The SMTP (Simple Mail Transfer Protocol) handshake is a process that allows two mail servers to connect, identify each other, and exchange information to prepare for sending mail between each other. It establishes a two-way communication channel so email messages can be transferred reliably from one party to another. Understanding the SMTP handshake helps explain how email gets delivered over the internet.
The SMTP handshake typically takes place over TCP port 25 and involves a client SMTP server and a server SMTP server. Here is an overview of the steps in an SMTP handshake:
How the SMTP Handshake Works
Step 1: Connection
The handshake starts with the client SMTP server establishing a TCP connection with the server SMTP server on port 25. This allows the two servers to send data back and forth.
Step 2: HELO
Once connected, the client says “HELO” to the server to introduce itself. It also sends across its domain name to identify where it is from.
Step 3: EHLO
The server will reply back with “250 OK” to indicate it is ready for communication. The client then sends “EHLO” to the server which stands for Extended HELO.
Step 4: Server Identification
The server then sends back information including:
- The domain name it accepts mail for
- A list of ESMTP service extensions it supports
- The size limit for emails
This helps the sending server identify the receiving server and learn some of its capabilities.
Step 5: Authentication
Now the server may request the client to authenticate itself to confirm it has permission to send emails. The client will provide credentials like a username and password. If authentication fails, the server can reject the connection.
Step 6: Send Mail
If authentication succeeds, the server returns a response code like “235 Authentication succeeded”. The client can now send the email commands like MAIL FROM, RCPT TO, DATA etc to transmit the actual email content.
Step 7: Test Connection
Once the email is sent, the client sends a TEST command. The server responds with “250 OK” if the message was received correctly by its mail system.
Step 8: QUIT
Finally, the client sends the QUIT command to close the connection politely. The server responds with a 221 bye message to confirm the session is ended.
This orderly handshake allows the two SMTP servers to establish a channel, authenticate, transmit messages, confirm delivery, and close the connection smoothly. Understanding this process provides insight into how routing between mail servers works.
Key Benefits of the SMTP Handshake
- Error checking – HELO and EHLO allow the client and server to confirm each other’s availability and readiness. Any connection or configuration issues can be caught early.
- Identifying servers – Both parties share domain names to avoid unauthorized servers and prevent spamming.
- Feature negotiation – EHLO allows the client to learn what extended SMTP service features are enabled on the server.
- Securing delivery – Authentication protects against unauthorized email injection from unknown clients.
- Confirming transmission – The TEST command lets the client double check that the server accurately received the full message before closing the connection.
- Orderly closure – QUIT enables each side to gracefully close the session when done.
Overall, the structured SMTP handshake facilitates reliable and efficient email delivery through a productive client-server conversation. The protocol strikes a good balance between flexibility and security.
Variants of SMTP Handshakes
There are some variations of the SMTP handshake that may occur for specific situations:
- SMTP after POP3: A mail client may use POP3 to download messages first, before using SMTP to send emails. In this case, the SMTP connection is initiated after POP3 finishes, so the handshake follows POP3.
- ESMTP: This is an extended version of SMTP with additional commands that the client and server can use after the initial EHLO, like STARTTLS for encryption.
- SMTP with PIPELINING: This allows the client to send multiple commands together without waiting for each response, speeding up the handshake.
- SMTP over TLS/SSL: This establishes the connection over an encrypted TLS or SSL layer before the SMTP handshake starts.
So while the core SMTP handshake order remains similar, small variations exist to support different configurations and optimizations. Developers need to be aware of these when implementing email clients and servers.
Implementing the SMTP Handshake
When programming applications like email clients or servers that use SMTP, there are some best practices for implementing the handshake successfully:
- Use established libraries – Many mature SMTP client/server libraries exist across languages like Java and Python that encapsulate the details of the handshake. Using them speeds up development.
- Check return codes – Verify that the server returns the expected response codes like 220, 250 etc at each handshake step. Unexpected codes likely indicate errors.
- Enable timeout – Set appropriate timeouts when connecting and receiving responses to avoid hangs from unresponsive servers.
- Retry failed connections – If the initial connection or a handshake step fails, retry the process 2-3 times before giving up. Temporary network issues may cause failures.
- Support authentication – Be prepared to send credentials like username/password for servers that require authentication before sending mail.
- Add error handling – Gracefully handle errors from invalid handshakes to avoid crashes. Log details to debug issues easily.
- Enable encryption – Consider using SMTP over TLS/SSL to encrypt the connection if security is important.
Following these tips will help developers avoid common handshake pitfalls when integrating SMTP into applications that need to send and receive emails. Overall, understanding the SMTP handshake provides key insights into email delivery internals.
