I change my SMTP banner for security purposes?
Yes, most mail servers allow customizing the 220 ready greeting banner for security purposes. Avoid exposing exact software versions or sensitive information.
- What should I check if Telnet shows SMTP 220 but emails still fail?
If Telnet connects OK but actual emails are failing, next ensure firewalls, security groups, etc. allow connections from actual client subnet IPs, that reverse DNS is valid, and client HELO/EHLO matches domain IP address.
- Is 220 the first response displayed from an SMTP server?
Yes, 220 will always be the very first response when initially connecting to an SMTP server before any subsequent client commands. 220 indicates the start of an SMTP conversation.
- What are common follow up codes after the 220 ready response?
After 220, common next response codes indicating successful client commands are 250 (okay) for operations like HELO, MAIL FROM, RCPT TO, and 354 (go ahead) when sending the message data itself.
- Can I have multiple SMTP instances on one IP address?
Yes, you can have multiple SMTP virtual services running on a single IP by using distinct port numbers for each instance, identified by unique 220 ready greetings when connections come in to those port numbers.
- What tool in Linux lets me test SMTP connectivity?
The Telnet utility in Linux allows manually connecting to SMTP servers on port 25 to diagnose connectivity and receive the 220 greeting. The manual SMTP conversation can help validate proper network access and service operation.