SMTP Submission
What is Port 587?
Port 587 is the designated port for email message submission, as defined in RFC 6409. While port 25 is used for server-to-server email relay, port 587 is specifically for email clients (MUAs — Mail User Agents) to submit outgoing messages to their mail server (MSA — Mail Submission Agent). Port 587 requires authentication, preventing unauthorized use for spam. It supports STARTTLS to upgrade the connection to TLS encryption. Most major email providers — Gmail, Outlook, Yahoo, ProtonMail — require their users to send email via port 587 with authentication. This separation of submission (587) from relay (25) was an important step in reducing email abuse, as it ensures all submitted messages have an authenticated sender.
Common Uses
- Email client outgoing message submission
- Application email sending (transactional email)
- Authenticated SMTP relay for web applications
- Newsletter and marketing email submission
Technical Details
Copy-paste commands to check port 587 (SMTP Submission) from your terminal
Test connectivity
nc -zv example.com 587
curl -v --max-time 5 http://example.com:587/
telnet example.com 587
nmap -p 587 -sV example.com
(echo > /dev/tcp/example.com/587) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 587/tcp
sudo iptables -A INPUT -p tcp --dport 587 -j ACCEPT
sudo firewall-cmd --permanent --add-port=587/tcp && sudo firewall-cmd --reload
Security Considerations
Port 587 should always require authentication and support STARTTLS or be used with implicit TLS (port 465). Without encryption, credentials can be intercepted. Implement rate limiting to prevent compromised accounts from sending spam. Use DKIM signing for all outgoing messages. Monitor for unusual sending volumes that might indicate compromised credentials.
Popular Ports Reference
The most commonly used and referenced network ports