An Intricate Process Hides Behind the Seamless Email Sending

Charlotte Miller

A free SMTP server can be a computer or an app that facilitates the sending of emails. A mail user agent (MUA), which could be an app or mail client, establishes a connection with the SMPT of the domain. This process is called SMPT handshake, which is performed through a SMPT port, usually 25. Other ports, namely 465,587 and 2525, could be used to establish SMPT handshake. Once the connection is recognized, the session starts, and the sender provides her/him and the recipient`s email address along with the content and attachments, if any. If MTA (Mail Transfer Agent) identifies the domain name of both parties as the same, it activates POP 3 or IMAP server. If a domain name is dissimilar, it is relayed through DNS (Domain Name Server). 

macbook pro on black textile

SMPT queue

Once the connection is set up, the sender`s SMPT relays the email to the receipt’s SMPT server. If the server is busy or down, the specific email would be placed in the SMPT queue, a cushioned space where the email is stored before being delivered to the designated address. The recipient SMPT server substantiates the email. If the domain and user name are accepted, the server transmits it to the IMAP or POP3 server. Astoundingly, there is no inherent security protocol in the SMPT server, which makes it susceptible to spoofing, spamming, and data leaks. To overcome this vulnerability, email providers have added security protocols to the infrastructure.

TLS1.3 version

The first such security measure was SSL (Security Sockets Layer), but it was compromised by multiple flaws. A better version (SSL3.0) was developed by the Internet Engineering Task Force (IETF) in 2015, reinforced by RFC7568. After a few years of advanced security protocol, TLS (Transport Security Layer) was introduced in the public domain. To rectify the glitches, the TLS1.3 version came into force in 2022, which is considered to be the safest email encryption protocol. But by default, most email clients start a TLS connection during a handshake session through the SMPT command STARTTLS, which triggers the encryption mode of connection. 

Third-party cloud-based APIs

If you are sending bulk emails on a regular basis for digital marketing, you can start your own SMTP server with no restriction on sending emails on an hourly daily basis with full control of the mechanism. However, the deliverability of the emails could be decreased by a significant 20% to 3% both for transactional and email marketing campaigns. This is because the sender’s reputation is a predominant factor in measuring the deliverability of emails. Instead, you could use third-party cloud-based APIs that most startups use based on SMPT relay services. The chief advantage of this service is you do not have to build your own email infrastructure, which could be very expensive.


These cloud-based SMPT servers come with supplementary services like color-based email categories, analytics, dashboards, and single-screen statistics. SMPT, a platform-agnostic protocol, is extensively used to send mail to a server. Web-specific protocol-HTTP could also be used to send mail from an app where no end-to-end server communication is carried out. The app sends an HTTP request to a third-party service that facilitates email sending. This procedure is known as Web API or HTTP API.