- The SMTP handshake allows two mail servers to establish a connection, authenticate, and prepare for email delivery through a structured, back-and-forth conversation.
- Key steps include connecting, introducing themselves via HELO/EHLO, authentication, transmitting email, confirming receipt via TEST, and closing via QUIT.
- Benefits of the handshake include error checking, identifying servers, negotiating capabilities, securing transmissions, and orderly connections.
- Variants like SMTP after POP3, ESMTP, and SMTP over TLS/SSL exist for specific use cases.
- When implementing SMTP, leverage libraries, check return codes, add timeouts, retry failures, support authentication, handle errors gracefully, and consider encryption.
The SMTP handshake provides the essential coordination between mail servers that makes reliable email delivery possible on the internet. Understanding how clients and servers use the HELO, EHLO, AUTH, MAIL FROM, RCPT TO, DATA, TEST and QUIT commands to establish connections, agree on capabilities, transmit messages securely, confirm receipt, and close sessions in an orderly manner demystifies how routing between SMTP servers works under the hood.
Developers working on email-related applications need to be familiar with the SMTP handshake flow and best practices like proper error handling, timeouts and encryption to ensure their implementations integrate smoothly with existing email infrastructure. As electronic communication continues to be a vital service, the decades-old SMTP handshake remains a crucial procedure keeping our inboxes filled daily.
Frequently Asked Questions
What are the main steps in an SMTP handshake?
The main steps are the client connecting to the server, sending HELO/EHLO, server identifying itself, authenticating, sending email commands like MAIL FROM and RCPT TO, confirming receipt with TEST, and closing the connection with QUIT.
Does the SMTP handshake happen before or after email is sent?
The handshake happens first to establish the connection, before any email content is actually transmitted between the servers.
Can the SMTP handshake fail?
Yes, the handshake can fail if there are network issues, configuration problems, authentication errors, or timeout issues for example. Clients should retry failed handshakes.
Is SMTP only used for sending emails?
No, while SMTP focuses on sending emails it can also be used by servers to receive messages from other servers. The handshake helps facilitate this.
Can I telnet to port 25 to do an SMTP handshake?
You can manually connect to port 25 and interact with an SMTP server to initiate a handshake and see the response codes. This is sometimes done for testing purposes.
Does the SMTP handshake support encryption?
Yes, extensions like SSL and TLS can be used to encrypt the connection after STARTTLS is sent following the initial EHLO.
What response code indicates a successful SMTP handshake?
A response code like 220 from the server after connecting indicates it is ready. Codes like 250 mean success at other stages like after EHLO, AUTH and TEST.
What is the ESMTP handshake?
ESMTP or Extended SMTP adds additional commands after EHLO for features like encryption. But the initial stages of connecting and HELO/EHLO remain the same.
Can I use Telnet to debug SMTP handshake issues?
Yes, telnetting manually to port 25 and interacting directly with the SMTP server can help debug issues by analyzing the raw response codes received.
What is the difference between HELO and EHLO in SMTP?
EHLO offers extended options vs HELO. Servers typically use EHLO now, but clients use HELO for compatibility with older SMTP servers.
What’s the next step after QUIT to close an SMTP handshake?
After the client and server exchange QUIT and 221 goodbye messages, the underlying TCP connection is closed since the session is ended.
What is the first command in an SMTP handshake?
The first command is opening a TCP socket on port 25 to initiate the connection, before the client sends HELO and starts the handshake.
Does SMTP use UDP or TCP?
SMTP uses TCP as the transport layer protocol because TCP offers reliable, ordered delivery of data which is important for email delivery.
Can I use OpenSSL to test SMTP connectivity?
Yes, OpenSSL’s s_client mode allows you to connect to an SMTP server and debug the handshake similar to using Telnet.
What port does SMTP use?
The default SMTP port is 25. But variants like submission port 587 or Secured SMTP port 465 also exist, though the handshake itself is similar.
What’s the difference between SMTP and IMAP/POP3?
SMTP focuses on sending emails, while IMAP and POP3 deal with receiving, accessing and managing emails for users.
Does SMTP require 3-way handshake like TCP before data transfer?
No, SMTP works on top of TCP so assumes a TCP 3-way handshake is done before any SMTP commands are exchanged.
Can an email client act as an SMTP server?
Yes, a client can send emails on port 25 pretending to be a server for testing/debugging purposes. But this is uncommon in production.
What is the SMTP test command and response code?
The TEST command tests mail delivery and gets a 250 OK response from the server if successful. This confirms the message was accepted before QUIT.